diff --git a/bindata/crds/barbican.openstack.org_barbicanapis.yaml b/bindata/crds/barbican.openstack.org_barbicanapis.yaml new file mode 100644 index 000000000..79cad5543 --- /dev/null +++ b/bindata/crds/barbican.openstack.org_barbicanapis.yaml @@ -0,0 +1,494 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: barbicanapis.barbican.openstack.org +spec: + group: barbican.openstack.org + names: + kind: BarbicanAPI + listKind: BarbicanAPIList + plural: barbicanapis + singular: barbicanapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BarbicanAPI is the Schema for the barbicanapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BarbicanAPISpec defines the desired state of BarbicanAPI + properties: + containerImage: + description: ContainerImage - Barbican Container Image URL (will be + set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: barbican + description: DatabaseAccount - optional MariaDBAccount CR name used + for barbican DB, defaults to barbican + type: string + databaseHostname: + description: DatabaseHostname - Barbican Database Hostname + type: string + databaseInstance: + description: 'MariaDB instance name TODO(dmendiza): Is this comment + right? Right now required by the maridb-operator to get the credentials + from the instance to create the DB Might not be required in future' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + enableSecureRBAC: + default: true + description: EnableSecureRBAC - Enable Consistent and Secure RBAC + policies + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector settings + within the Barbican CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: BarbicanPassword + simplecryptokek: BarbicanSimpleCryptoKEK + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: BarbicanPassword + description: Service - Selector to get the barbican service user + password from the Secret + type: string + simplecryptokek: + default: SimpleCryptoKEK + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Barbican + type: string + replicas: + default: 1 + description: Replicas of Barbican API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + default: osp-secret + description: Secret containing all passwords / keys needed + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Barbican services the default SA name + type: string + serviceUser: + default: barbican + description: ServiceUser - optional username used for this service + to register in keystone + type: string + simpleCryptoBackendSecret: + default: osp-secret + description: Secret containing the Key Encryption Key (KEK) used for + the Simple Crypto backend + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - containerImage + - databaseHostname + - databaseInstance + - rabbitMqClusterName + - serviceAccount + type: object + status: + description: BarbicanAPIStatus defines the observed state of BarbicanAPI + properties: + apiEndpoint: + additionalProperties: + type: string + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Barbican Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + readyCount: + description: ReadyCount of barbican API instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/barbican.openstack.org_barbicankeystonelisteners.yaml b/bindata/crds/barbican.openstack.org_barbicankeystonelisteners.yaml new file mode 100644 index 000000000..a86c7c8da --- /dev/null +++ b/bindata/crds/barbican.openstack.org_barbicankeystonelisteners.yaml @@ -0,0 +1,291 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: barbicankeystonelisteners.barbican.openstack.org +spec: + group: barbican.openstack.org + names: + kind: BarbicanKeystoneListener + listKind: BarbicanKeystoneListenerList + plural: barbicankeystonelisteners + singular: barbicankeystonelistener + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BarbicanKeystoneListener is the Schema for the barbicankeystonelistener + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BarbicanKeystoneListenerSpec defines the desired state of + BarbicanKeystoneListener + properties: + containerImage: + description: ContainerImage - Barbican Container Image URL (will be + set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: barbican + description: DatabaseAccount - optional MariaDBAccount CR name used + for barbican DB, defaults to barbican + type: string + databaseHostname: + type: string + databaseInstance: + description: 'MariaDB instance name TODO(dmendiza): Is this comment + right? Right now required by the maridb-operator to get the credentials + from the instance to create the DB Might not be required in future' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector settings + within the Barbican CR. + type: object + passwordSelectors: + default: + service: BarbicanPassword + simplecryptokek: BarbicanSimpleCryptoKEK + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: BarbicanPassword + description: Service - Selector to get the barbican service user + password from the Secret + type: string + simplecryptokek: + default: SimpleCryptoKEK + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Barbican + type: string + replicas: + default: 1 + description: Replicas of Barbican API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + default: osp-secret + description: Secret containing all passwords / keys needed + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Barbican services the default SA name + type: string + serviceUser: + default: barbican + description: ServiceUser - optional username used for this service + to register in keystone + type: string + simpleCryptoBackendSecret: + default: osp-secret + description: Secret containing the Key Encryption Key (KEK) used for + the Simple Crypto backend + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - databaseHostname + - databaseInstance + - rabbitMqClusterName + - serviceAccount + type: object + status: + description: BarbicanKeystoneListenerStatus defines the observed state + of BarbicanKeystoneListener + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Barbican Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + readyCount: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file ReadyCount of barbican API instances' + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/barbican.openstack.org_barbicans.yaml b/bindata/crds/barbican.openstack.org_barbicans.yaml new file mode 100644 index 000000000..12927f82f --- /dev/null +++ b/bindata/crds/barbican.openstack.org_barbicans.yaml @@ -0,0 +1,753 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: barbicans.barbican.openstack.org +spec: + group: barbican.openstack.org + names: + kind: Barbican + listKind: BarbicanList + plural: barbicans + singular: barbican + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Barbican is the Schema for the barbicans API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BarbicanSpec defines the desired state of Barbican + properties: + barbicanAPI: + description: BarbicanAPI - Spec definition for the API services of + this Barbican deployment + properties: + containerImage: + description: ContainerImage - Barbican Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + enableSecureRBAC: + default: true + description: EnableSecureRBAC - Enable Consistent and Secure RBAC + policies + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector + settings within the Barbican CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + replicas: + default: 1 + description: Replicas of Barbican API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + required: + - containerImage + type: object + barbicanKeystoneListener: + description: BarbicanKeystoneListener - Spec definition for the KeystoneListener + service of this Barbican deployment + properties: + containerImage: + description: ContainerImage - Barbican Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector + settings within the Barbican CR. + type: object + replicas: + default: 1 + description: Replicas of Barbican API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - containerImage + type: object + barbicanWorker: + description: BarbicanWorker - Spec definition for the Worker service + of this Barbican deployment + properties: + containerImage: + description: ContainerImage - Barbican Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector + settings within the Barbican CR. + type: object + replicas: + default: 1 + description: Replicas of Barbican API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - containerImage + type: object + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: barbican + description: DatabaseAccount - optional MariaDBAccount CR name used + for barbican DB, defaults to barbican + type: string + databaseInstance: + description: 'MariaDB instance name TODO(dmendiza): Is this comment + right? Right now required by the maridb-operator to get the credentials + from the instance to create the DB Might not be required in future' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO(dmendiza): -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector settings + within the Barbican CR. + type: object + passwordSelectors: + default: + service: BarbicanPassword + simplecryptokek: BarbicanSimpleCryptoKEK + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: BarbicanPassword + description: Service - Selector to get the barbican service user + password from the Secret + type: string + simplecryptokek: + default: SimpleCryptoKEK + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Barbican + type: string + secret: + default: osp-secret + description: Secret containing all passwords / keys needed + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Barbican services the default SA name + type: string + serviceUser: + default: barbican + description: ServiceUser - optional username used for this service + to register in keystone + type: string + simpleCryptoBackendSecret: + default: osp-secret + description: Secret containing the Key Encryption Key (KEK) used for + the Simple Crypto backend + type: string + required: + - barbicanAPI + - barbicanKeystoneListener + - barbicanWorker + - databaseInstance + - rabbitMqClusterName + - serviceAccount + type: object + status: + description: BarbicanStatus defines the observed state of Barbican + properties: + barbicanAPIReadyCount: + description: ReadyCount of Barbican API instances + format: int32 + type: integer + barbicanKeystoneListenerReadyCount: + description: ReadyCount of Barbican KeystoneListener instances + format: int32 + type: integer + barbicanWorkerReadyCount: + description: ReadyCount of Barbican Worker instances + format: int32 + type: integer + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Barbican Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + serviceID: + description: ServiceID + type: string + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/barbican.openstack.org_barbicanworkers.yaml b/bindata/crds/barbican.openstack.org_barbicanworkers.yaml new file mode 100644 index 000000000..575354ad3 --- /dev/null +++ b/bindata/crds/barbican.openstack.org_barbicanworkers.yaml @@ -0,0 +1,288 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: barbicanworkers.barbican.openstack.org +spec: + group: barbican.openstack.org + names: + kind: BarbicanWorker + listKind: BarbicanWorkerList + plural: barbicanworkers + singular: barbicanworker + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BarbicanWorker is the Schema for the barbicanworkers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BarbicanWorkerSpec defines the desired state of BarbicanWorker + properties: + containerImage: + description: ContainerImage - Barbican Container Image URL (will be + set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: barbican + description: DatabaseAccount - optional MariaDBAccount CR name used + for barbican DB, defaults to barbican + type: string + databaseHostname: + type: string + databaseInstance: + description: 'MariaDB instance name TODO(dmendiza): Is this comment + right? Right now required by the maridb-operator to get the credentials + from the instance to create the DB Might not be required in future' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this component. Setting here overrides any global NodeSelector settings + within the Barbican CR. + type: object + passwordSelectors: + default: + service: BarbicanPassword + simplecryptokek: BarbicanSimpleCryptoKEK + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: BarbicanPassword + description: Service - Selector to get the barbican service user + password from the Secret + type: string + simplecryptokek: + default: SimpleCryptoKEK + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Barbican + type: string + replicas: + default: 1 + description: Replicas of Barbican API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + default: osp-secret + description: Secret containing all passwords / keys needed + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Barbican services the default SA name + type: string + serviceUser: + default: barbican + description: ServiceUser - optional username used for this service + to register in keystone + type: string + simpleCryptoBackendSecret: + default: osp-secret + description: Secret containing the Key Encryption Key (KEK) used for + the Simple Crypto backend + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - databaseHostname + - databaseInstance + - rabbitMqClusterName + - serviceAccount + type: object + status: + description: BarbicanWorkerStatus defines the observed state of BarbicanWorker + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Barbican Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + readyCount: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file ReadyCount of barbican API instances' + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/baremetal.openstack.org_openstackbaremetalsets.yaml b/bindata/crds/baremetal.openstack.org_openstackbaremetalsets.yaml new file mode 100644 index 000000000..a6e1d1b6a --- /dev/null +++ b/bindata/crds/baremetal.openstack.org_openstackbaremetalsets.yaml @@ -0,0 +1,396 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackbaremetalsets.baremetal.openstack.org +spec: + group: baremetal.openstack.org + names: + kind: OpenStackBaremetalSet + listKind: OpenStackBaremetalSetList + plural: openstackbaremetalsets + shortNames: + - osbmset + - osbmsets + - osbms + singular: openstackbaremetalset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OpenStackBaremetalSet is the Schema for the openstackbaremetalsets + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OpenStackBaremetalSetSpec defines the desired state of OpenStackBaremetalSet + properties: + agentImageUrl: + description: AgentImageURL - Container image URL for the sidecar container + that discovers provisioning network IPs + type: string + apacheImageUrl: + description: ApacheImageURL - Container image URL for the main container + that serves the downloaded OS qcow2 image (osImage) + type: string + automatedCleaningMode: + default: metadata + description: When set to disabled, automated cleaning will be avoided + during provisioning and deprovisioning. + enum: + - metadata + - disabled + type: string + baremetalHosts: + additionalProperties: + description: InstanceSpec Instance specific attributes + properties: + bmhLabelSelector: + additionalProperties: + type: string + description: BmhLabelSelector allows for the selection of a + particular BaremetalHost based on arbitrary labels + type: object + ctlPlaneIP: + description: CtlPlaneIP - Control Plane IP in CIDR notation + type: string + networkData: + description: NetworkData - Host Network Data + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + userData: + description: UserData - Host User Data + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + type: object + description: BaremetalHosts - Map of hostname to Instance Spec for + all nodes to provision + type: object + bmhLabelSelector: + additionalProperties: + type: string + description: BmhLabelSelector allows for a sub-selection of BaremetalHosts + based on arbitrary labels + type: object + bmhNamespace: + default: openshift-machine-api + description: 'BmhNamespace Namespace to look for BaremetalHosts(default: + openshift-machine-api)' + type: string + bootstrapDns: + description: BootstrapDNS - initial DNS nameserver values to set on + the BaremetalHosts when they are provisioned. Note that subsequent + deployment will overwrite these values + items: + type: string + type: array + cloudUserName: + default: cloud-admin + description: CloudUser to be configured for remote access + type: string + ctlplaneGateway: + description: 'CtlplaneGateway - IP of gateway for ctrlplane network + (TODO: acquire this is another manner?)' + type: string + ctlplaneInterface: + description: CtlplaneInterface - Interface on the provisioned nodes + to use for ctlplane network + type: string + ctlplaneNetmask: + default: 255.255.255.0 + description: 'CtlplaneNetmask - Netmask to use for ctlplane network + (TODO: acquire this is another manner?)' + type: string + deploymentSSHSecret: + description: DeploymentSSHSecret - Name of secret holding the cloud-admin + ssh keys + type: string + dnsSearchDomains: + description: DNSSearchDomains - initial DNS nameserver values to set + on the BaremetalHosts when they are provisioned. Note that subsequent + deployment will overwrite these values + items: + type: string + type: array + domainName: + description: 'DomainName is the domain name that will be set on the + underlying Metal3 BaremetalHosts (TODO: acquire this is another + manner?)' + type: string + hardwareReqs: + description: Hardware requests for sub-selection of BaremetalHosts + with certain hardware specs + properties: + cpuReqs: + description: CPUReqs defines specific CPU hardware requests + properties: + arch: + description: Arch is a scalar (string) because it wouldn't + make sense to give it an "exact-match" option Can be either + "x86_64" or "ppc64le" if included + enum: + - x86_64 + - ppc64le + type: string + countReq: + description: CPUCountReq defines a specific hardware request + for CPU core count + properties: + count: + minimum: 1 + type: integer + exactMatch: + description: If ExactMatch == false, actual count > Count + will match + type: boolean + type: object + mhzReq: + description: CPUMhzReq defines a specific hardware request + for CPU clock speed + properties: + exactMatch: + description: If ExactMatch == false, actual mhz > Mhz + will match + type: boolean + mhz: + minimum: 1 + type: integer + type: object + type: object + diskReqs: + description: DiskReqs defines specific disk hardware requests + properties: + gbReq: + description: DiskGbReq defines a specific hardware request + for disk size + properties: + exactMatch: + description: If ExactMatch == false, actual GB > Gb will + match + type: boolean + gb: + minimum: 1 + type: integer + type: object + ssdReq: + description: SSD is scalar (bool) because it wouldn't make + sense to give it an "exact-match" option + properties: + exactMatch: + description: We only actually care about SSD flag if it + is true or ExactMatch is set to true. This second flag + is necessary as SSD's bool zero-value (false) is indistinguishable + from it being explicitly set to false + type: boolean + ssd: + type: boolean + type: object + type: object + memReqs: + description: MemReqs defines specific memory hardware requests + properties: + gbReq: + description: MemGbReq defines a specific hardware request + for memory size + properties: + exactMatch: + description: If ExactMatch == false, actual GB > Gb will + match + type: boolean + gb: + minimum: 1 + type: integer + type: object + type: object + type: object + osContainerImageUrl: + description: OSContainerImageURL - Container image URL for init with + the OS qcow2 image (osImage) + type: string + osImage: + description: OSImage - OS qcow2 image Name + type: string + passwordSecret: + description: 'PasswordSecret the name of the secret used to optionally + set the root pwd by adding NodeRootPassword: to + the secret data' + properties: + name: + description: name is unique within a namespace to reference a + secret resource. + type: string + namespace: + description: namespace defines the space within which the secret + name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + provisionServerName: + description: ProvisionServerName - Optional. Existing OpenStackProvisionServer + to use, else one would be created. + type: string + provisionServerNodeSelector: + additionalProperties: + type: string + description: ProvisonServerNodeSelector to target subset of worker + nodes running provision server + type: object + provisioningInterface: + description: ProvisioningInterface - Optional. If not provided along + with ProvisionServerName, it would be discovered from CBO. This + is the provisioning interface on the OCP masters/workers. + type: string + required: + - cloudUserName + - ctlplaneInterface + - deploymentSSHSecret + type: object + status: + description: OpenStackBaremetalSetStatus defines the observed state of + OpenStackBaremetalSet + properties: + baremetalHosts: + additionalProperties: + description: HostStatus represents the IPStatus and provisioning + state + deployment information + properties: + annotatedForDeletion: + default: false + description: Host annotated for deletion + type: boolean + bmhRef: + default: unassigned + type: string + hostname: + type: string + ipAddresses: + additionalProperties: + type: string + type: object + networkDataSecretName: + type: string + provisioningState: + description: ProvisioningState - the overall state of a BMH + type: string + userDataSecretName: + type: string + required: + - annotatedForDeletion + - bmhRef + - hostname + - networkDataSecretName + - provisioningState + - userDataSecretName + type: object + description: BaremetalHosts that are being processed or have been + processed for this OpenStackBaremetalSet + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/baremetal.openstack.org_openstackprovisionservers.yaml b/bindata/crds/baremetal.openstack.org_openstackprovisionservers.yaml new file mode 100644 index 000000000..1496f37df --- /dev/null +++ b/bindata/crds/baremetal.openstack.org_openstackprovisionservers.yaml @@ -0,0 +1,236 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackprovisionservers.baremetal.openstack.org +spec: + group: baremetal.openstack.org + names: + kind: OpenStackProvisionServer + listKind: OpenStackProvisionServerList + plural: openstackprovisionservers + shortNames: + - osprovserver + - osprovservers + singular: openstackprovisionserver + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OpenStackProvisionServer used to serve custom images for baremetal + provisioning with Metal3 + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OpenStackProvisionServerSpec defines the desired state of + OpenStackProvisionServer + properties: + agentImageUrl: + description: AgentImageURL - Container image URL for the sidecar container + that discovers provisioning network IPs + type: string + apacheImageUrl: + description: ApacheImageURL - Container image URL for the main container + that serves the downloaded OS qcow2 image (osImage) + type: string + interface: + description: Interface - An optional interface to use instead of the + cluster's default provisioning interface (if any) + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this provision server + type: object + osContainerImageUrl: + description: OSContainerImageURL - Container image URL for init with + the OS qcow2 image (osImage) + type: string + osImage: + description: OSImage - OS qcow2 image (compressed as gz, or uncompressed) + type: string + osImageDir: + default: /usr/local/apache2/htdocs + description: OSImageDir - Directory on the container which holds the + OS qcow2 image and checksum + type: string + port: + description: Port - The port on which the Apache server should listen + format: int32 + type: integer + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + resources: + description: Resources - Compute Resources required by this provision + server (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - agentImageUrl + - apacheImageUrl + - osContainerImageUrl + - osImage + - osImageDir + - port + type: object + status: + description: OpenStackProvisionServerStatus defines the observed state + of OpenStackProvisionServer + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + localImageChecksumUrl: + description: URL of provisioning image checksum on underlying Apache + web server + type: string + localImageUrl: + description: URL of provisioning image on underlying Apache web server + type: string + osImageChecksumFilename: + description: Filename of OSImage checksum + type: string + osImageChecksumType: + description: OSImage checksum type + enum: + - md5 + - sha256 + - sha512 + - auto + type: string + provisionIp: + description: IP of the provisioning interface on the node running + the ProvisionServer pod + type: string + readyCount: + description: ReadyCount of provision server Apache instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/cinder.openstack.org_cinderapis.yaml b/bindata/crds/cinder.openstack.org_cinderapis.yaml new file mode 100644 index 000000000..ea5ebe5fc --- /dev/null +++ b/bindata/crds/cinder.openstack.org_cinderapis.yaml @@ -0,0 +1,740 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: cinderapis.cinder.openstack.org +spec: + group: cinder.openstack.org + names: + kind: CinderAPI + listKind: CinderAPIList + plural: cinderapis + singular: cinderapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: cinder + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: CinderPassword + properties: + service: + default: CinderPassword + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: cinder + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + properties: + apiEndpoints: + additionalProperties: + additionalProperties: + type: string + type: object + type: object + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + serviceIDs: + additionalProperties: + type: string + type: object + required: + - readyCount + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/cinder.openstack.org_cinderbackups.yaml b/bindata/crds/cinder.openstack.org_cinderbackups.yaml new file mode 100644 index 000000000..cc9a78de9 --- /dev/null +++ b/bindata/crds/cinder.openstack.org_cinderbackups.yaml @@ -0,0 +1,666 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: cinderbackups.cinder.openstack.org +spec: + group: cinder.openstack.org + names: + kind: CinderBackup + listKind: CinderBackupList + plural: cinderbackups + singular: cinderbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: cinder + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: CinderPassword + properties: + service: + default: CinderPassword + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: cinder + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + required: + - readyCount + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/cinder.openstack.org_cinders.yaml b/bindata/crds/cinder.openstack.org_cinders.yaml new file mode 100644 index 000000000..cf363085e --- /dev/null +++ b/bindata/crds/cinder.openstack.org_cinders.yaml @@ -0,0 +1,956 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: cinders.cinder.openstack.org +spec: + group: cinder.openstack.org + names: + kind: Cinder + listKind: CinderList + plural: cinders + singular: cinder + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + apiTimeout: + default: 60 + minimum: 10 + type: integer + cinderAPI: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + required: + - containerImage + type: object + cinderBackup: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + required: + - containerImage + type: object + cinderScheduler: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + required: + - containerImage + type: object + cinderVolumes: + additionalProperties: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 1 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + required: + - containerImage + type: object + type: object + customServiceConfig: + type: string + databaseAccount: + default: cinder + type: string + databaseInstance: + type: string + dbPurge: + properties: + age: + default: 30 + minimum: 1 + type: integer + schedule: + default: 1 0 * * * + type: string + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: CinderPassword + properties: + service: + default: CinderPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + type: string + serviceUser: + default: cinder + type: string + required: + - cinderAPI + - cinderScheduler + - databaseInstance + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + status: + properties: + apiEndpoints: + additionalProperties: + additionalProperties: + type: string + type: object + type: object + cinderAPIReadyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + cinderBackupReadyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + cinderSchedulerReadyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + cinderVolumesReadyCounts: + additionalProperties: + format: int32 + type: integer + type: object + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + type: string + hash: + additionalProperties: + type: string + type: object + observedGeneration: + format: int64 + type: integer + serviceIDs: + additionalProperties: + type: string + type: object + transportURLSecret: + type: string + required: + - cinderAPIReadyCount + - cinderBackupReadyCount + - cinderSchedulerReadyCount + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/cinder.openstack.org_cinderschedulers.yaml b/bindata/crds/cinder.openstack.org_cinderschedulers.yaml new file mode 100644 index 000000000..77532e920 --- /dev/null +++ b/bindata/crds/cinder.openstack.org_cinderschedulers.yaml @@ -0,0 +1,666 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: cinderschedulers.cinder.openstack.org +spec: + group: cinder.openstack.org + names: + kind: CinderScheduler + listKind: CinderSchedulerList + plural: cinderschedulers + singular: cinderscheduler + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: cinder + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: CinderPassword + properties: + service: + default: CinderPassword + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: cinder + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + required: + - readyCount + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/cinder.openstack.org_cindervolumes.yaml b/bindata/crds/cinder.openstack.org_cindervolumes.yaml new file mode 100644 index 000000000..3c8c41ca4 --- /dev/null +++ b/bindata/crds/cinder.openstack.org_cindervolumes.yaml @@ -0,0 +1,667 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: cindervolumes.cinder.openstack.org +spec: + group: cinder.openstack.org + names: + kind: CinderVolume + listKind: CinderVolumeList + plural: cindervolumes + singular: cindervolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: cinder + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: CinderPassword + properties: + service: + default: CinderPassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 1 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: cinder + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + required: + - readyCount + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/crds.yaml b/bindata/crds/crds.yaml new file mode 100644 index 000000000..0f3e1b237 --- /dev/null +++ b/bindata/crds/crds.yaml @@ -0,0 +1,18858 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackclients.client.openstack.org +spec: + group: client.openstack.org + names: + kind: OpenStackClient + listKind: OpenStackClientList + plural: openstackclients + shortNames: + - osclient + - osclients + singular: openstackclient + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + caBundleSecretName: + type: string + containerImage: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + openStackConfigMap: + default: openstack-config + type: string + openStackConfigSecret: + default: openstack-config-secret + type: string + required: + - containerImage + - openStackConfigMap + - openStackConfigSecret + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + podName: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackcontrolplanes.core.openstack.org +spec: + group: core.openstack.org + names: + kind: OpenStackControlPlane + listKind: OpenStackControlPlaneList + plural: openstackcontrolplanes + shortNames: + - osctlplane + - osctlplanes + - oscp + - oscps + singular: openstackcontrolplane + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + barbican: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + barbicanAPI: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + enableSecureRBAC: + default: true + type: boolean + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + barbicanKeystoneListener: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + barbicanWorker: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + customServiceConfig: + type: string + databaseAccount: + default: barbican + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: BarbicanPassword + simplecryptokek: BarbicanSimpleCryptoKEK + properties: + service: + default: BarbicanPassword + type: string + simplecryptokek: + default: SimpleCryptoKEK + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + default: osp-secret + type: string + serviceAccount: + type: string + serviceUser: + default: barbican + type: string + simpleCryptoBackendSecret: + default: osp-secret + type: string + required: + - barbicanAPI + - barbicanKeystoneListener + - barbicanWorker + - databaseInstance + - rabbitMqClusterName + - serviceAccount + type: object + type: object + cinder: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + apiTimeout: + default: 60 + minimum: 10 + type: integer + cinderAPI: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + cinderBackup: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + cinderScheduler: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + cinderVolumes: + additionalProperties: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 1 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + type: object + customServiceConfig: + type: string + databaseAccount: + default: cinder + type: string + databaseInstance: + type: string + dbPurge: + properties: + age: + default: 30 + minimum: 1 + type: integer + schedule: + default: 1 0 * * * + type: string + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: CinderPassword + properties: + service: + default: CinderPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + type: string + serviceUser: + default: cinder + type: string + required: + - cinderAPI + - cinderScheduler + - databaseInstance + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + uniquePodNames: + default: false + type: boolean + type: object + designate: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: false + type: boolean + template: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: designate + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + designateAPI: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: designate + type: string + databaseHostname: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: designate + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + type: object + designateBackendbind9: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + controlNetworkName: + default: designate + type: string + customBindOptions: + items: + type: string + type: array + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: designate + type: string + databaseHostname: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: designate + type: string + storageClass: + type: string + storageRequest: + type: string + transportURLSecret: + type: string + type: object + designateCentral: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: designate + type: string + databaseHostname: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: designate + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + type: object + designateMdns: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: designate + type: string + databaseHostname: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: designate + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + type: object + designateNetworkAttachment: + default: designate + type: string + designateProducer: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: designate + type: string + databaseHostname: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: designate + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + type: object + designateUnbound: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccount: + type: string + type: object + designateWorker: + properties: + backendMdnsServerProtocol: + type: string + backendType: + type: string + backendWorkerServerProtocol: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: designate + type: string + databaseHostname: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: designate + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: DesignatePassword + properties: + service: + default: DesignatePassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceUser: + default: designate + type: string + required: + - databaseInstance + - designateAPI + - designateBackendbind9 + - designateCentral + - designateMdns + - designateProducer + - designateWorker + - rabbitMqClusterName + - secret + type: object + type: object + dns: + properties: + enabled: + default: true + type: boolean + template: + properties: + containerImage: + type: string + dnsDataLabelSelectorValue: + default: dnsdata + type: string + nodeSelector: + additionalProperties: + type: string + type: object + options: + items: + properties: + key: + enum: + - server + - rev-server + - srv-host + - txt-record + - ptr-record + - rebind-domain-ok + - naptr-record + - cname + - host-record + - caa-record + - dns-rr + - auth-zone + - synth-domain + - no-negcache + - local + type: string + values: + items: + type: string + type: array + required: + - key + - values + type: object + type: array + override: + properties: + service: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + type: integer + type: object + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + galera: + properties: + enabled: + default: true + type: boolean + templates: + additionalProperties: + properties: + customServiceConfig: + type: string + disableNonTLSListeners: + type: boolean + logToDisk: + type: boolean + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 3 + minimum: 0 + type: integer + secret: + type: string + storageClass: + type: string + storageRequest: + type: string + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + required: + - replicas + - secret + - storageClass + - storageRequest + type: object + type: object + type: object + glance: + properties: + apiOverrides: + additionalProperties: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + apiTimeout: + default: 60 + minimum: 1 + type: integer + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: glance + type: string + databaseInstance: + type: string + dbPurge: + properties: + age: + default: 30 + minimum: 1 + type: integer + schedule: + default: 1 0 * * * + type: string + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + glanceAPIs: + additionalProperties: + properties: + apiTimeout: + minimum: 1 + type: integer + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + imageCache: + properties: + cleanerScheduler: + default: '*/30 * * * *' + type: string + prunerScheduler: + default: 1 0 * * * + type: string + size: + default: "" + type: string + required: + - size + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storage: + properties: + external: + type: boolean + storageClass: + type: string + storageRequest: + type: string + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: + default: split + enum: + - split + - single + - edge + type: string + required: + - containerImage + type: object + type: object + imageCache: + properties: + cleanerScheduler: + default: '*/30 * * * *' + type: string + prunerScheduler: + default: 1 0 * * * + type: string + size: + default: "" + type: string + required: + - size + type: object + keystoneEndpoint: + default: "" + type: string + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: GlancePassword + properties: + service: + default: GlancePassword + type: string + type: object + preserveJobs: + default: false + type: boolean + quotas: + properties: + imageCountTotal: + default: 0 + type: integer + imageCountUpload: + default: 0 + type: integer + imageSizeTotal: + default: 0 + type: integer + imageStageTotal: + default: 0 + type: integer + required: + - imageCountTotal + - imageCountUpload + - imageSizeTotal + - imageStageTotal + type: object + secret: + type: string + serviceUser: + default: glance + type: string + storage: + properties: + external: + type: boolean + storageClass: + type: string + storageRequest: + type: string + type: object + required: + - databaseInstance + - glanceAPIs + - imageCache + - keystoneEndpoint + - memcachedInstance + - secret + type: object + uniquePodNames: + default: false + type: boolean + type: object + heat: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + cnfAPIOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: false + type: boolean + template: + properties: + apiTimeout: + default: 600 + minimum: 60 + type: integer + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: heat + type: string + databaseInstance: + default: openstack + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + heatAPI: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + heatCfnAPI: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + heatEngine: + properties: + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + authEncryptionKey: HeatAuthEncryptionKey + service: HeatPassword + properties: + authEncryptionKey: + default: HeatAuthEncryptionKey + type: string + service: + default: HeatPassword + type: string + stackDomainAdminPassword: + default: HeatStackDomainAdminPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + type: string + serviceUser: + default: heat + type: string + required: + - databaseInstance + - heatAPI + - heatCfnAPI + - heatEngine + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + type: object + horizon: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: false + type: boolean + template: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + memcachedInstance: + default: memcached + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + preserveJobs: + default: false + type: boolean + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + required: + - memcachedInstance + - secret + type: object + type: object + ironic: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: false + type: boolean + inspectorOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + template: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: ironic + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + ironicAPI: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + ironicConductors: + items: + properties: + conductorGroup: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + dhcpRanges: + items: + properties: + cidr: + type: string + end: + type: string + gateway: + type: string + mtu: + type: integer + name: + type: string + podIndex: + type: integer + start: + type: string + required: + - cidr + - end + - start + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + provisionNetwork: + type: string + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storageClass: + default: "" + type: string + storageRequest: + type: string + required: + - storageClass + - storageRequest + type: object + type: array + ironicInspector: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: ironic-inspector + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + dhcpRanges: + items: + properties: + cidr: + type: string + end: + type: string + gateway: + type: string + mtu: + type: integer + name: + type: string + podIndex: + type: integer + start: + type: string + required: + - cidr + - end + - start + type: object + type: array + inspectionNetwork: + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: IronicInspectorPassword + properties: + service: + default: IronicInspectorPassword + type: string + type: object + preserveJobs: + default: true + type: boolean + replicas: + default: 1 + format: int32 + maximum: 1 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceUser: + default: ironic-inspector + type: string + storageClass: + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + ironicNeutronAgent: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + type: string + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: IronicPassword + properties: + service: + default: IronicPassword + type: string + type: object + preserveJobs: + default: true + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + rpcTransport: + type: string + secret: + type: string + serviceUser: + default: ironic + type: string + standalone: + default: false + type: boolean + storageClass: + default: "" + type: string + required: + - databaseInstance + - ironicAPI + - ironicInspector + - ironicNeutronAgent + - secret + - storageClass + type: object + type: object + keystone: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + adminProject: + default: admin + type: string + adminUser: + default: admin + type: string + customServiceConfig: + type: string + databaseAccount: + default: keystone + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + enableSecureRBAC: + default: true + type: boolean + fernetMaxActiveKeys: + default: 5 + format: int32 + minimum: 3 + type: integer + fernetRotationDays: + default: 1 + format: int32 + minimum: 1 + type: integer + httpdCustomization: + properties: + processNumber: + default: 3 + format: int32 + minimum: 1 + type: integer + type: object + memcachedInstance: + default: memcached + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + admin: AdminPassword + properties: + admin: + default: AdminPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + region: + default: regionOne + type: string + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + trustFlushArgs: + default: "" + type: string + trustFlushSchedule: + default: 1 * * * * + type: string + trustFlushSuspend: + default: false + type: boolean + required: + - databaseInstance + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + type: object + manila: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: false + type: boolean + template: + properties: + apiTimeout: + default: 60 + minimum: 10 + type: integer + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: manila + type: string + databaseInstance: + type: string + dbPurge: + properties: + age: + default: 30 + minimum: 1 + type: integer + schedule: + default: 1 0 * * * + type: string + type: object + debug: + properties: + dbPurge: + default: false + type: boolean + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + manilaAPI: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + manilaScheduler: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + manilaShares: + additionalProperties: + properties: + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + type: object + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: ManilaPassword + properties: + service: + default: ManilaPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + type: string + serviceUser: + default: manila + type: string + required: + - manilaAPI + - manilaScheduler + - memcachedInstance + - rabbitMqClusterName + type: object + type: object + memcached: + properties: + enabled: + default: true + type: boolean + templates: + additionalProperties: + properties: + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 1 + type: integer + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + required: + - replicas + type: object + type: object + type: object + neutron: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + apiTimeout: + default: 120 + minimum: 1 + type: integer + corePlugin: + default: ml2 + type: string + customServiceConfig: + type: string + databaseAccount: + default: neutron + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + memcachedInstance: + default: memcached + type: string + ml2MechanismDrivers: + default: + - ovn + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: NeutronPassword + properties: + service: + default: NeutronPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceUser: + default: neutron + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + ovn: + properties: + secretName: + type: string + type: object + type: object + required: + - databaseInstance + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + type: object + nodeSelector: + additionalProperties: + type: string + type: object + nova: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + cellOverride: + additionalProperties: + properties: + noVNCProxy: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') + && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + apiContainerImageURL: + type: string + apiDatabaseAccount: + default: nova-api + type: string + apiDatabaseInstance: + default: openstack + type: string + apiMessageBusInstance: + default: rabbitmq + type: string + apiServiceTemplate: + default: + replicas: 1 + properties: + customServiceConfig: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: object + cellTemplates: + additionalProperties: + properties: + cellDatabaseAccount: + type: string + cellDatabaseInstance: + default: openstack + type: string + cellMessageBusInstance: + default: rabbitmq + type: string + conductorServiceTemplate: + properties: + customServiceConfig: + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + dbPurge: + properties: + archiveAge: + default: 30 + minimum: 1 + type: integer + purgeAge: + default: 90 + minimum: 1 + type: integer + schedule: + default: 0 0 * * * + type: string + type: object + hasAPIAccess: + type: boolean + memcachedInstance: + type: string + metadataServiceTemplate: + properties: + customServiceConfig: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + enabled: + type: boolean + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + type: object + noVNCProxyServiceTemplate: + properties: + customServiceConfig: + type: string + enabled: + type: boolean + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + caBundleSecretName: + type: string + service: + properties: + secretName: + type: string + type: object + vencrypt: + properties: + secretName: + type: string + type: object + type: object + type: object + nodeSelector: + additionalProperties: + type: string + type: object + novaComputeTemplates: + additionalProperties: + properties: + computeDriver: + enum: + - ironic.IronicDriver + - fake.FakeDriver + type: string + customServiceConfig: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + required: + - computeDriver + type: object + type: object + required: + - cellDatabaseAccount + - hasAPIAccess + type: object + default: + cell0: + cellDatabaseAccount: nova-cell0 + hasAPIAccess: true + cell1: + cellDatabaseAccount: nova-cell1 + cellDatabaseInstance: openstack-cell1 + cellMessageBusInstance: rabbitmq-cell1 + hasAPIAccess: true + type: object + computeContainerImageURL: + type: string + conductorContainerImageURL: + type: string + keystoneInstance: + default: keystone + type: string + memcachedInstance: + default: memcached + type: string + metadataContainerImageURL: + type: string + metadataServiceTemplate: + default: + enabled: true + properties: + customServiceConfig: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + enabled: + type: boolean + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + type: object + nodeSelector: + additionalProperties: + type: string + type: object + novncproxyContainerImageURL: + type: string + passwordSelectors: + default: + service: NovaPassword + properties: + metadataSecret: + default: MetadataSecret + type: string + prefixMetadataCellsSecret: + default: MetadataCellsSecret + type: string + service: + default: NovaPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + schedulerContainerImageURL: + type: string + schedulerServiceTemplate: + default: + replicas: 1 + properties: + customServiceConfig: + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + type: object + secret: + type: string + serviceUser: + default: nova + type: string + required: + - apiContainerImageURL + - computeContainerImageURL + - conductorContainerImageURL + - metadataContainerImageURL + - novncproxyContainerImageURL + - schedulerContainerImageURL + - secret + type: object + type: object + octavia: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: false + type: boolean + template: + properties: + amphoraCustomFlavors: + items: + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageContainerImage: + type: string + apacheContainerImage: + type: string + apiTimeout: + default: 120 + type: integer + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: octavia + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + lbMgmtNetwork: + default: + createDefaultLbMgmtNetwork: true + manageLbMgmtNetworks: true + properties: + availabilityZoneCIDRs: + additionalProperties: + type: string + type: object + availabilityZones: + items: + type: string + type: array + createDefaultLbMgmtNetwork: + default: true + type: boolean + lbMgmtRouterGateway: + type: string + manageLbMgmtNetworks: + default: true + type: boolean + type: object + nodeSelector: + additionalProperties: + type: string + type: object + octaviaAPI: + properties: + apiTimeout: + type: integer + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: octavia + type: string + databaseHostname: + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: OctaviaPassword + properties: + database: + default: OctaviaDatabasePassword + type: string + service: + default: OctaviaPassword + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + type: string + preserveJobs: + default: false + type: boolean + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: octavia + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + ovn: + properties: + secretName: + type: string + type: object + type: object + transportURLSecret: + type: string + required: + - databaseInstance + - secret + - serviceAccount + type: object + octaviaHealthManager: + properties: + amphoraCustomFlavors: + items: + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: octavia + type: string + databaseHostname: + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + octaviaProviderSubnetCIDR: + type: string + octaviaProviderSubnetExtraCIDRs: + items: + type: string + type: array + octaviaProviderSubnetGateway: + type: string + passwordSelectors: + default: + service: OctaviaPassword + properties: + database: + default: OctaviaDatabasePassword + type: string + service: + default: OctaviaPassword + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + role: + type: string + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: octavia + type: string + tenantName: + default: service + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + octaviaHousekeeping: + properties: + amphoraCustomFlavors: + items: + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: octavia + type: string + databaseHostname: + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + octaviaProviderSubnetCIDR: + type: string + octaviaProviderSubnetExtraCIDRs: + items: + type: string + type: array + octaviaProviderSubnetGateway: + type: string + passwordSelectors: + default: + service: OctaviaPassword + properties: + database: + default: OctaviaDatabasePassword + type: string + service: + default: OctaviaPassword + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + role: + type: string + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: octavia + type: string + tenantName: + default: service + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + octaviaNetworkAttachment: + default: octavia + type: string + octaviaRsyslog: + properties: + adminLogTargets: + items: + properties: + host: + type: string + port: + type: integer + protocol: + type: string + required: + - host + - port + - protocol + type: object + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + default: + - octavia + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccount: + type: string + serviceUser: + default: octavia + type: string + tenantLogTargets: + items: + properties: + host: + type: string + port: + type: integer + protocol: + type: string + required: + - host + - port + - protocol + type: object + type: array + required: + - serviceAccount + type: object + octaviaWorker: + properties: + amphoraCustomFlavors: + items: + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: octavia + type: string + databaseHostname: + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + octaviaProviderSubnetCIDR: + type: string + octaviaProviderSubnetExtraCIDRs: + items: + type: string + type: array + octaviaProviderSubnetGateway: + type: string + passwordSelectors: + default: + service: OctaviaPassword + properties: + database: + default: OctaviaDatabasePassword + type: string + service: + default: OctaviaPassword + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + role: + type: string + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: octavia + type: string + tenantName: + default: service + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + passwordSelectors: + default: + service: OctaviaPassword + properties: + database: + default: OctaviaDatabasePassword + type: string + service: + default: OctaviaPassword + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + type: string + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceUser: + default: octavia + type: string + sshPrivkeySecret: + default: octavia-ssh-privkey-secret + type: string + sshPubkey: + default: octavia-ssh-pubkey + type: string + tenantName: + default: service + type: string + required: + - apacheContainerImage + - databaseInstance + - octaviaAPI + - octaviaNetworkAttachment + - rabbitMqClusterName + - secret + type: object + type: object + openstackclient: + properties: + template: + properties: + caBundleSecretName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + openStackConfigMap: + default: openstack-config + type: string + openStackConfigSecret: + default: openstack-config-secret + type: string + required: + - openStackConfigMap + - openStackConfigSecret + type: object + type: object + ovn: + properties: + enabled: + default: true + type: boolean + template: + properties: + ovnController: + properties: + external-ids: + properties: + availability-zones: + items: + type: string + type: array + enable-chassis-as-gateway: + default: true + type: boolean + ovn-bridge: + default: br-int + type: string + ovn-encap-type: + default: geneve + enum: + - geneve + - vxlan + type: string + system-id: + default: random + type: string + type: object + networkAttachment: + type: string + nicMappings: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + type: object + ovnDBCluster: + additionalProperties: + properties: + dbType: + default: NB + pattern: ^NB|SB$ + type: string + electionTimer: + default: 10000 + format: int32 + type: integer + inactivityProbe: + default: 60000 + format: int32 + type: integer + logLevel: + default: info + type: string + networkAttachment: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + probeIntervalToActive: + default: 60000 + format: int32 + type: integer + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storageClass: + type: string + storageRequest: + type: string + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + required: + - dbType + - storageRequest + type: object + type: object + ovnNorthd: + properties: + logLevel: + default: info + type: string + nThreads: + default: 1 + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + type: object + type: object + type: object + placement: + properties: + apiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: true + type: boolean + template: + properties: + customServiceConfig: + type: string + databaseAccount: + default: placement + type: string + databaseInstance: + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: PlacementPassword + properties: + service: + default: PlacementPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceUser: + default: placement + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + required: + - databaseInstance + - secret + type: object + type: object + rabbitmq: + properties: + enabled: + default: true + type: boolean + templates: + additionalProperties: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + delayStartSeconds: + default: 30 + format: int32 + minimum: 0 + type: integer + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + allocateLoadBalancerNodePorts: + type: boolean + clusterIP: + type: string + clusterIPs: + items: + type: string + type: array + x-kubernetes-list-type: atomic + externalIPs: + items: + type: string + type: array + externalName: + type: string + externalTrafficPolicy: + type: string + healthCheckNodePort: + format: int32 + type: integer + internalTrafficPolicy: + type: string + ipFamilies: + items: + type: string + type: array + x-kubernetes-list-type: atomic + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerIP: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + ports: + items: + properties: + appProtocol: + type: string + name: + type: string + nodePort: + format: int32 + type: integer + port: + format: int32 + type: integer + protocol: + default: TCP + type: string + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: array + x-kubernetes-list-map-keys: + - port + - protocol + x-kubernetes-list-type: map + publishNotReadyAddresses: + type: boolean + selector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + statefulSet: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + minReadySeconds: + format: int32 + type: integer + persistentVolumeClaimRetentionPolicy: + properties: + whenDeleted: + type: string + whenScaled: + type: string + type: object + podManagementPolicy: + type: string + replicas: + format: int32 + type: integer + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + serviceName: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + updateStrategy: + properties: + rollingUpdate: + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + partition: + format: int32 + type: integer + type: object + type: + type: string + type: object + volumeClaimTemplates: + items: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: array + type: object + type: object + type: object + persistence: + default: + storage: 10Gi + properties: + storage: + anyOf: + - type: integer + - type: string + default: 10Gi + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + storageClassName: + type: string + type: object + rabbitmq: + properties: + additionalConfig: + maxLength: 2000 + type: string + additionalPlugins: + items: + maxLength: 100 + pattern: ^\w+$ + type: string + maxItems: 100 + type: array + advancedConfig: + maxLength: 100000 + type: string + envConfig: + maxLength: 100000 + type: string + erlangInetConfig: + maxLength: 2000 + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + resources: + default: + limits: + cpu: 2000m + memory: 2Gi + requests: + cpu: 1000m + memory: 2Gi + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretBackend: + properties: + externalSecret: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + vault: + properties: + annotations: + additionalProperties: + type: string + type: object + defaultUserPath: + type: string + defaultUserUpdaterImage: + type: string + role: + type: string + tls: + properties: + altNames: + type: string + commonName: + type: string + ipSans: + type: string + pkiIssuerPath: + type: string + pkiRootPath: + type: string + type: object + type: object + type: object + service: + properties: + annotations: + additionalProperties: + type: string + type: object + ipFamilyPolicy: + enum: + - SingleStack + - PreferDualStack + - RequireDualStack + type: string + type: + default: ClusterIP + enum: + - ClusterIP + - LoadBalancer + - NodePort + type: string + type: object + skipPostDeploySteps: + type: boolean + terminationGracePeriodSeconds: + default: 604800 + format: int64 + minimum: 0 + type: integer + tls: + properties: + caSecretName: + type: string + disableNonTLSListeners: + type: boolean + secretName: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + type: object + type: object + redis: + properties: + enabled: + default: false + type: boolean + templates: + additionalProperties: + properties: + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + type: integer + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + type: object + type: object + type: object + secret: + type: string + storageClass: + type: string + swift: + properties: + enabled: + default: true + type: boolean + proxyOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + template: + properties: + memcachedInstance: + default: memcached + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + storageClass: + default: "" + type: string + swiftProxy: + properties: + ceilometerEnabled: + default: false + type: boolean + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + encryptionEnabled: + default: false + type: boolean + memcachedInstance: + default: memcached + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: SwiftPassword + properties: + service: + default: SwiftPassword + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + type: string + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + secret: + default: osp-secret + type: string + serviceUser: + default: swift + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + required: + - memcachedInstance + - rabbitMqClusterName + - replicas + - secret + - serviceUser + type: object + swiftRing: + properties: + minPartHours: + default: 1 + format: int64 + minimum: 1 + type: integer + nodeSelector: + additionalProperties: + type: string + type: object + partPower: + default: 10 + format: int64 + minimum: 1 + type: integer + ringReplicas: + default: 1 + format: int64 + minimum: 1 + type: integer + tls: + properties: + caBundleSecretName: + type: string + type: object + required: + - minPartHours + - partPower + - ringReplicas + type: object + swiftStorage: + properties: + containerSharderEnabled: + default: false + type: boolean + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + memcachedInstance: + default: memcached + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + storageClass: + default: "" + type: string + storageRequest: + default: 10Gi + type: string + required: + - memcachedInstance + - replicas + - storageClass + - storageRequest + type: object + required: + - memcachedInstance + - storageClass + - swiftProxy + - swiftRing + - swiftStorage + type: object + type: object + telemetry: + properties: + alertmanagerOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + aodhApiOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + enabled: + default: true + type: boolean + prometheusOverride: + properties: + route: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + pattern: ^/ + type: string + port: + properties: + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + properties: + caCertificate: + type: string + certificate: + type: string + destinationCACertificate: + type: string + externalCertificate: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + type: string + termination: + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: + passthrough and spec.tls.insecureEdgeTerminationPolicy: + Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + properties: + kind: + enum: + - Service + - "" + type: string + name: + type: string + weight: + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + tls: + properties: + secretName: + type: string + type: object + type: object + template: + properties: + autoscaling: + properties: + aodh: + default: + databaseAccount: aodh + databaseInstance: openstack + memcachedInstance: memcached + passwordSelector: + aodhService: AodhPassword + rabbitMqClusterName: rabbitmq + secret: osp-secret + serviceUser: aodh + properties: + apiTimeout: + default: 60 + type: integer + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: aodh + type: string + databaseInstance: + default: openstack + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + memcachedInstance: + default: memcached + type: string + networkAttachmentDefinitions: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelector: + default: + aodhService: AodhPassword + properties: + aodhService: + default: AodhPassword + type: string + ceilometerService: + default: CeilometerPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + default: osp-secret + type: string + serviceUser: + default: aodh + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + required: + - databaseInstance + - secret + type: object + enabled: + default: false + type: boolean + heatInstance: + default: heat + type: string + prometheusHost: + type: string + prometheusPort: + format: int32 + maximum: 65535 + minimum: 1 + type: integer + prometheusTLSCaCertSecret: + nullable: true + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - heatInstance + type: object + ceilometer: + properties: + apiTimeout: + default: 60 + type: integer + customServiceConfig: + default: '# add your customization here' + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + type: object + enabled: + default: true + type: boolean + ksmTls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + networkAttachmentDefinitions: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelector: + default: + ceilometerService: CeilometerPassword + properties: + aodhService: + default: AodhPassword + type: string + ceilometerService: + default: CeilometerPassword + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + default: osp-secret + type: string + serviceUser: + default: ceilometer + type: string + tls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + required: + - secret + type: object + logging: + properties: + annotations: + additionalProperties: + type: string + default: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + type: object + cloNamespace: + default: openshift-logging + type: string + enabled: + default: true + type: boolean + port: + default: 10514 + format: int32 + type: integer + rsyslogQueueSize: + default: 10000 + format: int32 + type: integer + rsyslogQueueType: + default: linkedList + type: string + rsyslogRetries: + default: 100 + format: int32 + type: integer + targetPort: + default: 10514 + type: integer + required: + - rsyslogQueueType + type: object + metricStorage: + properties: + customMonitoringStack: + nullable: true + properties: + alertmanagerConfig: + default: + disabled: false + properties: + disabled: + default: false + type: boolean + type: object + logLevel: + default: info + enum: + - debug + - info + - warn + - error + type: string + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + prometheusConfig: + default: + replicas: 2 + properties: + enableOtlpHttpReceiver: + type: boolean + enableRemoteWriteReceiver: + type: boolean + externalLabels: + additionalProperties: + type: string + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + remoteWrite: + items: + properties: + authorization: + properties: + credentials: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + type: string + type: + type: string + type: object + azureAd: + properties: + cloud: + enum: + - AzureChina + - AzureGovernment + - AzurePublic + type: string + managedIdentity: + properties: + clientId: + type: string + required: + - clientId + type: object + oauth: + properties: + clientId: + minLength: 1 + type: string + clientSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + tenantId: + minLength: 1 + pattern: ^[0-9a-zA-Z-.]+$ + type: string + required: + - clientId + - clientSecret + - tenantId + type: object + type: object + basicAuth: + properties: + password: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + type: string + bearerTokenFile: + type: string + enableHTTP2: + type: boolean + headers: + additionalProperties: + type: string + type: object + metadataConfig: + properties: + send: + type: boolean + sendInterval: + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + name: + type: string + oauth2: + properties: + clientId: + properties: + configMap: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + type: object + scopes: + items: + type: string + type: array + tokenUrl: + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyUrl: + type: string + queueConfig: + properties: + batchSendDeadline: + type: string + capacity: + type: integer + maxBackoff: + type: string + maxRetries: + type: integer + maxSamplesPerSend: + type: integer + maxShards: + type: integer + minBackoff: + type: string + minShards: + type: integer + retryOnRateLimit: + type: boolean + type: object + remoteTimeout: + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + sendExemplars: + type: boolean + sendNativeHistograms: + type: boolean + sigv4: + properties: + accessKey: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + type: string + region: + type: string + roleArn: + type: string + secretKey: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + tlsConfig: + properties: + ca: + properties: + configMap: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + type: string + cert: + properties: + configMap: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + type: string + insecureSkipVerify: + type: boolean + keyFile: + type: string + keySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + type: string + type: object + url: + type: string + writeRelabelConfigs: + items: + properties: + action: + default: replace + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + type: string + type: object + type: array + required: + - url + type: object + type: array + replicas: + default: 2 + format: int32 + minimum: 0 + type: integer + scrapeInterval: + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + resourceSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + resources: + default: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + retention: + default: 120h + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + dashboardsEnabled: + default: false + type: boolean + dataplaneNetwork: + default: ctlplane + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + enabled: + default: false + type: boolean + monitoringStack: + nullable: true + properties: + alertingEnabled: + default: true + type: boolean + scrapeInterval: + default: 30s + type: string + storage: + default: + persistent: + pvcStorageRequest: 20G + retention: 24h + strategy: persistent + properties: + persistent: + properties: + pvcStorageClass: + type: string + pvcStorageRequest: + default: 20G + type: string + pvcStorageSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + retention: + default: 24h + type: string + strategy: + default: persistent + enum: + - persistent + - ephemeral + type: string + type: object + type: object + prometheusTls: + properties: + caBundleSecretName: + type: string + secretName: + type: string + type: object + type: object + nodeSelector: + additionalProperties: + type: string + type: object + type: object + type: object + tls: + default: + ingress: + ca: + duration: 87600h + cert: + duration: 43800h + enabled: true + podLevel: + enabled: true + internal: + ca: + duration: 87600h + cert: + duration: 43800h + libvirt: + ca: + duration: 87600h + cert: + duration: 43800h + ovn: + ca: + duration: 87600h + cert: + duration: 43800h + properties: + caBundleSecretName: + type: string + ingress: + default: + ca: + duration: 87600h + cert: + duration: 43800h + enabled: true + properties: + ca: + default: + duration: 87600h + properties: + customIssuer: + type: string + duration: + default: 87600h + type: string + renewBefore: + type: string + type: object + cert: + default: + duration: 43800h + properties: + duration: + default: 43800h + type: string + renewBefore: + type: string + type: object + enabled: + default: true + type: boolean + type: object + podLevel: + default: + enabled: true + internal: + ca: + duration: 87600h + cert: + duration: 43800h + libvirt: + ca: + duration: 87600h + cert: + duration: 43800h + ovn: + ca: + duration: 87600h + cert: + duration: 43800h + properties: + enabled: + default: true + type: boolean + internal: + default: + ca: + duration: 87600h + cert: + duration: 43800h + properties: + ca: + default: + duration: 87600h + properties: + customIssuer: + type: string + duration: + default: 87600h + type: string + renewBefore: + type: string + type: object + cert: + default: + duration: 43800h + properties: + duration: + default: 43800h + type: string + renewBefore: + type: string + type: object + type: object + libvirt: + default: + ca: + duration: 87600h + cert: + duration: 43800h + properties: + ca: + default: + duration: 87600h + properties: + customIssuer: + type: string + duration: + default: 87600h + type: string + renewBefore: + type: string + type: object + cert: + default: + duration: 43800h + properties: + duration: + default: 43800h + type: string + renewBefore: + type: string + type: object + type: object + ovn: + default: + ca: + duration: 87600h + cert: + duration: 43800h + properties: + ca: + default: + duration: 87600h + properties: + customIssuer: + type: string + duration: + default: 87600h + type: string + renewBefore: + type: string + type: object + cert: + default: + duration: 43800h + properties: + duration: + default: 43800h + type: string + renewBefore: + type: string + type: object + type: object + type: object + type: object + required: + - secret + - storageClass + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + containerImages: + properties: + agentImage: + type: string + ansibleeeImage: + type: string + aodhAPIImage: + type: string + aodhEvaluatorImage: + type: string + aodhListenerImage: + type: string + aodhNotifierImage: + type: string + apacheImage: + type: string + barbicanAPIImage: + type: string + barbicanKeystoneListenerImage: + type: string + barbicanWorkerImage: + type: string + ceilometerCentralImage: + type: string + ceilometerComputeImage: + type: string + ceilometerIpmiImage: + type: string + ceilometerNotificationImage: + type: string + ceilometerProxyImage: + type: string + ceilometerSgcoreImage: + type: string + cinderAPIImage: + type: string + cinderBackupImage: + type: string + cinderSchedulerImage: + type: string + cinderVolumeImages: + additionalProperties: + type: string + type: object + designateAPIImage: + type: string + designateBackendbind9Image: + type: string + designateCentralImage: + type: string + designateMdnsImage: + type: string + designateProducerImage: + type: string + designateUnboundImage: + type: string + designateWorkerImage: + type: string + edpmFrrImage: + type: string + edpmIscsidImage: + type: string + edpmKeplerImage: + type: string + edpmLogrotateCrondImage: + type: string + edpmMultipathdImage: + type: string + edpmNeutronDhcpAgentImage: + type: string + edpmNeutronMetadataAgentImage: + type: string + edpmNeutronOvnAgentImage: + type: string + edpmNeutronSriovAgentImage: + type: string + edpmNodeExporterImage: + type: string + edpmOvnBgpAgentImage: + type: string + glanceAPIImage: + type: string + heatAPIImage: + type: string + heatCfnapiImage: + type: string + heatEngineImage: + type: string + horizonImage: + type: string + infraDnsmasqImage: + type: string + infraMemcachedImage: + type: string + infraRedisImage: + type: string + ironicAPIImage: + type: string + ironicConductorImage: + type: string + ironicInspectorImage: + type: string + ironicNeutronAgentImage: + type: string + ironicPxeImage: + type: string + ironicPythonAgentImage: + type: string + keystoneAPIImage: + type: string + manilaAPIImage: + type: string + manilaSchedulerImage: + type: string + manilaShareImages: + additionalProperties: + type: string + type: object + mariadbImage: + type: string + neutronAPIImage: + type: string + novaAPIImage: + type: string + novaComputeImage: + type: string + novaConductorImage: + type: string + novaNovncImage: + type: string + novaSchedulerImage: + type: string + octaviaAPIImage: + type: string + octaviaApacheImage: + type: string + octaviaHealthmanagerImage: + type: string + octaviaHousekeepingImage: + type: string + octaviaWorkerImage: + type: string + openstackClientImage: + type: string + osContainerImage: + type: string + ovnControllerImage: + type: string + ovnControllerOvsImage: + type: string + ovnNbDbclusterImage: + type: string + ovnNorthdImage: + type: string + ovnSbDbclusterImage: + type: string + placementAPIImage: + type: string + rabbitmqImage: + type: string + swiftAccountImage: + type: string + swiftContainerImage: + type: string + swiftObjectImage: + type: string + swiftProxyImage: + type: string + telemetryNodeExporterImage: + type: string + testAnsibletestImage: + type: string + testHorizontestImage: + type: string + testTempestImage: + type: string + testTobikoImage: + type: string + type: object + deployedOVNVersion: + type: string + deployedVersion: + type: string + observedGeneration: + format: int64 + type: integer + tls: + properties: + caBundleSecretName: + type: string + caList: + items: + properties: + expires: + type: string + name: + type: string + required: + - expires + - name + type: object + type: array + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackdataplanedeployments.dataplane.openstack.org +spec: + group: dataplane.openstack.org + names: + kind: OpenStackDataPlaneDeployment + listKind: OpenStackDataPlaneDeploymentList + plural: openstackdataplanedeployments + shortNames: + - osdpd + - osdpdeployment + - osdpdeployments + singular: openstackdataplanedeployment + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NodeSets + jsonPath: .spec.nodeSets + name: NodeSets + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + ansibleExtraVars: + x-kubernetes-preserve-unknown-fields: true + ansibleJobNodeSelector: + additionalProperties: + type: string + type: object + ansibleLimit: + type: string + ansibleSkipTags: + type: string + ansibleTags: + type: string + backoffLimit: + default: 6 + format: int32 + type: integer + deploymentRequeueTime: + default: 15 + minimum: 1 + type: integer + nodeSets: + items: + type: string + minItems: 1 + type: array + preserveJobs: + default: true + enum: + - true + - false + type: boolean + servicesOverride: + items: + type: string + type: array + required: + - deploymentRequeueTime + - nodeSets + type: object + x-kubernetes-validations: + - message: OpenStackDataPlaneDeployment Spec is immutable + rule: self == oldSelf + status: + properties: + ansibleEEHashes: + additionalProperties: + type: string + type: object + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + configMapHashes: + additionalProperties: + type: string + type: object + containerImages: + additionalProperties: + type: string + type: object + deployed: + type: boolean + deployedVersion: + type: string + nodeSetConditions: + additionalProperties: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + nodeSetHashes: + additionalProperties: + type: string + type: object + observedGeneration: + format: int64 + type: integer + secretHashes: + additionalProperties: + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackdataplanenodesets.dataplane.openstack.org +spec: + group: dataplane.openstack.org + names: + kind: OpenStackDataPlaneNodeSet + listKind: OpenStackDataPlaneNodeSetList + plural: openstackdataplanenodesets + shortNames: + - osdpns + - osdpnodeset + - osdpnodesets + singular: openstackdataplanenodeset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + baremetalSetTemplate: + properties: + agentImageUrl: + type: string + apacheImageUrl: + type: string + automatedCleaningMode: + default: metadata + enum: + - metadata + - disabled + type: string + baremetalHosts: + additionalProperties: + properties: + bmhLabelSelector: + additionalProperties: + type: string + type: object + ctlPlaneIP: + type: string + networkData: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + userData: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + type: object + type: object + bmhLabelSelector: + additionalProperties: + type: string + type: object + bmhNamespace: + default: openshift-machine-api + type: string + bootstrapDns: + items: + type: string + type: array + cloudUserName: + default: cloud-admin + type: string + ctlplaneGateway: + type: string + ctlplaneInterface: + type: string + ctlplaneNetmask: + default: 255.255.255.0 + type: string + deploymentSSHSecret: + type: string + dnsSearchDomains: + items: + type: string + type: array + domainName: + type: string + hardwareReqs: + properties: + cpuReqs: + properties: + arch: + enum: + - x86_64 + - ppc64le + type: string + countReq: + properties: + count: + minimum: 1 + type: integer + exactMatch: + type: boolean + type: object + mhzReq: + properties: + exactMatch: + type: boolean + mhz: + minimum: 1 + type: integer + type: object + type: object + diskReqs: + properties: + gbReq: + properties: + exactMatch: + type: boolean + gb: + minimum: 1 + type: integer + type: object + ssdReq: + properties: + exactMatch: + type: boolean + ssd: + type: boolean + type: object + type: object + memReqs: + properties: + gbReq: + properties: + exactMatch: + type: boolean + gb: + minimum: 1 + type: integer + type: object + type: object + type: object + osContainerImageUrl: + type: string + osImage: + type: string + passwordSecret: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + provisionServerName: + type: string + provisionServerNodeSelector: + additionalProperties: + type: string + type: object + provisioningInterface: + type: string + required: + - cloudUserName + - ctlplaneInterface + - deploymentSSHSecret + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeTemplate: + properties: + ansible: + properties: + ansibleHost: + type: string + ansiblePort: + type: integer + ansibleUser: + type: string + ansibleVars: + x-kubernetes-preserve-unknown-fields: true + ansibleVarsFrom: + items: + properties: + configMapRef: + properties: + name: + maxLength: 253 + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + maxLength: 253 + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + type: object + ansibleSSHPrivateKeySecret: + maxLength: 253 + type: string + extraMounts: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + managementNetwork: + default: ctlplane + type: string + networkData: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + networks: + items: + properties: + defaultRoute: + type: boolean + fixedIP: + type: string + name: + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + subnetName: + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + required: + - name + - subnetName + type: object + type: array + userData: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ansibleSSHPrivateKeySecret + type: object + nodes: + additionalProperties: + properties: + ansible: + properties: + ansibleHost: + type: string + ansiblePort: + type: integer + ansibleUser: + type: string + ansibleVars: + x-kubernetes-preserve-unknown-fields: true + ansibleVarsFrom: + items: + properties: + configMapRef: + properties: + name: + maxLength: 253 + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + maxLength: 253 + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + type: object + bmhLabelSelector: + additionalProperties: + type: string + type: object + hostName: + type: string + managementNetwork: + type: string + networkData: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + networks: + items: + properties: + defaultRoute: + type: boolean + fixedIP: + type: string + name: + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + subnetName: + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + required: + - name + - subnetName + type: object + type: array + userData: + properties: + name: + type: string + namespace: + type: string + type: object + x-kubernetes-map-type: atomic + type: object + type: object + preProvisioned: + type: boolean + secretMaxSize: + default: 1048576 + type: integer + services: + default: + - download-cache + - bootstrap + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova + - telemetry + items: + type: string + type: array + tags: + items: + type: string + type: array + tlsEnabled: + default: true + type: boolean + required: + - nodeTemplate + - nodes + type: object + status: + properties: + allHostnames: + additionalProperties: + additionalProperties: + type: string + type: object + type: object + allIPs: + additionalProperties: + additionalProperties: + type: string + type: object + type: object + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + configHash: + type: string + configMapHashes: + additionalProperties: + type: string + type: object + containerImages: + additionalProperties: + type: string + type: object + ctlplaneSearchDomain: + type: string + deployedConfigHash: + type: string + deployedVersion: + type: string + deploymentStatuses: + additionalProperties: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + dnsClusterAddresses: + items: + type: string + type: array + inventorySecretName: + type: string + observedGeneration: + format: int64 + type: integer + secretHashes: + additionalProperties: + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackdataplaneservices.dataplane.openstack.org +spec: + group: dataplane.openstack.org + names: + kind: OpenStackDataPlaneService + listKind: OpenStackDataPlaneServiceList + plural: openstackdataplaneservices + shortNames: + - osdps + - osdpservice + - osdpservices + singular: openstackdataplaneservice + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + addCertMounts: + default: false + type: boolean + caCerts: + default: combined-ca-bundle + maxLength: 253 + type: string + certsFrom: + type: string + containerImageFields: + items: + type: string + type: array + dataSources: + items: + properties: + configMapRef: + properties: + name: + maxLength: 253 + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + maxLength: 253 + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + deployOnAllNodeSets: + type: boolean + edpmServiceType: + type: string + openStackAnsibleEERunnerImage: + type: string + playbook: + type: string + playbookContents: + type: string + tlsCerts: + additionalProperties: + properties: + contents: + items: + type: string + minItems: 1 + type: array + edpmRoleServiceName: + type: string + issuer: + type: string + keyUsages: + items: + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + type: string + type: array + networks: + items: + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + type: array + required: + - contents + type: object + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: openstackversions.core.openstack.org +spec: + group: core.openstack.org + names: + kind: OpenStackVersion + listKind: OpenStackVersionList + plural: openstackversions + singular: openstackversion + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.targetVersion + name: Target Version + type: string + - jsonPath: .status.availableVersion + name: Available Version + type: string + - jsonPath: .status.deployedVersion + name: Deployed Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + customContainerImages: + properties: + agentImage: + type: string + ansibleeeImage: + type: string + aodhAPIImage: + type: string + aodhEvaluatorImage: + type: string + aodhListenerImage: + type: string + aodhNotifierImage: + type: string + apacheImage: + type: string + barbicanAPIImage: + type: string + barbicanKeystoneListenerImage: + type: string + barbicanWorkerImage: + type: string + ceilometerCentralImage: + type: string + ceilometerComputeImage: + type: string + ceilometerIpmiImage: + type: string + ceilometerNotificationImage: + type: string + ceilometerSgcoreImage: + type: string + cinderAPIImage: + type: string + cinderBackupImage: + type: string + cinderSchedulerImage: + type: string + cinderVolumeImages: + additionalProperties: + type: string + type: object + designateAPIImage: + type: string + designateBackendbind9Image: + type: string + designateCentralImage: + type: string + designateMdnsImage: + type: string + designateProducerImage: + type: string + designateUnboundImage: + type: string + designateWorkerImage: + type: string + edpmFrrImage: + type: string + edpmIscsidImage: + type: string + edpmKeplerImage: + type: string + edpmLogrotateCrondImage: + type: string + edpmMultipathdImage: + type: string + edpmNeutronDhcpAgentImage: + type: string + edpmNeutronMetadataAgentImage: + type: string + edpmNeutronOvnAgentImage: + type: string + edpmNeutronSriovAgentImage: + type: string + edpmNodeExporterImage: + type: string + edpmOvnBgpAgentImage: + type: string + glanceAPIImage: + type: string + heatAPIImage: + type: string + heatCfnapiImage: + type: string + heatEngineImage: + type: string + horizonImage: + type: string + infraDnsmasqImage: + type: string + infraMemcachedImage: + type: string + infraRedisImage: + type: string + ironicAPIImage: + type: string + ironicConductorImage: + type: string + ironicInspectorImage: + type: string + ironicNeutronAgentImage: + type: string + ironicPxeImage: + type: string + ironicPythonAgentImage: + type: string + keystoneAPIImage: + type: string + manilaAPIImage: + type: string + manilaSchedulerImage: + type: string + manilaShareImages: + additionalProperties: + type: string + type: object + mariadbImage: + type: string + neutronAPIImage: + type: string + novaAPIImage: + type: string + novaComputeImage: + type: string + novaConductorImage: + type: string + novaNovncImage: + type: string + novaSchedulerImage: + type: string + octaviaAPIImage: + type: string + octaviaHealthmanagerImage: + type: string + octaviaHousekeepingImage: + type: string + octaviaWorkerImage: + type: string + openstackClientImage: + type: string + osContainerImage: + type: string + ovnControllerImage: + type: string + ovnControllerOvsImage: + type: string + ovnNbDbclusterImage: + type: string + ovnNorthdImage: + type: string + ovnSbDbclusterImage: + type: string + placementAPIImage: + type: string + rabbitmqImage: + type: string + swiftAccountImage: + type: string + swiftContainerImage: + type: string + swiftObjectImage: + type: string + swiftProxyImage: + type: string + telemetryNodeExporterImage: + type: string + testAnsibletestImage: + type: string + testHorizontestImage: + type: string + testTempestImage: + type: string + testTobikoImage: + type: string + type: object + targetVersion: + type: string + required: + - targetVersion + type: object + status: + properties: + availableVersion: + type: string + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + containerImageVersionDefaults: + additionalProperties: + properties: + agentImage: + type: string + ansibleeeImage: + type: string + aodhAPIImage: + type: string + aodhEvaluatorImage: + type: string + aodhListenerImage: + type: string + aodhNotifierImage: + type: string + apacheImage: + type: string + barbicanAPIImage: + type: string + barbicanKeystoneListenerImage: + type: string + barbicanWorkerImage: + type: string + ceilometerCentralImage: + type: string + ceilometerComputeImage: + type: string + ceilometerIpmiImage: + type: string + ceilometerNotificationImage: + type: string + ceilometerSgcoreImage: + type: string + cinderAPIImage: + type: string + cinderBackupImage: + type: string + cinderSchedulerImage: + type: string + cinderVolumeImage: + type: string + designateAPIImage: + type: string + designateBackendbind9Image: + type: string + designateCentralImage: + type: string + designateMdnsImage: + type: string + designateProducerImage: + type: string + designateUnboundImage: + type: string + designateWorkerImage: + type: string + edpmFrrImage: + type: string + edpmIscsidImage: + type: string + edpmKeplerImage: + type: string + edpmLogrotateCrondImage: + type: string + edpmMultipathdImage: + type: string + edpmNeutronDhcpAgentImage: + type: string + edpmNeutronMetadataAgentImage: + type: string + edpmNeutronOvnAgentImage: + type: string + edpmNeutronSriovAgentImage: + type: string + edpmNodeExporterImage: + type: string + edpmOvnBgpAgentImage: + type: string + glanceAPIImage: + type: string + heatAPIImage: + type: string + heatCfnapiImage: + type: string + heatEngineImage: + type: string + horizonImage: + type: string + infraDnsmasqImage: + type: string + infraMemcachedImage: + type: string + infraRedisImage: + type: string + ironicAPIImage: + type: string + ironicConductorImage: + type: string + ironicInspectorImage: + type: string + ironicNeutronAgentImage: + type: string + ironicPxeImage: + type: string + ironicPythonAgentImage: + type: string + keystoneAPIImage: + type: string + manilaAPIImage: + type: string + manilaSchedulerImage: + type: string + manilaShareImage: + type: string + mariadbImage: + type: string + neutronAPIImage: + type: string + novaAPIImage: + type: string + novaComputeImage: + type: string + novaConductorImage: + type: string + novaNovncImage: + type: string + novaSchedulerImage: + type: string + octaviaAPIImage: + type: string + octaviaHealthmanagerImage: + type: string + octaviaHousekeepingImage: + type: string + octaviaWorkerImage: + type: string + openstackClientImage: + type: string + osContainerImage: + type: string + ovnControllerImage: + type: string + ovnControllerOvsImage: + type: string + ovnNbDbclusterImage: + type: string + ovnNorthdImage: + type: string + ovnSbDbclusterImage: + type: string + placementAPIImage: + type: string + rabbitmqImage: + type: string + swiftAccountImage: + type: string + swiftContainerImage: + type: string + swiftObjectImage: + type: string + swiftProxyImage: + type: string + telemetryNodeExporterImage: + type: string + testAnsibletestImage: + type: string + testHorizontestImage: + type: string + testTempestImage: + type: string + testTobikoImage: + type: string + type: object + type: object + containerImages: + properties: + agentImage: + type: string + ansibleeeImage: + type: string + aodhAPIImage: + type: string + aodhEvaluatorImage: + type: string + aodhListenerImage: + type: string + aodhNotifierImage: + type: string + apacheImage: + type: string + barbicanAPIImage: + type: string + barbicanKeystoneListenerImage: + type: string + barbicanWorkerImage: + type: string + ceilometerCentralImage: + type: string + ceilometerComputeImage: + type: string + ceilometerIpmiImage: + type: string + ceilometerNotificationImage: + type: string + ceilometerProxyImage: + type: string + ceilometerSgcoreImage: + type: string + cinderAPIImage: + type: string + cinderBackupImage: + type: string + cinderSchedulerImage: + type: string + cinderVolumeImages: + additionalProperties: + type: string + type: object + designateAPIImage: + type: string + designateBackendbind9Image: + type: string + designateCentralImage: + type: string + designateMdnsImage: + type: string + designateProducerImage: + type: string + designateUnboundImage: + type: string + designateWorkerImage: + type: string + edpmFrrImage: + type: string + edpmIscsidImage: + type: string + edpmKeplerImage: + type: string + edpmLogrotateCrondImage: + type: string + edpmMultipathdImage: + type: string + edpmNeutronDhcpAgentImage: + type: string + edpmNeutronMetadataAgentImage: + type: string + edpmNeutronOvnAgentImage: + type: string + edpmNeutronSriovAgentImage: + type: string + edpmNodeExporterImage: + type: string + edpmOvnBgpAgentImage: + type: string + glanceAPIImage: + type: string + heatAPIImage: + type: string + heatCfnapiImage: + type: string + heatEngineImage: + type: string + horizonImage: + type: string + infraDnsmasqImage: + type: string + infraMemcachedImage: + type: string + infraRedisImage: + type: string + ironicAPIImage: + type: string + ironicConductorImage: + type: string + ironicInspectorImage: + type: string + ironicNeutronAgentImage: + type: string + ironicPxeImage: + type: string + ironicPythonAgentImage: + type: string + keystoneAPIImage: + type: string + manilaAPIImage: + type: string + manilaSchedulerImage: + type: string + manilaShareImages: + additionalProperties: + type: string + type: object + mariadbImage: + type: string + neutronAPIImage: + type: string + novaAPIImage: + type: string + novaComputeImage: + type: string + novaConductorImage: + type: string + novaNovncImage: + type: string + novaSchedulerImage: + type: string + octaviaAPIImage: + type: string + octaviaApacheImage: + type: string + octaviaHealthmanagerImage: + type: string + octaviaHousekeepingImage: + type: string + octaviaWorkerImage: + type: string + openstackClientImage: + type: string + osContainerImage: + type: string + ovnControllerImage: + type: string + ovnControllerOvsImage: + type: string + ovnNbDbclusterImage: + type: string + ovnNorthdImage: + type: string + ovnSbDbclusterImage: + type: string + placementAPIImage: + type: string + rabbitmqImage: + type: string + swiftAccountImage: + type: string + swiftContainerImage: + type: string + swiftObjectImage: + type: string + swiftProxyImage: + type: string + telemetryNodeExporterImage: + type: string + testAnsibletestImage: + type: string + testHorizontestImage: + type: string + testTempestImage: + type: string + testTobikoImage: + type: string + type: object + deployedVersion: + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/bindata/crds/designate.openstack.org_designateapis.yaml b/bindata/crds/designate.openstack.org_designateapis.yaml new file mode 100644 index 000000000..a2aa1081a --- /dev/null +++ b/bindata/crds/designate.openstack.org_designateapis.yaml @@ -0,0 +1,494 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designateapis.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateAPI + listKind: DesignateAPIList + plural: designateapis + singular: designateapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateAPI is the Schema for the designateapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateAPISpec defines the desired state of DesignateAPI + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a + single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate API Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + status: + description: DesignateAPIStatus defines the observed state of DesignateAPI + properties: + apiEndpoints: + additionalProperties: + additionalProperties: + type: string + type: object + description: API endpoints + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate API instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designatebackendbind9s.yaml b/bindata/crds/designate.openstack.org_designatebackendbind9s.yaml new file mode 100644 index 000000000..b78f455a4 --- /dev/null +++ b/bindata/crds/designate.openstack.org_designatebackendbind9s.yaml @@ -0,0 +1,296 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designatebackendbind9s.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateBackendbind9 + listKind: DesignateBackendbind9List + plural: designatebackendbind9s + singular: designatebackendbind9 + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateBackendbind9 is the Schema for the designatebackendbind9 + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateBackendbind9Spec defines the desired state of DesignateBackendbind9 + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a + single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + controlNetworkName: + default: designate + description: ControlNetworkName - specify which network attachment + is to be used for control, notifys and zone transfers. + type: string + customBindOptions: + description: CustomBindOptions - custom bind9 options + items: + type: string + type: array + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Backendbind9 Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + storageClass: + description: StorageClass + type: string + storageRequest: + description: StorageRequest + type: string + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + status: + description: DesignateBackendbind9Status defines the observed state of + DesignateBackendbind9 + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate backendbind9 instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designatecentrals.yaml b/bindata/crds/designate.openstack.org_designatecentrals.yaml new file mode 100644 index 000000000..2e5bb362c --- /dev/null +++ b/bindata/crds/designate.openstack.org_designatecentrals.yaml @@ -0,0 +1,292 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designatecentrals.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateCentral + listKind: DesignateCentralList + plural: designatecentrals + singular: designatecentral + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateCentral is the Schema for the designatecentral API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateCentralSpec defines the input parameters for the + Designate Central service + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a + single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Central Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + status: + description: DesignateCentralStatus defines the observed state of DesignateCentral + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate central instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designatemdnses.yaml b/bindata/crds/designate.openstack.org_designatemdnses.yaml new file mode 100644 index 000000000..e4f63ea44 --- /dev/null +++ b/bindata/crds/designate.openstack.org_designatemdnses.yaml @@ -0,0 +1,290 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designatemdnses.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateMdns + listKind: DesignateMdnsList + plural: designatemdnses + singular: designatemdns + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateMdns is the Schema for the designatemdnses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateMdnsSpec defines the input parameters for the Designate + Mdns service + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a + single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + status: + description: DesignateMdnsStatus defines the observed state of DesignateMdns + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + desiredNumberScheduled: + description: DesiredNumberScheduled - total number of the nodes which + should be running Daemon + format: int32 + type: integer + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate MDNS instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designateproducers.yaml b/bindata/crds/designate.openstack.org_designateproducers.yaml new file mode 100644 index 000000000..d98eb428b --- /dev/null +++ b/bindata/crds/designate.openstack.org_designateproducers.yaml @@ -0,0 +1,291 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designateproducers.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateProducer + listKind: DesignateProducerList + plural: designateproducers + singular: designateproducer + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateProducer is the Schema for the designateproducer API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateProducerSpec the desired state of DesignateProducer + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a + single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Producer Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + status: + description: DesignateProducerStatus defines the observed state of DesignateProducer + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate Producer instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designates.yaml b/bindata/crds/designate.openstack.org_designates.yaml new file mode 100644 index 000000000..1343b4795 --- /dev/null +++ b/bindata/crds/designate.openstack.org_designates.yaml @@ -0,0 +1,1610 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designates.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: Designate + listKind: DesignateList + plural: designates + singular: designate + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Designate is the Schema for the designates API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateAPISpec defines the desired state of DesignateAPI + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, unhbound, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + designateAPI: + description: DesignateAPI - Spec definition for the API service of + this Designate deployment + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service + password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate API Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + designateBackendbind9: + description: DesignateBackendbind9 - Spec definition for the Backendbind9 + service of this Designate deployment + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + controlNetworkName: + default: designate + description: ControlNetworkName - specify which network attachment + is to be used for control, notifys and zone transfers. + type: string + customBindOptions: + description: CustomBindOptions - custom bind9 options + items: + type: string + type: array + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service + password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Backendbind9 Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + storageClass: + description: StorageClass + type: string + storageRequest: + description: StorageRequest + type: string + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + designateCentral: + description: DesignateCentral - Spec definition for the Central service + of this Designate deployment + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service + password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Central Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + designateMdns: + description: DesignateMdns - Spec definition for the Mdns service + of this Designate deployment + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service + password from the Secret + type: string + type: object + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + designateNetworkAttachment: + default: designate + description: DesignateNetworkAttachment is a NetworkAttachment resource + name for the Designate Control Network + type: string + designateProducer: + description: DesignateProducer - Spec definition for the Producer + service of this Designate deployment + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service + password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Producer Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + designateUnbound: + description: DesignateUnbound - Spec definition for the Unbound Resolver + service of this Designate deployment + properties: + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + replicas: + default: 1 + description: Replicas - Designate Unbound Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + required: + - containerImage + type: object + designateWorker: + description: DesignateWorker - Spec definition for the Worker service + of this Designate deployment + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain + a single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol + to be used between the designate-worker & designate_mdns to/from + the DNS server. Acceptable values are: "UDP", "TCP" Please Note: + this MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as a custom config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc//.conf.d directory as a + custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service + password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Worker Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + AdminUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Designate + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + designate AdminPassword + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + required: + - databaseInstance + - designateAPI + - designateBackendbind9 + - designateCentral + - designateMdns + - designateProducer + - designateWorker + - rabbitMqClusterName + - secret + type: object + status: + description: DesignateStatus defines the observed state of Designate + properties: + apiEndpoint: + additionalProperties: + type: string + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + designateAPIReadyCount: + description: ReadyCount of Designate API instance + format: int32 + type: integer + designateBackendbind9ReadyCount: + description: ReadyCount of Designate Backendbind9 instance + format: int32 + type: integer + designateCentralReadyCount: + description: ReadyCount of Designate Central instance + format: int32 + type: integer + designateMdnsReadyCount: + description: ReadyCount of Designate Mdns instance + format: int32 + type: integer + designateProducerReadyCount: + description: ReadyCount of Designate Producer instance + format: int32 + type: integer + designateUnboundReadyCount: + description: ReadyCount of Designate Unbound instance + format: int32 + type: integer + designateWorkerReadyCount: + description: ReadyCount of Designate Worker instance + format: int32 + type: integer + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designateunbounds.yaml b/bindata/crds/designate.openstack.org_designateunbounds.yaml new file mode 100644 index 000000000..467990406 --- /dev/null +++ b/bindata/crds/designate.openstack.org_designateunbounds.yaml @@ -0,0 +1,230 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designateunbounds.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateUnbound + listKind: DesignateUnboundList + plural: designateunbounds + singular: designateunbound + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateUnbound is the Schema for the designateworker API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateUnboundSpec defines the desired state of DesignateUnbound + properties: + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + replicas: + default: 1 + description: Replicas - Designate Unbound Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + required: + - containerImage + type: object + status: + description: DesignateUnboundStatus defines the observed state of DesignateUnbound + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate central instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/designate.openstack.org_designateworkers.yaml b/bindata/crds/designate.openstack.org_designateworkers.yaml new file mode 100644 index 000000000..7ae05c78c --- /dev/null +++ b/bindata/crds/designate.openstack.org_designateworkers.yaml @@ -0,0 +1,287 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: designateworkers.designate.openstack.org +spec: + group: designate.openstack.org + names: + kind: DesignateWorker + listKind: DesignateWorkerList + plural: designateworkers + singular: designateworker + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DesignateWorker is the Schema for the designateworker API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DesignateWorkerSpec the desired state of DesignateWorker + properties: + backendMdnsServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:mdns'']' + type: string + backendType: + description: BackendType - Defines the backend service/configuration + we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a + single init container/init.sh to do container setup + type: string + backendWorkerServerProtocol: + description: 'BackendTypeProtocol - Defines the backend protocol to + be used between the designate-worker & designate_mdns to/from the + DNS server. Acceptable values are: "UDP", "TCP" Please Note: this + MUST match what is in the /etc/designate.conf [''service:worker'']' + type: string + containerImage: + description: ContainerImage - Designate Container Image URL (will + be set to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as a custom + config file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc//.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: designate + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseHostname: + description: DatabaseHostname - Designate Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Designate CR. + type: object + passwordSelectors: + default: + service: DesignatePassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: DesignatePassword + description: Service - Selector to get the designate service password + from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - Designate Worker Replicas + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + DesignatePassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Designate services the default SA name + type: string + serviceUser: + default: designate + description: ServiceUser - optional username used for this service + to register in designate + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - containerImage + type: object + status: + description: DesignateWorkerStatus defines the observed state of DesignateWorker + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of designate central instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/glance.openstack.org_glanceapis.yaml b/bindata/crds/glance.openstack.org_glanceapis.yaml new file mode 100644 index 000000000..9b6daf8bc --- /dev/null +++ b/bindata/crds/glance.openstack.org_glanceapis.yaml @@ -0,0 +1,783 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: glanceapis.glance.openstack.org +spec: + group: glance.openstack.org + names: + kind: GlanceAPI + listKind: GlanceAPIList + plural: glanceapis + singular: glanceapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + apiTimeout: + minimum: 1 + type: integer + apiType: + default: external + enum: + - internal + - external + - single + - edge + type: string + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: glance + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + imageCache: + properties: + cleanerScheduler: + default: '*/30 * * * *' + type: string + prunerScheduler: + default: 1 0 * * * + type: string + size: + default: "" + type: string + required: + - size + type: object + memcachedInstance: + default: memcached + type: string + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: GlancePassword + properties: + service: + default: GlancePassword + type: string + type: object + quota: + default: false + type: boolean + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: glance + type: string + storage: + properties: + external: + type: boolean + storageClass: + type: string + storageRequest: + type: string + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: + default: split + enum: + - split + - single + - edge + type: string + required: + - containerImage + - databaseHostname + - memcachedInstance + - secret + - serviceAccount + type: object + status: + properties: + apiEndpoint: + additionalProperties: + type: string + type: object + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + domain: + type: string + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + default: 0 + format: int32 + minimum: 0 + type: integer + required: + - readyCount + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/glance.openstack.org_glances.yaml b/bindata/crds/glance.openstack.org_glances.yaml new file mode 100644 index 000000000..7931be0b0 --- /dev/null +++ b/bindata/crds/glance.openstack.org_glances.yaml @@ -0,0 +1,844 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: glances.glance.openstack.org +spec: + group: glance.openstack.org + names: + kind: Glance + listKind: GlanceList + plural: glances + singular: glance + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + apiTimeout: + default: 60 + minimum: 1 + type: integer + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: glance + type: string + databaseInstance: + type: string + dbPurge: + properties: + age: + default: 30 + minimum: 1 + type: integer + schedule: + default: 1 0 * * * + type: string + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + glanceAPIs: + additionalProperties: + properties: + apiTimeout: + minimum: 1 + type: integer + containerImage: + type: string + customServiceConfig: + type: string + customServiceConfigSecrets: + items: + type: string + type: array + imageCache: + properties: + cleanerScheduler: + default: '*/30 * * * *' + type: string + prunerScheduler: + default: 1 0 * * * + type: string + size: + default: "" + type: string + required: + - size + type: object + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storage: + properties: + external: + type: boolean + storageClass: + type: string + storageRequest: + type: string + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + type: + default: split + enum: + - split + - single + - edge + type: string + required: + - containerImage + type: object + type: object + imageCache: + properties: + cleanerScheduler: + default: '*/30 * * * *' + type: string + prunerScheduler: + default: 1 0 * * * + type: string + size: + default: "" + type: string + required: + - size + type: object + keystoneEndpoint: + default: "" + type: string + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: GlancePassword + properties: + service: + default: GlancePassword + type: string + type: object + preserveJobs: + default: false + type: boolean + quotas: + properties: + imageCountTotal: + default: 0 + type: integer + imageCountUpload: + default: 0 + type: integer + imageSizeTotal: + default: 0 + type: integer + imageStageTotal: + default: 0 + type: integer + required: + - imageCountTotal + - imageCountUpload + - imageSizeTotal + - imageStageTotal + type: object + secret: + type: string + serviceUser: + default: glance + type: string + storage: + properties: + external: + type: boolean + storageClass: + type: string + storageRequest: + type: string + type: object + required: + - containerImage + - databaseInstance + - glanceAPIs + - imageCache + - keystoneEndpoint + - memcachedInstance + - secret + type: object + status: + properties: + apiEndpoint: + additionalProperties: + type: string + type: object + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + type: string + glanceAPIReadyCounts: + additionalProperties: + format: int32 + type: integer + type: object + hash: + additionalProperties: + type: string + type: object + observedGeneration: + format: int64 + type: integer + serviceID: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/heat.openstack.org_heatapis.yaml b/bindata/crds/heat.openstack.org_heatapis.yaml new file mode 100644 index 000000000..237ae39ba --- /dev/null +++ b/bindata/crds/heat.openstack.org_heatapis.yaml @@ -0,0 +1,466 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: heatapis.heat.openstack.org +spec: + group: heat.openstack.org + names: + kind: HeatAPI + listKind: HeatAPIList + plural: heatapis + singular: heatapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HeatAPI ... + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HeatAPISpec defines the desired state of HeatAPI + properties: + containerImage: + description: ContainerImage - Container Image URL + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc/heat/heat.conf.d directory as 02-custom-service.conf + file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc/heat/heat.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: heat + description: DatabaseAccount - optional MariaDBAccount used for heat + DB, defaults to heat. + type: string + databaseHostname: + description: DatabaseHostname - Heat Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for running + the service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + authEncryptionKey: HeatAuthEncryptionKey + service: HeatPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + authEncryptionKey: + default: HeatAuthEncryptionKey + description: AuthEncryptionKey - Selector to get the heat auth + encryption key from the Secret + type: string + service: + default: HeatPassword + description: Service - Selector to get the heat service password + from the Secret + type: string + stackDomainAdminPassword: + default: HeatStackDomainAdminPassword + description: StackDomainAdminPassword - Selector to get the heat + stack domain admin password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + heat HeatDatabasePassword, HeatPassword and HeatAuthEncryptionKey + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Heat services the default SA name + type: string + serviceUser: + default: heat + description: ServiceUser - optional username used for this service + to register in heat + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + description: HeatAPIStatus defines the observed state of HeatAPI + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of HeatAPI instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/heat.openstack.org_heatcfnapis.yaml b/bindata/crds/heat.openstack.org_heatcfnapis.yaml new file mode 100644 index 000000000..f92dac877 --- /dev/null +++ b/bindata/crds/heat.openstack.org_heatcfnapis.yaml @@ -0,0 +1,466 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: heatcfnapis.heat.openstack.org +spec: + group: heat.openstack.org + names: + kind: HeatCfnAPI + listKind: HeatCfnAPIList + plural: heatcfnapis + singular: heatcfnapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HeatCfnAPI ... + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HeatCfnAPISpec defines the desired state of HeatCfnAPI + properties: + containerImage: + description: ContainerImage - Container Image URL + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc/heat/heat.conf.d directory as 02-custom-service.conf + file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc/heat/heat.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: heat + description: DatabaseAccount - optional MariaDBAccount used for heat + DB, defaults to heat. + type: string + databaseHostname: + description: DatabaseHostname - Heat Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for running + the service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + authEncryptionKey: HeatAuthEncryptionKey + service: HeatPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + authEncryptionKey: + default: HeatAuthEncryptionKey + description: AuthEncryptionKey - Selector to get the heat auth + encryption key from the Secret + type: string + service: + default: HeatPassword + description: Service - Selector to get the heat service password + from the Secret + type: string + stackDomainAdminPassword: + default: HeatStackDomainAdminPassword + description: StackDomainAdminPassword - Selector to get the heat + stack domain admin password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + heat HeatDatabasePassword, HeatPassword and HeatAuthEncryptionKey + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Heat services the default SA name + type: string + serviceUser: + default: heat + description: ServiceUser - optional username used for this service + to register in heat + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + description: HeatCfnAPIStatus defines the observed state of HeatCfnAPI + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of HeatCfnAPI instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/heat.openstack.org_heatengines.yaml b/bindata/crds/heat.openstack.org_heatengines.yaml new file mode 100644 index 000000000..50bfd64b0 --- /dev/null +++ b/bindata/crds/heat.openstack.org_heatengines.yaml @@ -0,0 +1,270 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: heatengines.heat.openstack.org +spec: + group: heat.openstack.org + names: + kind: HeatEngine + listKind: HeatEngineList + plural: heatengines + singular: heatengine + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HeatEngine defined. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HeatEngineSpec defines the desired state of HeatEngine + properties: + containerImage: + description: ContainerImage - Container Image URL + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc/heat/heat.conf.d directory as 02-custom-service.conf + file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc/heat/heat.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: heat + description: DatabaseAccount - optional MariaDBAccount used for heat + DB, defaults to heat. + type: string + databaseHostname: + description: DatabaseHostname - Heat Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for running + the service + type: object + passwordSelectors: + default: + authEncryptionKey: HeatAuthEncryptionKey + service: HeatPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + authEncryptionKey: + default: HeatAuthEncryptionKey + description: AuthEncryptionKey - Selector to get the heat auth + encryption key from the Secret + type: string + service: + default: HeatPassword + description: Service - Selector to get the heat service password + from the Secret + type: string + stackDomainAdminPassword: + default: HeatStackDomainAdminPassword + description: StackDomainAdminPassword - Selector to get the heat + stack domain admin password from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + heat HeatDatabasePassword, HeatPassword and HeatAuthEncryptionKey + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Heat services the default SA name + type: string + serviceUser: + default: heat + description: ServiceUser - optional username used for this service + to register in heat + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - containerImage + - databaseHostname + - secret + - serviceAccount + - transportURLSecret + type: object + status: + description: HeatEngineStatus defines the observed state of HeatEngine + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of HeatEngine instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/heat.openstack.org_heats.yaml b/bindata/crds/heat.openstack.org_heats.yaml new file mode 100644 index 000000000..baac6af21 --- /dev/null +++ b/bindata/crds/heat.openstack.org_heats.yaml @@ -0,0 +1,948 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: heats.heat.openstack.org +spec: + group: heat.openstack.org + names: + kind: Heat + listKind: HeatList + plural: heats + singular: heat + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Heat is the Schema for the heats API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HeatSpec defines the desired state of Heat + properties: + apiTimeout: + default: 600 + description: APITimeout for Route and Apache + minimum: 60 + type: integer + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc/heat/heat.conf.d directory as 01-custom.conf file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service config + using this parameter to specify Secrets that contain sensitive service + config data. The content of each Secret gets added to the /etc/heat/heat.conf.d + directory as a custom config file. + items: + type: string + type: array + databaseAccount: + default: heat + description: DatabaseAccount - optional MariaDBAccount used for heat + DB, defaults to heat. + type: string + databaseInstance: + default: openstack + description: MariaDB instance name. Right now required by the maridb-operator + to get the credentials from the instance to create the DB. Might + not be required in future. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + heatAPI: + description: HeatAPI - Spec definition for the API service of this + Heat deployment + properties: + containerImage: + description: ContainerImage - Container Image URL + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc/heat/heat.conf.d directory as + 02-custom-service.conf file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc/heat/heat.conf.d directory as a custom config + file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for + running the service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + required: + - containerImage + type: object + heatCfnAPI: + description: HeatCfnAPI - Spec definition for the CfnAPI service of + this Heat deployment + properties: + containerImage: + description: ContainerImage - Container Image URL + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc/heat/heat.conf.d directory as + 02-custom-service.conf file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc/heat/heat.conf.d directory as a custom config + file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for + running the service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + required: + - containerImage + type: object + heatEngine: + description: HeatEngine - Spec definition for the Engine service of + this Heat deployment + properties: + containerImage: + description: ContainerImage - Container Image URL + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc/heat/heat.conf.d directory as + 02-custom-service.conf file. + type: string + customServiceConfigSecrets: + description: CustomServiceConfigSecrets - customize the service + config using this parameter to specify Secrets that contain + sensitive service config data. The content of each Secret gets + added to the /etc/heat/heat.conf.d directory as a custom config + file. + items: + type: string + type: array + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for + running the service + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - containerImage + type: object + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes for running + the Heat services + type: object + passwordSelectors: + default: + authEncryptionKey: HeatAuthEncryptionKey + service: HeatPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + authEncryptionKey: + default: HeatAuthEncryptionKey + description: AuthEncryptionKey - Selector to get the heat auth + encryption key from the Secret + type: string + service: + default: HeatPassword + description: Service - Selector to get the heat service password + from the Secret + type: string + stackDomainAdminPassword: + default: HeatStackDomainAdminPassword + description: StackDomainAdminPassword - Selector to get the heat + stack domain admin password from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Heat + type: string + secret: + description: Secret containing OpenStack password information for + heat HeatDatabasePassword, HeatPassword and HeatAuthEncryptionKey + type: string + serviceUser: + default: heat + description: ServiceUser - optional username used for this service + to register in heat + type: string + required: + - databaseInstance + - heatAPI + - heatCfnAPI + - heatEngine + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + status: + description: HeatStatus defines the observed state of Heat + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Heat Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + heatApiReadyCount: + description: ReadyCount of Heat API instance + format: int32 + type: integer + heatCfnApiReadyCount: + description: ReadyCount of Heat CfnAPI instance + format: int32 + type: integer + heatEngineReadyCount: + description: ReadyCount of Heat Engine instance + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/horizon.openstack.org_horizons.yaml b/bindata/crds/horizon.openstack.org_horizons.yaml new file mode 100644 index 000000000..3f14d01d7 --- /dev/null +++ b/bindata/crds/horizon.openstack.org_horizons.yaml @@ -0,0 +1,1588 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: horizons.horizon.openstack.org +spec: + group: horizon.openstack.org + names: + kind: Horizon + listKind: HorizonList + plural: horizons + singular: horizon + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Horizon is the Schema for the horizons API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HorizonSpec defines the desired state of Horizon + properties: + containerImage: + description: horizon Container Image URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc/openstack-dashboard/local_settings.d directory + as 9999_custom_settings.py file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + extraMounts: + description: ExtraMounts containing conf files + items: + description: HorizonExtraVolMounts exposes additional parameters + processed by the horizon-operator and defines the common VolMounts + structure provided by the main storage module + properties: + extraVol: + items: + description: VolMounts is the data structure used to expose + Volumes and Mounts that can be added to a pod according + to the defined Propagation policy + properties: + extraVolType: + description: Label associated to a given extraMount + type: string + mounts: + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the + container's environment. Defaults to "" (volume's + root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + description: Propagation defines which pod should mount + the volume + items: + description: PropagationType identifies the Service, + Group or instance (e.g. the backend) that receives + an Extra Volume that can potentially be mounted + type: string + type: array + volumes: + items: + description: Volume our slimmed down version of Volume + properties: + cephfs: + description: cephFS represents a Ceph FS mount on + the host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors + is a collection of Ceph monitors More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the + mounted root, rather than the full Ceph tree, + default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default + is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef + is reference to the authentication secret + for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the + rados user name, default is admin More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + configMap: + description: configMap represents a configMap that + should populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode + bits used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, the + volume setup will error unless it is marked + optional. Paths must be relative and may not + contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May not + be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your + admin for the correct name as registered in + the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is + passed to the associated CSI driver which + will determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive + information to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may be + empty if no secret is required. If the secret + object contains more than one secret, all + secret references are passed. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only + configuration for the volume. Defaults to + false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API + about the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on + created files by default. Must be a Optional: + mode bits used to set permissions on created + files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API + volume file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. If not specified, the + volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. + Must not be absolute or contain the + ''..'' path. Must be utf-8 encoded. + The first item of the relative path + must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) are + currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of + storage medium should back this directory. + The default is "" which means to use the node''s + default medium. Must be an empty string (default) + or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount + of local storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value + between the SizeLimit specified here and the + sum of memory limits of all containers in + a pod. The default is nil which means that + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and + then exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors + in the filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun + number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world + wide identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not + both simultaneously.' + items: + type: string + type: array + type: object + hostPath: + description: Represents a host path mapped into + a pod. Host path volumes do not support ownership + management or SELinux relabeling. + properties: + path: + description: 'path of the directory on the host. + If the path is a symlink, it will follow the + link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. Tip: + Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI + Initiator Name. If initiatorName is specified + with iscsiInterface simultaneously, new iSCSI + interface : will + be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun + number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal + List. The portal is either an IP or ip_addr:port + if the port is other than default (typically + TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for + iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default (typically + TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: Name of the volume + type: string + nfs: + description: 'nfs represents an NFS mount on the + host that shares a pod''s lifetime More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS + server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS + export to be mounted with read-only permissions. + Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this + volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. Directories + within the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field of ClusterTrustBundle objects + in an auto-updating file. \n Alpha, + gated by the ClusterTrustBundleProjection + feature gate. \n ClusterTrustBundle + objects can either be selected by name, + or by the combination of signer name + and a label selector. \n Kubelet performs + aggressive normalization of the PEM + contents written into the pod filesystem. + \ Esoteric PEM features such as inter-block + comments and block headers are stripped. + \ Certificates are deduplicated. The + ordering of certificates within the + file is arbitrary, and Kubelet may change + the order over time." + properties: + labelSelector: + description: Select all ClusterTrustBundles + that match this label selector. Only + has effect if signerName is set. Mutually-exclusive + with name. If unset, interpreted + as "match nothing". If set but + empty, interpreted as "match everything". + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In + or NotIn, the values array + must be non-empty. If + the operator is Exists + or DoesNotExist, the values + array must be empty. This + array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a + map of {key,value} pairs. A + single {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator + is "In", and the values array + contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: Select a single ClusterTrustBundle + by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: If true, don't block + pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, + then the named ClusterTrustBundle + is allowed not to exist. If using + signerName, then the combination + of signerName and labelSelector + is allowed to match zero ClusterTrustBundles. + type: boolean + path: + description: Relative path from the + volume root to write the bundle. + type: string + signerName: + description: Select all ClusterTrustBundles + that match this signer name. Mutually-exclusive + with name. The contents of all + selected ClusterTrustBundles will + be unified and deduplicated. + type: string + required: + - path + type: object + configMap: + description: configMap information about + the configMap data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the key + and content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the + key to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode + bits used to set permissions + on this file, must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the + output format of the exposed + resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced Secret will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the + key to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify + whether the Secret or its key must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to + project + properties: + audience: + description: audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified in + the audience of the token, and otherwise + should reject the token. The audience + defaults to the identifier of the + apiserver. + type: string + expirationSeconds: + description: expirationSeconds is + the requested duration of validity + of the service account token. As + the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. + The kubelet will start trying to + rotate the token if the token is + older than 80 percent of its time + to live or if the token is older + than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative + to the mount point of the file to + project the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of + the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of + the ScaleIO Protection Domain for the configured + storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume + already created in the ScaleIO system that + is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode + bits used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May not + be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the + secret in the pod''s namespace to use. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret + to use for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable + name of the StorageOS volume. Volume names + are only unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will + be used. This allows the Kubernetes name + scoping to be mirrored within StorageOS for + tighter integration. Set VolumeName to any + name to override the default behaviour. Set + to "default" if you are not using namespaces + within StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created to + serve traffic to the cluster. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference that + discovery mechanisms will return as an alias for this + service (e.g. a DNS CNAME record). No proxying will + be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` + to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of the + Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that assumes + that external load balancers will take care of balancing + the service traffic between nodes, and so each node + will deliver traffic only to the node-local endpoints + of the service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + Note that traffic sent to an External IP or LoadBalancer + IP from within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort from within + the cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods only + want to talk to endpoints of the service on the same + node as the pod, dropping the traffic if there are no + local endpoints. The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no + value provided, then this field will be set to SingleStack. + Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured + clusters or a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this field. + This field will be wiped when updating a service to + type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set when + the Service type is 'LoadBalancer'. If not set, the + default load balancer implementation is used, today + this is typically done through the cloud provider integration, + but should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated to + a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based session + affinity. Must be ClientIP or None. Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 + hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing to + endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints rather + than a virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to the same + endpoints as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer (if supported + in the current cloud) which routes to the same endpoints + as the clusterIP. "ExternalName" aliases this service + to the specified externalName. Several other fields + do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + replicas: + default: 1 + description: Replicas of horizon API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + Horizon Secret Key + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - containerImage + - memcachedInstance + - secret + type: object + status: + description: HorizonStatus defines the observed state of Horizon + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + endpoint: + description: Endpoint url to access OpenStack Dashboard + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of Horizon instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/instanceha.openstack.org_instancehas.yaml b/bindata/crds/instanceha.openstack.org_instancehas.yaml new file mode 100644 index 000000000..c171747ef --- /dev/null +++ b/bindata/crds/instanceha.openstack.org_instancehas.yaml @@ -0,0 +1,177 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: instancehas.instanceha.openstack.org +spec: + group: instanceha.openstack.org + names: + kind: InstanceHa + listKind: InstanceHaList + plural: instancehas + singular: instanceha + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: InstanceHa is the Schema for the instancehas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InstanceHaSpec defines the desired state of InstanceHa + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + containerImage: + default: quay.io/podified-antelope-centos9/openstack-openstackclient:current-podified + description: ContainerImage for the the InstanceHa container (will + be set to environmental default if empty) + type: string + fencingSecret: + default: fencing-secret + description: FencingSecret is the name of the Secret containing the + fencing details + type: string + instanceHaConfigMap: + default: instanceha-config + description: InstanceHaConfigMap is the name of the ConfigMap containing + the InstanceHa config file + type: string + instanceHaKdumpPort: + default: 7410 + format: int32 + type: integer + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + control plane services + type: object + openStackCloud: + default: default + description: OpenStackClould is the name of the Cloud to use as per + clouds.yaml (will be set to "default" if empty) + type: string + openStackConfigMap: + default: openstack-config + description: OpenStackConfigMap is the name of the ConfigMap containing + the clouds.yaml + type: string + openStackConfigSecret: + default: openstack-config-secret + description: OpenStackConfigSecret is the name of the Secret containing + the secure.yaml + type: string + required: + - containerImage + - fencingSecret + - instanceHaConfigMap + - instanceHaKdumpPort + - openStackCloud + - openStackConfigMap + - openStackConfigSecret + type: object + status: + description: InstanceHaStatus defines the observed state of InstanceHa + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this object. + format: int64 + type: integer + podName: + description: PodName + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ironic.openstack.org_ironicapis.yaml b/bindata/crds/ironic.openstack.org_ironicapis.yaml new file mode 100644 index 000000000..ecc912480 --- /dev/null +++ b/bindata/crds/ironic.openstack.org_ironicapis.yaml @@ -0,0 +1,489 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ironicapis.ironic.openstack.org +spec: + group: ironic.openstack.org + names: + kind: IronicAPI + listKind: IronicAPIList + plural: ironicapis + singular: ironicapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: IronicAPI is the Schema for the ironicapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IronicAPISpec defines the desired state of IronicAPI + properties: + containerImage: + description: ContainerImage - Ironic API Container Image + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: ironic + description: DatabaseAccount - optional MariaDBAccount used for ironic + DB, defaults to ironic. + type: string + databaseHostname: + description: DatabaseHostname - Ironic Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + keystoneEndpoints: + description: KeystoneEndpoints - Internally used Keystone API endpoints + properties: + internal: + description: Internal endpoint URL + type: string + public: + description: Public endpoint URL + type: string + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Ironic CR + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: IronicPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: IronicPassword + description: Service - Selector to get the ironic service password + from the Secret + type: string + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rpcTransport: + default: json-rpc + description: RPC transport type - Which RPC transport implementation + to use between conductor and API services. 'oslo' to use oslo.messaging + transport or 'json-rpc' to use JSON RPC transport. NOTE -> ironic + requires oslo.messaging transport when not in standalone mode. + enum: + - oslo + - json-rpc + type: string + secret: + description: Secret containing OpenStack password information for + AdminPassword + type: string + serviceUser: + default: ironic + description: ServiceUser - optional username used for this service + to register in ironic + type: string + standalone: + default: false + description: Whether to deploy a standalone Ironic. + type: boolean + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: Secret containing RabbitMq transport URL + type: string + required: + - databaseHostname + type: object + status: + description: IronicAPIStatus defines the observed state of IronicAPI + properties: + apiEndpoints: + additionalProperties: + additionalProperties: + type: string + type: object + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of ironic API instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ironic.openstack.org_ironicconductors.yaml b/bindata/crds/ironic.openstack.org_ironicconductors.yaml new file mode 100644 index 000000000..fe9e38f5a --- /dev/null +++ b/bindata/crds/ironic.openstack.org_ironicconductors.yaml @@ -0,0 +1,344 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ironicconductors.ironic.openstack.org +spec: + group: ironic.openstack.org + names: + kind: IronicConductor + listKind: IronicConductorList + plural: ironicconductors + singular: ironicconductor + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: IronicConductor is the Schema for the ironicconductors Conductor + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IronicConductorSpec defines the desired state of IronicConductor + properties: + conductorGroup: + description: ConductorGroup - Ironic Conductor conductor group. + type: string + containerImage: + description: ContainerImage - Ironic Conductor Container Image + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: ironic + description: DatabaseAccount - optional MariaDBAccount used for ironic + DB, defaults to ironic. + type: string + databaseHostname: + description: DatabaseHostname - Ironic Database Hostname + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + dhcpRanges: + description: DHCPRanges - List of DHCP ranges to use for provisioning + items: + description: DHCPRange to define address range for DHCP requestes + properties: + cidr: + description: Cidr - IP address prefix (CIDR) representing an + IP network. + type: string + end: + description: End - End of DHCP range + type: string + gateway: + description: Gateway - IP address for the router + type: string + mtu: + description: MTU - Maximum Transmission Unit + type: integer + name: + description: Name - Name of the DHCPRange (used for tagging + in dnsmasq) + type: string + podIndex: + description: PodIndex - Maps the DHCPRange to a specific statefulset + pod index + type: integer + start: + description: Start - Start of DHCP range + type: string + required: + - cidr + - end + - start + type: object + type: array + ironicPythonAgentImage: + description: IronicPythonAgentImage - Image containing the ironic-python-agent + kernel and ramdisk + type: string + keystoneEndpoints: + description: KeystoneEndpoints - Internally used Keystone API endpoints + properties: + internal: + description: Internal endpoint URL + type: string + public: + description: Public endpoint URL + type: string + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Ironic CR + type: object + passwordSelectors: + default: + service: IronicPassword + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: IronicPassword + description: Service - Selector to get the ironic service password + from the Secret + type: string + type: object + provisionNetwork: + description: ProvisionNetwork - Additional network to attach to expose + boot DHCP, TFTP, HTTP services. + type: string + pxeContainerImage: + description: PxeContainerImage - Ironic DHCP/TFTP/HTTP Container Image + type: string + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rpcTransport: + default: json-rpc + description: RPC transport type - Which RPC transport implementation + to use between conductor and API services. 'oslo' to use oslo.messaging + transport or 'json-rpc' to use JSON RPC transport. NOTE -> ironic + requires oslo.messaging transport when not in standalone mode. + enum: + - oslo + - json-rpc + type: string + secret: + description: Secret containing OpenStack password information for + AdminPassword + type: string + serviceUser: + default: ironic + description: ServiceUser - optional username used for this service + to register in ironic + type: string + standalone: + default: false + description: Whether to deploy a standalone Ironic. + type: boolean + storageClass: + default: "" + description: StorageClass + type: string + storageRequest: + description: StorageRequest + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - databaseHostname + - storageClass + - storageRequest + type: object + status: + description: IronicConductorStatus defines the observed state of IronicConductor + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of ironic Conductor instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ironic.openstack.org_ironicinspectors.yaml b/bindata/crds/ironic.openstack.org_ironicinspectors.yaml new file mode 100644 index 000000000..c94be25c4 --- /dev/null +++ b/bindata/crds/ironic.openstack.org_ironicinspectors.yaml @@ -0,0 +1,545 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ironicinspectors.ironic.openstack.org +spec: + group: ironic.openstack.org + names: + kind: IronicInspector + listKind: IronicInspectorList + plural: ironicinspectors + singular: ironicinspector + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: IronicInspector is the Schema for the IronicInspector + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IronicInspectorSpec defines the desired state of IronicInspector + properties: + containerImage: + description: ContainerImage - Ironic Inspector Container Image + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: ironic-inspector + description: DatabaseAccount - optional MariaDBAccount used for ironic + DB, defaults to ironic-inspector. this is separate from the account + used for ironic, as a MariaDBAccount can only refer to a single + MariaDBDatabase and it appears that ironic inspector uses its own + MariaDBDatabase. + type: string + databaseInstance: + description: MariaDB instance name. Right now required by the maridb-operator + to get the credentials from the instance to create the DB. Might + not be required in future. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + dhcpRanges: + description: DHCPRanges - List of DHCP ranges to use for provisioning + items: + description: DHCPRange to define address range for DHCP requestes + properties: + cidr: + description: Cidr - IP address prefix (CIDR) representing an + IP network. + type: string + end: + description: End - End of DHCP range + type: string + gateway: + description: Gateway - IP address for the router + type: string + mtu: + description: MTU - Maximum Transmission Unit + type: integer + name: + description: Name - Name of the DHCPRange (used for tagging + in dnsmasq) + type: string + podIndex: + description: PodIndex - Maps the DHCPRange to a specific statefulset + pod index + type: integer + start: + description: Start - Start of DHCP range + type: string + required: + - cidr + - end + - start + type: object + type: array + inspectionNetwork: + description: InspectionNetwork - Additional network to attach to expose + boot DHCP, TFTP, HTTP services. + type: string + ironicPythonAgentImage: + description: IronicPythonAgentImage - Image containing the ironic-python-agent + kernel and ramdisk + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Ironic CR + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: IronicInspectorPassword + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: IronicInspectorPassword + description: Service - Selector to get the ironic-inspector service + password from the Secret + type: string + type: object + preserveJobs: + default: true + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + pxeContainerImage: + description: PxeContainerImage - Ironic Inspector DHCP/TFTP/HTTP Container + Image + type: string + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Ironic Inspector + type: string + replicas: + default: 1 + description: Replicas - Ironic Inspector Replicas + format: int32 + maximum: 1 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rpcTransport: + default: json-rpc + description: RPC transport type - Which RPC transport implementation + to use between conductor and API services. 'oslo' to use oslo.messaging + transport or 'json-rpc' to use JSON RPC transport. NOTE -> ironic-inspector + requires oslo.messaging transport when not in standalone mode. + enum: + - oslo + - json-rpc + type: string + secret: + description: Secret containing OpenStack password information for + AdminPassword + type: string + serviceUser: + default: ironic-inspector + description: ServiceUser - optional username used for this service + to register in ironic-inspector + type: string + standalone: + default: false + description: Standalone - Whether to deploy a standalone Ironic Inspector. + type: boolean + storageClass: + description: StorageClass + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + type: object + status: + description: IronicInspectorStatus defines the observed state of IronicInspector + properties: + apiEndpoints: + additionalProperties: + additionalProperties: + type: string + type: object + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: IronicInspector Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of Ironic Inspector instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ironic.openstack.org_ironicneutronagents.yaml b/bindata/crds/ironic.openstack.org_ironicneutronagents.yaml new file mode 100644 index 000000000..b3135cda6 --- /dev/null +++ b/bindata/crds/ironic.openstack.org_ironicneutronagents.yaml @@ -0,0 +1,248 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ironicneutronagents.ironic.openstack.org +spec: + group: ironic.openstack.org + names: + kind: IronicNeutronAgent + listKind: IronicNeutronAgentList + plural: ironicneutronagents + singular: ironicneutronagent + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Networks + jsonPath: .status.networks + name: Networks + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: IronicNeutronAgent is the Schema for the ML2 baremetal - ironic-neutron-agent + agents + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IronicNeutronAgentSpec defines the desired state of ML2 baremetal + - ironic-neutron-agent agents + properties: + containerImage: + description: ContainerImage - ML2 baremtal - Ironic Neutron Agent + Image + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector settings + within the Ironic CR + type: object + passwordSelectors: + default: + service: IronicPassword + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: IronicPassword + description: Service - Selector to get the ironic service password + from the Secret + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Ironic + type: string + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + IronicPassword + type: string + serviceUser: + default: ironic + description: ServiceUser - optional username used for this service + to register in ironic + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + type: object + status: + description: IronicNeutronAgentStatus defines the observed state of ML2 + baremetal - ironic-neutron-agent + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of ironic Conductor instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ironic.openstack.org_ironics.yaml b/bindata/crds/ironic.openstack.org_ironics.yaml new file mode 100644 index 000000000..3468bec25 --- /dev/null +++ b/bindata/crds/ironic.openstack.org_ironics.yaml @@ -0,0 +1,1179 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ironics.ironic.openstack.org +spec: + group: ironic.openstack.org + names: + kind: Ironic + listKind: IronicList + plural: ironics + singular: ironic + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Ironic is the Schema for the ironics API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IronicSpec defines the desired state of Ironic + properties: + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: ironic + description: DatabaseAccount - optional MariaDBAccount used for ironic + DB, defaults to ironic. + type: string + databaseInstance: + description: MariaDB instance name. Right now required by the maridb-operator + to get the credentials from the instance to create the DB. Might + not be required in future. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + images: + description: Images - Container images for all ironic services + properties: + api: + description: API - Ironic API Container Image (will be set to + environmental default if empty) + type: string + conductor: + description: Conductor - Ironic Conductor Container Image (will + be set to environmental default if empty) + type: string + inspector: + description: Inspector - Ironic Inspector Container Image (will + be set to environmental default if empty) + type: string + ironicPythonAgent: + description: IronicPythonAgent - Image containing the ironic-python-agent + kernel and ramdisk + type: string + neutronAgent: + description: NeutronAgent - ML2 baremtal - Ironic Neutron Agent + Image (will be set to environmental default if empty) + type: string + pxe: + description: Pxe- Ironic DHCP/TFTP/HTTP Container Image URL (will + be set to environmental default if empty) + type: string + type: object + ironicAPI: + description: IronicAPI - Spec definition for the API service of this + Ironic deployment + properties: + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Ironic CR + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + type: object + ironicConductors: + description: IronicConductors - Spec definitions for the conductor + service of this Ironic deployment + items: + description: IronicConductorTemplate defines the input parameters + for Ironic Conductor service + properties: + conductorGroup: + description: ConductorGroup - Ironic Conductor conductor group. + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + dhcpRanges: + description: DHCPRanges - List of DHCP ranges to use for provisioning + items: + description: DHCPRange to define address range for DHCP requestes + properties: + cidr: + description: Cidr - IP address prefix (CIDR) representing + an IP network. + type: string + end: + description: End - End of DHCP range + type: string + gateway: + description: Gateway - IP address for the router + type: string + mtu: + description: MTU - Maximum Transmission Unit + type: integer + name: + description: Name - Name of the DHCPRange (used for tagging + in dnsmasq) + type: string + podIndex: + description: PodIndex - Maps the DHCPRange to a specific + statefulset pod index + type: integer + start: + description: Start - Start of DHCP range + type: string + required: + - cidr + - end + - start + type: object + type: array + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Ironic CR + type: object + provisionNetwork: + description: ProvisionNetwork - Additional network to attach + to expose boot DHCP, TFTP, HTTP services. + type: string + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this + service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + storageClass: + default: "" + description: StorageClass + type: string + storageRequest: + description: StorageRequest + type: string + required: + - storageClass + - storageRequest + type: object + type: array + ironicInspector: + description: IronicInspector - Spec definition for the inspector service + of this Ironic deployment + properties: + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + databaseAccount: + default: ironic-inspector + description: DatabaseAccount - optional MariaDBAccount used for + ironic DB, defaults to ironic-inspector. this is separate from + the account used for ironic, as a MariaDBAccount can only refer + to a single MariaDBDatabase and it appears that ironic inspector + uses its own MariaDBDatabase. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + dhcpRanges: + description: DHCPRanges - List of DHCP ranges to use for provisioning + items: + description: DHCPRange to define address range for DHCP requestes + properties: + cidr: + description: Cidr - IP address prefix (CIDR) representing + an IP network. + type: string + end: + description: End - End of DHCP range + type: string + gateway: + description: Gateway - IP address for the router + type: string + mtu: + description: MTU - Maximum Transmission Unit + type: integer + name: + description: Name - Name of the DHCPRange (used for tagging + in dnsmasq) + type: string + podIndex: + description: PodIndex - Maps the DHCPRange to a specific + statefulset pod index + type: integer + start: + description: Start - Start of DHCP range + type: string + required: + - cidr + - end + - start + type: object + type: array + inspectionNetwork: + description: InspectionNetwork - Additional network to attach + to expose boot DHCP, TFTP, HTTP services. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Ironic CR + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + passwordSelectors: + default: + service: IronicInspectorPassword + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: IronicInspectorPassword + description: Service - Selector to get the ironic-inspector + service password from the Secret + type: string + type: object + preserveJobs: + default: true + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + replicas: + default: 1 + description: Replicas - Ironic Inspector Replicas + format: int32 + maximum: 1 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceUser: + default: ironic-inspector + description: ServiceUser - optional username used for this service + to register in ironic-inspector + type: string + storageClass: + description: StorageClass + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + type: object + ironicNeutronAgent: + description: IronicNeutronAgent - Spec definition for the ML2 baremetal + ironic-neutron-agent service of this Ironic deployment + properties: + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. policy.json. But can also be used to + add additional files. Those get added to the service config + dir in /etc/ . TODO: -> implement' + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Ironic CR + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Ironic + type: string + replicas: + default: 1 + description: Replicas - + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting NodeSelector here acts as a default value + and can be overridden by service specific NodeSelector Settings. + type: object + passwordSelectors: + default: + service: IronicPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: IronicPassword + description: Service - Selector to get the ironic service password + from the Secret + type: string + type: object + preserveJobs: + default: true + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Ironic + type: string + rpcTransport: + description: RPC transport type - Which RPC transport implementation + to use between conductor and API services. 'oslo' to use oslo.messaging + transport or 'json-rpc' to use JSON RPC transport. NOTE -> ironic + and ironic-inspector require oslo.messaging transport when not in + standalone mode. + type: string + secret: + description: Secret containing OpenStack password information for + ironic IronicPassword + type: string + serviceUser: + default: ironic + description: ServiceUser - optional username used for this service + to register in ironic + type: string + standalone: + default: false + description: Whether to deploy a standalone Ironic. + type: boolean + storageClass: + default: "" + description: Storage class to host data. This is passed to IronicConductors + unless storageClass is explicitly set for the conductor. + type: string + required: + - databaseInstance + - ironicAPI + - ironicInspector + - ironicNeutronAgent + - secret + - storageClass + type: object + status: + description: IronicStatus defines the observed state of Ironic + properties: + apiEndpoints: + additionalProperties: + additionalProperties: + type: string + type: object + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Ironic Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + ironicAPIReadyCount: + description: ReadyCount of Ironic API instance + format: int32 + type: integer + ironicConductorReadyCount: + additionalProperties: + format: int32 + type: integer + description: ReadyCount of Ironic Conductor instance + type: object + ironicInspectorReadyCount: + description: ReadyCount of Ironic Inspector instance + format: int32 + type: integer + ironicNeutronAgentReadyCount: + description: ReadyCount of Ironic Neutron Agent instance + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/keystone.openstack.org_keystoneapis.yaml b/bindata/crds/keystone.openstack.org_keystoneapis.yaml new file mode 100644 index 000000000..5a92a8232 --- /dev/null +++ b/bindata/crds/keystone.openstack.org_keystoneapis.yaml @@ -0,0 +1,533 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: keystoneapis.keystone.openstack.org +spec: + group: keystone.openstack.org + names: + kind: KeystoneAPI + listKind: KeystoneAPIList + plural: keystoneapis + singular: keystoneapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: KeystoneAPI is the Schema for the keystoneapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + adminProject: + default: admin + description: AdminProject - admin project name + type: string + adminUser: + default: admin + description: AdminUser - admin user name + type: string + containerImage: + description: Keystone Container Image URL (will be set to environmental + default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: keystone + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. policy.json. But can also be used to add additional + files. Those get added to the service config dir in /etc/ + . TODO: -> implement' + type: object + enableSecureRBAC: + default: true + description: EnableSecureRBAC - Enable Consistent and Secure RBAC + policies + type: boolean + fernetMaxActiveKeys: + default: 5 + description: FernetMaxActiveKeys - Maximum number of fernet token + keys after rotation + format: int32 + minimum: 3 + type: integer + fernetRotationDays: + default: 1 + description: FernetRotationDays - Rotate fernet token keys every X + days + format: int32 + minimum: 1 + type: integer + httpdCustomization: + description: HttpdCustomization - customize the httpd service + properties: + processNumber: + default: 3 + description: ProcessNumber - Number of processes running in keystone + API + format: int32 + minimum: 1 + type: integer + type: object + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + admin: AdminPassword + description: PasswordSelectors - Selectors to identify the AdminUser + password from the Secret + properties: + admin: + default: AdminPassword + description: Admin - Selector to get the keystone Admin password + from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Keystone + type: string + region: + default: regionOne + description: Region - optional region name for the keystone service + type: string + replicas: + default: 1 + description: Replicas of keystone API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + keystone AdminPassword + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + trustFlushArgs: + default: "" + description: TrustFlushArgs - Arguments added to keystone-manage trust_flush + command + type: string + trustFlushSchedule: + default: 1 * * * * + description: TrustFlushSchedule - Schedule to purge expired or soft-deleted + trusts from database + type: string + trustFlushSuspend: + default: false + description: TrustFlushSuspend - Suspend the cron job to purge trusts + type: boolean + required: + - containerImage + - databaseInstance + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + status: + description: KeystoneAPIStatus defines the observed state of KeystoneAPI + properties: + apiEndpoints: + additionalProperties: + type: string + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Keystone Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes. + format: int64 + type: integer + readyCount: + description: ReadyCount of keystone API instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/keystone.openstack.org_keystoneendpoints.yaml b/bindata/crds/keystone.openstack.org_keystoneendpoints.yaml new file mode 100644 index 000000000..8ac9296e2 --- /dev/null +++ b/bindata/crds/keystone.openstack.org_keystoneendpoints.yaml @@ -0,0 +1,123 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: keystoneendpoints.keystone.openstack.org +spec: + group: keystone.openstack.org + names: + kind: KeystoneEndpoint + listKind: KeystoneEndpointList + plural: keystoneendpoints + singular: keystoneendpoint + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: KeystoneEndpoint is the Schema for the keystoneendpoints API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeystoneEndpointSpec defines the desired state of KeystoneEndpoint + properties: + endpoints: + additionalProperties: + type: string + description: Endpoints - map with service api endpoint URLs with the + endpoint type as index + type: object + serviceName: + description: ServiceName - Name of the service to create the endpoint + for + type: string + required: + - endpoints + - serviceName + type: object + status: + description: KeystoneEndpointStatus defines the observed state of KeystoneEndpoint + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + endpointIDs: + additionalProperties: + type: string + type: object + serviceID: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/keystone.openstack.org_keystoneservices.yaml b/bindata/crds/keystone.openstack.org_keystoneservices.yaml new file mode 100644 index 000000000..87a6ef09b --- /dev/null +++ b/bindata/crds/keystone.openstack.org_keystoneservices.yaml @@ -0,0 +1,136 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: keystoneservices.keystone.openstack.org +spec: + group: keystone.openstack.org + names: + kind: KeystoneService + listKind: KeystoneServiceList + plural: keystoneservices + singular: keystoneservice + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: KeystoneService is the Schema for the keystoneservices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KeystoneServiceSpec defines the desired state of KeystoneService + properties: + enabled: + description: Enabled - whether or not the service is enabled. + type: boolean + passwordSelector: + description: PasswordSelector - Selector to get the ServiceUser password + from the Secret, e.g. PlacementPassword + type: string + secret: + description: Secret containing OpenStack password information for + the ServiceUser + type: string + serviceDescription: + description: ServiceDescription - Description for the service. + type: string + serviceName: + description: ServiceName - Name of the service. + type: string + serviceType: + description: ServiceType - Type is the type of the service. + type: string + serviceUser: + description: ServiceUser - optional username used for this service + type: string + required: + - enabled + - passwordSelector + - secret + - serviceName + - serviceType + - serviceUser + type: object + status: + description: KeystoneServiceStatus defines the observed state of KeystoneService + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + serviceID: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/manila.openstack.org_manilaapis.yaml b/bindata/crds/manila.openstack.org_manilaapis.yaml new file mode 100644 index 000000000..5c5f17585 --- /dev/null +++ b/bindata/crds/manila.openstack.org_manilaapis.yaml @@ -0,0 +1,725 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: manilaapis.manila.openstack.org +spec: + group: manila.openstack.org + names: + kind: ManilaAPI + listKind: ManilaAPIList + plural: manilaapis + singular: manilaapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: manila + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + passwordSelectors: + default: + service: ManilaPassword + properties: + service: + default: ManilaPassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: manila + type: string + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - serviceAccount + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/manila.openstack.org_manilas.yaml b/bindata/crds/manila.openstack.org_manilas.yaml new file mode 100644 index 000000000..04f98c303 --- /dev/null +++ b/bindata/crds/manila.openstack.org_manilas.yaml @@ -0,0 +1,886 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: manilas.manila.openstack.org +spec: + group: manila.openstack.org + names: + kind: Manila + listKind: ManilaList + plural: manilas + singular: manila + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + apiTimeout: + default: 60 + minimum: 10 + type: integer + customServiceConfig: + default: '# add your customization here' + type: string + databaseAccount: + default: manila + type: string + databaseInstance: + type: string + dbPurge: + properties: + age: + default: 30 + minimum: 1 + type: integer + schedule: + default: 1 0 * * * + type: string + type: object + debug: + properties: + dbPurge: + default: false + type: boolean + type: object + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + manilaAPI: + properties: + containerImage: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + override: + properties: + service: + additionalProperties: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + tls: + properties: + api: + properties: + internal: + properties: + secretName: + type: string + type: object + public: + properties: + secretName: + type: string + type: object + type: object + caBundleSecretName: + type: string + type: object + required: + - containerImage + type: object + manilaScheduler: + properties: + containerImage: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + required: + - containerImage + type: object + manilaShares: + additionalProperties: + properties: + containerImage: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + required: + - containerImage + type: object + type: object + memcachedInstance: + default: memcached + type: string + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: ManilaPassword + properties: + service: + default: ManilaPassword + type: string + type: object + preserveJobs: + default: false + type: boolean + rabbitMqClusterName: + default: rabbitmq + type: string + secret: + type: string + serviceUser: + default: manila + type: string + required: + - manilaAPI + - manilaScheduler + - memcachedInstance + - rabbitMqClusterName + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + type: string + hash: + additionalProperties: + type: string + type: object + manilaAPIReadyCount: + format: int32 + type: integer + manilaSchedulerReadyCount: + format: int32 + type: integer + manilaSharesReadyCounts: + additionalProperties: + format: int32 + type: integer + type: object + observedGeneration: + format: int64 + type: integer + transportURLSecret: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/manila.openstack.org_manilaschedulers.yaml b/bindata/crds/manila.openstack.org_manilaschedulers.yaml new file mode 100644 index 000000000..d40662621 --- /dev/null +++ b/bindata/crds/manila.openstack.org_manilaschedulers.yaml @@ -0,0 +1,661 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: manilaschedulers.manila.openstack.org +spec: + group: manila.openstack.org + names: + kind: ManilaScheduler + listKind: ManilaSchedulerList + plural: manilaschedulers + singular: manilascheduler + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: manila + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: ManilaPassword + properties: + service: + default: ManilaPassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: manila + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - serviceAccount + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/manila.openstack.org_manilashares.yaml b/bindata/crds/manila.openstack.org_manilashares.yaml new file mode 100644 index 000000000..72b589e0d --- /dev/null +++ b/bindata/crds/manila.openstack.org_manilashares.yaml @@ -0,0 +1,661 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: manilashares.manila.openstack.org +spec: + group: manila.openstack.org + names: + kind: ManilaShare + listKind: ManilaShareList + plural: manilashares + singular: manilashare + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + containerImage: + type: string + customServiceConfig: + default: '# add your customization here' + type: string + customServiceConfigSecrets: + items: + type: string + type: array + databaseAccount: + default: manila + type: string + databaseHostname: + type: string + extraMounts: + items: + properties: + extraVol: + items: + properties: + extraVolType: + type: string + mounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + items: + type: string + type: array + volumes: + items: + properties: + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + networkAttachments: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + passwordSelectors: + default: + service: ManilaPassword + properties: + service: + default: ManilaPassword + type: string + type: object + replicas: + default: 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secret: + type: string + serviceAccount: + type: string + serviceUser: + default: manila + type: string + tls: + properties: + caBundleSecretName: + type: string + type: object + transportURLSecret: + type: string + required: + - containerImage + - serviceAccount + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + type: object + observedGeneration: + format: int64 + type: integer + readyCount: + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/mariadb.openstack.org_galeras.yaml b/bindata/crds/mariadb.openstack.org_galeras.yaml new file mode 100644 index 000000000..81aaea9d9 --- /dev/null +++ b/bindata/crds/mariadb.openstack.org_galeras.yaml @@ -0,0 +1,224 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: galeras.mariadb.openstack.org +spec: + group: mariadb.openstack.org + names: + kind: Galera + listKind: GaleraList + plural: galeras + singular: galera + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Ready + jsonPath: .status.conditions[0].status + name: Ready + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Galera is the Schema for the galeras API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GaleraSpec defines the desired state of Galera + properties: + containerImage: + description: Name of the galera container image to run (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: Customize config using this parameter to change service + defaults, or overwrite rendered information using raw MariaDB config + format. The content gets added to /etc/my.cnf.d/galera_custom.cnf + type: string + disableNonTLSListeners: + description: When TLS is configured, only allow connections to the + DB over TLS + type: boolean + logToDisk: + description: Log Galera pod's output to disk + type: boolean + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + description: Size of the galera cluster deployment + format: int32 + maximum: 3 + minimum: 0 + type: integer + secret: + description: Name of the secret to look for password keys + type: string + storageClass: + description: Storage class to host the mariadb databases + type: string + storageRequest: + description: Storage size allocated for the mariadb databases + type: string + tls: + description: TLS settings for MySQL service and internal Galera replication + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - containerImage + - replicas + - secret + - storageClass + - storageRequest + type: object + status: + description: GaleraStatus defines the observed state of Galera + properties: + attributes: + additionalProperties: + description: GaleraAttributes holds startup information for a Galera + host + properties: + containerID: + description: Identifier of the container at the time the gcomm + URI was injected + type: string + gcomm: + description: Gcomm URI used to connect to the galera cluster + type: string + no_grastate: + description: This galera node has its state recovered from the + DB + type: boolean + safe_to_bootstrap: + description: This galera node can bootstrap a galera cluster + type: boolean + seqno: + description: Last recorded replication sequence number in the + DB + type: string + uuid: + description: UUID of the partition that is seen by the galera + node + type: string + required: + - seqno + type: object + description: A map of database node attributes for each pod + type: object + bootstrapped: + default: false + description: Is the galera cluster currently running + type: boolean + clusterProperties: + additionalProperties: + type: string + description: Map of properties that require full cluster restart if + changed + type: object + conditions: + description: Deployment Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track input changes + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + safeToBootstrap: + description: Name of the node that can safely bootstrap a cluster + type: string + stopRequired: + default: false + description: Does the galera cluster requires to be stopped globally + type: boolean + required: + - bootstrapped + - stopRequired + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/mariadb.openstack.org_mariadbaccounts.yaml b/bindata/crds/mariadb.openstack.org_mariadbaccounts.yaml new file mode 100644 index 000000000..ba542b703 --- /dev/null +++ b/bindata/crds/mariadb.openstack.org_mariadbaccounts.yaml @@ -0,0 +1,123 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: mariadbaccounts.mariadb.openstack.org +spec: + group: mariadb.openstack.org + names: + kind: MariaDBAccount + listKind: MariaDBAccountList + plural: mariadbaccounts + singular: mariadbaccount + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MariaDBAccount is the Schema for the mariadbaccounts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MariaDBAccountSpec defines the desired state of MariaDBAccount + properties: + requireTLS: + default: false + description: Account must use TLS to connect to the database + type: boolean + secret: + description: Name of secret which contains DatabasePassword + type: string + userName: + description: UserName for new account + type: string + required: + - requireTLS + - secret + - userName + type: object + status: + description: MariaDBAccountStatus defines the observed state of MariaDBAccount + properties: + conditions: + description: Deployment Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/mariadb.openstack.org_mariadbdatabases.yaml b/bindata/crds/mariadb.openstack.org_mariadbdatabases.yaml new file mode 100644 index 000000000..7003d2ce8 --- /dev/null +++ b/bindata/crds/mariadb.openstack.org_mariadbdatabases.yaml @@ -0,0 +1,128 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: mariadbdatabases.mariadb.openstack.org +spec: + group: mariadb.openstack.org + names: + kind: MariaDBDatabase + listKind: MariaDBDatabaseList + plural: mariadbdatabases + singular: mariadbdatabase + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MariaDBDatabase is the Schema for the mariadbdatabases API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MariaDBDatabaseSpec defines the desired state of MariaDBDatabase + properties: + defaultCharacterSet: + default: utf8 + description: Default character set for this database + type: string + defaultCollation: + default: utf8_general_ci + description: Default collation for this database + type: string + name: + description: Name of the database in MariaDB + type: string + secret: + description: Name of secret which contains DatabasePassword (deprecated) + type: string + type: object + status: + description: MariaDBDatabaseStatus defines the observed state of MariaDBDatabase + properties: + completed: + type: boolean + conditions: + description: Deployment Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + tlsSupport: + description: Whether TLS is supported by the DB instance + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/memcached.openstack.org_memcacheds.yaml b/bindata/crds/memcached.openstack.org_memcacheds.yaml new file mode 100644 index 000000000..295b4324c --- /dev/null +++ b/bindata/crds/memcached.openstack.org_memcacheds.yaml @@ -0,0 +1,167 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: memcacheds.memcached.openstack.org +spec: + group: memcached.openstack.org + names: + kind: Memcached + listKind: MemcachedList + plural: memcacheds + singular: memcached + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Ready + jsonPath: .status.conditions[0].status + name: Ready + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Memcached is the Schema for the memcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MemcachedSpec defines the desired state of Memcached + properties: + containerImage: + description: Name of the memcached container image to run (will be + set to environmental default if empty) + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + description: Size of the memcached cluster + format: int32 + maximum: 32 + minimum: 1 + type: integer + tls: + description: TLS settings for memcached service + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - containerImage + - replicas + type: object + status: + description: MemcachedStatus defines the observed state of Memcached + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track input changes + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of Memcached instances + format: int32 + type: integer + serverList: + description: ServerList - List of memcached endpoints without inet(6) + prefix + items: + type: string + type: array + serverListWithInet: + description: ServerListWithInet - List of memcached endpoints with + inet(6) prefix + items: + type: string + type: array + tlsSupport: + description: Whether TLS is supported by the memcached instance + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/network.openstack.org_dnsdata.yaml b/bindata/crds/network.openstack.org_dnsdata.yaml new file mode 100644 index 000000000..612cb0b87 --- /dev/null +++ b/bindata/crds/network.openstack.org_dnsdata.yaml @@ -0,0 +1,138 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: dnsdata.network.openstack.org +spec: + group: network.openstack.org + names: + kind: DNSData + listKind: DNSDataList + plural: dnsdata + singular: dnsdata + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Ready + jsonPath: .status.conditions[0].status + name: Ready + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DNSData is the Schema for the dnsdata API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DNSDataSpec defines the desired state of DNSData + properties: + dnsDataLabelSelectorValue: + default: dnsdata + description: Value of the DNSDataLabelSelector to set on the created + configmaps containing hosts information + type: string + hosts: + items: + description: DNSHost holds the mapping between IP and hostnames + that will be added to dnsmasq hosts file. + properties: + hostnames: + description: Hostnames for the IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + required: + - hostnames + - ip + type: object + type: array + type: object + status: + description: DNSDataStatus defines the observed state of DNSData + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + description: Map of the dns data configmap + type: string + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/network.openstack.org_dnsmasqs.yaml b/bindata/crds/network.openstack.org_dnsmasqs.yaml new file mode 100644 index 000000000..acba94ef5 --- /dev/null +++ b/bindata/crds/network.openstack.org_dnsmasqs.yaml @@ -0,0 +1,347 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: dnsmasqs.network.openstack.org +spec: + group: network.openstack.org + names: + kind: DNSMasq + listKind: DNSMasqList + plural: dnsmasqs + singular: dnsmasq + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Ready + jsonPath: .status.conditions[0].status + name: Ready + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: DNSMasq is the Schema for the dnsmasqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DNSMasqSpec defines the desired state of DNSMasq + properties: + containerImage: + description: DNSMasq Container Image URL + type: string + dnsDataLabelSelectorValue: + default: dnsdata + description: Value of the DNSDataLabelSelectorKey which was set on + the configmaps containing hosts information + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting NodeSelector here acts as a default value + and can be overridden by service specific NodeSelector Settings. + type: object + options: + description: Options allows to customize the dnsmasq instance + items: + description: DNSMasqOption defines allowed options for dnsmasq + properties: + key: + enum: + - server + - rev-server + - srv-host + - txt-record + - ptr-record + - rebind-domain-ok + - naptr-record + - cname + - host-record + - caa-record + - dns-rr + - auth-zone + - synth-domain + - no-negcache + - local + type: string + values: + items: + type: string + type: array + required: + - key + - values + type: object + type: array + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created to + serve traffic to the cluster. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference that + discovery mechanisms will return as an alias for this + service (e.g. a DNS CNAME record). No proxying will + be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` + to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of the + Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that assumes + that external load balancers will take care of balancing + the service traffic between nodes, and so each node + will deliver traffic only to the node-local endpoints + of the service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + Note that traffic sent to an External IP or LoadBalancer + IP from within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort from within + the cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods only + want to talk to endpoints of the service on the same + node as the pod, dropping the traffic if there are no + local endpoints. The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no + value provided, then this field will be set to SingleStack. + Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured + clusters or a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this field. + This field will be wiped when updating a service to + type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set when + the Service type is 'LoadBalancer'. If not set, the + default load balancer implementation is used, today + this is typically done through the cloud provider integration, + but should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated to + a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based session + affinity. Must be ClientIP or None. Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 + hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing to + endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints rather + than a virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to the same + endpoints as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer (if supported + in the current cloud) which routes to the same endpoints + as the clusterIP. "ExternalName" aliases this service + to the specified externalName. Several other fields + do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas - DNSMasq Replicas + format: int32 + type: integer + type: object + status: + description: DNSMasqStatus defines the observed state of DNSMasq + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dnsAddresses: + description: DNSServer Addresses + items: + type: string + type: array + dnsClusterAddresses: + description: DNSServer Cluster Addresses + items: + type: string + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of dnsmasq deployment + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/network.openstack.org_ipsets.yaml b/bindata/crds/network.openstack.org_ipsets.yaml new file mode 100644 index 000000000..7e37cb334 --- /dev/null +++ b/bindata/crds/network.openstack.org_ipsets.yaml @@ -0,0 +1,211 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ipsets.network.openstack.org +spec: + group: network.openstack.org + names: + kind: IPSet + listKind: IPSetList + plural: ipsets + singular: ipset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Ready + jsonPath: .status.conditions[0].status + name: Ready + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + - description: Reservation + jsonPath: .status.reservation + name: Reservation + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: IPSet is the Schema for the ipsets API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPSetSpec defines the desired state of IPSet + properties: + immutable: + default: false + description: Immutable, if `true` the validation webhook will block + any update to the Spec, except of Spec.Immutable. This allows the + caller to add safety mechanism to the object. If a change is required + to the object, an extra update needs to be done to make updates + possible. + type: boolean + networks: + description: Networks used to request IPs for + items: + description: IPSetNetwork Type + properties: + defaultRoute: + description: Use gateway from subnet as default route. There + can only be one default route defined per IPSet. + type: boolean + fixedIP: + description: Fixed Ip + type: string + name: + description: Network Name + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + subnetName: + description: Subnet Name + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + required: + - name + - subnetName + type: object + type: array + required: + - networks + type: object + status: + description: IPSetStatus defines the observed state of IPSet + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + reservations: + description: Reservation + items: + description: IPSetReservation defines reservation status per requested + network + properties: + address: + description: Address contains the IP address + type: string + cidr: + description: Cidr the cidr to use for this network + type: string + dnsDomain: + description: DNSDomain of the subnet + type: string + gateway: + description: Gateway optional gateway for the network + type: string + mtu: + description: MTU of the network + type: integer + network: + description: Network name + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + routes: + description: Routes, list of networks that should be routed + via network gateway. + items: + description: Route definition + properties: + destination: + description: Destination, network CIDR + type: string + nexthop: + description: Nexthop, gateway for the destination + type: string + required: + - destination + - nexthop + type: object + type: array + serviceNetwork: + description: ServiceNetwork mapping + pattern: ^[a-z0-9][a-z0-9\-_]*[a-z0-9]$ + type: string + subnet: + description: Subnet name + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + vlan: + description: Vlan ID + type: integer + required: + - address + - dnsDomain + - network + - subnet + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/network.openstack.org_netconfigs.yaml b/bindata/crds/network.openstack.org_netconfigs.yaml new file mode 100644 index 000000000..f52084ecc --- /dev/null +++ b/bindata/crds/network.openstack.org_netconfigs.yaml @@ -0,0 +1,154 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: netconfigs.network.openstack.org +spec: + group: network.openstack.org + names: + kind: NetConfig + listKind: NetConfigList + plural: netconfigs + shortNames: + - netcfg + - netscfg + singular: netconfig + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: NetConfig is the Schema for the netconfigs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetConfigSpec defines the desired state of NetConfig + properties: + networks: + description: Networks, list of all networks of the deployment + items: + description: Network definition + properties: + dnsDomain: + description: DNSDomain name of the Network + type: string + mtu: + default: 1500 + description: MTU of the network + type: integer + name: + description: Name of the network, e.g. External, InternalApi, + ... + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + serviceNetwork: + description: Service network mapping + pattern: ^[a-z0-9][a-z0-9\-_]*[a-z0-9]$ + type: string + subnets: + description: Subnets of the network + items: + description: Subnet definition + properties: + allocationRanges: + description: AllocationRanges a list of AllocationRange + for assignment. Allocation will start from first range, + first address. + items: + description: AllocationRange definition + properties: + end: + description: End IP for the AllocationRange + type: string + start: + description: Start IP for the AllocationRange + type: string + required: + - end + - start + type: object + type: array + cidr: + description: Cidr the cidr to use for this network + type: string + dnsDomain: + description: DNSDomain name of the subnet, allows to overwrite + the DNSDomain of the Network + type: string + excludeAddresses: + description: ExcludeAddresses a set of IPs that should + be excluded from used as reservation, for both dynamic + and static via IPSet FixedIP parameter + items: + type: string + type: array + gateway: + description: Gateway optional gateway for the network + type: string + name: + description: Name of the subnet + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + routes: + description: Routes, list of networks that should be routed + via network gateway. + items: + description: Route definition + properties: + destination: + description: Destination, network CIDR + type: string + nexthop: + description: Nexthop, gateway for the destination + type: string + required: + - destination + - nexthop + type: object + type: array + vlan: + description: Vlan ID + maximum: 4094 + type: integer + required: + - allocationRanges + - cidr + - name + type: object + type: array + required: + - dnsDomain + - name + - subnets + type: object + type: array + required: + - networks + type: object + status: + description: NetConfigStatus defines the observed state of NetConfig + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/network.openstack.org_reservations.yaml b/bindata/crds/network.openstack.org_reservations.yaml new file mode 100644 index 000000000..5639fd35c --- /dev/null +++ b/bindata/crds/network.openstack.org_reservations.yaml @@ -0,0 +1,119 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: reservations.network.openstack.org +spec: + group: network.openstack.org + names: + kind: Reservation + listKind: ReservationList + plural: reservations + singular: reservation + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Reservation + jsonPath: .spec.reservation + name: Reservation + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Reservation is the Schema for the reservations API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReservationSpec defines the desired state of Reservation + properties: + ipSetRef: + description: IPSetRef points to the IPSet object the IPs were created + for. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + reservation: + additionalProperties: + description: IPAddress - + properties: + address: + description: Address contains the IP address + type: string + network: + description: Network name + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + subnet: + description: Subnet name + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + required: + - address + - network + - subnet + type: object + description: Reservation, map (index network name) with reservation + type: object + required: + - ipSetRef + - reservation + type: object + status: + description: ReservationStatus defines the observed state of Reservation + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/neutron.openstack.org_neutronapis.yaml b/bindata/crds/neutron.openstack.org_neutronapis.yaml new file mode 100644 index 000000000..e6381df89 --- /dev/null +++ b/bindata/crds/neutron.openstack.org_neutronapis.yaml @@ -0,0 +1,1676 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: neutronapis.neutron.openstack.org +spec: + group: neutron.openstack.org + names: + kind: NeutronAPI + listKind: NeutronAPIList + plural: neutronapis + singular: neutronapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NeutronAPI is the Schema for the neutronapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NeutronAPISpec defines the desired state of NeutronAPI + properties: + apiTimeout: + default: 120 + description: APITimeout for HAProxy, Apache + minimum: 1 + type: integer + containerImage: + description: NeutronAPI Container Image URL (will be set to environmental + default if empty) + type: string + corePlugin: + default: ml2 + description: CorePlugin - Neutron core plugin to use. Using "ml2" + if not set. + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: neutron + description: DatabaseAccount - optional MariaDBAccount CR name used + for neutron DB, defaults to neutron + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like policy.yaml + type: object + extraMounts: + description: ExtraMounts containing conf files + items: + description: NeutronExtraVolMounts exposes additional parameters + processed by the neutron-operator and defines the common VolMounts + structure provided by the main storage module + properties: + extraVol: + items: + description: VolMounts is the data structure used to expose + Volumes and Mounts that can be added to a pod according + to the defined Propagation policy + properties: + extraVolType: + description: Label associated to a given extraMount + type: string + mounts: + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the + container's environment. Defaults to "" (volume's + root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + propagation: + description: Propagation defines which pod should mount + the volume + items: + description: PropagationType identifies the Service, + Group or instance (e.g. the backend) that receives + an Extra Volume that can potentially be mounted + type: string + type: array + volumes: + items: + description: Volume our slimmed down version of Volume + properties: + cephfs: + description: cephFS represents a Ceph FS mount on + the host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors + is a collection of Ceph monitors More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the + mounted root, rather than the full Ceph tree, + default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default + is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef + is reference to the authentication secret + for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the + rados user name, default is admin More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + configMap: + description: configMap represents a configMap that + should populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode + bits used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, the + volume setup will error unless it is marked + optional. Paths must be relative and may not + contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May not + be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your + admin for the correct name as registered in + the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is + passed to the associated CSI driver which + will determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive + information to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may be + empty if no secret is required. If the secret + object contains more than one secret, all + secret references are passed. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only + configuration for the volume. Defaults to + false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API + about the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on + created files by default. Must be a Optional: + mode bits used to set permissions on created + files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API + volume file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. If not specified, the + volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. + Must not be absolute or contain the + ''..'' path. Must be utf-8 encoded. + The first item of the relative path + must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) are + currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of + storage medium should back this directory. + The default is "" which means to use the node''s + default medium. Must be an empty string (default) + or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount + of local storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value + between the SizeLimit specified here and the + sum of memory limits of all containers in + a pod. The default is nil which means that + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and + then exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors + in the filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun + number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world + wide identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not + both simultaneously.' + items: + type: string + type: array + type: object + hostPath: + description: Represents a host path mapped into + a pod. Host path volumes do not support ownership + management or SELinux relabeling. + properties: + path: + description: 'path of the directory on the host. + If the path is a symlink, it will follow the + link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. Tip: + Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI + Initiator Name. If initiatorName is specified + with iscsiInterface simultaneously, new iSCSI + interface : will + be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun + number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal + List. The portal is either an IP or ip_addr:port + if the port is other than default (typically + TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for + iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default (typically + TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: Name of the volume + type: string + nfs: + description: 'nfs represents an NFS mount on the + host that shares a pod''s lifetime More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS + server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS + export to be mounted with read-only permissions. + Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this + volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. Directories + within the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field of ClusterTrustBundle objects + in an auto-updating file. \n Alpha, + gated by the ClusterTrustBundleProjection + feature gate. \n ClusterTrustBundle + objects can either be selected by name, + or by the combination of signer name + and a label selector. \n Kubelet performs + aggressive normalization of the PEM + contents written into the pod filesystem. + \ Esoteric PEM features such as inter-block + comments and block headers are stripped. + \ Certificates are deduplicated. The + ordering of certificates within the + file is arbitrary, and Kubelet may change + the order over time." + properties: + labelSelector: + description: Select all ClusterTrustBundles + that match this label selector. Only + has effect if signerName is set. Mutually-exclusive + with name. If unset, interpreted + as "match nothing". If set but + empty, interpreted as "match everything". + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In + or NotIn, the values array + must be non-empty. If + the operator is Exists + or DoesNotExist, the values + array must be empty. This + array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a + map of {key,value} pairs. A + single {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator + is "In", and the values array + contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: Select a single ClusterTrustBundle + by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: If true, don't block + pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, + then the named ClusterTrustBundle + is allowed not to exist. If using + signerName, then the combination + of signerName and labelSelector + is allowed to match zero ClusterTrustBundles. + type: boolean + path: + description: Relative path from the + volume root to write the bundle. + type: string + signerName: + description: Select all ClusterTrustBundles + that match this signer name. Mutually-exclusive + with name. The contents of all + selected ClusterTrustBundles will + be unified and deduplicated. + type: string + required: + - path + type: object + configMap: + description: configMap information about + the configMap data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the key + and content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the + key to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode + bits used to set permissions + on this file, must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the + output format of the exposed + resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced Secret will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the + key to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify + whether the Secret or its key must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to + project + properties: + audience: + description: audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified in + the audience of the token, and otherwise + should reject the token. The audience + defaults to the identifier of the + apiserver. + type: string + expirationSeconds: + description: expirationSeconds is + the requested duration of validity + of the service account token. As + the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. + The kubelet will start trying to + rotate the token if the token is + older than 80 percent of its time + to live or if the token is older + than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative + to the mount point of the file to + project the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of + the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of + the ScaleIO Protection Domain for the configured + storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume + already created in the ScaleIO system that + is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode + bits used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May not + be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the + secret in the pod''s namespace to use. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret + to use for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable + name of the StorageOS volume. Volume names + are only unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will + be used. This allows the Kubernetes name + scoping to be mirrored within StorageOS for + tighter integration. Set VolumeName to any + name to override the default behaviour. Set + to "default" if you are not using namespaces + within StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + required: + - name + type: object + type: array + required: + - mounts + - volumes + type: object + type: array + name: + type: string + region: + type: string + required: + - extraVol + type: object + type: array + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + ml2MechanismDrivers: + default: + - ovn + description: Ml2MechanismDrivers - list of ml2 drivers to enable. + Using {"ovn"} if not set. + items: + type: string + type: array + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: NeutronPassword + description: PasswordSelectors - Selectors to identify the ServiceUser + password from the Secret + properties: + service: + default: NeutronPassword + description: Database - Selector to get the neutron service password + from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Neutron + type: string + replicas: + default: 1 + description: Replicas of neutron API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + NeutronPassword + type: string + serviceUser: + default: neutron + description: ServiceUser - optional username used for this service + to register in neutron + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + ovn: + description: Ovn GenericService - holds the secret for the OvnDb + client cert + properties: + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + required: + - containerImage + - databaseInstance + - memcachedInstance + - rabbitMqClusterName + - secret + type: object + status: + description: NeutronAPIStatus defines the observed state of NeutronAPI + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Neutron Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of neutron API instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_nova.yaml b/bindata/crds/nova.openstack.org_nova.yaml new file mode 100644 index 000000000..f6d384c8b --- /dev/null +++ b/bindata/crds/nova.openstack.org_nova.yaml @@ -0,0 +1,1786 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: nova.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: Nova + listKind: NovaList + plural: nova + singular: nova + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: Nova is the Schema for the nova API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaSpec defines the desired state of Nova + properties: + apiContainerImageURL: + description: APIContainerImageURL + type: string + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string + apiDatabaseInstance: + default: openstack + description: APIDatabaseInstance is the name of the MariaDB CR to + select the DB Service instance used for the Nova API DB. + type: string + apiMessageBusInstance: + default: rabbitmq + description: APIMessageBusInstance is the name of the RabbitMqCluster + CR to select the Message Bus Service instance used by the Nova top + level services to communicate. + type: string + apiServiceTemplate: + default: + replicas: 1 + description: APIServiceTemplate - define the nova-api service + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like e.g. api-paste.ini or policy.yaml. + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Nova CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + type: object + cellTemplates: + additionalProperties: + description: NovaCellTemplate defines the input parameters specified + by the user to create a NovaCell via higher level CRDs. + properties: + cellDatabaseAccount: + description: CellDatabaseAccount - MariaDBAccount to use when + accessing the give cell DB + type: string + cellDatabaseInstance: + default: openstack + description: CellDatabaseInstance is the name of the MariaDB + CR to select the DB Service instance used as the DB of this + cell. + type: string + cellMessageBusInstance: + default: rabbitmq + description: CellMessageBusInstance is the name of the RabbitMqCluster + CR to select the Message Bus Service instance used by the + nova services to communicate in this cell. For cell0 it is + unused. + type: string + conductorServiceTemplate: + description: ConductorServiceTemplate - defines the cell conductor + deployment for the cell. + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service + config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack + config format. The content gets added to to /etc//.conf.d + directory as custom.conf file. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes + running this service. Setting here overrides any global + NodeSelector settings within the Nova CR. + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this + service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: object + dbPurge: + description: DBPurge defines the parameters for the DB archiving + and purging cron job + properties: + archiveAge: + default: 30 + description: ArchiveAge defines the minimum age of the records + in days that can be moved to the shadow tables. + minimum: 1 + type: integer + purgeAge: + default: 90 + description: PurgeAge defines the minimum age of the records + in days that can be deleted from the shadow tables + minimum: 1 + type: integer + schedule: + default: 0 0 * * * + description: Schedule defines when to run the DB maintenance + job in a cron format. By default it runs every midnight. + type: string + type: object + hasAPIAccess: + description: HasAPIAccess defines if this Cell is configured + to have access to the API DB and message bus. + type: boolean + memcachedInstance: + description: MemcachedInstance is the name of the Memcached + CR that the services in the cell will use. If defined then + this takes precedence over Nova.Spec.MemcachedInstance for + this cel + type: string + metadataServiceTemplate: + description: MetadataServiceTemplate - defines the metadata + service dedicated for the cell. Note that for cell0 metadata + service should not be deployed. Also if metadata service needs + to be deployed per cell here then it should not be enabled + to be deployed on the top level via the Nova CR at the same + time. By default Nova CR deploys the metadata service at the + top level and disables it on the cell level. + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service + config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack + config format. The content gets added to to /etc//.conf.d + directory as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite + default config files like e.g. api-paste.ini. + type: object + enabled: + description: Enabled - Whether NovaMetadata services should + be deployed and managed. If it is set to false then the + related NovaMetadata CR will be deleted if exists and + owned by a higher level nova CR (Nova or NovaCell). If + it exist but not owned by a higher level nova CR then + the NovaMetadata CR will not be touched. If it is set + to true the a NovaMetadata CR will be created. If there + is already a manually created NovaMetadata CR with the + relevant name then this operator will not try to update + that CR, instead the higher level nova CR will be in error + state until the manually create NovaMetadata CR is deleted + manually. + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes + running this service. Setting here overrides any global + NodeSelector settings within the Nova CR. + type: object + override: + description: Override, provides the ability to override + the generated manifest of several child resources. + properties: + service: + description: Override configuration for the Service + created to serve traffic to the cluster for internal + communication. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. More + info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of + the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an + alias for this service (e.g. a DNS CNAME record). + No proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external + load balancers will take care of balancing + the service traffic between nodes, and so + each node will deliver traffic only to the + node-local endpoints of the service, without + masquerading the client source IP. (Traffic + mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", + uses the standard behavior of routing to all + endpoints evenly (possibly modified by topology + and other features). Note that traffic sent + to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort + from within the cluster may need to take traffic + policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If + there is no value provided, then this field + will be set to SingleStack. Services can be + "SingleStack" (a single IP family), "PreferDualStack" + (two IP families on dual-stack configured + clusters or a single IP family on single-stack + clusters), or "RequireDualStack" (two IP families + on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field + will be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this Service + belongs to. If specified, the value of this + field must be a label-style identifier, with + an optional prefix, e.g. "internal-vip" or + "example.com/internal-vip". Unprefixed names + are reserved for end-users. This field can + only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through + the cloud provider integration, but should + apply for any default implementation. If set, + it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that + set this field. This field can only be set + when creating or updating a Service to type + 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is + updated to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic through + the cloud-provider load-balancer will be restricted + to the specified client IPs. This field will + be ignored if the cloud-provider does not + support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More info: + https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for + 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and + LoadBalancer. "ClusterIP" allocates a cluster-internal + IP address for load-balancing to endpoints. + Endpoints are determined by the selector or + if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of + endpoints rather than a virtual IP. "NodePort" + builds on ClusterIP and allocates a port on + every node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this + service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs + in a pre-created bundle file + type: string + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + noVNCProxyServiceTemplate: + description: NoVNCProxyServiceTemplate - defines the novncproxy + service dedicated for the cell. Note that for cell0 novncproxy + should not be deployed so the enabled field of this template + is defaulted to false in cell0 but defaulted to true in other + cells. + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service + config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack + config format. The content gets added to to /etc//.conf.d + directory as custom.conf file. + type: string + enabled: + description: Enabled - Whether NovaNoVNCProxy services should + be deployed and managed. If it is set to false then the + related NovaNoVNCProxy CR will be deleted if exists and + owned by the NovaCell. If it exist but not owned by the + NovaCell then the NovaNoVNCProxy will not be touched. + If it is set to true the a NovaNoVNCProxy CR will be created. + If there is already a manually created NovaNoVNCProxy + CR with the relevant name then the cell will not try to + update that CR, instead the NovaCell be in error state + until the manually create NovaNoVNCProxy CR is deleted + by the operator. + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes + running this service + type: object + override: + description: Override, provides the ability to override + the generated manifest of several child resources. + properties: + service: + description: Override configuration for the Service + created to serve traffic to the cluster. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. More + info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of + the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an + alias for this service (e.g. a DNS CNAME record). + No proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external + load balancers will take care of balancing + the service traffic between nodes, and so + each node will deliver traffic only to the + node-local endpoints of the service, without + masquerading the client source IP. (Traffic + mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", + uses the standard behavior of routing to all + endpoints evenly (possibly modified by topology + and other features). Note that traffic sent + to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort + from within the cluster may need to take traffic + policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If + there is no value provided, then this field + will be set to SingleStack. Services can be + "SingleStack" (a single IP family), "PreferDualStack" + (two IP families on dual-stack configured + clusters or a single IP family on single-stack + clusters), or "RequireDualStack" (two IP families + on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field + will be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this Service + belongs to. If specified, the value of this + field must be a label-style identifier, with + an optional prefix, e.g. "internal-vip" or + "example.com/internal-vip". Unprefixed names + are reserved for end-users. This field can + only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through + the cloud provider integration, but should + apply for any default implementation. If set, + it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that + set this field. This field can only be set + when creating or updating a Service to type + 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is + updated to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic through + the cloud-provider load-balancer will be restricted + to the specified client IPs. This field will + be ignored if the cloud-provider does not + support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More info: + https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for + 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and + LoadBalancer. "ClusterIP" allocates a cluster-internal + IP address for load-balancing to endpoints. + Endpoints are determined by the selector or + if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of + endpoints rather than a virtual IP. "NodePort" + builds on ClusterIP and allocates a port on + every node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this + service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs + in a pre-created bundle file + type: string + service: + description: Service - Cert secret used for the nova + novnc service endpoint + properties: + secretName: + description: SecretName - holding the cert, key + for the service + type: string + type: object + vencrypt: + description: Vencrypt - cert secret containing the x509 + certificate to be presented to the VNC server. The + CommonName field should match the primary hostname + of the controller node. If using a HA deployment, + the Organization field can also be configured to a + value that is common across all console proxy instances + in the deployment. https://docs.openstack.org/nova/latest/admin/remote-console-access.html#novnc-proxy-server-configuration + properties: + secretName: + description: SecretName - holding the cert, key + for the service + type: string + type: object + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + cell. + type: object + novaComputeTemplates: + additionalProperties: + description: NovaComputeTemplate defines the input parameters + specified by the user to create a NovaCompute via higher + level CRDs. + properties: + computeDriver: + description: ComputeDriver - defines which driver to use + for controlling virtualization + enum: + - ironic.IronicDriver + - fake.FakeDriver + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service + config using this parameter to change service defaults, + or overwrite rendered information using raw OpenStack + config format. The content gets added to to /etc//.conf.d + directory as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite + default config files like e.g. provider.yaml + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes + running this service. Setting here overrides any global + NodeSelector settings within the Nova CR. + type: object + replicas: + default: 1 + description: Replicas of the service to run. For ironic.IronicDriver + the max replica is 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by + this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used by + this container. \n This is an alpha field and requires + enabling the DynamicResourceAllocation feature gate. + \n This field is immutable. It can only be set for + containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the Pod + where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - computeDriver + type: object + description: 'NovaComputeTemplates - map of nova computes template + with selected drivers in format compute_name: compute_template. + Key from map is arbitrary name for the compute with a limit + of 20 characters.' + type: object + required: + - cellDatabaseAccount + - hasAPIAccess + type: object + default: + cell0: + cellDatabaseAccount: nova-cell0 + hasAPIAccess: true + cell1: + cellDatabaseAccount: nova-cell1 + cellDatabaseInstance: openstack-cell1 + cellMessageBusInstance: rabbitmq-cell1 + hasAPIAccess: true + description: Cells is a mapping of cell names to NovaCellTemplate + objects defining the cells in the deployment. The "cell0" cell is + a mandatory cell in every deployment. Moreover any real deployment + needs at least one additional normal cell as "cell0" cannot have + any computes. + type: object + computeContainerImageURL: + description: NovaComputeContainerImageURL + type: string + conductorContainerImageURL: + description: ConductorContainerImageURL + type: string + keystoneInstance: + default: keystone + description: KeystoneInstance to name of the KeystoneAPI CR to select + the Service instance used by the Nova services to authenticate. + type: string + memcachedInstance: + default: memcached + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + metadataContainerImageURL: + description: MetadataContainerImageURL + type: string + metadataServiceTemplate: + default: + enabled: true + description: MetadataServiceTemplate - defines the metadata service + that is global for the deployment serving all the cells. Note that + if you want to deploy metadata per cell then the metadata service + should be disabled here and enabled in the cellTemplates instead. + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like e.g. api-paste.ini. + type: object + enabled: + description: Enabled - Whether NovaMetadata services should be + deployed and managed. If it is set to false then the related + NovaMetadata CR will be deleted if exists and owned by a higher + level nova CR (Nova or NovaCell). If it exist but not owned + by a higher level nova CR then the NovaMetadata CR will not + be touched. If it is set to true the a NovaMetadata CR will + be created. If there is already a manually created NovaMetadata + CR with the relevant name then this operator will not try to + update that CR, instead the higher level nova CR will be in + error state until the manually create NovaMetadata CR is deleted + manually. + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Nova CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created + to serve traffic to the cluster for internal communication. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. + They are not queryable and should be preserved when + modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) and + requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, + and so each node will deliver traffic only to the + node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to + a node with no endpoints will be dropped.) The default + value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified + by topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within the + cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on + the same node as the pod, dropping the traffic if + there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by topology + and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a + single IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single IP + family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, + otherwise fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field will + be wiped when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must be + a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through the + cloud provider integration, but should apply for + any default implementation. If set, it is assumed + that a load balancer implementation is watching + for Services with a matching class. Any default + load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This + field can only be set when creating or updating + a Service to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped when a + service is updated to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes + to the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting NodeSelector here acts as a default value + and can be overridden by service specific NodeSelector Settings. + type: object + novncproxyContainerImageURL: + description: NoVNCContainerImageURL + type: string + passwordSelectors: + default: + service: NovaPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser passwords from the Secret + properties: + metadataSecret: + default: MetadataSecret + description: MetadataSecret - the name of the field to get the + metadata secret from the Secret + type: string + prefixMetadataCellsSecret: + default: MetadataCellsSecret + description: prefixMetadataCellsSecret - the prefix name of the + field to get the metadata secret from the Secret for cells. + Vale of metadata_proxy_shared_secret information for the nova-metadata + service. This secret is shared between nova and neutron ovn-metadata + inside selected cell and if this is not defined the global metadata_proxy_shared_secret + secret will be used + type: string + service: + default: NovaPassword + description: Service - Selector to get the keystone service user + password from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + schedulerContainerImageURL: + description: SchedulerContainerImageURL + type: string + schedulerServiceTemplate: + default: + replicas: 1 + description: SchedulerServiceTemplate- define the nova-scheduler service + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Nova CR. + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for nova like the keystone service password + and DB passwords + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + required: + - apiContainerImageURL + - computeContainerImageURL + - conductorContainerImageURL + - metadataContainerImageURL + - novncproxyContainerImageURL + - schedulerContainerImageURL + - secret + type: object + status: + description: NovaStatus defines the observed state of Nova + properties: + apiServiceReadyCount: + description: APIServiceReadyCount defines the number or replicas ready + from nova-api + format: int32 + type: integer + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + discoveredCells: + additionalProperties: + type: string + description: DiscoveredCells is a map keyed by cell names that have + discovered all kubernetes managed computes in cell value is a hash + of config from all kubernetes managed computes in cell + type: object + metadataServiceReadyCount: + description: MetadataReadyCount defines the number of replicas ready + from nova-metadata service + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes. + format: int64 + type: integer + registeredCells: + additionalProperties: + type: string + description: RegisteredCells is a map keyed by cell names that are + registered in the nova_api database with a value that is the hash + of the given cell configuration. + type: object + schedulerServiceReadyCount: + description: SchedulerServiceReadyCount defines the number or replicas + ready from nova-scheduler + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novaapis.yaml b/bindata/crds/nova.openstack.org_novaapis.yaml new file mode 100644 index 000000000..bb1153eac --- /dev/null +++ b/bindata/crds/nova.openstack.org_novaapis.yaml @@ -0,0 +1,486 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novaapis.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaAPI + listKind: NovaAPIList + plural: novaapis + singular: novaapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NovaAPI is the Schema for the novaapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaAPISpec defines the desired state of NovaAPI + properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string + apiDatabaseHostname: + description: APIDatabaseHostname - hostname to use when accessing + the API DB + type: string + cell0DatabaseAccount: + default: nova-cell0 + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the cell0 DB + type: string + cell0DatabaseHostname: + description: APIDatabaseHostname - hostname to use when accessing + the cell0 DB + type: string + containerImage: + description: The service specific Container Image URL (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like e.g. api-paste.ini or policy.yaml. + type: object + keystoneAuthURL: + description: KeystoneAuthURL configures the keystone API endpoint + to be used by the service for authentication and authorization + type: string + keystonePublicAuthURL: + description: KeystonePublicAuthURL configures the public keystone + API endpoint. This can be different from KeystoneAuthURL. The service + uses this value to redirect unauthenticated users. + type: string + memcachedInstance: + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + registeredCells: + additionalProperties: + type: string + description: RegisteredCells is a map keyed by cell names that are + registered in the nova_api database with a value that is the hash + of the given cell configuration. This is used to detect when a new + cell is added or an existing cell is reconfigured to trigger refresh + of the in memory cell caches of the service. + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for the nova-api service. This secret is expected + to be generated by the nova-operator based on the information passed + to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - apiDatabaseHostname + - cell0DatabaseHostname + - keystoneAuthURL + - keystonePublicAuthURL + - memcachedInstance + - registeredCells + - secret + - serviceAccount + type: object + status: + description: NovaAPIStatus defines the observed state of NovaAPI + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount defines the number of replicas ready from + nova-api + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novacells.yaml b/bindata/crds/nova.openstack.org_novacells.yaml new file mode 100644 index 000000000..83ba1a535 --- /dev/null +++ b/bindata/crds/nova.openstack.org_novacells.yaml @@ -0,0 +1,1024 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novacells.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaCell + listKind: NovaCellList + plural: novacells + singular: novacell + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: NovaCell is the Schema for the novacells API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaCellSpec defines the desired state of NovaCell + properties: + apiDatabaseAccount: + default: nova + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string + apiDatabaseHostname: + description: 'APIDatabaseHostname - hostname to use when accessing + the API DB. If not provided then up-calls will be disabled. This + filed is Required for cell0. TODO(gibi): Add a webhook to validate + cell0 constraint' + type: string + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB + type: string + cellDatabaseHostname: + description: CellDatabaseHostname - hostname to use when accessing + the cell DB + type: string + cellName: + description: CellName is the name of the Nova Cell. The value "cell0" + has a special meaning. The "cell0" Cell cannot have compute nodes + associated and the conductor in this cell acts as the super conductor + for all the cells in the deployment. + type: string + computeContainerImageURL: + description: NovaComputeContainerImageURL + type: string + conductorContainerImageURL: + description: ConductorContainerImageURL + type: string + conductorServiceTemplate: + description: ConductorServiceTemplate - defines the cell conductor + deployment for the cell + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Nova CR. + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: object + dbPurge: + description: DBPurge defines the parameters for the DB archiving and + purging cron job + properties: + archiveAge: + default: 30 + description: ArchiveAge defines the minimum age of the records + in days that can be moved to the shadow tables. + minimum: 1 + type: integer + purgeAge: + default: 90 + description: PurgeAge defines the minimum age of the records in + days that can be deleted from the shadow tables + minimum: 1 + type: integer + schedule: + default: 0 0 * * * + description: Schedule defines when to run the DB maintenance job + in a cron format. By default it runs every midnight. + type: string + type: object + keystoneAuthURL: + description: KeystoneAuthURL - the URL that the service in the cell + can use to talk to keystone + type: string + memcachedInstance: + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + metadataContainerImageURL: + description: MetadataContainerImageURL + type: string + metadataServiceTemplate: + description: MetadataServiceTemplate - defines the metadata service + dedicated for the cell. + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like e.g. api-paste.ini. + type: object + enabled: + description: Enabled - Whether NovaMetadata services should be + deployed and managed. If it is set to false then the related + NovaMetadata CR will be deleted if exists and owned by a higher + level nova CR (Nova or NovaCell). If it exist but not owned + by a higher level nova CR then the NovaMetadata CR will not + be touched. If it is set to true the a NovaMetadata CR will + be created. If there is already a manually created NovaMetadata + CR with the relevant name then this operator will not try to + update that CR, instead the higher level nova CR will be in + error state until the manually create NovaMetadata CR is deleted + manually. + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Nova CR. + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created + to serve traffic to the cluster for internal communication. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. + They are not queryable and should be preserved when + modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) and + requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, + and so each node will deliver traffic only to the + node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to + a node with no endpoints will be dropped.) The default + value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified + by topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within the + cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on + the same node as the pod, dropping the traffic if + there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by topology + and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a + single IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single IP + family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, + otherwise fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field will + be wiped when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must be + a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through the + cloud provider integration, but should apply for + any default implementation. If set, it is assumed + that a load balancer implementation is watching + for Services with a matching class. Any default + load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This + field can only be set when creating or updating + a Service to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped when a + service is updated to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes + to the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + noVNCProxyServiceTemplate: + description: NoVNCProxyServiceTemplate - defines the novncproxy service + dedicated for the cell. + properties: + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + enabled: + description: Enabled - Whether NovaNoVNCProxy services should + be deployed and managed. If it is set to false then the related + NovaNoVNCProxy CR will be deleted if exists and owned by the + NovaCell. If it exist but not owned by the NovaCell then the + NovaNoVNCProxy will not be touched. If it is set to true the + a NovaNoVNCProxy CR will be created. If there is already a manually + created NovaNoVNCProxy CR with the relevant name then the cell + will not try to update that CR, instead the NovaCell be in error + state until the manually create NovaNoVNCProxy CR is deleted + by the operator. + type: boolean + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created + to serve traffic to the cluster. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. + They are not queryable and should be preserved when + modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) and + requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, + and so each node will deliver traffic only to the + node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to + a node with no endpoints will be dropped.) The default + value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified + by topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within the + cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on + the same node as the pod, dropping the traffic if + there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by topology + and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a + single IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single IP + family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, + otherwise fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field will + be wiped when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must be + a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through the + cloud provider integration, but should apply for + any default implementation. If set, it is assumed + that a load balancer implementation is watching + for Services with a matching class. Any default + load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This + field can only be set when creating or updating + a Service to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped when a + service is updated to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes + to the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + service: + description: Service - Cert secret used for the nova novnc + service endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + vencrypt: + description: Vencrypt - cert secret containing the x509 certificate + to be presented to the VNC server. The CommonName field + should match the primary hostname of the controller node. + If using a HA deployment, the Organization field can also + be configured to a value that is common across all console + proxy instances in the deployment. https://docs.openstack.org/nova/latest/admin/remote-console-access.html#novnc-proxy-server-configuration + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this services. + type: object + novaComputeTemplates: + additionalProperties: + description: NovaComputeTemplate defines the input parameters specified + by the user to create a NovaCompute via higher level CRDs. + properties: + computeDriver: + description: ComputeDriver - defines which driver to use for + controlling virtualization + enum: + - ironic.IronicDriver + - fake.FakeDriver + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite + default config files like e.g. provider.yaml + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service. Setting here overrides any global NodeSelector + settings within the Nova CR. + type: object + replicas: + default: 1 + description: Replicas of the service to run. For ironic.IronicDriver + the max replica is 1 + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this + service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - computeDriver + type: object + description: 'NovaComputeTemplates - map of nova computes template + with selected drivers in format compute_name: compute_template. + Key from map is arbitrary name for the compute. because of that + there is a 20 character limit on the compute name.' + type: object + novncproxyContainerImageURL: + description: NoVNCContainerImageURL + type: string + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + secret: + description: Secret is the name of the Secret instance containing + password information for the nova cell. This secret is expected + to be generated by the nova-operator based on the information passed + to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - cellDatabaseHostname + - cellName + - computeContainerImageURL + - conductorContainerImageURL + - conductorServiceTemplate + - keystoneAuthURL + - memcachedInstance + - metadataContainerImageURL + - noVNCProxyServiceTemplate + - novncproxyContainerImageURL + - secret + - serviceAccount + type: object + status: + description: NovaCellStatus defines the observed state of NovaCell + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + conductorServiceReadyCount: + description: ConductorServiceReadyCount defines the number of replicas + ready from nova-conductor service in the cell + format: int32 + type: integer + hash: + additionalProperties: + type: string + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file Map of hashes to track e.g. job status' + type: object + metadataServiceReadyCount: + description: MetadataServiceReadyCount defines the number of replicas + ready from nova-metadata service in the cell + format: int32 + type: integer + noVNCProxyServiceReadyCount: + description: NoVNCPRoxyServiceReadyCount defines the number of replicas + ready from nova-novncproxy service in the cell + format: int32 + type: integer + novaComputesStatus: + additionalProperties: + description: NovaComputeCellStatus defines state of NovaCompute + in cell + properties: + deployed: + description: 'Deployed value: true means that the compute is + deployed but can still be undiscovered' + type: boolean + errors: + description: Errors value True means that during deployment, + errors appear, and the user needs to check the compute for + problems + type: boolean + required: + - deployed + - errors + type: object + description: 'NovaComputesStatus is a map with format cell_name: NovaComputeCellStatus + where NovaComputeCellStatus tell if compute with selected name deployed + successfully and indicates if the compute is successfully mapped + to the cell in the nova_api database. When a compute is removed + from the Spec the operator will delete the related NovaCompute CR + and then remove the compute from this Status field.' + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novacomputes.yaml b/bindata/crds/nova.openstack.org_novacomputes.yaml new file mode 100644 index 000000000..896487309 --- /dev/null +++ b/bindata/crds/nova.openstack.org_novacomputes.yaml @@ -0,0 +1,264 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novacomputes.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaCompute + listKind: NovaComputeList + plural: novacomputes + singular: novacompute + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NovaCompute is the Schema for the NovaCompute + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaComputeSpec defines the desired state of NovaCompute + properties: + cellName: + description: CellName is the name of the Nova Cell this NovaCompute + belongs to. + type: string + computeDriver: + description: ComputeDriver defines which driver to use for controlling + virtualization + enum: + - ironic.IronicDriver + - fake.FakeDriver + type: string + computeName: + description: ComputeName - compute name. + type: string + containerImage: + description: The service specific Container Image URL (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like e.g. provider.yaml + type: object + keystoneAuthURL: + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for the NovaCompute service. This secret is + expected to be generated by the nova-operator based on the information + passed to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - cellName + - computeDriver + - computeName + - keystoneAuthURL + - secret + - serviceAccount + type: object + status: + description: NovaComputeStatus defines the observed state of NovaCompute + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount defines the number of replicas ready from + NovaCompute + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novaconductors.yaml b/bindata/crds/nova.openstack.org_novaconductors.yaml new file mode 100644 index 000000000..eb310cce2 --- /dev/null +++ b/bindata/crds/nova.openstack.org_novaconductors.yaml @@ -0,0 +1,300 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novaconductors.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaConductor + listKind: NovaConductorList + plural: novaconductors + singular: novaconductor + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NovaConductor is the Schema for the novaconductors API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaConductorSpec defines the desired state of NovaConductor + properties: + apiDatabaseAccount: + default: nova + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string + apiDatabaseHostname: + description: 'APIDatabaseHostname - hostname to use when accessing + the API DB. If not provided then up-calls will be disabled. This + filed is Required for cell0. TODO(gibi): Add a webhook to validate + cell0 constraint' + type: string + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB + type: string + cellDatabaseHostname: + description: 'NOTE(gibi): This should be Required, see notes in KeystoneAuthURL + CellDatabaseHostname - hostname to use when accessing the cell DB' + type: string + cellName: + description: CellName is the name of the Nova Cell this conductor + belongs to. + type: string + containerImage: + description: The service specific Container Image URL (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + dbPurge: + description: DBPurge defines the parameters for the DB archiving and + purging cron job + properties: + archiveAge: + default: 30 + description: ArchiveAge defines the minimum age of the records + in days that can be moved to the shadow tables. + minimum: 1 + type: integer + purgeAge: + default: 90 + description: PurgeAge defines the minimum age of the records in + days that can be deleted from the shadow tables + minimum: 1 + type: integer + schedule: + default: 0 0 * * * + description: Schedule defines when to run the DB maintenance job + in a cron format. By default it runs every midnight. + type: string + type: object + keystoneAuthURL: + description: KeystoneAuthURL - the URL that the nova-conductor service + can use to talk to keystone + type: string + memcachedInstance: + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for the nova-conductor service. This secret + is expected to be generated by the nova-operator based on the information + passed to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - cellName + - keystoneAuthURL + - memcachedInstance + - secret + - serviceAccount + type: object + status: + description: NovaConductorStatus defines the observed state of NovaConductor + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount defines the number of replicas ready from + nova-conductor + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novametadata.yaml b/bindata/crds/nova.openstack.org_novametadata.yaml new file mode 100644 index 000000000..e37d6af29 --- /dev/null +++ b/bindata/crds/nova.openstack.org_novametadata.yaml @@ -0,0 +1,458 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novametadata.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaMetadata + listKind: NovaMetadataList + plural: novametadata + singular: novametadata + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NovaMetadata is the Schema for the novametadata API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaMetadataSpec defines the desired state of NovaMetadata + properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string + apiDatabaseHostname: + description: 'APIDatabaseHostname - hostname to use when accessing + the API DB. This filed is Required if the CellName is not provided + TODO(gibi): Add a webhook to validate the CellName constraint' + type: string + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB + type: string + cellDatabaseHostname: + description: 'CellDatabaseHostname - hostname to use when accessing + the cell DB This is unused if CellName is not provided. But if it + is provided then CellDatabaseHostName is also Required. TODO(gibi): + add webhook to validate this CellName constraint' + type: string + cellName: + description: CellName is the name of the Nova Cell this metadata service + belongs to. If not provided then the metadata serving every cells + in the deployment + type: string + containerImage: + description: The service specific Container Image URL (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like e.g. api-paste.ini. + type: object + keystoneAuthURL: + description: KeystoneAuthURL - the URL that the nova-metadata service + can use to talk to keystone TODO(ksambor) Add checking if dynamic + vendor data is configured + type: string + memcachedInstance: + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created to + serve traffic to the cluster for internal communication. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference that + discovery mechanisms will return as an alias for this + service (e.g. a DNS CNAME record). No proxying will + be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` + to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of the + Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that assumes + that external load balancers will take care of balancing + the service traffic between nodes, and so each node + will deliver traffic only to the node-local endpoints + of the service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + Note that traffic sent to an External IP or LoadBalancer + IP from within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort from within + the cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods only + want to talk to endpoints of the service on the same + node as the pod, dropping the traffic if there are no + local endpoints. The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no + value provided, then this field will be set to SingleStack. + Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured + clusters or a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this field. + This field will be wiped when updating a service to + type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set when + the Service type is 'LoadBalancer'. If not set, the + default load balancer implementation is used, today + this is typically done through the cloud provider integration, + but should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated to + a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based session + affinity. Must be ClientIP or None. Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 + hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing to + endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints rather + than a virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to the same + endpoints as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer (if supported + in the current cloud) which routes to the same endpoints + as the clusterIP. "ExternalName" aliases this service + to the specified externalName. Several other fields + do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + registeredCells: + additionalProperties: + type: string + description: RegisteredCells is a map keyed by cell names that are + registered in the nova_api database with a value that is the hash + of the given cell configuration. This is used to detect when a new + cell is added or an existing cell is reconfigured to trigger refresh + of the in memory cell caches of the service. This is empty for the + case when nova-metadata runs within the cell. + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for the nova-conductor service. This secret + is expected to be generated by the nova-operator based on the information + passed to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - keystoneAuthURL + - memcachedInstance + - secret + - serviceAccount + type: object + status: + description: NovaMetadataStatus defines the observed state of NovaMetadata + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount defines the number of replicas ready from + nova-metadata + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novanovncproxies.yaml b/bindata/crds/nova.openstack.org_novanovncproxies.yaml new file mode 100644 index 000000000..1397ece3c --- /dev/null +++ b/bindata/crds/nova.openstack.org_novanovncproxies.yaml @@ -0,0 +1,449 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novanovncproxies.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaNoVNCProxy + listKind: NovaNoVNCProxyList + plural: novanovncproxies + singular: novanovncproxy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NovaNoVNCProxy is the Schema for the novanovncproxies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaNoVNCProxySpec defines the desired state of NovaNoVNCProxy + properties: + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB + type: string + cellDatabaseHostname: + description: CellDatabaseHostname - hostname to use when accessing + the cell DB + type: string + cellName: + description: CellName is the name of the Nova Cell this novncproxy + belongs to. + type: string + containerImage: + description: The service specific Container Image URL (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + keystoneAuthURL: + description: KeystoneAuthURL - the URL that the nova-novncproxy service + can use to talk to keystone + type: string + memcachedInstance: + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created to + serve traffic to the cluster. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference that + discovery mechanisms will return as an alias for this + service (e.g. a DNS CNAME record). No proxying will + be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` + to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of the + Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that assumes + that external load balancers will take care of balancing + the service traffic between nodes, and so each node + will deliver traffic only to the node-local endpoints + of the service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + Note that traffic sent to an External IP or LoadBalancer + IP from within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort from within + the cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods only + want to talk to endpoints of the service on the same + node as the pod, dropping the traffic if there are no + local endpoints. The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no + value provided, then this field will be set to SingleStack. + Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured + clusters or a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this field. + This field will be wiped when updating a service to + type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set when + the Service type is 'LoadBalancer'. If not set, the + default load balancer implementation is used, today + this is typically done through the cloud provider integration, + but should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated to + a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based session + affinity. Must be ClientIP or None. Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 + hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing to + endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints rather + than a virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to the same + endpoints as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer (if supported + in the current cloud) which routes to the same endpoints + as the clusterIP. "ExternalName" aliases this service + to the specified externalName. Several other fields + do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for the nova-novncproxy service. This secret + is expected to be generated by the nova-operator based on the information + passed to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + service: + description: Service - Cert secret used for the nova novnc service + endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + vencrypt: + description: Vencrypt - cert secret containing the x509 certificate + to be presented to the VNC server. The CommonName field should + match the primary hostname of the controller node. If using + a HA deployment, the Organization field can also be configured + to a value that is common across all console proxy instances + in the deployment. https://docs.openstack.org/nova/latest/admin/remote-console-access.html#novnc-proxy-server-configuration + properties: + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + required: + - cellDatabaseHostname + - cellName + - keystoneAuthURL + - memcachedInstance + - secret + - serviceAccount + type: object + status: + description: NovaNoVNCProxyStatus defines the observed state of NovaNoVNCProxy + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount defines the number of replicas ready from + nova-novncproxy + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/nova.openstack.org_novaschedulers.yaml b/bindata/crds/nova.openstack.org_novaschedulers.yaml new file mode 100644 index 000000000..58cbca67e --- /dev/null +++ b/bindata/crds/nova.openstack.org_novaschedulers.yaml @@ -0,0 +1,280 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: novaschedulers.nova.openstack.org +spec: + group: nova.openstack.org + names: + kind: NovaScheduler + listKind: NovaSchedulerList + plural: novaschedulers + singular: novascheduler + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: NovaScheduler is the Schema for the novaschedulers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NovaSchedulerSpec defines the desired state of NovaScheduler + properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string + apiDatabaseHostname: + description: APIDatabaseHostname - hostname to use when accessing + the API DB + type: string + cell0DatabaseAccount: + default: nova-cell0 + description: Cell0DatabaseAccount - MariaDBAccount to use when accessing + the cell0 DB + type: string + cell0DatabaseHostname: + description: Cell0DatabaseHostname - hostname to use when accessing + the cell0 DB + type: string + containerImage: + description: The service specific Container Image URL (will be set + to environmental default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + keystoneAuthURL: + description: KeystoneAuthURL - the URL that the nova-scheduler service + can use to talk to keystone + type: string + memcachedInstance: + description: MemcachedInstance is the name of the Memcached CR that + all nova service will use. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + registeredCells: + additionalProperties: + type: string + description: RegisteredCells is a map keyed by cell names that are + registered in the nova_api database with a value that is the hash + of the given cell configuration. This is used to detect when a new + cell is added or an existing cell is reconfigured to trigger refresh + of the in memory cell caches of the service. + type: object + replicas: + default: 1 + description: Replicas of the service to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret is the name of the Secret instance containing + password information for the nova-scheduler service. This secret + is expected to be generated by the nova-operator based on the information + passed to the Nova CR. + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Nova services the default SA name + type: string + serviceUser: + default: nova + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - apiDatabaseHostname + - cell0DatabaseHostname + - keystoneAuthURL + - memcachedInstance + - registeredCells + - secret + - serviceAccount + type: object + status: + description: NovaSchedulerStatus defines the observed state of NovaScheduler + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file Map of hashes to track e.g. job status' + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount defines the number of replicas ready from + nova-scheduler + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/octavia.openstack.org_octaviaamphoracontrollers.yaml b/bindata/crds/octavia.openstack.org_octaviaamphoracontrollers.yaml new file mode 100644 index 000000000..50d031bd3 --- /dev/null +++ b/bindata/crds/octavia.openstack.org_octaviaamphoracontrollers.yaml @@ -0,0 +1,338 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: octaviaamphoracontrollers.octavia.openstack.org +spec: + group: octavia.openstack.org + names: + kind: OctaviaAmphoraController + listKind: OctaviaAmphoraControllerList + plural: octaviaamphoracontrollers + singular: octaviaamphoracontroller + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OctaviaAmphoraController is the Schema for the octaviaworkers + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OctaviaAmphoraControllerSpec defines common state for all + Octavia Amphora Controllers + properties: + amphoraCustomFlavors: + description: AmphoraCustomFlavors - User-defined flavors for Octavia + items: + description: OctaviaAmphoraFlavor Settings for custom Amphora flavors + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + containerImage: + description: ContainerImage - Amphora Controller Container Image URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect for the main octavia database + type: string + databaseHostname: + description: DatabaseHostname - Octavia DB hostname + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + octaviaProviderSubnetCIDR: + description: OctaviaProviderSubnetCIDR - + type: string + octaviaProviderSubnetExtraCIDRs: + description: OctaviaProviderSubnetExtraCIDRs - + items: + type: string + type: array + octaviaProviderSubnetGateway: + description: OctaviaProviderSubnetGateway - + type: string + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the AdminUser + password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change in + mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount which + will be used to connect for the persistence database + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + role: + description: Role - the role for the controller (one of worker, housekeeping, + healthmanager) + type: string + secret: + description: Secret containing OpenStack password information for + octavia OctaviaDatabasePassword, AdminPassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: 'ServiceUser - service user name (TODO: beagles, do we + need this at all)' + type: string + tenantName: + default: service + description: TenantName - the name of the OpenStack tenant that controls + the Octavia resources TODO(gthiemonge) same as ServiceAccount? + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + status: + description: OctaviaAmphoraControllerStatus defines the observed state + of the Octavia Amphora Controller + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + desiredNumberScheduled: + description: DesiredNumberScheduled - total number of the nodes which + should be running Daemon + format: int32 + type: integer + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachment status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of Octavia Amphora Controllers + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/octavia.openstack.org_octaviaapis.yaml b/bindata/crds/octavia.openstack.org_octaviaapis.yaml new file mode 100644 index 000000000..739b655ef --- /dev/null +++ b/bindata/crds/octavia.openstack.org_octaviaapis.yaml @@ -0,0 +1,496 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: octaviaapis.octavia.openstack.org +spec: + group: octavia.openstack.org + names: + kind: OctaviaAPI + listKind: OctaviaAPIList + plural: octaviaapis + singular: octaviaapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OctaviaAPI is the Schema for the octaviaapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OctaviaAPISpec defines the desired state of OctaviaAPI + properties: + apiTimeout: + description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore + APITimeout (seconds) + type: integer + containerImage: + description: Octavia Container Image URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect for the main octavia database + type: string + databaseHostname: + description: DatabaseHostname - Octavia DB hostname + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change in + mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount which + will be used to connect for the persistence database + type: string + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + replicas: + default: 1 + description: Replicas of octavia API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + octavia OctaviaDatabasePassword, AdminPassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: ServiceUser - service user name + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + ovn: + description: Ovn GenericService - holds the secret for the OvnDb + client cert + properties: + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - containerImage + - databaseInstance + - secret + - serviceAccount + type: object + status: + description: OctaviaAPIStatus defines the observed state of OctaviaAPI + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachment status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of octavia API instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/octavia.openstack.org_octaviarsyslogs.yaml b/bindata/crds/octavia.openstack.org_octaviarsyslogs.yaml new file mode 100644 index 000000000..123308110 --- /dev/null +++ b/bindata/crds/octavia.openstack.org_octaviarsyslogs.yaml @@ -0,0 +1,261 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: octaviarsyslogs.octavia.openstack.org +spec: + group: octavia.openstack.org + names: + kind: OctaviaRsyslog + listKind: OctaviaRsyslogList + plural: octaviarsyslogs + singular: octaviarsyslog + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OctaviaRsyslog is the Schema for the octaviaworkers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OctaviaRsyslogSpec defines common state for all Octavia Amphora + Controllers + properties: + adminLogTargets: + description: AdminLogTargets is a list of OctaviaRsyslogTarget, the + admin logs are forwarded to those targets. Use only when forwarding + to an external Rsyslog server. + items: + properties: + host: + type: string + port: + type: integer + protocol: + type: string + required: + - host + - port + - protocol + type: object + type: array + containerImage: + default: quay.io/podified-antelope-centos9/openstack-rsyslog:current-podified + description: ContainerImage - Amphora Controller Container Image URL + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + networkAttachments: + default: + - octavia + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: 'ServiceUser - service user name (TODO: beagles, do we + need this at all)' + type: string + tenantLogTargets: + description: TenantLogTargets is a list of OctaviaRsyslogTarget, the + tenant logs are forwarded to those targets. Use only when forwarding + to an external Rsyslog server. + items: + properties: + host: + type: string + port: + type: integer + protocol: + type: string + required: + - host + - port + - protocol + type: object + type: array + required: + - serviceAccount + type: object + status: + description: OctaviaRsyslogStatus defines the observed state of the Octavia + Amphora Controller + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + desiredNumberScheduled: + description: DesiredNumberScheduled - total number of the nodes which + should be running Daemon + format: int32 + type: integer + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachment status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of Octavia Amphora Controllers + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/octavia.openstack.org_octavias.yaml b/bindata/crds/octavia.openstack.org_octavias.yaml new file mode 100644 index 000000000..ee15bbe37 --- /dev/null +++ b/bindata/crds/octavia.openstack.org_octavias.yaml @@ -0,0 +1,1492 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: octavias.octavia.openstack.org +spec: + group: octavia.openstack.org + names: + kind: Octavia + listKind: OctaviaList + plural: octavias + singular: octavia + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Octavia is the Schema for the octavia API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OctaviaSpec defines the desired state of Octavia + properties: + amphoraCustomFlavors: + description: AmphoraCustomFlavors - User-defined flavors for Octavia + items: + description: OctaviaAmphoraFlavor Settings for custom Amphora flavors + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageContainerImage: + description: Octavia Container Image URL + type: string + apacheContainerImage: + description: Apache Container Image URL + type: string + apiTimeout: + default: 120 + description: Octavia API timeout + type: integer + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect for the main octavia database + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + lbMgmtNetwork: + default: + createDefaultLbMgmtNetwork: true + manageLbMgmtNetworks: true + description: OctaviaLbMgmtNetworks Settings for Octavia management + networks + properties: + availabilityZoneCIDRs: + additionalProperties: + type: string + description: 'AvailabilityZoneCIDRs are the CIDRs of each management + network associated with an Availability Zone (ex: {"az":"172.34.0.0/24", + ...})' + type: object + availabilityZones: + description: Availability zones for the octavia management network + resources + items: + type: string + type: array + createDefaultLbMgmtNetwork: + default: true + description: CreateDefaultLbMgmtNetwork - when True, octavia-operator + creates a Management Network for the default Availability Zone + of the control plane. Can be set to false when deploying OpenStack + in DCN mode. + type: boolean + lbMgmtRouterGateway: + description: LbMgmtRouterGateway is the IP address of the Octavia + router on the Provider network, it's optional and used only + when the routing informations are not passed through the Network + Attachment Definition + type: string + manageLbMgmtNetworks: + default: true + description: ManageLbMgmtNetworks - when True, octavia-operator + creates the Neutron resources needed for its Management Network + type: boolean + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + octaviaAPI: + description: OctaviaAPI - Spec definition for the API service of the + Octavia deployment + properties: + apiTimeout: + description: APITimeout for HAProxy and Apache defaults to OctaviaSpecCore + APITimeout (seconds) + type: integer + containerImage: + description: Octavia Container Image URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect for the main octavia database + type: string + databaseHostname: + description: DatabaseHostname - Octavia DB hostname + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the DB + and ServiceUser password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change + in mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount + which will be used to connect for the persistence database + type: string + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + replicas: + default: 1 + description: Replicas of octavia API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information + for octavia OctaviaDatabasePassword, AdminPassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: ServiceUser - service user name + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + ovn: + description: Ovn GenericService - holds the secret for the + OvnDb client cert + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - containerImage + - databaseInstance + - secret + - serviceAccount + type: object + octaviaHealthManager: + description: OctaviaHousekeeping - Spec definition for the Octavia + Housekeeping agent for the Octavia deployment + properties: + amphoraCustomFlavors: + description: AmphoraCustomFlavors - User-defined flavors for Octavia + items: + description: OctaviaAmphoraFlavor Settings for custom Amphora + flavors + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + containerImage: + description: ContainerImage - Amphora Controller Container Image + URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect for the main octavia database + type: string + databaseHostname: + description: DatabaseHostname - Octavia DB hostname + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + octaviaProviderSubnetCIDR: + description: OctaviaProviderSubnetCIDR - + type: string + octaviaProviderSubnetExtraCIDRs: + description: OctaviaProviderSubnetExtraCIDRs - + items: + type: string + type: array + octaviaProviderSubnetGateway: + description: OctaviaProviderSubnetGateway - + type: string + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the AdminUser + password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change + in mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount + which will be used to connect for the persistence database + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + role: + description: Role - the role for the controller (one of worker, + housekeeping, healthmanager) + type: string + secret: + description: Secret containing OpenStack password information + for octavia OctaviaDatabasePassword, AdminPassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: 'ServiceUser - service user name (TODO: beagles, + do we need this at all)' + type: string + tenantName: + default: service + description: TenantName - the name of the OpenStack tenant that + controls the Octavia resources TODO(gthiemonge) same as ServiceAccount? + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + octaviaHousekeeping: + description: OctaviaHousekeeping - Spec definition for the Octavia + Housekeeping agent for the Octavia deployment + properties: + amphoraCustomFlavors: + description: AmphoraCustomFlavors - User-defined flavors for Octavia + items: + description: OctaviaAmphoraFlavor Settings for custom Amphora + flavors + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + containerImage: + description: ContainerImage - Amphora Controller Container Image + URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect for the main octavia database + type: string + databaseHostname: + description: DatabaseHostname - Octavia DB hostname + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + octaviaProviderSubnetCIDR: + description: OctaviaProviderSubnetCIDR - + type: string + octaviaProviderSubnetExtraCIDRs: + description: OctaviaProviderSubnetExtraCIDRs - + items: + type: string + type: array + octaviaProviderSubnetGateway: + description: OctaviaProviderSubnetGateway - + type: string + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the AdminUser + password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change + in mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount + which will be used to connect for the persistence database + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + role: + description: Role - the role for the controller (one of worker, + housekeeping, healthmanager) + type: string + secret: + description: Secret containing OpenStack password information + for octavia OctaviaDatabasePassword, AdminPassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: 'ServiceUser - service user name (TODO: beagles, + do we need this at all)' + type: string + tenantName: + default: service + description: TenantName - the name of the OpenStack tenant that + controls the Octavia resources TODO(gthiemonge) same as ServiceAccount? + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + octaviaNetworkAttachment: + default: octavia + description: OctaviaNetworkAttachment is a NetworkAttachment resource + name for the Octavia Management Network + type: string + octaviaRsyslog: + description: OctaviaRsyslog - Spec definition for the Octavia Rsyslog + agent for the Octavia deployment + properties: + adminLogTargets: + description: AdminLogTargets is a list of OctaviaRsyslogTarget, + the admin logs are forwarded to those targets. Use only when + forwarding to an external Rsyslog server. + items: + properties: + host: + type: string + port: + type: integer + protocol: + type: string + required: + - host + - port + - protocol + type: object + type: array + containerImage: + default: quay.io/podified-antelope-centos9/openstack-rsyslog:current-podified + description: ContainerImage - Amphora Controller Container Image + URL + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + networkAttachments: + default: + - octavia + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: 'ServiceUser - service user name (TODO: beagles, + do we need this at all)' + type: string + tenantLogTargets: + description: TenantLogTargets is a list of OctaviaRsyslogTarget, + the tenant logs are forwarded to those targets. Use only when + forwarding to an external Rsyslog server. + items: + properties: + host: + type: string + port: + type: integer + protocol: + type: string + required: + - host + - port + - protocol + type: object + type: array + required: + - serviceAccount + type: object + octaviaWorker: + description: OctaviaHousekeeping - Spec definition for the Octavia + Housekeeping agent for the Octavia deployment + properties: + amphoraCustomFlavors: + description: AmphoraCustomFlavors - User-defined flavors for Octavia + items: + description: OctaviaAmphoraFlavor Settings for custom Amphora + flavors + properties: + RAM: + type: integer + RxTxFactor: + type: string + VCPUs: + type: integer + description: + type: string + disk: + type: integer + name: + type: string + required: + - RAM + - VCPUs + - disk + - name + type: object + type: array + amphoraImageOwnerID: + default: "" + type: string + containerImage: + description: ContainerImage - Amphora Controller Container Image + URL + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect for the main octavia database + type: string + databaseHostname: + description: DatabaseHostname - Octavia DB hostname + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + lbMgmtNetworkID: + default: "" + type: string + lbSecurityGroupID: + default: "" + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + octaviaProviderSubnetCIDR: + description: OctaviaProviderSubnetCIDR - + type: string + octaviaProviderSubnetExtraCIDRs: + description: OctaviaProviderSubnetExtraCIDRs - + items: + type: string + type: array + octaviaProviderSubnetGateway: + description: OctaviaProviderSubnetGateway - + type: string + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the AdminUser + password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change + in mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount + which will be used to connect for the persistence database + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + role: + description: Role - the role for the controller (one of worker, + housekeeping, healthmanager) + type: string + secret: + description: Secret containing OpenStack password information + for octavia OctaviaDatabasePassword, AdminPassword + type: string + serviceAccount: + description: ServiceAccount - service account name used internally + to provide Octavia services the default SA name + type: string + serviceUser: + default: octavia + description: 'ServiceUser - service user name (TODO: beagles, + do we need this at all)' + type: string + tenantName: + default: service + description: TenantName - the name of the OpenStack tenant that + controls the Octavia resources TODO(gthiemonge) same as ServiceAccount? + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + required: + - databaseInstance + - role + - secret + - serviceAccount + type: object + passwordSelectors: + default: + service: OctaviaPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + database: + default: OctaviaDatabasePassword + description: 'Database - Selector to get the octavia Database + user password from the Secret TODO: not used, need change in + mariadb-operator' + type: string + service: + default: OctaviaPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + persistenceDatabaseAccount: + default: octavia-persistence + description: PersistenceDatabaseAccount - name of MariaDBAccount which + will be used to connect for the persistence database + type: string + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Octavia + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + octavia's keystone password; no longer used for database password + type: string + serviceUser: + default: octavia + description: ServiceUser - service user name + type: string + sshPrivkeySecret: + default: octavia-ssh-privkey-secret + description: LoadBalancerSSHPrivKey - The name of the secret that + will be used to store the private key for connecting to amphorae + via SSH + type: string + sshPubkey: + default: octavia-ssh-pubkey + description: LoadBalancerSSHPubKey - The name of the ConfigMap containing + the pubilc key for connecting to the amphorae via SSH + type: string + tenantName: + default: service + description: TenantName - the name of the OpenStack tenant that controls + the Octavia resources + type: string + required: + - apacheContainerImage + - databaseInstance + - octaviaAPI + - octaviaNetworkAttachment + - rabbitMqClusterName + - secret + type: object + status: + description: OctaviaStatus defines the observed state of Octavia + properties: + apireadyCount: + description: ReadyCount of octavia API instances + format: int32 + type: integer + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Octavia Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + healthmanagerreadyCount: + description: ReadyCount of octavia HealthManager instances + format: int32 + type: integer + housekeepingreadyCount: + description: ReadyCount of octavia Housekeeping instances + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + rsyslogreadyCount: + description: ReadyCount of octavia Rsyslog instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + workerreadyCount: + description: ReadyCount of octavia Worker instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ovn.openstack.org_ovncontrollers.yaml b/bindata/crds/ovn.openstack.org_ovncontrollers.yaml new file mode 100644 index 000000000..ab375d367 --- /dev/null +++ b/bindata/crds/ovn.openstack.org_ovncontrollers.yaml @@ -0,0 +1,249 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ovncontrollers.ovn.openstack.org +spec: + group: ovn.openstack.org + names: + kind: OVNController + listKind: OVNControllerList + plural: ovncontrollers + singular: ovncontroller + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OVNController is the Schema for the ovncontrollers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OVNControllerSpec defines the desired state of OVNController + properties: + external-ids: + description: OVSExternalIDs is a set of configuration options for + OVS external-ids table + properties: + availability-zones: + items: + type: string + type: array + enable-chassis-as-gateway: + default: true + type: boolean + ovn-bridge: + default: br-int + type: string + ovn-encap-type: + default: geneve + enum: + - geneve + - vxlan + type: string + system-id: + default: random + type: string + type: object + networkAttachment: + description: NetworkAttachment is a NetworkAttachment resource name + to expose the service to the given network. If specified the IP + address of this network is used as the OVNEncapIP. + type: string + nicMappings: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + ovnContainerImage: + description: Image used for the ovn-controller container (will be + set to environmental default if empty) + type: string + ovsContainerImage: + description: Image used for the ovsdb-server and ovs-vswitchd containers + (will be set to environmental default if empty) + type: string + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - ovnContainerImage + - ovsContainerImage + type: object + status: + description: OVNControllerStatus defines the observed state of OVNController + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + desiredNumberScheduled: + description: DesiredNumberScheduled - total number of the nodes which + should be running Daemon + format: int32 + type: integer + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + numberReady: + description: NumberReady of the OVNController instances + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes. + format: int64 + type: integer + ovsNumberReady: + description: ovsNumberReady of ovs instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ovn.openstack.org_ovndbclusters.yaml b/bindata/crds/ovn.openstack.org_ovndbclusters.yaml new file mode 100644 index 000000000..beaa68a0f --- /dev/null +++ b/bindata/crds/ovn.openstack.org_ovndbclusters.yaml @@ -0,0 +1,419 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ovndbclusters.ovn.openstack.org +spec: + group: ovn.openstack.org + names: + kind: OVNDBCluster + listKind: OVNDBClusterList + plural: ovndbclusters + singular: ovndbcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OVNDBCluster is the Schema for the ovndbclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OVNDBClusterSpec defines the desired state of OVNDBCluster + properties: + containerImage: + description: ContainerImage - Container Image URL (will be set to + environmental default if empty) + type: string + dbType: + default: NB + description: DBType - NB or SB + pattern: ^NB|SB$ + type: string + electionTimer: + default: 10000 + description: OVN Northbound and Southbound RAFT db election timer + to use on db creation (in milliseconds) + format: int32 + type: integer + inactivityProbe: + default: 60000 + description: Probe interval for the OVSDB session (in milliseconds) + format: int32 + type: integer + logLevel: + default: info + description: LogLevel - Set log level info, dbg, emer etc + type: string + networkAttachment: + description: NetworkAttachment is a NetworkAttachment resource name + to expose the service to the given network. If specified the IP + address of this network is used as the dbAddress connection. + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + description: Override configuration for the Service created to + serve traffic to the cluster. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference that + discovery mechanisms will return as an alias for this + service (e.g. a DNS CNAME record). No proxying will + be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires `type` + to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of the + Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that assumes + that external load balancers will take care of balancing + the service traffic between nodes, and so each node + will deliver traffic only to the node-local endpoints + of the service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + Note that traffic sent to an External IP or LoadBalancer + IP from within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort from within + the cluster may need to take traffic policy into account + when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods only + want to talk to endpoints of the service on the same + node as the pod, dropping the traffic if there are no + local endpoints. The default value, "Cluster", uses + the standard behavior of routing to all endpoints evenly + (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no + value provided, then this field will be set to SingleStack. + Services can be "SingleStack" (a single IP family), + "PreferDualStack" (two IP families on dual-stack configured + clusters or a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this field. + This field will be wiped when updating a service to + type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set when + the Service type is 'LoadBalancer'. If not set, the + default load balancer implementation is used, today + this is typically done through the cloud provider integration, + but should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated to + a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based session + affinity. Must be ClientIP or None. Defaults to None. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 + hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing to + endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints rather + than a virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to the same + endpoints as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer (if supported + in the current cloud) which routes to the same endpoints + as the clusterIP. "ExternalName" aliases this service + to the specified externalName. Several other fields + do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + type: object + probeIntervalToActive: + default: 60000 + description: Active probe interval from standby to active ovsdb-server + remote + format: int32 + type: integer + replicas: + default: 1 + description: Replicas of OVN DBCluster to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + storageClass: + description: StorageClass + type: string + storageRequest: + description: StorageRequest + type: string + tls: + description: TLS - Parameters related to TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - containerImage + - dbType + - storageRequest + type: object + status: + description: OVNDBClusterStatus defines the observed state of OVNDBCluster + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dbAddress: + description: DBAddress - DB IP address used by external nodes + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + internalDbAddress: + description: InternalDBAddress - DB IP address used by other Pods + in the cluster + type: string + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes. + format: int64 + type: integer + readyCount: + description: ReadyCount of OVN DBCluster instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/ovn.openstack.org_ovnnorthds.yaml b/bindata/crds/ovn.openstack.org_ovnnorthds.yaml new file mode 100644 index 000000000..e49f8989d --- /dev/null +++ b/bindata/crds/ovn.openstack.org_ovnnorthds.yaml @@ -0,0 +1,203 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ovnnorthds.ovn.openstack.org +spec: + group: ovn.openstack.org + names: + kind: OVNNorthd + listKind: OVNNorthdList + plural: ovnnorthds + singular: ovnnorthd + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: OVNNorthd is the Schema for the ovnnorthds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OVNNorthdSpec defines the desired state of OVNNorthd + properties: + containerImage: + description: ContainerImage - Container Image URL (will be set to + environmental default if empty) + type: string + logLevel: + default: info + description: LogLevel - Set log level info, dbg, emer etc + type: string + nThreads: + default: 1 + description: NThreads sets number of threads used for building logical + flows + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + description: Replicas of OVN Northd to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tls: + description: TLS - Parameters related to TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - containerImage + type: object + status: + description: OVNNorthdStatus defines the observed state of OVNNorthd + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes. + format: int64 + type: integer + readyCount: + description: ReadyCount of OVN Northd instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/placement.openstack.org_placementapis.yaml b/bindata/crds/placement.openstack.org_placementapis.yaml new file mode 100644 index 000000000..b1d06dd7d --- /dev/null +++ b/bindata/crds/placement.openstack.org_placementapis.yaml @@ -0,0 +1,462 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: placementapis.placement.openstack.org +spec: + group: placement.openstack.org + names: + kind: PlacementAPI + listKind: PlacementAPIList + plural: placementapis + singular: placementapi + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .spec.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: PlacementAPI is the Schema for the placementapis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PlacementAPISpec defines the desired state of PlacementAPI + properties: + containerImage: + description: PlacementAPI Container Image URL (will be set to environmental + default if empty) + type: string + customServiceConfig: + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + databaseAccount: + default: placement + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. + type: string + databaseInstance: + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - interface to overwrite default + config files like policy.yaml. + type: object + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: PlacementPassword + description: PasswordSelectors - Selectors to identify the DB and + ServiceUser password from the Secret + properties: + service: + default: PlacementPassword + description: Service - Selector to get the service user password + from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + replicas: + default: 1 + description: Replicas of placement API to run + format: int32 + maximum: 32 + minimum: 0 + type: integer + resources: + description: Resources - Compute Resources required by this service + (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + secret: + description: Secret containing OpenStack password information for + placement PlacementPassword + type: string + serviceUser: + default: placement + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - containerImage + - databaseInstance + - secret + type: object + status: + description: PlacementAPIStatus defines the observed state of PlacementAPI + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: Placement Database Hostname + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes. + format: int64 + type: integer + readyCount: + description: ReadyCount of placement API instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/rabbitmq.com_rabbitmqclusters.yaml b/bindata/crds/rabbitmq.com_rabbitmqclusters.yaml new file mode 100644 index 000000000..dc33845c4 --- /dev/null +++ b/bindata/crds/rabbitmq.com_rabbitmqclusters.yaml @@ -0,0 +1,5065 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: rabbitmq-operator + app.kubernetes.io/name: rabbitmq-cluster-operator + app.kubernetes.io/part-of: rabbitmq + servicebinding.io/provisioned-service: "true" + name: rabbitmqclusters.rabbitmq.com +spec: + group: rabbitmq.com + names: + categories: + - all + - rabbitmq + kind: RabbitmqCluster + listKind: RabbitmqClusterList + plural: rabbitmqclusters + shortNames: + - rmq + singular: rabbitmqcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type == 'AllReplicasReady')].status + name: AllReplicasReady + type: string + - jsonPath: .status.conditions[?(@.type == 'ReconcileSuccess')].status + name: ReconcileSuccess + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + RabbitmqCluster is the Schema for the RabbitmqCluster API. Each instance of this object + corresponds to a single RabbitMQ cluster. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Spec is the desired state of the RabbitmqCluster Custom Resource. + properties: + affinity: + description: Affinity scheduling rules to be applied on created Pods. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: |- + An empty preferred scheduling term matches all objects with implicit weight 0 + (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: |- + A null or empty node selector term matches no objects. The requirements of + them are ANDed. + The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the anti-affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: |- + If the anti-affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the anti-affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + delayStartSeconds: + default: 30 + description: |- + DelayStartSeconds is the time the init container (`setup-container`) will sleep before terminating. + This effectively delays the time between starting the Pod and starting the `rabbitmq` container. + RabbitMQ relies on up-to-date DNS entries early during peer discovery. + The purpose of this artificial delay is to ensure that DNS entries are up-to-date when booting RabbitMQ. + For more information, see https://github.com/kubernetes/kubernetes/issues/92559 + If your Kubernetes DNS backend is configured with a low DNS cache value or publishes not ready addresses + promptly, you can decrase this value or set it to 0. + format: int32 + minimum: 0 + type: integer + image: + description: |- + Image is the name of the RabbitMQ docker image to use for RabbitMQ nodes in the RabbitmqCluster. + Must be provided together with ImagePullSecrets in order to use an image in a private registry. + type: string + imagePullSecrets: + description: List of Secret resource containing access credentials + to the registry for the RabbitMQ image. Required if the docker registry + is private. + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + type: array + override: + properties: + service: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + allocateLoadBalancerNodePorts: + type: boolean + clusterIP: + type: string + clusterIPs: + items: + type: string + type: array + x-kubernetes-list-type: atomic + externalIPs: + items: + type: string + type: array + externalName: + type: string + externalTrafficPolicy: + type: string + healthCheckNodePort: + format: int32 + type: integer + internalTrafficPolicy: + type: string + ipFamilies: + items: + type: string + type: array + x-kubernetes-list-type: atomic + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerIP: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + ports: + items: + properties: + appProtocol: + type: string + name: + type: string + nodePort: + format: int32 + type: integer + port: + format: int32 + type: integer + protocol: + default: TCP + type: string + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: array + x-kubernetes-list-map-keys: + - port + - protocol + x-kubernetes-list-type: map + publishNotReadyAddresses: + type: boolean + selector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + statefulSet: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + minReadySeconds: + format: int32 + type: integer + persistentVolumeClaimRetentionPolicy: + properties: + whenDeleted: + type: string + whenScaled: + type: string + type: object + podManagementPolicy: + type: string + replicas: + format: int32 + type: integer + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + serviceName: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + updateStrategy: + properties: + rollingUpdate: + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + partition: + format: int32 + type: integer + type: object + type: + type: string + type: object + volumeClaimTemplates: + items: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: array + type: object + type: object + type: object + persistence: + default: + storage: 10Gi + description: The desired persistent storage configuration for each + Pod in the cluster. + properties: + storage: + anyOf: + - type: integer + - type: string + default: 10Gi + description: |- + The requested size of the persistent volume attached to each Pod in the RabbitmqCluster. + The format of this field matches that defined by kubernetes/apimachinery. + See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity for more info on the format of this field. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + storageClassName: + description: The name of the StorageClass to claim a PersistentVolume + from. + type: string + type: object + rabbitmq: + description: Configuration options for RabbitMQ Pods created in the + cluster. + properties: + additionalConfig: + description: |- + Modify to add to the rabbitmq.conf file in addition to default configurations set by the operator. + Modifying this property on an existing RabbitmqCluster will trigger a StatefulSet rolling restart and will cause rabbitmq downtime. + For more information on this config, see https://www.rabbitmq.com/configure.html#config-file + maxLength: 2000 + type: string + additionalPlugins: + description: 'List of plugins to enable in addition to essential + plugins: rabbitmq_management, rabbitmq_prometheus, and rabbitmq_peer_discovery_k8s.' + items: + description: A Plugin to enable on the RabbitmqCluster. + maxLength: 100 + pattern: ^\w+$ + type: string + maxItems: 100 + type: array + advancedConfig: + description: |- + Specify any rabbitmq advanced.config configurations to apply to the cluster. + For more information on advanced config, see https://www.rabbitmq.com/configure.html#advanced-config-file + maxLength: 100000 + type: string + envConfig: + description: |- + Modify to add to the rabbitmq-env.conf file. Modifying this property on an existing RabbitmqCluster will trigger a StatefulSet rolling restart and will cause rabbitmq downtime. + For more information on env config, see https://www.rabbitmq.com/man/rabbitmq-env.conf.5.html + maxLength: 100000 + type: string + erlangInetConfig: + description: |- + Erlang Inet configuration to apply to the Erlang VM running rabbit. + See also: https://www.erlang.org/doc/apps/erts/inet_cfg.html + maxLength: 2000 + type: string + type: object + replicas: + default: 1 + description: |- + Replicas is the number of nodes in the RabbitMQ cluster. Each node is deployed as a Replica in a StatefulSet. Only 1, 3, 5 replicas clusters are tested. + This value should be an odd number to ensure the resultant cluster can establish exactly one quorum of nodes + in the event of a fragmenting network partition. + format: int32 + minimum: 0 + type: integer + resources: + default: + limits: + cpu: 2000m + memory: 2Gi + requests: + cpu: 1000m + memory: 2Gi + description: The desired compute resource requirements of Pods in + the cluster. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + secretBackend: + description: |- + Secret backend configuration for the RabbitmqCluster. + Enables to fetch default user credentials and certificates from K8s external secret stores. + properties: + externalSecret: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + vault: + description: |- + VaultSpec will add Vault annotations (see https://www.vaultproject.io/docs/platform/k8s/injector/annotations) + to RabbitMQ Pods. It requires a Vault Agent Sidecar Injector (https://www.vaultproject.io/docs/platform/k8s/injector) + to be installed in the K8s cluster. The injector is a K8s Mutation Webhook Controller that alters RabbitMQ Pod specifications + (based on the added Vault annotations) to include Vault Agent containers that render Vault secrets to the volume. + properties: + annotations: + additionalProperties: + type: string + description: |- + Vault annotations that override the Vault annotations set by the cluster-operator. + For a list of valid Vault annotations, see https://www.vaultproject.io/docs/platform/k8s/injector/annotations + type: object + defaultUserPath: + description: |- + Path in Vault to access a KV (Key-Value) secret with the fields username and password for the default user. + For example "secret/data/rabbitmq/config". + type: string + defaultUserUpdaterImage: + description: |- + Sidecar container that updates the default user's password in RabbitMQ when it changes in Vault. + Additionally, it updates /var/lib/rabbitmq/.rabbitmqadmin.conf (used by rabbitmqadmin CLI). + Set to empty string to disable the sidecar container. + type: string + role: + description: |- + Role in Vault. + If vault.defaultUserPath is set, this role must have capability to read the pre-created default user credential in Vault. + If vault.tls is set, this role must have capability to create and update certificates in the Vault PKI engine for the domains + "" and ".svc". + type: string + tls: + properties: + altNames: + description: |- + Specifies the requested Subject Alternative Names (SANs), in a comma-delimited list. + These will be appended to the SANs added by the cluster-operator. + The cluster-operator will add SANs: + "-server-.-nodes." for each pod, + e.g. "myrabbit-server-0.myrabbit-nodes.default". + type: string + commonName: + description: |- + Specifies the requested certificate Common Name (CN). + Defaults to ..svc if not provided. + type: string + ipSans: + description: Specifies the requested IP Subject Alternative + Names, in a comma-delimited list. + type: string + pkiIssuerPath: + description: |- + Path in Vault PKI engine. + For example "pki/issue/hashicorp-com". + required + type: string + pkiRootPath: + description: Specifies an optional path to retrieve the + root CA from vault. Useful if certificates are issued + by an intermediate CA + type: string + type: object + type: object + type: object + service: + default: + type: ClusterIP + description: The desired state of the Kubernetes Service to create + for the cluster. + properties: + annotations: + additionalProperties: + type: string + description: Annotations to add to the Service. + type: object + ipFamilyPolicy: + description: |- + IPFamilyPolicy represents the dual-stack-ness requested or required by a Service + See also: https://pkg.go.dev/k8s.io/api/core/v1#IPFamilyPolicy + enum: + - SingleStack + - PreferDualStack + - RequireDualStack + type: string + type: + default: ClusterIP + description: |- + Type of Service to create for the cluster. Must be one of: ClusterIP, LoadBalancer, NodePort. + For more info see https://pkg.go.dev/k8s.io/api/core/v1#ServiceType + enum: + - ClusterIP + - LoadBalancer + - NodePort + type: string + type: object + skipPostDeploySteps: + description: |- + If unset, or set to false, the cluster will run `rabbitmq-queues rebalance all` whenever the cluster is updated. + Set to true to prevent the operator rebalancing queue leaders after a cluster update. + Has no effect if the cluster only consists of one node. + For more information, see https://www.rabbitmq.com/rabbitmq-queues.8.html#rebalance + type: boolean + terminationGracePeriodSeconds: + default: 604800 + description: |- + TerminationGracePeriodSeconds is the timeout that each rabbitmqcluster pod will have to terminate gracefully. + It defaults to 604800 seconds ( a week long) to ensure that the container preStop lifecycle hook can finish running. + For more information, see: https://github.com/rabbitmq/cluster-operator/blob/main/docs/design/20200520-graceful-pod-termination.md + format: int64 + minimum: 0 + type: integer + tls: + description: TLS-related configuration for the RabbitMQ cluster. + properties: + caSecretName: + description: |- + Name of a Secret in the same Namespace as the RabbitmqCluster, containing the Certificate Authority's public certificate for TLS. + The Secret must store this as ca.crt. + This Secret can be created by running `kubectl create secret generic ca-secret --from-file=ca.crt=path/to/ca.cert` + Used for mTLS, and TLS for rabbitmq_web_stomp and rabbitmq_web_mqtt. + type: string + disableNonTLSListeners: + description: |- + When set to true, the RabbitmqCluster disables non-TLS listeners for RabbitMQ, management plugin and for any enabled plugins in the following list: stomp, mqtt, web_stomp, web_mqtt. + Only TLS-enabled clients will be able to connect. + type: boolean + secretName: + description: |- + Name of a Secret in the same Namespace as the RabbitmqCluster, containing the server's private key & public certificate for TLS. + The Secret must store these as tls.key and tls.crt, respectively. + This Secret can be created by running `kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key` + type: string + type: object + tolerations: + description: Tolerations is the list of Toleration resources attached + to each Pod in the RabbitmqCluster. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + status: + description: Status presents the observed state of RabbitmqCluster + properties: + binding: + description: |- + Binding exposes a secret containing the binding information for this + RabbitmqCluster. It implements the service binding Provisioned Service + duck type. See: https://github.com/servicebinding/spec#provisioned-service + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Set of Conditions describing the current state of the + RabbitmqCluster + items: + properties: + lastTransitionTime: + description: The last time this Condition type changed. + format: date-time + type: string + message: + description: Full text reason for current status of the condition. + type: string + reason: + description: One word, camel-case reason for current status + of the condition. + type: string + status: + description: True, False, or Unknown + type: string + type: + description: Type indicates the scope of RabbitmqCluster status + addressed by the condition. + type: string + required: + - status + - type + type: object + type: array + defaultUser: + description: Identifying information on internal resources + properties: + secretReference: + description: |- + Reference to the Kubernetes Secret containing the credentials of the default + user. + properties: + keys: + additionalProperties: + type: string + description: Key-value pairs in the Secret corresponding to + `username`, `password`, `host`, and `port` + type: object + name: + description: Name of the Secret containing the default user + credentials + type: string + namespace: + description: Namespace of the Secret containing the default + user credentials + type: string + required: + - keys + - name + - namespace + type: object + serviceReference: + description: Reference to the Kubernetes Service serving the cluster. + properties: + name: + description: Name of the Service serving the cluster + type: string + namespace: + description: Namespace of the Service serving the cluster + type: string + required: + - name + - namespace + type: object + type: object + observedGeneration: + description: |- + observedGeneration is the most recent successful generation observed for this RabbitmqCluster. It corresponds to the + RabbitmqCluster's generation, which is updated on mutation by the API Server. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/rabbitmq.openstack.org_transporturls.yaml b/bindata/crds/rabbitmq.openstack.org_transporturls.yaml new file mode 100644 index 000000000..9cbbdf4fb --- /dev/null +++ b/bindata/crds/rabbitmq.openstack.org_transporturls.yaml @@ -0,0 +1,122 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: transporturls.rabbitmq.openstack.org +spec: + group: rabbitmq.openstack.org + names: + kind: TransportURL + listKind: TransportURLList + plural: transporturls + singular: transporturl + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: TransportURL is the Schema for the transporturls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TransportURLSpec defines the desired state of TransportURL + properties: + rabbitmqClusterName: + description: RabbitmqClusterName the name of the Rabbitmq cluster + which to configure the transport URL + type: string + required: + - rabbitmqClusterName + type: object + status: + description: TransportURLStatus defines the observed state of TransportURL + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + secretName: + description: SecretName - name of the secret containing the rabbitmq + transport URL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/redis.openstack.org_redises.yaml b/bindata/crds/redis.openstack.org_redises.yaml new file mode 100644 index 000000000..0eab5e58e --- /dev/null +++ b/bindata/crds/redis.openstack.org_redises.yaml @@ -0,0 +1,145 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: redises.redis.openstack.org +spec: + group: redis.openstack.org + names: + kind: Redis + listKind: RedisList + plural: redises + singular: redis + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redises API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + containerImage: + description: Name of the redis container image to run (will be set + to environmental default if empty) + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + description: Size of the redis cluster + format: int32 + type: integer + tls: + description: TLS settings for Redis service and internal Redis replication + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - containerImage + type: object + status: + description: RedisStatus defines the observed state of Redis + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track input changes + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the opentack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/swift.openstack.org_swiftproxies.yaml b/bindata/crds/swift.openstack.org_swiftproxies.yaml new file mode 100644 index 000000000..8083e908f --- /dev/null +++ b/bindata/crds/swift.openstack.org_swiftproxies.yaml @@ -0,0 +1,413 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: swiftproxies.swift.openstack.org +spec: + group: swift.openstack.org + names: + kind: SwiftProxy + listKind: SwiftProxyList + plural: swiftproxies + singular: swiftproxy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: SwiftProxy is the Schema for the swiftproxies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SwiftProxySpec defines the desired state of SwiftProxy + properties: + ceilometerEnabled: + default: false + description: Enables ceilometer in the swift proxy and creates required + resources + type: boolean + containerImageProxy: + description: Swift Proxy Container Image URL + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - can be used to add additionalfiles. + Those get added to the service config dir in /etc/-conf.d + type: object + encryptionEnabled: + default: false + description: Encrypts new objects at rest + type: boolean + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic to + the cluster. Allows for the manifest of the created Service + to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the fields + included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object + passwordSelectors: + default: + service: SwiftPassword + description: PasswordSelector - Selector to choose the Swift user + password from the Secret + properties: + service: + default: SwiftPassword + description: Service - Selector to get the Swift service password + from the Secret + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name to request a transportURL for + Ceilometer middleware + type: string + replicas: + default: 1 + description: Replicas of Swift Proxy + format: int32 + minimum: 0 + type: integer + secret: + default: osp-secret + description: Secret containing OpenStack password information for + Swift service user password + type: string + serviceUser: + default: swift + description: ServiceUser - optional username used for this service + to register in Swift + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret for + the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + public: + description: Public GenericService - holds the secret for + the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for the + service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - containerImageProxy + - memcachedInstance + - rabbitMqClusterName + - replicas + - secret + - serviceUser + type: object + status: + description: SwiftProxyStatus defines the observed state of SwiftProxy + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of SwiftProxy instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/swift.openstack.org_swiftrings.yaml b/bindata/crds/swift.openstack.org_swiftrings.yaml new file mode 100644 index 000000000..b8b4b1a10 --- /dev/null +++ b/bindata/crds/swift.openstack.org_swiftrings.yaml @@ -0,0 +1,158 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: swiftrings.swift.openstack.org +spec: + group: swift.openstack.org + names: + kind: SwiftRing + listKind: SwiftRingList + plural: swiftrings + singular: swiftring + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: SwiftRing is the Schema for the swiftrings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SwiftRingSpec defines the desired state of SwiftRing + properties: + containerImage: + description: Image URL for Swift proxy service + type: string + minPartHours: + default: 1 + description: Minimum number of hours to restrict moving a partition + more than once + format: int64 + minimum: 1 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + partPower: + default: 10 + description: Partition power of the Swift rings + format: int64 + minimum: 1 + type: integer + ringReplicas: + default: 1 + description: Number of Swift data replicas (=copies) + format: int64 + minimum: 1 + type: integer + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + type: object + required: + - containerImage + - minPartHours + - partPower + - ringReplicas + type: object + status: + description: SwiftRingStatus defines the observed state of SwiftRing + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/swift.openstack.org_swifts.yaml b/bindata/crds/swift.openstack.org_swifts.yaml new file mode 100644 index 000000000..7f26b1298 --- /dev/null +++ b/bindata/crds/swift.openstack.org_swifts.yaml @@ -0,0 +1,545 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: swifts.swift.openstack.org +spec: + group: swift.openstack.org + names: + kind: Swift + listKind: SwiftList + plural: swifts + singular: swift + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Swift is the Schema for the swifts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SwiftSpec defines the desired state of Swift + properties: + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + storageClass: + default: "" + description: Storage class. This is passed to SwiftStorage unless + storageClass is explicitly set for the SwiftStorage. + type: string + swiftProxy: + description: SwiftProxy - Spec definition for the Proxy service of + this Swift deployment + properties: + ceilometerEnabled: + default: false + description: Enables ceilometer in the swift proxy and creates + required resources + type: boolean + containerImageProxy: + description: Swift Proxy Container Image URL + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - can be used to add additionalfiles. + Those get added to the service config dir in /etc/-conf.d + type: object + encryptionEnabled: + default: false + description: Encrypts new objects at rest + type: boolean + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + passwordSelectors: + default: + service: SwiftPassword + description: PasswordSelector - Selector to choose the Swift user + password from the Secret + properties: + service: + default: SwiftPassword + description: Service - Selector to get the Swift service password + from the Secret + type: string + type: object + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name to request a transportURL + for Ceilometer middleware + type: string + replicas: + default: 1 + description: Replicas of Swift Proxy + format: int32 + minimum: 0 + type: integer + secret: + default: osp-secret + description: Secret containing OpenStack password information + for Swift service user password + type: string + serviceUser: + default: swift + description: ServiceUser - optional username used for this service + to register in Swift + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + required: + - containerImageProxy + - memcachedInstance + - rabbitMqClusterName + - replicas + - secret + - serviceUser + type: object + swiftRing: + description: SwiftRing - Spec definition for the Ring service of this + Swift deployment + properties: + containerImage: + description: Image URL for Swift proxy service + type: string + minPartHours: + default: 1 + description: Minimum number of hours to restrict moving a partition + more than once + format: int64 + minimum: 1 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + partPower: + default: 10 + description: Partition power of the Swift rings + format: int64 + minimum: 1 + type: integer + ringReplicas: + default: 1 + description: Number of Swift data replicas (=copies) + format: int64 + minimum: 1 + type: integer + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + required: + - containerImage + - minPartHours + - partPower + - ringReplicas + type: object + swiftStorage: + description: SwiftStorage - Spec definition for the Storage service + of this Swift deployment + properties: + containerImageAccount: + description: Image URL for Swift account service + type: string + containerImageContainer: + description: Image URL for Swift container service + type: string + containerImageObject: + description: Image URL for Swift object service + type: string + containerImageProxy: + description: Image URL for Swift proxy service + type: string + containerSharderEnabled: + default: false + description: If the container sharder daemon is enabled. + type: boolean + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - can be used to add additionalfiles. + Those get added to the service config dir in /etc/-conf.d + type: object + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + storageClass: + default: "" + description: Name of StorageClass to use for Swift PVs + type: string + storageRequest: + default: 10Gi + description: Minimum size for Swift PVs + type: string + required: + - containerImageAccount + - containerImageContainer + - containerImageObject + - containerImageProxy + - memcachedInstance + - replicas + - storageClass + - storageRequest + type: object + required: + - memcachedInstance + - storageClass + - swiftProxy + - swiftRing + - swiftStorage + type: object + status: + description: SwiftStatus defines the observed state of Swift + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/swift.openstack.org_swiftstorages.yaml b/bindata/crds/swift.openstack.org_swiftstorages.yaml new file mode 100644 index 000000000..417d83595 --- /dev/null +++ b/bindata/crds/swift.openstack.org_swiftstorages.yaml @@ -0,0 +1,192 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: swiftstorages.swift.openstack.org +spec: + group: swift.openstack.org + names: + kind: SwiftStorage + listKind: SwiftStorageList + plural: swiftstorages + singular: swiftstorage + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: NetworkAttachments + jsonPath: .status.networkAttachments + name: NetworkAttachments + type: string + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: SwiftStorage is the Schema for the swiftstorages API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SwiftStorageSpec defines the desired state of SwiftStorage + properties: + containerImageAccount: + description: Image URL for Swift account service + type: string + containerImageContainer: + description: Image URL for Swift container service + type: string + containerImageObject: + description: Image URL for Swift object service + type: string + containerImageProxy: + description: Image URL for Swift proxy service + type: string + containerSharderEnabled: + default: false + description: If the container sharder daemon is enabled. + type: boolean + defaultConfigOverwrite: + additionalProperties: + type: string + description: DefaultConfigOverwrite - can be used to add additionalfiles. + Those get added to the service config dir in /etc/-conf.d + type: object + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + replicas: + default: 1 + format: int32 + minimum: 0 + type: integer + storageClass: + default: "" + description: Name of StorageClass to use for Swift PVs + type: string + storageRequest: + default: 10Gi + description: Minimum size for Swift PVs + type: string + required: + - containerImageAccount + - containerImageContainer + - containerImageObject + - containerImageProxy + - memcachedInstance + - replicas + - storageClass + - storageRequest + type: object + status: + description: SwiftStorageStatus defines the observed state of SwiftStorage + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of SwiftStorage instances + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/telemetry.openstack.org_autoscalings.yaml b/bindata/crds/telemetry.openstack.org_autoscalings.yaml new file mode 100644 index 000000000..d44a8e57d --- /dev/null +++ b/bindata/crds/telemetry.openstack.org_autoscalings.yaml @@ -0,0 +1,512 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: autoscalings.telemetry.openstack.org +spec: + group: telemetry.openstack.org + names: + kind: Autoscaling + listKind: AutoscalingList + plural: autoscalings + singular: autoscaling + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Autoscaling is the Schema for the autoscalings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AutoscalingSpec defines the desired state of Autoscaling + properties: + aodh: + default: + apiImage: "" + databaseAccount: aodh + databaseInstance: openstack + evaluatorImage: "" + listenerImage: "" + memcachedInstance: memcached + notifierImage: "" + passwordSelector: + aodhService: AodhPassword + rabbitMqClusterName: rabbitmq + secret: osp-secret + serviceUser: aodh + description: Aodh spec + properties: + apiImage: + type: string + apiTimeout: + default: 60 + description: APITimeout for Route and Apache + type: integer + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + databaseAccount: + default: aodh + description: DatabaseAccount - optional MariaDBAccount CR name + used for aodh DB, defaults to aodh + type: string + databaseInstance: + default: openstack + description: MariaDB instance name Right now required by the maridb-operator + to get the credentials from the instance to create the DB Might + not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + evaluatorImage: + type: string + listenerImage: + type: string + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachmentDefinitions: + description: NetworkAttachmentDefinitions list of network attachment + definitions the service pod gets attached to + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + notifierImage: + type: string + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of the + fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object + passwordSelector: + default: + aodhService: AodhPassword + description: PasswordSelectors - Selectors to identify the service + from the Secret + properties: + aodhService: + default: AodhPassword + description: AodhService - Selector to get the aodh service + password from the Secret + type: string + ceilometerService: + default: CeilometerPassword + description: CeilometerService - Selector to get the ceilometer + service password from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they finished + e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Aodh + type: string + secret: + default: osp-secret + description: Secret containing OpenStack password information + for aodh + type: string + serviceUser: + default: aodh + description: ServiceUser - optional username used for this service + to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key for + the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + type: object + required: + - apiImage + - databaseInstance + - evaluatorImage + - listenerImage + - notifierImage + - secret + type: object + heatInstance: + default: heat + description: Heat instance name. + type: string + prometheusHost: + description: Host of user deployed prometheus + type: string + prometheusPort: + description: Port of user deployed prometheus + format: int32 + maximum: 65535 + minimum: 1 + type: integer + prometheusTLSCaCertSecret: + description: If defined, specifies which CA certificate to use for + user deployed prometheus + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - heatInstance + type: object + status: + description: AutoscalingStatus defines the observed state of Autoscaling + properties: + apiEndpoint: + additionalProperties: + type: string + description: API endpoint + type: object + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + databaseHostname: + description: DatabaseHostname - Hostname for the database + type: string + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networks: + description: Networks in addtion to the cluster network, the service + is attached to + items: + type: string + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + prometheusHostname: + description: PrometheusHost - Hostname for prometheus used for autoscaling + type: string + prometheusPort: + description: PrometheusPort - Port for prometheus used for autoscaling + format: int32 + type: integer + prometheusTLS: + description: PrometheusTLS - Determines if TLS should be used for + accessing prometheus + type: boolean + readyCount: + description: ReadyCount of autoscaling instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/telemetry.openstack.org_ceilometers.yaml b/bindata/crds/telemetry.openstack.org_ceilometers.yaml new file mode 100644 index 000000000..68f2e0241 --- /dev/null +++ b/bindata/crds/telemetry.openstack.org_ceilometers.yaml @@ -0,0 +1,302 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ceilometers.telemetry.openstack.org +spec: + group: telemetry.openstack.org + names: + kind: Ceilometer + listKind: CeilometerList + plural: ceilometers + singular: ceilometer + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Ceilometer is the Schema for the ceilometers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + ksmStatus: + description: KSMStatus defines the observed state of kube-state-metrics + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of ksm instances + format: int32 + type: integer + type: object + metadata: + type: object + spec: + description: CeilometerSpec defines the desired state of Ceilometer + properties: + apiTimeout: + default: 60 + description: APITimeout for Apache + type: integer + centralImage: + type: string + computeImage: + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config using + this parameter to change service defaults, or overwrite rendered + information using raw OpenStack config format. The content gets + added to to /etc//.conf.d directory as custom.conf + file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf or policy.json. But can also be used + to add additional files. Those get added to the service config dir + in /etc/ . TODO: -> implement' + type: object + ipmiImage: + type: string + ksmImage: + type: string + ksmTls: + description: KSMTLS - Parameters related to the TLS for kube-state-metrics + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + networkAttachmentDefinitions: + description: NetworkAttachmentDefinitions list of network attachment + definitions the service pod gets attached to + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + notificationImage: + type: string + passwordSelector: + default: + ceilometerService: CeilometerPassword + description: PasswordSelectors - Selectors to identify the service + from the Secret + properties: + aodhService: + default: AodhPassword + description: AodhService - Selector to get the aodh service password + from the Secret + type: string + ceilometerService: + default: CeilometerPassword + description: CeilometerService - Selector to get the ceilometer + service password from the Secret + type: string + type: object + proxyImage: + type: string + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Telemetry + type: string + secret: + default: osp-secret + description: Secret containing OpenStack password information for + ceilometer + type: string + serviceUser: + default: ceilometer + description: ServiceUser - optional username used for this service + to register in keystone + type: string + sgCoreImage: + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - centralImage + - computeImage + - ipmiImage + - notificationImage + - proxyImage + - secret + - sgCoreImage + type: object + status: + description: CeilometerStatus defines the observed state of Ceilometer + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networks: + description: Networks in addtion to the cluster network, the service + is attached to + items: + type: string + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + readyCount: + description: ReadyCount of ceilometer instances + format: int32 + type: integer + transportURLSecret: + description: TransportURLSecret - Secret containing RabbitMQ transportURL + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/telemetry.openstack.org_loggings.yaml b/bindata/crds/telemetry.openstack.org_loggings.yaml new file mode 100644 index 000000000..3ed0c3906 --- /dev/null +++ b/bindata/crds/telemetry.openstack.org_loggings.yaml @@ -0,0 +1,160 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: loggings.telemetry.openstack.org +spec: + group: telemetry.openstack.org + names: + categories: + - logging + kind: Logging + listKind: LoggingList + plural: loggings + singular: logging + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Logging is the Schema for the loggings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: LoggingSpec defines the desired state of Logging + properties: + annotations: + additionalProperties: + type: string + default: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + description: Annotations is a way to configure certain LoadBalancers, + like MetalLB + type: object + cloNamespace: + default: openshift-logging + description: CLONamespace points to the namespace where the cluster-logging-operator + is deployed + type: string + port: + default: 10514 + description: Port is the port where the service will listen on + format: int32 + type: integer + rsyslogQueueSize: + default: 10000 + description: The size of the local queue of logs + format: int32 + type: integer + rsyslogQueueType: + default: linkedList + description: The type of the local queue of logs + type: string + rsyslogRetries: + default: 100 + description: The number of retries rsyslog will attempt before abandoning + format: int32 + type: integer + targetPort: + default: 10514 + description: TargetPort is the port where the logging syslog receiver + is listening + type: integer + required: + - rsyslogQueueType + type: object + status: + description: LoggingStatus defines the observed state of Logging + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/telemetry.openstack.org_metricstorages.yaml b/bindata/crds/telemetry.openstack.org_metricstorages.yaml new file mode 100644 index 000000000..6c60b727f --- /dev/null +++ b/bindata/crds/telemetry.openstack.org_metricstorages.yaml @@ -0,0 +1,1322 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: metricstorages.telemetry.openstack.org +spec: + group: telemetry.openstack.org + names: + kind: MetricStorage + listKind: MetricStorageList + plural: metricstorages + singular: metricstorage + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MetricStorage is the Schema for the metricstorages API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MetricStorageSpec defines the desired state of MetricStorage + properties: + customMonitoringStack: + description: CustomMonitoringStack allows to deploy a custom monitoring + stack when the options in "MonitoringStack" aren't enough + nullable: true + properties: + alertmanagerConfig: + default: + disabled: false + description: Define Alertmanager config + properties: + disabled: + default: false + description: Disables the deployment of Alertmanager. + type: boolean + type: object + logLevel: + default: info + description: Loglevel set log levels of configured components + enum: + - debug + - info + - warn + - error + type: string + namespaceSelector: + description: 'Namespace selector for Monitoring Stack Resources. + To monitor everything, set to empty map selector. E.g. namespaceSelector: + {}. To monitor resources in the namespace where Monitoring Stack + was created in, set to null. E.g. namespaceSelector:.' + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + prometheusConfig: + default: + replicas: 2 + description: Define prometheus config + properties: + enableOtlpHttpReceiver: + description: Enable Prometheus to accept OpenTelemetry Metrics + via the otlp/http protocol. Defaults to the value of `false`. + The resulting endpoint is /api/v1/otlp/v1/metrics. + type: boolean + enableRemoteWriteReceiver: + description: Enable Prometheus to be used as a receiver for + the Prometheus remote write protocol. Defaults to the value + of `false`. + type: boolean + externalLabels: + additionalProperties: + type: string + description: Define ExternalLabels for prometheus + type: object + persistentVolumeClaim: + description: Define persistent volume claim for prometheus + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified + data source, it will create a new volume based on the + contents of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef contents + will be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, then + dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic provisioner. + This field will replace the functionality of the dataSource + field and as such if both fields are non-empty, they + must have the same value. For backwards compatibility, + when namespace isn''t specified in dataSourceRef, both + fields (dataSource and dataSourceRef) will be set to + the same value automatically if one of them is empty + and the other is non-empty. When namespace is specified + in dataSourceRef, dataSource isn''t set to the same + value and must be empty. There are three important differences + between dataSource and dataSourceRef: * While dataSource + only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is specified. + * While dataSource only allows local objects, dataSourceRef + allows objects in any namespaces. (Beta) Using this + field requires the AnyVolumeDataSource feature gate + to be enabled. (Alpha) Using the namespace field of + dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object + is required in the referent namespace to allow that + namespace's owner to accept the reference. See the + ReferenceGrant documentation for details. (Alpha) + This field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but + must still be higher than capacity recorded in the status + field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeAttributesClassName: + description: 'volumeAttributesClassName may be used to + set the VolumeAttributesClass used by this claim. If + specified, the CSI driver will create or update the + volume with the attributes defined in the corresponding + VolumeAttributesClass. This has a different purpose + than storageClassName, it can be changed after the claim + is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed to + reset this field to empty string once it is set. If + unspecified and the PersistentVolumeClaim is unbound, + the default VolumeAttributesClass will be set by the + persistentvolume controller if it exists. If the resource + referred to by volumeAttributesClass does not exist, + this PersistentVolumeClaim will be set to a Pending + state, as reflected by the modifyVolumeStatus field, + until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass + feature gate to be enabled.' + type: string + volumeMode: + description: volumeMode defines what type of volume is + required by the claim. Value of Filesystem is implied + when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + remoteWrite: + description: Define remote write for prometheus + items: + description: RemoteWriteSpec defines the configuration to + write samples from Prometheus to a remote endpoint. + properties: + authorization: + description: "Authorization section for the URL. \n + It requires Prometheus >= v2.26.0. \n Cannot be set + at the same time as `sigv4`, `basicAuth`, `oauth2`, + or `azureAd`." + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File to read a secret from, mutually + exclusive with `credentials`. + type: string + type: + description: "Defines the authentication type. The + value is case-insensitive. \n \"Basic\" is not + a supported value. \n Default: \"Bearer\"" + type: string + type: object + azureAd: + description: "AzureAD for the URL. \n It requires Prometheus + >= v2.45.0. \n Cannot be set at the same time as `authorization`, + `basicAuth`, `oauth2`, or `sigv4`." + properties: + cloud: + description: The Azure Cloud. Options are 'AzurePublic', + 'AzureChina', or 'AzureGovernment'. + enum: + - AzureChina + - AzureGovernment + - AzurePublic + type: string + managedIdentity: + description: ManagedIdentity defines the Azure User-assigned + Managed identity. Cannot be set at the same time + as `oauth`. + properties: + clientId: + description: The client id + type: string + required: + - clientId + type: object + oauth: + description: "OAuth defines the oauth config that + is being used to authenticate. Cannot be set at + the same time as `managedIdentity`. \n It requires + Prometheus >= v2.48.0." + properties: + clientId: + description: '`clientID` is the clientId of + the Azure Active Directory application that + is being used to authenticate.' + minLength: 1 + type: string + clientSecret: + description: '`clientSecret` specifies a key + of a Secret containing the client secret of + the Azure Active Directory application that + is being used to authenticate.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + tenantId: + description: '`tenantID` is the tenant ID of + the Azure Active Directory application that + is being used to authenticate.' + minLength: 1 + pattern: ^[0-9a-zA-Z-.]+$ + type: string + required: + - clientId + - clientSecret + - tenantId + type: object + type: object + basicAuth: + description: "BasicAuth configuration for the URL. \n + Cannot be set at the same time as `sigv4`, `authorization`, + `oauth2`, or `azureAd`." + properties: + password: + description: '`password` specifies a key of a Secret + containing the password for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret + containing the username for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + description: "*Warning: this field shouldn't be used + because the token value appears in clear-text. Prefer + using `authorization`.* \n Deprecated: this will be + removed in a future release." + type: string + bearerTokenFile: + description: "File from which to read bearer token for + the URL. \n Deprecated: this will be removed in a + future release. Prefer using `authorization`." + type: string + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean + headers: + additionalProperties: + type: string + description: "Custom HTTP headers to be sent along with + each remote write request. Be aware that headers that + are set by Prometheus itself can't be overwritten. + \n It requires Prometheus >= v2.25.0." + type: object + metadataConfig: + description: MetadataConfig configures the sending of + series metadata to the remote storage. + properties: + send: + description: Defines whether metric metadata is + sent to the remote storage or not. + type: boolean + sendInterval: + description: Defines how frequently metric metadata + is sent to the remote storage. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + name: + description: "The name of the remote write queue, it + must be unique if specified. The name is used in metrics + and logging in order to differentiate queues. \n It + requires Prometheus >= v2.15.0." + type: string + oauth2: + description: "OAuth2 configuration for the URL. \n It + requires Prometheus >= v2.27.0. \n Cannot be set at + the same time as `sigv4`, `authorization`, `basicAuth`, + or `azureAd`." + properties: + clientId: + description: '`clientId` specifies a key of a Secret + or ConfigMap containing the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key of + a Secret containing the OAuth2 client''s secret.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the HTTP + parameters to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes + used for the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL to fetch + the token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyUrl: + description: Optional ProxyURL. + type: string + queueConfig: + description: QueueConfig allows tuning of the remote + write queue parameters. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time + a sample will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to + buffer per shard before we start dropping them. + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of + times to retry a batch on recoverable errors. + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number + of samples per send. + type: integer + maxShards: + description: MaxShards is the maximum number of + shards, i.e. amount of concurrency. + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. + Gets doubled for every retry. + type: string + minShards: + description: MinShards is the minimum number of + shards, i.e. amount of concurrency. + type: integer + retryOnRateLimit: + description: Retry upon receiving a 429 status code + from the remote-write storage. This is experimental + feature and might change in the future. + type: boolean + type: object + remoteTimeout: + description: Timeout for requests to the remote write + endpoint. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + sendExemplars: + description: "Enables sending of exemplars over remote + write. Note that exemplar-storage itself must be enabled + using the `spec.enableFeature` option for exemplars + to be scraped in the first place. \n It requires Prometheus + >= v2.27.0." + type: boolean + sendNativeHistograms: + description: "Enables sending of native histograms, + also known as sparse histograms over remote write. + \n It requires Prometheus >= v2.40.0." + type: boolean + sigv4: + description: "Sigv4 allows to configures AWS's Signature + Verification 4 for the URL. \n It requires Prometheus + >= v2.26.0. \n Cannot be set at the same time as `authorization`, + `basicAuth`, `oauth2`, or `azureAd`." + properties: + accessKey: + description: AccessKey is the AWS API key. If not + specified, the environment variable `AWS_ACCESS_KEY_ID` + is used. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Profile is the named AWS profile used + to authenticate. + type: string + region: + description: Region is the AWS region. If blank, + the region from the default credentials chain + used. + type: string + roleArn: + description: RoleArn is the named AWS profile used + to authenticate. + type: string + secretKey: + description: SecretKey is the AWS API secret. If + not specified, the environment variable `AWS_SECRET_ACCESS_KEY` + is used. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + tlsConfig: + description: TLS Config to use for the URL. + properties: + ca: + description: Certificate authority used when verifying + server certificates. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus + container to use for the targets. + type: string + cert: + description: Client certificate to present when + doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + Prometheus container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + Prometheus container for the targets. + type: string + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + url: + description: The URL of the endpoint to send samples + to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: "RelabelConfig allows dynamic rewriting + of the label set for targets, alerts, scraped samples + and remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex + matching. \n `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. `DropEqual` and + `KeepEqual` actions require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the + source label values. \n Only applicable when + the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. + type: string + replacement: + description: "Replacement value against which + a Replace action is performed if the regular + expression matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from + existing labels. Their content is concatenated + using the configured Separator and matched against + the configured regular expression. + items: + description: LabelName is a valid Prometheus + label name which may only contain ASCII letters, + numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string + is written in a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. \n Regex + capture groups are available." + type: string + type: object + type: array + required: + - url + type: object + type: array + replicas: + default: 2 + description: Number of replicas/pods to deploy for a Prometheus + deployment. + format: int32 + minimum: 0 + type: integer + scrapeInterval: + description: Default interval between scrapes. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + resourceSelector: + description: 'Label selector for Monitoring Stack Resources. To + monitor everything, set to empty map selector. E.g. resourceSelector: + {}. To disable service discovery, set to null. E.g. resourceSelector:.' + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + default: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + description: Define resources requests and limits for Monitoring + Stack Pods. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + retention: + default: 120h + description: Time duration to retain data for. Default is '120h', + and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` + (milliseconds seconds minutes hours days weeks years). + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + dashboardsEnabled: + default: false + description: DashboardsEnabled allows to enable or disable dashboards + and related artifacts + type: boolean + dataplaneNetwork: + default: ctlplane + description: DataplaneNetwork defines the network that will be used + to scrape dataplane node_exporter endpoints + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + monitoringStack: + description: MonitoringStack allows to define a metric storage with + options supported by Red Hat + nullable: true + properties: + alertingEnabled: + default: true + description: AlertingEnabled allows to enable or disable alertmanager + type: boolean + scrapeInterval: + default: 30s + description: ScrapeInterval sets the interval between scrapes + type: string + storage: + default: + persistent: + pvcStorageRequest: 20G + retention: 24h + strategy: persistent + description: Storage allows to define options for how to store + metrics + properties: + persistent: + description: Used to specify the options of persistent storage + when strategy = "persistent" + properties: + pvcStorageClass: + description: PvcStorageClass The storage class to use + for storing metrics + type: string + pvcStorageRequest: + default: 20G + description: PvcStorageRequest The amount of storage to + request in PVC + type: string + pvcStorageSelector: + description: PvcStorageSelector The Label selector to + specify in PVCs + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + retention: + default: 24h + description: Retention time for metrics + type: string + strategy: + default: persistent + description: Strategy to use for storage. Can be "persistent", + "ephemeral" or empty, in which case a COO default is used + enum: + - persistent + - ephemeral + type: string + type: object + type: object + prometheusTls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in a pre-created + bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + status: + description: MetricStorageStatus defines the observed state of MetricStorage + properties: + conditions: + description: Conditions provide observations of the operational state + of a API resource. + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + prometheusTLSPatched: + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/telemetry.openstack.org_telemetries.yaml b/bindata/crds/telemetry.openstack.org_telemetries.yaml new file mode 100644 index 000000000..eb943eebe --- /dev/null +++ b/bindata/crds/telemetry.openstack.org_telemetries.yaml @@ -0,0 +1,1920 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: telemetries.telemetry.openstack.org +spec: + group: telemetry.openstack.org + names: + kind: Telemetry + listKind: TelemetryList + plural: telemetries + singular: telemetry + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Telemetry is the Schema for the telemetry API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TelemetrySpec defines the desired state of Telemetry + properties: + autoscaling: + description: Autoscaling - Parameters related to the autoscaling service + properties: + aodh: + default: + apiImage: "" + databaseAccount: aodh + databaseInstance: openstack + evaluatorImage: "" + listenerImage: "" + memcachedInstance: memcached + notifierImage: "" + passwordSelector: + aodhService: AodhPassword + rabbitMqClusterName: rabbitmq + secret: osp-secret + serviceUser: aodh + description: Aodh spec + properties: + apiImage: + type: string + apiTimeout: + default: 60 + description: APITimeout for Route and Apache + type: integer + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. + The content gets added to to /etc//.conf.d + directory as custom.conf file. + type: string + databaseAccount: + default: aodh + description: DatabaseAccount - optional MariaDBAccount CR + name used for aodh DB, defaults to aodh + type: string + databaseInstance: + default: openstack + description: MariaDB instance name Right now required by the + maridb-operator to get the credentials from the instance + to create the DB Might not be required in future + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But + can also be used to add additional files. Those get added + to the service config dir in /etc/ . TODO: -> implement' + type: object + evaluatorImage: + type: string + listenerImage: + type: string + memcachedInstance: + default: memcached + description: Memcached instance name. + type: string + networkAttachmentDefinitions: + description: NetworkAttachmentDefinitions list of network + attachment definitions the service pod gets attached to + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes + running this service + type: object + notifierImage: + type: string + override: + description: Override, provides the ability to override the + generated manifest of several child resources. + properties: + service: + additionalProperties: + description: RoutedOverrideSpec - a routed service override + configuration for the Service created to serve traffic + to the cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. More + info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OverrideServiceSpec is a subset of + the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec + Limited to Type, SessionAffinity, LoadBalancerSourceRanges, + ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, + IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an + alias for this service (e.g. a DNS CNAME record). + No proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will configure + the service in a way that assumes that external + load balancers will take care of balancing + the service traffic between nodes, and so + each node will deliver traffic only to the + node-local endpoints of the service, without + masquerading the client source IP. (Traffic + mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", + uses the standard behavior of routing to all + endpoints evenly (possibly modified by topology + and other features). Note that traffic sent + to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" + semantics, but clients sending to a NodePort + from within the cluster may need to take traffic + policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If + there is no value provided, then this field + will be set to SingleStack. Services can be + "SingleStack" (a single IP family), "PreferDualStack" + (two IP families on dual-stack configured + clusters or a single IP family on single-stack + clusters), or "RequireDualStack" (two IP families + on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field + will be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this Service + belongs to. If specified, the value of this + field must be a label-style identifier, with + an optional prefix, e.g. "internal-vip" or + "example.com/internal-vip". Unprefixed names + are reserved for end-users. This field can + only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through + the cloud provider integration, but should + apply for any default implementation. If set, + it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that + set this field. This field can only be set + when creating or updating a Service to type + 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is + updated to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic through + the cloud-provider load-balancer will be restricted + to the specified client IPs. This field will + be ignored if the cloud-provider does not + support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More info: + https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for + 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and + LoadBalancer. "ClusterIP" allocates a cluster-internal + IP address for load-balancing to endpoints. + Endpoints are determined by the selector or + if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of + endpoints rather than a virtual IP. "NodePort" + builds on ClusterIP and allocates a port on + every node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds on + NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the + endpoint type (public, internal) + type: object + type: object + passwordSelector: + default: + aodhService: AodhPassword + description: PasswordSelectors - Selectors to identify the + service from the Secret + properties: + aodhService: + default: AodhPassword + description: AodhService - Selector to get the aodh service + password from the Secret + type: string + ceilometerService: + default: CeilometerPassword + description: CeilometerService - Selector to get the ceilometer + service password from the Secret + type: string + type: object + preserveJobs: + default: false + description: PreserveJobs - do not delete jobs after they + finished e.g. to check logs + type: boolean + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Aodh + type: string + secret: + default: osp-secret + description: Secret containing OpenStack password information + for aodh + type: string + serviceUser: + default: aodh + description: ServiceUser - optional username used for this + service to register in keystone + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + api: + description: API tls type which encapsulates for API services + properties: + internal: + description: Internal GenericService - holds the secret + for the internal endpoint + properties: + secretName: + description: SecretName - holding the cert, key + for the service + type: string + type: object + public: + description: Public GenericService - holds the secret + for the public endpoint + properties: + secretName: + description: SecretName - holding the cert, key + for the service + type: string + type: object + type: object + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs + in a pre-created bundle file + type: string + type: object + required: + - apiImage + - databaseInstance + - evaluatorImage + - listenerImage + - notifierImage + - secret + type: object + enabled: + default: false + description: Enabled - Whether OpenStack autoscaling service should + be deployed and managed + type: boolean + heatInstance: + default: heat + description: Heat instance name. + type: string + prometheusHost: + description: Host of user deployed prometheus + type: string + prometheusPort: + description: Port of user deployed prometheus + format: int32 + maximum: 65535 + minimum: 1 + type: integer + prometheusTLSCaCertSecret: + description: If defined, specifies which CA certificate to use + for user deployed prometheus + nullable: true + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - heatInstance + type: object + ceilometer: + description: Ceilometer - Parameters related to the ceilometer service + properties: + apiTimeout: + default: 60 + description: APITimeout for Apache + type: integer + centralImage: + type: string + computeImage: + type: string + customServiceConfig: + default: '# add your customization here' + description: CustomServiceConfig - customize the service config + using this parameter to change service defaults, or overwrite + rendered information using raw OpenStack config format. The + content gets added to to /etc//.conf.d directory + as custom.conf file. + type: string + defaultConfigOverwrite: + additionalProperties: + type: string + description: 'ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf or policy.json. But can + also be used to add additional files. Those get added to the + service config dir in /etc/ . TODO: -> implement' + type: object + enabled: + default: true + description: Enabled - Whether OpenStack Ceilometer service should + be deployed and managed + type: boolean + ipmiImage: + type: string + ksmImage: + type: string + ksmTls: + description: KSMTLS - Parameters related to the TLS for kube-state-metrics + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + networkAttachmentDefinitions: + description: NetworkAttachmentDefinitions list of network attachment + definitions the service pod gets attached to + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + notificationImage: + type: string + passwordSelector: + default: + ceilometerService: CeilometerPassword + description: PasswordSelectors - Selectors to identify the service + from the Secret + properties: + aodhService: + default: AodhPassword + description: AodhService - Selector to get the aodh service + password from the Secret + type: string + ceilometerService: + default: CeilometerPassword + description: CeilometerService - Selector to get the ceilometer + service password from the Secret + type: string + type: object + proxyImage: + type: string + rabbitMqClusterName: + default: rabbitmq + description: RabbitMQ instance name Needed to request a transportURL + that is created and used in Telemetry + type: string + secret: + default: osp-secret + description: Secret containing OpenStack password information + for ceilometer + type: string + serviceUser: + default: ceilometer + description: ServiceUser - optional username used for this service + to register in keystone + type: string + sgCoreImage: + type: string + tls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + required: + - centralImage + - computeImage + - ipmiImage + - notificationImage + - proxyImage + - secret + - sgCoreImage + type: object + logging: + description: Logging - Parameters related to the logging + properties: + annotations: + additionalProperties: + type: string + default: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + description: Annotations is a way to configure certain LoadBalancers, + like MetalLB + type: object + cloNamespace: + default: openshift-logging + description: CLONamespace points to the namespace where the cluster-logging-operator + is deployed + type: string + enabled: + default: true + description: Enabled - Whether OpenStack logging service should + be deployed and managed + type: boolean + port: + default: 10514 + description: Port is the port where the service will listen on + format: int32 + type: integer + rsyslogQueueSize: + default: 10000 + description: The size of the local queue of logs + format: int32 + type: integer + rsyslogQueueType: + default: linkedList + description: The type of the local queue of logs + type: string + rsyslogRetries: + default: 100 + description: The number of retries rsyslog will attempt before + abandoning + format: int32 + type: integer + targetPort: + default: 10514 + description: TargetPort is the port where the logging syslog receiver + is listening + type: integer + required: + - rsyslogQueueType + type: object + metricStorage: + description: MetricStorage - Parameters related to the metricStorage + properties: + customMonitoringStack: + description: CustomMonitoringStack allows to deploy a custom monitoring + stack when the options in "MonitoringStack" aren't enough + nullable: true + properties: + alertmanagerConfig: + default: + disabled: false + description: Define Alertmanager config + properties: + disabled: + default: false + description: Disables the deployment of Alertmanager. + type: boolean + type: object + logLevel: + default: info + description: Loglevel set log levels of configured components + enum: + - debug + - info + - warn + - error + type: string + namespaceSelector: + description: 'Namespace selector for Monitoring Stack Resources. + To monitor everything, set to empty map selector. E.g. namespaceSelector: + {}. To monitor resources in the namespace where Monitoring + Stack was created in, set to null. E.g. namespaceSelector:.' + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + prometheusConfig: + default: + replicas: 2 + description: Define prometheus config + properties: + enableOtlpHttpReceiver: + description: Enable Prometheus to accept OpenTelemetry + Metrics via the otlp/http protocol. Defaults to the + value of `false`. The resulting endpoint is /api/v1/otlp/v1/metrics. + type: boolean + enableRemoteWriteReceiver: + description: Enable Prometheus to be used as a receiver + for the Prometheus remote write protocol. Defaults to + the value of `false`. + type: boolean + externalLabels: + additionalProperties: + type: string + description: Define ExternalLabels for prometheus + type: object + persistentVolumeClaim: + description: Define persistent volume claim for prometheus + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified data + source. When the AnyVolumeDataSource feature gate + is enabled, dataSource contents will be copied to + dataSourceRef, and dataSourceRef contents will be + copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a + non-empty API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both fields + are non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource and dataSourceRef) + will be set to the same value automatically if one + of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. + There are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is + specified. * While dataSource only allows local + objects, dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the namespace + field of dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept the + reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires the + CrossNamespaceVolumeDataSource feature gate + to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeAttributesClassName: + description: 'volumeAttributesClassName may be used + to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update + the volume with the attributes defined in the corresponding + VolumeAttributesClass. This has a different purpose + than storageClassName, it can be changed after the + claim is created. An empty string value means that + no VolumeAttributesClass will be applied to the + claim but it''s not allowed to reset this field + to empty string once it is set. If unspecified and + the PersistentVolumeClaim is unbound, the default + VolumeAttributesClass will be set by the persistentvolume + controller if it exists. If the resource referred + to by volumeAttributesClass does not exist, this + PersistentVolumeClaim will be set to a Pending state, + as reflected by the modifyVolumeStatus field, until + such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass + feature gate to be enabled.' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem is + implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + remoteWrite: + description: Define remote write for prometheus + items: + description: RemoteWriteSpec defines the configuration + to write samples from Prometheus to a remote endpoint. + properties: + authorization: + description: "Authorization section for the URL. + \n It requires Prometheus >= v2.26.0. \n Cannot + be set at the same time as `sigv4`, `basicAuth`, + `oauth2`, or `azureAd`." + properties: + credentials: + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File to read a secret from, mutually + exclusive with `credentials`. + type: string + type: + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" + type: string + type: object + azureAd: + description: "AzureAD for the URL. \n It requires + Prometheus >= v2.45.0. \n Cannot be set at the + same time as `authorization`, `basicAuth`, `oauth2`, + or `sigv4`." + properties: + cloud: + description: The Azure Cloud. Options are 'AzurePublic', + 'AzureChina', or 'AzureGovernment'. + enum: + - AzureChina + - AzureGovernment + - AzurePublic + type: string + managedIdentity: + description: ManagedIdentity defines the Azure + User-assigned Managed identity. Cannot be + set at the same time as `oauth`. + properties: + clientId: + description: The client id + type: string + required: + - clientId + type: object + oauth: + description: "OAuth defines the oauth config + that is being used to authenticate. Cannot + be set at the same time as `managedIdentity`. + \n It requires Prometheus >= v2.48.0." + properties: + clientId: + description: '`clientID` is the clientId + of the Azure Active Directory application + that is being used to authenticate.' + minLength: 1 + type: string + clientSecret: + description: '`clientSecret` specifies a + key of a Secret containing the client + secret of the Azure Active Directory application + that is being used to authenticate.' + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + tenantId: + description: '`tenantID` is the tenant ID + of the Azure Active Directory application + that is being used to authenticate.' + minLength: 1 + pattern: ^[0-9a-zA-Z-.]+$ + type: string + required: + - clientId + - clientSecret + - tenantId + type: object + type: object + basicAuth: + description: "BasicAuth configuration for the URL. + \n Cannot be set at the same time as `sigv4`, + `authorization`, `oauth2`, or `azureAd`." + properties: + password: + description: '`password` specifies a key of + a Secret containing the password for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of + a Secret containing the username for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + description: "*Warning: this field shouldn't be + used because the token value appears in clear-text. + Prefer using `authorization`.* \n Deprecated: + this will be removed in a future release." + type: string + bearerTokenFile: + description: "File from which to read bearer token + for the URL. \n Deprecated: this will be removed + in a future release. Prefer using `authorization`." + type: string + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean + headers: + additionalProperties: + type: string + description: "Custom HTTP headers to be sent along + with each remote write request. Be aware that + headers that are set by Prometheus itself can't + be overwritten. \n It requires Prometheus >= v2.25.0." + type: object + metadataConfig: + description: MetadataConfig configures the sending + of series metadata to the remote storage. + properties: + send: + description: Defines whether metric metadata + is sent to the remote storage or not. + type: boolean + sendInterval: + description: Defines how frequently metric metadata + is sent to the remote storage. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + name: + description: "The name of the remote write queue, + it must be unique if specified. The name is used + in metrics and logging in order to differentiate + queues. \n It requires Prometheus >= v2.15.0." + type: string + oauth2: + description: "OAuth2 configuration for the URL. + \n It requires Prometheus >= v2.27.0. \n Cannot + be set at the same time as `sigv4`, `authorization`, + `basicAuth`, or `azureAd`." + properties: + clientId: + description: '`clientId` specifies a key of + a Secret or ConfigMap containing the OAuth2 + client''s ID.' + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key + of a Secret containing the OAuth2 client''s + secret.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the + HTTP parameters to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes + used for the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL + to fetch the token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyUrl: + description: Optional ProxyURL. + type: string + queueConfig: + description: QueueConfig allows tuning of the remote + write queue parameters. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum + time a sample will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples + to buffer per shard before we start dropping + them. + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry + delay. + type: string + maxRetries: + description: MaxRetries is the maximum number + of times to retry a batch on recoverable errors. + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum + number of samples per send. + type: integer + maxShards: + description: MaxShards is the maximum number + of shards, i.e. amount of concurrency. + type: integer + minBackoff: + description: MinBackoff is the initial retry + delay. Gets doubled for every retry. + type: string + minShards: + description: MinShards is the minimum number + of shards, i.e. amount of concurrency. + type: integer + retryOnRateLimit: + description: Retry upon receiving a 429 status + code from the remote-write storage. This is + experimental feature and might change in the + future. + type: boolean + type: object + remoteTimeout: + description: Timeout for requests to the remote + write endpoint. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + sendExemplars: + description: "Enables sending of exemplars over + remote write. Note that exemplar-storage itself + must be enabled using the `spec.enableFeature` + option for exemplars to be scraped in the first + place. \n It requires Prometheus >= v2.27.0." + type: boolean + sendNativeHistograms: + description: "Enables sending of native histograms, + also known as sparse histograms over remote write. + \n It requires Prometheus >= v2.40.0." + type: boolean + sigv4: + description: "Sigv4 allows to configures AWS's Signature + Verification 4 for the URL. \n It requires Prometheus + >= v2.26.0. \n Cannot be set at the same time + as `authorization`, `basicAuth`, `oauth2`, or + `azureAd`." + properties: + accessKey: + description: AccessKey is the AWS API key. If + not specified, the environment variable `AWS_ACCESS_KEY_ID` + is used. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Profile is the named AWS profile + used to authenticate. + type: string + region: + description: Region is the AWS region. If blank, + the region from the default credentials chain + used. + type: string + roleArn: + description: RoleArn is the named AWS profile + used to authenticate. + type: string + secretKey: + description: SecretKey is the AWS API secret. + If not specified, the environment variable + `AWS_SECRET_ACCESS_KEY` is used. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + tlsConfig: + description: TLS Config to use for the URL. + properties: + ca: + description: Certificate authority used when + verifying server certificates. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus + container to use for the targets. + type: string + cert: + description: Client certificate to present when + doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in + the Prometheus container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in + the Prometheus container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for + the targets. + type: string + type: object + url: + description: The URL of the endpoint to send samples + to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: "RelabelConfig allows dynamic rewriting + of the label set for targets, alerts, scraped + samples and remote write samples. \n More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the + regex matching. \n `Uppercase` and `Lowercase` + actions require Prometheus >= v2.36.0. `DropEqual` + and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash + of the source label values. \n Only applicable + when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. + type: string + replacement: + description: "Replacement value against which + a Replace action is performed if the regular + expression matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string between + concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured Separator and matched + against the configured regular expression. + items: + description: LabelName is a valid Prometheus + label name which may only contain ASCII + letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. \n It + is mandatory for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + required: + - url + type: object + type: array + replicas: + default: 2 + description: Number of replicas/pods to deploy for a Prometheus + deployment. + format: int32 + minimum: 0 + type: integer + scrapeInterval: + description: Default interval between scrapes. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + resourceSelector: + description: 'Label selector for Monitoring Stack Resources. + To monitor everything, set to empty map selector. E.g. resourceSelector: + {}. To disable service discovery, set to null. E.g. resourceSelector:.' + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + default: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + description: Define resources requests and limits for Monitoring + Stack Pods. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + retention: + default: 120h + description: Time duration to retain data for. Default is + '120h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` + (milliseconds seconds minutes hours days weeks years). + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + dashboardsEnabled: + default: false + description: DashboardsEnabled allows to enable or disable dashboards + and related artifacts + type: boolean + dataplaneNetwork: + default: ctlplane + description: DataplaneNetwork defines the network that will be + used to scrape dataplane node_exporter endpoints + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]*[a-zA-Z0-9]$ + type: string + enabled: + default: false + description: Enabled - Whether a MetricStorage should be deployed + and managed + type: boolean + monitoringStack: + description: MonitoringStack allows to define a metric storage + with options supported by Red Hat + nullable: true + properties: + alertingEnabled: + default: true + description: AlertingEnabled allows to enable or disable alertmanager + type: boolean + scrapeInterval: + default: 30s + description: ScrapeInterval sets the interval between scrapes + type: string + storage: + default: + persistent: + pvcStorageRequest: 20G + retention: 24h + strategy: persistent + description: Storage allows to define options for how to store + metrics + properties: + persistent: + description: Used to specify the options of persistent + storage when strategy = "persistent" + properties: + pvcStorageClass: + description: PvcStorageClass The storage class to + use for storing metrics + type: string + pvcStorageRequest: + default: 20G + description: PvcStorageRequest The amount of storage + to request in PVC + type: string + pvcStorageSelector: + description: PvcStorageSelector The Label selector + to specify in PVCs + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + retention: + default: 24h + description: Retention time for metrics + type: string + strategy: + default: persistent + description: Strategy to use for storage. Can be "persistent", + "ephemeral" or empty, in which case a COO default is + used + enum: + - persistent + - ephemeral + type: string + type: object + type: object + prometheusTls: + description: TLS - Parameters related to the TLS + properties: + caBundleSecretName: + description: CaBundleSecretName - holding the CA certs in + a pre-created bundle file + type: string + secretName: + description: SecretName - holding the cert, key for the service + type: string + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector to target subset of worker nodes running + this service + type: object + type: object + status: + description: TelemetryStatus defines the observed state of Telemetry + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + observedGeneration: + description: ObservedGeneration - the most recent generation observed + for this service. If the observed generation is less than the spec + generation, then the controller has not processed the latest changes + injected by the openstack-operator in the top-level CR (e.g. the + ContainerImage) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/test.openstack.org_ansibletests.yaml b/bindata/crds/test.openstack.org_ansibletests.yaml new file mode 100644 index 000000000..174cfebbe --- /dev/null +++ b/bindata/crds/test.openstack.org_ansibletests.yaml @@ -0,0 +1,433 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: ansibletests.test.openstack.org +spec: + group: test.openstack.org + names: + kind: AnsibleTest + listKind: AnsibleTestList + plural: ansibletests + singular: ansibletest + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AnsibleTestSpec defines the desired state of AnsibleTest + properties: + SELinuxLevel: + default: "" + description: A SELinuxLevel that should be used for test pods spawned + by the test operator. + type: string + ansibleCollections: + default: "" + description: AnsibleCollections - extra ansible collections to instal + in additionn to the ones exist in the requirements.yaml + type: string + ansibleExtraVars: + default: "" + description: AnsibleExtraVars - string to pass parameters to ansible + using + type: string + ansibleGitRepo: + default: "" + description: AnsibleGitRepo - git repo to clone into container + type: string + ansibleInventory: + default: "" + description: AnsibleInventory - string that contains the inventory + file content + type: string + ansiblePlaybookPath: + default: "" + description: AnsiblePlaybookPath - path to ansible playbook + type: string + ansibleVarFiles: + default: "" + description: AnsibleVarFiles - interface to create ansible var files + Those get added to the + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number of retried + executions (defaults to 0). + format: int32 + type: integer + computeSSHKeySecretName: + default: dataplane-ansible-ssh-private-key-secret + description: ComputeSSHKeySecretName is the name of the k8s secret + that contains an ssh key for computes. The key is mounted to ~/.ssh/id_ecdsa + in the ansible pod + type: string + containerImage: + default: "" + description: A URL of a container image that should be used by the + test-operator for tests execution. + type: string + debug: + default: false + description: Run ansible playbook with -vvvv + type: boolean + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults to configmap + root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is applied + to test pods spawned by the test operator. + type: object + openStackConfigMap: + default: openstack-config + description: OpenStackConfigMap is the name of the ConfigMap containing + the clouds.yaml + type: string + openStackConfigSecret: + default: openstack-config-secret + description: OpenStackConfigSecret is the name of the Secret containing + the secure.yaml + type: string + privileged: + default: false + description: 'Use with caution! This parameter specifies whether test-operator + should spawn test pods with allowedPrivilegedEscalation: true and + the default capabilities on top of capabilities that are usually + needed by the test pods (NET_ADMIN, NET_RAW). This parameter is + deemed insecure but it is needed for certain test-operator functionalities + to work properly (e.g.: extraRPMs in Tempest CR, or certain set + of tobiko tests).' + type: boolean + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + tolerations: + description: This value contains a toleration that is applied to pods + spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + workflow: + description: A parameter that contains a workflow definition. + items: + properties: + SELinuxLevel: + description: A SELinuxLevel that should be used for test pods + spawned by the test operator. + type: string + ansibleCollections: + description: AnsibleCollections - extra ansible collections + to instal in additionn to the ones exist in the requirements.yaml + type: string + ansibleExtraVars: + description: AnsibleExtraVars - interface to pass parameters + to ansible using -e + type: string + ansibleGitRepo: + description: AnsibleGitRepo - git repo to clone into container + type: string + ansibleInventory: + description: AnsibleInventory - string that contains the inventory + file content + type: string + ansiblePlaybookPath: + description: AnsiblePlaybookPath - path to ansible playbook + type: string + ansibleVarFiles: + description: AnsibleVarFiles - interface to create ansible var + files Those get added to the service config dir in /etc/test_operator/ + and passed to the ansible command using -e @/etc/test_operator/ + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number + of retried executions (defaults to 0). + format: int32 + type: integer + computeSSHKeySecretName: + description: ComputeSSHKeySecretName is the name of the k8s + secret that contains an ssh key for computes. The key is mounted + to ~/.ssh/id_ecdsa in the ansible pod + type: string + containerImage: + default: "" + description: A URL of a container image that should be used + by the test-operator for tests execution. + type: string + debug: + description: Run ansible playbook with -vvvv + type: boolean + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults + to configmap root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is + applied to test pods spawned by the test operator. + type: object + openStackConfigMap: + default: openstack-config + description: OpenStackConfigMap is the name of the ConfigMap + containing the clouds.yaml + type: string + openStackConfigSecret: + default: openstack-config-secret + description: OpenStackConfigSecret is the name of the Secret + containing the secure.yaml + type: string + privileged: + description: 'Use with caution! This parameter specifies whether + test-operator should spawn test pods with allowedPrivilegedEscalation: + true and the default capabilities on top of capabilities that + are usually needed by the test pods (NET_ADMIN, NET_RAW). + This parameter is deemed insecure but it is needed for certain + test-operator functionalities to work properly (e.g.: extraRPMs + in Tempest CR, or certain set of tobiko tests).' + type: boolean + stepName: + description: Name of a workflow step. The step name will be + used for example to create a logs directory. + maxLength: 100 + type: string + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + tolerations: + description: This value contains a toleration that is applied + to pods spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + workloadSSHKeySecretName: + description: WorkloadSSHKeySecretName is the name of the k8s + secret that contains an ssh key for the ansible workload. + The key is mounted to ~/test_keypair.key in the ansible pod + type: string + required: + - stepName + type: object + type: array + workloadSSHKeySecretName: + default: "" + description: WorkloadSSHKeySecretName is the name of the k8s secret + that contains an ssh key for the ansible workload. The key is mounted + to ~/test_keypair.key in the ansible pod + type: string + required: + - ansibleGitRepo + - ansiblePlaybookPath + type: object + status: + description: CommonTestStatus defines the observed state of the controller + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/test.openstack.org_horizontests.yaml b/bindata/crds/test.openstack.org_horizontests.yaml new file mode 100644 index 000000000..724c0f69b --- /dev/null +++ b/bindata/crds/test.openstack.org_horizontests.yaml @@ -0,0 +1,297 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: horizontests.test.openstack.org +spec: + group: test.openstack.org + names: + kind: HorizonTest + listKind: HorizonTestList + plural: horizontests + singular: horizontest + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HorizonTestSpec defines the desired state of HorizonTest + properties: + SELinuxLevel: + default: "" + description: A SELinuxLevel that should be used for test pods spawned + by the test operator. + type: string + adminPassword: + default: admin + description: AdminPassword is the password for the OpenStack admin + user. + type: string + adminUsername: + default: admin + description: AdminUsername is the username for the OpenStack admin + user. + type: string + authUrl: + description: AuthUrl is the authentication URL for OpenStack. + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number of retried + executions (defaults to 0). + format: int32 + type: integer + containerImage: + default: "" + description: A URL of a container image that should be used by the + test-operator for tests execution. + type: string + dashboardUrl: + description: DashboardUrl is the URL of the Horizon dashboard. + type: string + debug: + default: false + description: Activate debug mode. When debug mode is activated any + error encountered inside the test-pod causes that the pod will be + kept alive indefinitely (stuck in "Running" phase) or until the + corresponding HorizonTest CR is deleted. This allows the user to + debug any potential troubles with `oc rsh`. + type: boolean + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults to configmap + root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + flavorName: + default: m1.tiny + description: FlavorName is the name of the OpenStack flavor to create + for Horizon tests. + type: string + horizonRepoBranch: + default: master + description: HorizonRepoBranch is the branch of the Horizon repository + to checkout. + type: string + horizonTestDir: + default: /var/lib/horizontest + description: HorizonTestDir is the directory path for Horizon tests. + type: string + imageUrl: + default: http://download.cirros-cloud.net/0.6.2/cirros-0.6.2-x86_64-disk.img + description: ImageUrl is the URL to download the Cirros image. + type: string + kubeconfigSecretName: + description: Name of a secret that contains a kubeconfig. The kubeconfig + is mounted under /var/lib/horizontest/.kube/config in the test pod. + type: string + logsDirectoryName: + default: horizon + description: LogsDirectoryName is the name of the directory to store + test logs. + type: string + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is applied + to test pods spawned by the test operator. + type: object + parallel: + default: false + description: Parallel + type: boolean + password: + default: horizontest + description: Password is the password for the user running the Horizon + tests. + type: string + privileged: + default: false + description: 'Use with caution! This parameter specifies whether test-operator + should spawn test pods with allowedPrivilegedEscalation: true and + the default capabilities on top of capabilities that are usually + needed by the test pods (NET_ADMIN, NET_RAW). This parameter is + deemed insecure but it is needed for certain test-operator functionalities + to work properly (e.g.: extraRPMs in Tempest CR, or certain set + of tobiko tests).' + type: boolean + projectName: + default: horizontest + description: ProjectName is the name of the OpenStack project for + Horizon tests. + type: string + repoUrl: + default: https://review.opendev.org/openstack/horizon + description: RepoUrl is the URL of the Horizon repository. + type: string + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + tolerations: + description: This value contains a toleration that is applied to pods + spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + user: + default: horizontest + description: User is the username under which the Horizon tests will + run. + type: string + required: + - adminPassword + - adminUsername + - authUrl + - dashboardUrl + - horizonRepoBranch + - repoUrl + type: object + status: + description: CommonTestStatus defines the observed state of the controller + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/test.openstack.org_tempests.yaml b/bindata/crds/test.openstack.org_tempests.yaml new file mode 100644 index 000000000..3d5800725 --- /dev/null +++ b/bindata/crds/test.openstack.org_tempests.yaml @@ -0,0 +1,976 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: tempests.test.openstack.org +spec: + group: test.openstack.org + names: + kind: Tempest + listKind: TempestList + plural: tempests + singular: tempest + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TempestSpec - configuration of execution of tempest. For + specific configuration of tempest see TempestRunSpec and for discover-tempest-config + see TempestconfRunSpec. + properties: + SELinuxLevel: + default: "" + description: A SELinuxLevel that should be used for test pods spawned + by the test operator. + type: string + SSHKeySecretName: + default: "" + description: SSHKeySecretName is the name of the k8s secret that contains + an ssh key. The key is mounted to ~/.ssh/id_ecdsa in the tempest + pod + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number of retried + executions (defaults to 0). + format: int32 + type: integer + cleanup: + default: false + description: Activate tempest cleanup. When activated, tempest will + run tempest cleanup after test execution is complete to delete any + resources created by tempest that may have been left out. + type: boolean + configOverwrite: + additionalProperties: + type: string + description: ConfigOverwrite - interface to overwrite default config + files like e.g. logging.conf But can also be used to add additional + files. Those get added to the service config dir in /etc/test_operator/ + type: object + containerImage: + default: "" + description: A URL of a container image that should be used by the + test-operator for tests execution. + type: string + debug: + default: false + description: Activate debug mode. When debug mode is activated any + error encountered inside the test-pod causes that the pod will be + kept alive indefinitely (stuck in "Running" phase) or until the + corresponding Tempest CR is deleted. This allows the user to debug + any potential troubles with `oc rsh`. + type: boolean + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults to configmap + root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is applied + to test pods spawned by the test operator. + type: object + openStackConfigMap: + default: openstack-config + description: OpenStackConfigMap is the name of the ConfigMap containing + the clouds.yaml + type: string + openStackConfigSecret: + default: openstack-config-secret + description: OpenStackConfigSecret is the name of the Secret containing + the secure.yaml + type: string + parallel: + default: false + description: By default test-operator executes the test-pods sequentially + if multiple instances of test-operator related CRs exist. If you + want to turn off this behaviour then set this option to true. + type: boolean + privileged: + default: false + description: 'Use with caution! This parameter specifies whether test-operator + should spawn test pods with allowedPrivilegedEscalation: true and + the default capabilities on top of capabilities that are usually + needed by the test pods (NET_ADMIN, NET_RAW). This parameter is + deemed insecure but it is needed for certain test-operator functionalities + to work properly (e.g.: extraRPMs in Tempest CR, or certain set + of tobiko tests).' + type: boolean + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + tempestRun: + description: TempestRunSpec - is used to configure execution of tempest. + Please refer to Please refer to https://docs.openstack.org/tempest/latest/ + for the further explanation of the CLI parameters. + properties: + concurrency: + default: 0 + description: Concurrency value that is passed to tempest via --concurrency + format: int64 + type: integer + excludeList: + description: A content of exclude.txt file that is passed to tempest + via --exclude-list + type: string + expectedFailuresList: + description: The expectedFailuresList parameter contains tests + that should not count as failures. When a test from this list + fails, the test pod ends with Completed state rather than with + Error state. + type: string + externalPlugin: + description: ExternalPlugin contains information about plugin + that should be installed within the tempest test pod. If this + option is specified then only tests that are part of the external + plugin can be executed. + items: + description: ExternalPluginType - is used to specify a plugin + that should be installed from an external resource + properties: + changeRefspec: + description: ChangeRefspec specifies which change the remote + repository should be checked out to (ChangeRepository + must be defined as well). + type: string + changeRepository: + description: URL that points to a repository that contains + a change that should be applied to the repository defined + by Repository (ChangeRefspec must be defined as well). + type: string + repository: + description: URL that points to a git repository containing + an external plugin. + type: string + required: + - repository + type: object + type: array + extraImages: + description: Extra images that should be downloaded inside the + test pod and uploaded to openstack. + items: + description: ExtraImagesType - is used to specify extra images + that should be downloaded inside the test pod and uploaded + to openstack + properties: + ID: + default: '-' + description: ID that should be assigned to the newly created + image + type: string + URL: + description: URL that points to a location where the image + is located + type: string + containerFormat: + default: '-' + description: Image container format + type: string + diskFormat: + default: '-' + description: Image disk format + type: string + flavor: + description: Information about flavor that should be created + together with the image + properties: + ID: + default: '-' + description: ID that should be assigned to the newly + created flavor + type: string + RAM: + description: How much RAM should be allocated when this + flavor is used + format: int64 + type: integer + disk: + description: How much disk space should be allocated + when this flavor is used + format: int64 + type: integer + name: + description: Name of the flavor that should be created + type: string + osCloud: + default: '-' + description: Cloud that should be used for authentication + type: string + vcpus: + description: How many vcpus should be be allocated when + this flavor is used + format: int64 + type: integer + required: + - RAM + - disk + - name + - vcpus + type: object + imageCreationTimeout: + default: 300 + description: Timeout duration for an image to reach the + active state after its creation + format: int64 + type: integer + name: + description: Name of the image + type: string + osCloud: + default: '-' + description: Cloud that should be used for authentication + type: string + required: + - URL + - name + type: object + type: array + extraRPMs: + description: A list URLs that point to RPMs that should be downloaded + and installed inside the tempest test pod. + items: + type: string + type: array + includeList: + default: tempest.api.identity.v3 + description: A content of include.txt file that is passed to tempest + via --include-list + type: string + parallel: + default: true + description: Indicate whether tempest should be executed with + --parallel + type: boolean + serial: + default: false + description: Indicate whether tempest should be executed with + --serial + type: boolean + smoke: + default: false + description: Indicate whether tempest should be executed with + --smoke + type: boolean + workerFile: + default: "" + description: A content of worker_file.yaml that is passed to tempest + via --worker-file + type: string + type: object + tempestconfRun: + description: TempestconfRunSpec - is used to configure execution of + discover-tempest-config Please refer to https://docs.opendev.org/openinfra/python-tempestconf + for the further explanation of the CLI parameters. + properties: + append: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via --append + type: string + collectTiming: + default: false + description: Indicate whether discover-tempest-config should be + executed with --collect-timing + type: boolean + convertToRaw: + default: false + description: Indicate whether discover-tempest-config should be + executed with --convert-to-raw + type: boolean + create: + default: true + description: Indicate whether discover-tempest-config should be + executed with --create + type: boolean + createAccountsFile: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via the --create-accounts-file + type: string + debug: + default: false + description: Indicate whether discover-tempest-config should be + executed with --debug + type: boolean + deployerInput: + default: "" + description: A content of deployer_input.ini that is passed to + tempest via --deployer-input + type: string + flavorMinDisk: + default: 0 + description: The content of this variable will be passed to discover-tempest-config + via --flavor-min-disk + format: int64 + type: integer + flavorMinMem: + default: 0 + description: The content of this variable will be passed to discover-tempest-config + via --flavor-min-mem + format: int64 + type: integer + generateProfile: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via --generate-profile + type: string + image: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via --image + type: string + imageDiskFormat: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via --image-disk-format + type: string + insecure: + default: false + description: Indicate whether discover-tempest-config should be + executed with --insecure + type: boolean + networkID: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via --network-id + type: string + noDefaultDeployer: + default: false + description: Indicate whether discover-tempest-config should be + executed with --no-default-deployer + type: boolean + nonAdmin: + default: false + description: Indicate whether discover-tempest-config should be + executed with --non-admin + type: boolean + out: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via the --out parameter + type: string + overrides: + default: identity.v3_endpoint_type public + description: The content of this variable will be appended at + the end of the command that executes discover-tempest-config + (override values). + type: string + profile: + default: "" + description: A content of profile.yaml that is passed to tempest + via --profile + type: string + remove: + default: "" + description: The content of this variable will be passed to discover-tempest-config + via --remove + type: string + retryImage: + default: false + description: Indicate whether discover-tempest-config should be + executed with --retry-image + type: boolean + testAccounts: + default: "" + description: A content of accounts.yaml that is passed to tempest + via --test-acounts + type: string + timeout: + default: 0 + description: The content of this variable will be passed to discover-tempest-config + via --timeout + format: int64 + type: integer + verbose: + default: false + description: Indicate whether discover-tempest-config should be + executed with --verbose + type: boolean + type: object + tolerations: + description: This value contains a toleration that is applied to pods + spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + workflow: + description: Workflow - can be used to specify a multiple executions + of tempest with a different configuration in a single CR. Accepts + a list of dictionaries where each member of the list accepts the + same values as the Tempest CR does in the `spec`` section. Values + specified using the workflow section have a higher precedence than + the values specified higher in the Tempest CR hierarchy. + items: + description: TempestSpec - configuration of execution of tempest. + For specific configuration of tempest see TempestRunSpec and for + discover-tempest-config see TempestconfRunSpec. + properties: + SELinuxLevel: + description: A SELinuxLevel that should be used for test pods + spawned by the test operator. + type: string + SSHKeySecretName: + description: SSHKeySecretName is the name of the k8s secret + that contains an ssh key. The key is mounted to ~/.ssh/id_ecdsa + in the tempest pod + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number + of retried executions (defaults to 0). + format: int32 + type: integer + configOverwrite: + additionalProperties: + type: string + description: ConfigOverwrite - interface to overwrite default + config files like e.g. logging.conf But can also be used to + add additional files. Those get added to the service config + dir in /etc/test_operator/ + type: object + containerImage: + default: "" + description: A URL of a container image that should be used + by the test-operator for tests execution. + type: string + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults + to configmap root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is + applied to test pods spawned by the test operator. + type: object + openStackConfigMap: + default: openstack-config + description: OpenStackConfigMap is the name of the ConfigMap + containing the clouds.yaml + type: string + openStackConfigSecret: + default: openstack-config-secret + description: OpenStackConfigSecret is the name of the Secret + containing the secure.yaml + type: string + parallel: + description: By default test-operator executes the test-pods + sequentially if multiple instances of test-operator related + CRs exist. If you want to turn off this behaviour then set + this option to true. + type: boolean + privileged: + description: 'Use with caution! This parameter specifies whether + test-operator should spawn test pods with allowedPrivilegedEscalation: + true and the default capabilities on top of capabilities that + are usually needed by the test pods (NET_ADMIN, NET_RAW). + This parameter is deemed insecure but it is needed for certain + test-operator functionalities to work properly (e.g.: extraRPMs + in Tempest CR, or certain set of tobiko tests).' + type: boolean + stepName: + description: Name of a workflow step. The step name will be + used for example to create a logs directory. + maxLength: 100 + pattern: ^[a-z0-9] + type: string + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + tempestRun: + description: TempestRunSpec - is used to configure execution + of tempest. Please refer to Please refer to https://docs.openstack.org/tempest/latest/ + for the further explanation of the CLI parameters. + properties: + concurrency: + description: Concurrency value that is passed to tempest + via --concurrency + format: int64 + type: integer + excludeList: + description: A content of exclude.txt file that is passed + to tempest via --exclude-list + type: string + expectedFailuresList: + description: The expectedFailuresList parameter contains + tests that should not count as failures. When a test from + this list fails, the test pod ends with Completed state + rather than with Error state. + type: string + externalPlugin: + description: ExternalPlugin contains information about plugin + that should be installed within the tempest test pod. + If this option is specified then only tests that are part + of the external plugin can be executed. + items: + description: ExternalPluginType - is used to specify a + plugin that should be installed from an external resource + properties: + changeRefspec: + description: ChangeRefspec specifies which change + the remote repository should be checked out to (ChangeRepository + must be defined as well). + type: string + changeRepository: + description: URL that points to a repository that + contains a change that should be applied to the + repository defined by Repository (ChangeRefspec + must be defined as well). + type: string + repository: + description: URL that points to a git repository containing + an external plugin. + type: string + required: + - repository + type: object + type: array + extraImagesType: + description: Extra images that should be downloaded inside + the test pod and uploaded to openstack. + items: + description: ExtraImagesType - is used to specify extra + images that should be downloaded inside the test pod + and uploaded to openstack + properties: + ID: + default: '-' + description: ID that should be assigned to the newly + created image + type: string + URL: + description: URL that points to a location where the + image is located + type: string + containerFormat: + default: '-' + description: Image container format + type: string + diskFormat: + default: '-' + description: Image disk format + type: string + flavor: + description: Information about flavor that should + be created together with the image + properties: + ID: + default: '-' + description: ID that should be assigned to the + newly created flavor + type: string + RAM: + description: How much RAM should be allocated + when this flavor is used + format: int64 + type: integer + disk: + description: How much disk space should be allocated + when this flavor is used + format: int64 + type: integer + name: + description: Name of the flavor that should be + created + type: string + osCloud: + default: '-' + description: Cloud that should be used for authentication + type: string + vcpus: + description: How many vcpus should be be allocated + when this flavor is used + format: int64 + type: integer + required: + - RAM + - disk + - name + - vcpus + type: object + imageCreationTimeout: + default: 300 + description: Timeout duration for an image to reach + the active state after its creation + format: int64 + type: integer + name: + description: Name of the image + type: string + osCloud: + default: '-' + description: Cloud that should be used for authentication + type: string + required: + - URL + - name + type: object + type: array + extraRPMs: + description: A list URLs that point to RPMs that should + be downloaded and installed inside the tempest test pod. + items: + type: string + type: array + includeList: + description: A content of include.txt file that is passed + to tempest via --include-list + type: string + parallel: + description: Indicate whether tempest should be executed + with --parallel + type: boolean + serial: + description: Indicate whether tempest should be executed + with --serial + type: boolean + smoke: + description: Indicate whether tempest should be executed + with --smoke + type: boolean + workerFile: + description: A content of worker_file.yaml that is passed + to tempest via --worker-file + type: string + type: object + tempestconfRun: + description: TempestconfRunSpec - is used to configure execution + of discover-tempest-config Please refer to https://docs.opendev.org/openinfra/python-tempestconf + for the further explanation of the CLI parameters. + properties: + append: + description: The content of this variable will be passed + to discover-tempest-config via --append + type: string + collectTiming: + description: Indicate whether discover-tempest-config should + be executed with --collect-timing + type: boolean + convertToRaw: + description: Indicate whether discover-tempest-config should + be executed with --convert-to-raw + type: boolean + create: + description: Indicate whether discover-tempest-config should + be executed with --create + type: boolean + createAccountsFile: + description: The content of this variable will be passed + to discover-tempest-config via the --create-accounts-file + type: string + debug: + description: Indicate whether discover-tempest-config should + be executed with --debug + type: boolean + deployerInput: + description: A content of deployer_input.ini that is passed + to tempest via --deployer-input + type: string + flavorMinDisk: + description: The content of this variable will be passed + to discover-tempest-config via --flavor-min-disk + format: int64 + type: integer + flavorMinMem: + description: The content of this variable will be passed + to discover-tempest-config via --flavor-min-mem + format: int64 + type: integer + generateProfile: + description: The content of this variable will be passed + to discover-tempest-config via --generate-profile + type: string + image: + description: The content of this variable will be passed + to discover-tempest-config via --image + type: string + imageDiskFormat: + description: The content of this variable will be passed + to discover-tempest-config via --image-disk-format + type: string + insecure: + description: Indicate whether discover-tempest-config should + be executed with --insecure + type: boolean + networkID: + description: The content of this variable will be passed + to discover-tempest-config via --network-id + type: string + noDefaultDeployer: + description: Indicate whether discover-tempest-config should + be executed with --no-default-deployer + type: boolean + nonAdmin: + description: Indicate whether discover-tempest-config should + be executed with --non-admin + type: boolean + out: + description: The content of this variable will be passed + to discover-tempest-config via the --out parameter + type: string + overrides: + description: The content of this variable will be appended + at the end of the command that executes discover-tempest-config + (override values). + type: string + profile: + description: A content of profile.yaml that is passed to + tempest via --profile + type: string + remove: + description: The content of this variable will be passed + to discover-tempest-config via --remove + type: string + retryImage: + description: Indicate whether discover-tempest-config should + be executed with --retry-image + type: boolean + testAccounts: + description: A content of accounts.yaml that is passed to + tempest via --test-acounts + type: string + timeout: + description: The content of this variable will be passed + to discover-tempest-config via --timeout + format: int64 + type: integer + verbose: + description: Indicate whether discover-tempest-config should + be executed with --verbose + type: boolean + type: object + tolerations: + description: This value contains a toleration that is applied + to pods spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + required: + - stepName + type: object + type: array + type: object + status: + description: CommonTestStatus defines the observed state of the controller + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/crds/test.openstack.org_tobikoes.yaml b/bindata/crds/test.openstack.org_tobikoes.yaml new file mode 100644 index 000000000..68704136f --- /dev/null +++ b/bindata/crds/test.openstack.org_tobikoes.yaml @@ -0,0 +1,428 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: tobikoes.test.openstack.org +spec: + group: test.openstack.org + names: + kind: Tobiko + listKind: TobikoList + plural: tobikoes + singular: tobiko + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status + jsonPath: .status.conditions[0].status + name: Status + type: string + - description: Message + jsonPath: .status.conditions[0].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TobikoSpec defines the desired state of Tobiko + properties: + SELinuxLevel: + default: "" + description: A SELinuxLevel that should be used for test pods spawned + by the test operator. + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number of retried + executions (defaults to 0). + format: int32 + type: integer + config: + default: "" + description: tobiko.conf + type: string + containerImage: + default: "" + description: A URL of a container image that should be used by the + test-operator for tests execution. + type: string + debug: + default: false + description: Activate debug mode. When debug mode is activated any + error encountered inside the test-pod causes that the pod will be + kept alive indefinitely (stuck in "Running" phase) or until the + corresponding Tobiko CR is deleted. This allows the user to debug + any potential troubles with `oc rsh`. + type: boolean + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults to configmap + root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + kubeconfigSecretName: + description: Name of a secret that contains a kubeconfig. The kubeconfig + is mounted under /var/lib/tobiko/.kube/config in the test pod. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment resource + names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is applied + to test pods spawned by the test operator. + type: object + numProcesses: + default: 0 + description: Number of processes/workers used to run tobiko tests + - value 0 results in automatic decission + type: integer + parallel: + default: false + description: By default test-operator executes the test-pods sequentially + if multiple instances of test-operator related CRs exist. To run + test-pods in parallel set this option to true. + type: boolean + preventCreate: + default: false + description: Boolean specifying whether tobiko tests create new resources + or re-use those previously created + type: boolean + privateKey: + default: "" + description: Private Key + type: string + privileged: + default: false + description: 'Use with caution! This parameter specifies whether test-operator + should spawn test pods with allowedPrivilegedEscalation: true and + the default capabilities on top of capabilities that are usually + needed by the test pods (NET_ADMIN, NET_RAW). This parameter is + deemed insecure but it is needed for certain test-operator functionalities + to work properly (e.g.: extraRPMs in Tempest CR, or certain set + of tobiko tests).' + type: boolean + publicKey: + default: "" + description: Public Key + type: string + pytestAddopts: + default: "" + description: String including any options to pass to pytest when it + runs tobiko tests + type: string + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + testenv: + default: py3 + description: Test environment + type: string + tolerations: + description: This value contains a toleration that is applied to pods + spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + version: + default: "" + description: Tobiko version + type: string + workflow: + description: A parameter that contains a workflow definition. + items: + properties: + SELinuxLevel: + description: A SELinuxLevel that should be used for test pods + spawned by the test operator. + type: string + backoffLimit: + default: 0 + description: BackoffLimit allows to define the maximum number + of retried executions (defaults to 0). + format: int32 + type: integer + config: + description: tobiko.conf + type: string + containerImage: + default: "" + description: A URL of a container image that should be used + by the test-operator for tests execution. + type: string + extraConfigmapsMounts: + description: Extra configmaps for mounting inside the pod + items: + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. + type: string + name: + description: The name of an existing config map for mounting. + maxLength: 253 + type: string + subPath: + default: "" + description: Config map subpath for mounting, defaults + to configmap root. + type: string + required: + - mountPath + - name + - subPath + type: object + type: array + kubeconfigSecretName: + description: Name of a secret that contains a kubeconfig. The + kubeconfig is mounted under /var/lib/tobiko/.kube/config in + the test pod. + type: string + networkAttachments: + description: NetworkAttachments is a list of NetworkAttachment + resource names to expose the services to the given network + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: This value contains a nodeSelector value that is + applied to test pods spawned by the test operator. + type: object + numProcesses: + description: Number of processes/workers used to run tobiko + tests - value 0 results in automatic decission + type: integer + preventCreate: + description: Boolean specifying whether tobiko tests create + new resources or re-use those previously created + type: boolean + privateKey: + description: Private Key + type: string + privileged: + description: 'Use with caution! This parameter specifies whether + test-operator should spawn test pods with allowedPrivilegedEscalation: + true and the default capabilities on top of capabilities that + are usually needed by the test pods (NET_ADMIN, NET_RAW). + This parameter is deemed insecure but it is needed for certain + test-operator functionalities to work properly (e.g.: extraRPMs + in Tempest CR, or certain set of tobiko tests).' + type: boolean + publicKey: + description: Public Key + type: string + pytestAddopts: + description: String including any options to pass to pytest + when it runs tobiko tests + type: string + stepName: + default: "" + description: A parameter that contains a definition of a single + workflow step. + maxLength: 100 + type: string + storageClass: + default: local-storage + description: StorageClass used to create any test-operator related + PVCs. + type: string + testenv: + description: Test environment + type: string + tolerations: + description: This value contains a toleration that is applied + to pods spawned by the test pods that are spawned by the test-operator. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + version: + description: Tobiko version + type: string + required: + - stepName + type: object + type: array + type: object + status: + description: CommonTestStatus defines the observed state of the controller + properties: + conditions: + description: Conditions + items: + description: Condition defines an observation of a API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. + type: string + severity: + description: Severity provides a classification of Reason code, + so the current situation is immediately understandable and + could act accordingly. It is meant for situations where Status=False + and it should be indicated if it is just informational, warning + (next reconciliation might fix it) or an error (e.g. DB create + issue and no actions to automatically resolve the issue can/should + be done). For conditions where Status=Unknown or Status=True + the Severity should be SeverityNone. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + hash: + additionalProperties: + type: string + description: Map of hashes to track e.g. job status + type: object + networkAttachments: + additionalProperties: + items: + type: string + type: array + description: NetworkAttachments status of the deployment pods + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/bindata/operator/managers.yaml b/bindata/operator/managers.yaml new file mode 100644 index 000000000..d416bfd3f --- /dev/null +++ b/bindata/operator/managers.yaml @@ -0,0 +1,82 @@ +{{ $namespace := .OperatorNamespace }} +{{ range $operatorName, $operatorImage := .OperatorImages }} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + openstack.org/operator-name: {{ $operatorName }} + name: {{ $operatorName }}-operator-controller-manager + namespace: {{ $namespace }} +spec: + replicas: 1 + selector: + matchLabels: + openstack.org/operator-name: {{ $operatorName }} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + openstack.org/operator-name: {{ $operatorName }} + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: ENABLE_WEBHOOKS + value: 'false' + image: {{ $operatorImage }} + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: {{ $operatorName }}-operator-controller-manager + terminationGracePeriodSeconds: 10 +--- +{{ end }} diff --git a/bindata/operator/operator.yaml b/bindata/operator/operator.yaml new file mode 100644 index 000000000..fa9e315fd --- /dev/null +++ b/bindata/operator/operator.yaml @@ -0,0 +1,612 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + openstack.org/operator-name: openstack + name: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: 40ba705e.openstack.org +kind: ConfigMap +metadata: + name: openstack-operator-manager-config + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: openstack-operator + app.kubernetes.io/instance: webhook-service + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: service + app.kubernetes.io/part-of: openstack-operator + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + openstack.org/operator-name: openstack +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + openstack.org/operator-name: openstack + name: openstack-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +spec: + replicas: 1 + selector: + matchLabels: + openstack.org/operator-name: openstack + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + openstack.org/operator-name: openstack + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: RELATED_IMAGE_AGENT_IMAGE_URL_DEFAULT + value: quay.io/openstack-k8s-operators/openstack-baremetal-operator-agent:latest + - name: RELATED_IMAGE_ANSIBLEEE_IMAGE_URL_DEFAULT + value: quay.io/openstack-k8s-operators/openstack-ansibleee-runner:latest + - name: RELATED_IMAGE_AODH_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-aodh-api:current-podified + - name: RELATED_IMAGE_AODH_EVALUATOR_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-aodh-evaluator:current-podified + - name: RELATED_IMAGE_AODH_LISTENER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-aodh-listener:current-podified + - name: RELATED_IMAGE_AODH_NOTIFIER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-aodh-notifier:current-podified + - name: RELATED_IMAGE_APACHE_IMAGE_URL_DEFAULT + value: registry.redhat.io/ubi9/httpd-24:latest + - name: RELATED_IMAGE_BARBICAN_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-barbican-api:current-podified + - name: RELATED_IMAGE_BARBICAN_KEYSTONE_LISTENER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-barbican-keystone-listener:current-podified + - name: RELATED_IMAGE_BARBICAN_WORKER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-barbican-worker:current-podified + - name: RELATED_IMAGE_CEILOMETER_CENTRAL_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ceilometer-central:current-podified + - name: RELATED_IMAGE_CEILOMETER_COMPUTE_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ceilometer-compute:current-podified + - name: RELATED_IMAGE_CEILOMETER_IPMI_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ceilometer-ipmi:current-podified + - name: RELATED_IMAGE_CEILOMETER_NOTIFICATION_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ceilometer-notification:current-podified + - name: RELATED_IMAGE_CEILOMETER_SGCORE_IMAGE_URL_DEFAULT + value: quay.io/openstack-k8s-operators/sg-core:v6.0.0 + - name: RELATED_IMAGE_CINDER_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-cinder-api:current-podified + - name: RELATED_IMAGE_CINDER_BACKUP_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-cinder-backup:current-podified + - name: RELATED_IMAGE_CINDER_SCHEDULER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-cinder-scheduler:current-podified + - name: RELATED_IMAGE_CINDER_VOLUME_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-cinder-volume:current-podified + - name: RELATED_IMAGE_DESIGNATE_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-designate-api:current-podified + - name: RELATED_IMAGE_DESIGNATE_BACKENDBIND9_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-designate-backend-bind9:current-podified + - name: RELATED_IMAGE_DESIGNATE_CENTRAL_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-designate-central:current-podified + - name: RELATED_IMAGE_DESIGNATE_MDNS_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-designate-mdns:current-podified + - name: RELATED_IMAGE_DESIGNATE_PRODUCER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-designate-producer:current-podified + - name: RELATED_IMAGE_DESIGNATE_UNBOUND_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-unbound:current-podified + - name: RELATED_IMAGE_DESIGNATE_WORKER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-designate-worker:current-podified + - name: RELATED_IMAGE_EDPM_FRR_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-frr:current-podified + - name: RELATED_IMAGE_EDPM_ISCSID_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-iscsid:current-podified + - name: RELATED_IMAGE_EDPM_LOGROTATE_CROND_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-cron:current-podified + - name: RELATED_IMAGE_EDPM_MULTIPATHD_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-multipathd:current-podified + - name: RELATED_IMAGE_EDPM_NEUTRON_DHCP_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-neutron-dhcp-agent:current-podified + - name: RELATED_IMAGE_EDPM_NEUTRON_METADATA_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-neutron-metadata-agent-ovn:current-podified + - name: RELATED_IMAGE_EDPM_NEUTRON_OVN_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-neutron-ovn-agent:current-podified + - name: RELATED_IMAGE_EDPM_NEUTRON_SRIOV_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-neutron-sriov-agent:current-podified + - name: RELATED_IMAGE_EDPM_NODE_EXPORTER_IMAGE_URL_DEFAULT + value: quay.io/prometheus/node-exporter:v1.5.0 + - name: RELATED_IMAGE_EDPM_KEPLER_IMAGE_URL_DEFAULT + value: quay.io/sustainable_computing_io/kepler:release-0.7.12 + - name: RELATED_IMAGE_EDPM_OVN_BGP_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ovn-bgp-agent:current-podified + - name: RELATED_IMAGE_GLANCE_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-glance-api:current-podified + - name: RELATED_IMAGE_HEAT_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-heat-api:current-podified + - name: RELATED_IMAGE_HEAT_CFNAPI_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-heat-api-cfn:current-podified + - name: RELATED_IMAGE_HEAT_ENGINE_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-heat-engine:current-podified + - name: RELATED_IMAGE_HORIZON_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-horizon:current-podified + - name: RELATED_IMAGE_INFRA_MEMCACHED_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-memcached:current-podified + - name: RELATED_IMAGE_INFRA_REDIS_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-redis:current-podified + - name: RELATED_IMAGE_IRONIC_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ironic-api:current-podified + - name: RELATED_IMAGE_IRONIC_CONDUCTOR_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ironic-conductor:current-podified + - name: RELATED_IMAGE_IRONIC_INSPECTOR_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ironic-inspector:current-podified + - name: RELATED_IMAGE_IRONIC_NEUTRON_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ironic-neutron-agent:current-podified + - name: RELATED_IMAGE_IRONIC_PXE_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ironic-pxe:current-podified + - name: RELATED_IMAGE_IRONIC_PYTHON_AGENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/ironic-python-agent:current-podified + - name: RELATED_IMAGE_KEYSTONE_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-keystone:current-podified + - name: RELATED_IMAGE_MANILA_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-manila-api:current-podified + - name: RELATED_IMAGE_MANILA_SCHEDULER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-manila-scheduler:current-podified + - name: RELATED_IMAGE_MANILA_SHARE_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-manila-share:current-podified + - name: RELATED_IMAGE_MARIADB_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-mariadb:current-podified + - name: RELATED_IMAGE_NEUTRON_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-neutron-server:current-podified + - name: RELATED_IMAGE_NOVA_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-nova-api:current-podified + - name: RELATED_IMAGE_NOVA_COMPUTE_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-nova-compute:current-podified + - name: RELATED_IMAGE_NOVA_CONDUCTOR_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified + - name: RELATED_IMAGE_NOVA_NOVNC_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-nova-novncproxy:current-podified + - name: RELATED_IMAGE_NOVA_SCHEDULER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-nova-scheduler:current-podified + - name: RELATED_IMAGE_OCTAVIA_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-octavia-api:current-podified + - name: RELATED_IMAGE_OCTAVIA_HEALTHMANAGER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-octavia-health-manager:current-podified + - name: RELATED_IMAGE_OCTAVIA_HOUSEKEEPING_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-octavia-housekeeping:current-podified + - name: RELATED_IMAGE_OCTAVIA_WORKER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-octavia-worker:current-podified + - name: RELATED_IMAGE_OPENSTACK_CLIENT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-openstackclient:current-podified + - name: RELATED_IMAGE_OS_CONTAINER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/edpm-hardened-uefi:current-podified + - name: RELATED_IMAGE_OVN_CONTROLLER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ovn-controller:current-podified + - name: RELATED_IMAGE_OVN_CONTROLLER_OVS_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ovn-base:current-podified + - name: RELATED_IMAGE_OVN_NB_DBCLUSTER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ovn-nb-db-server:current-podified + - name: RELATED_IMAGE_OVN_NORTHD_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ovn-northd:current-podified + - name: RELATED_IMAGE_OVN_SB_DBCLUSTER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ovn-sb-db-server:current-podified + - name: RELATED_IMAGE_PLACEMENT_API_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-placement-api:current-podified + - name: RELATED_IMAGE_RABBITMQ_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-rabbitmq:current-podified + - name: RELATED_IMAGE_SWIFT_ACCOUNT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-swift-account:current-podified + - name: RELATED_IMAGE_SWIFT_CONTAINER_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-swift-container:current-podified + - name: RELATED_IMAGE_SWIFT_OBJECT_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-swift-object:current-podified + - name: RELATED_IMAGE_SWIFT_PROXY_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-swift-proxy-server:current-podified + - name: RELATED_IMAGE_TEST_TEMPEST_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-tempest-all:current-podified + - name: RELATED_IMAGE_TEST_TOBIKO_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-tobiko:current-podified + - name: RELATED_IMAGE_TEST_ANSIBLETEST_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-ansible-tests:current-podified + - name: RELATED_IMAGE_TEST_HORIZONTEST_IMAGE_URL_DEFAULT + value: quay.io/podified-antelope-centos9/openstack-horizontest:current-podified + - name: RELATED_IMAGE_OPENSTACK_MUST_GATHER_DEFAULT + value: quay.io/openstack-k8s-operators/openstack-must-gather:latest + - name: OPENSTACK_RELEASE_VERSION + value: 0.0.1 + image: '{{ .OperatorImage }}' + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: openstack-operator-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + app.kubernetes.io/component: certificate + app.kubernetes.io/created-by: openstack-operator + app.kubernetes.io/instance: serving-cert + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: certificate + app.kubernetes.io/part-of: openstack-operator + name: openstack-operator-serving-cert + namespace: '{{ .OperatorNamespace }}' +spec: + dnsNames: + - openstack-operator-webhook-service.{{ .OperatorNamespace }}.svc + - openstack-operator-webhook-service.{{ .OperatorNamespace }}.svc.cluster.local + issuerRef: + kind: Issuer + name: openstack-operator-selfsigned-issuer + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + app.kubernetes.io/component: certificate + app.kubernetes.io/created-by: openstack-operator + app.kubernetes.io/instance: selfsigned-issuer + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: issuer + app.kubernetes.io/part-of: openstack-operator + name: openstack-operator-selfsigned-issuer + namespace: '{{ .OperatorNamespace }}' +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{ .OperatorNamespace }}/openstack-operator-serving-cert' + creationTimestamp: null + labels: + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: openstack-operator + app.kubernetes.io/instance: mutating-webhook-configuration + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mutatingingwebhookconfiguration + app.kubernetes.io/part-of: openstack-operator + name: openstack-operator-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /mutate-client-openstack-org-v1beta1-openstackclient + failurePolicy: Fail + name: mopenstackclient.kb.io + rules: + - apiGroups: + - client.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackclients + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /mutate-core-openstack-org-v1beta1-openstackcontrolplane + failurePolicy: Fail + name: mopenstackcontrolplane.kb.io + rules: + - apiGroups: + - core.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackcontrolplanes + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /mutate-core-openstack-org-v1beta1-openstackversion + failurePolicy: Fail + name: mopenstackversion.kb.io + rules: + - apiGroups: + - core.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackversions + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /mutate-dataplane-openstack-org-v1beta1-openstackdataplanedeployment + failurePolicy: Fail + name: mopenstackdataplanedeployment.kb.io + rules: + - apiGroups: + - dataplane.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackdataplanedeployments + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /mutate-dataplane-openstack-org-v1beta1-openstackdataplanenodeset + failurePolicy: Fail + name: mopenstackdataplanenodeset.kb.io + rules: + - apiGroups: + - dataplane.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackdataplanenodesets + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /mutate-dataplane-openstack-org-v1beta1-openstackdataplaneservice + failurePolicy: Fail + name: mopenstackdataplaneservice.kb.io + rules: + - apiGroups: + - dataplane.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackdataplaneservices + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{ .OperatorNamespace }}/openstack-operator-serving-cert' + creationTimestamp: null + labels: + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: openstack-operator + app.kubernetes.io/instance: validating-webhook-configuration + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: validatingwebhookconfiguration + app.kubernetes.io/part-of: openstack-operator + name: openstack-operator-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /validate-client-openstack-org-v1beta1-openstackclient + failurePolicy: Fail + name: vopenstackclient.kb.io + rules: + - apiGroups: + - client.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackclients + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /validate-core-openstack-org-v1beta1-openstackcontrolplane + failurePolicy: Fail + name: vopenstackcontrolplane.kb.io + rules: + - apiGroups: + - core.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackcontrolplanes + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /validate-core-openstack-org-v1beta1-openstackversion + failurePolicy: Fail + name: vopenstackversion.kb.io + rules: + - apiGroups: + - core.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackversions + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /validate-dataplane-openstack-org-v1beta1-openstackdataplanedeployment + failurePolicy: Fail + name: vopenstackdataplanedeployment.kb.io + rules: + - apiGroups: + - dataplane.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackdataplanedeployments + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /validate-dataplane-openstack-org-v1beta1-openstackdataplanenodeset + failurePolicy: Fail + name: vopenstackdataplanenodeset.kb.io + rules: + - apiGroups: + - dataplane.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackdataplanenodesets + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: openstack-operator-webhook-service + namespace: '{{ .OperatorNamespace }}' + path: /validate-dataplane-openstack-org-v1beta1-openstackdataplaneservice + failurePolicy: Fail + name: vopenstackdataplaneservice.kb.io + rules: + - apiGroups: + - dataplane.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - openstackdataplaneservices + sideEffects: None diff --git a/bindata/operator/rabbit.yaml b/bindata/operator/rabbit.yaml new file mode 100644 index 000000000..f79da0e6c --- /dev/null +++ b/bindata/operator/rabbit.yaml @@ -0,0 +1,44 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: rabbitmq-operator + app.kubernetes.io/name: rabbitmq-cluster-operator + app.kubernetes.io/part-of: rabbitmq + name: rabbitmq-cluster-operator-manager + namespace: {{ .OperatorNamespace }} +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: rabbitmq-cluster-operator + template: + metadata: + labels: + app.kubernetes.io/component: rabbitmq-operator + app.kubernetes.io/name: rabbitmq-cluster-operator + app.kubernetes.io/part-of: rabbitmq + spec: + containers: + - command: + - /manager + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: {{ .RabbitmqImage }} + name: operator + ports: + - containerPort: 9782 + name: metrics + protocol: TCP + resources: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 5m + memory: 64Mi + serviceAccountName: rabbitmq-cluster-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/bindata/rbac/barbican-operator-rbac.yaml b/bindata/rbac/barbican-operator-rbac.yaml new file mode 100644 index 000000000..11d222396 --- /dev/null +++ b/bindata/rbac/barbican-operator-rbac.yaml @@ -0,0 +1,423 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: barbican-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: barbican-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: barbican-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicanapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicanapis/finalizers + verbs: + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicanapis/status + verbs: + - get + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicankeystonelisteners + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicankeystonelisteners/finalizers + verbs: + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicankeystonelisteners/status + verbs: + - get + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicans/finalizers + verbs: + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicans/status + verbs: + - get + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicanworkers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicanworkers/finalizers + verbs: + - patch + - update +- apiGroups: + - barbican.openstack.org + resources: + - barbicanworkers/status + verbs: + - get + - patch + - update +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: barbican-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: barbican-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: barbican-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: barbican-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: barbican-operator-manager-role +subjects: +- kind: ServiceAccount + name: barbican-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: barbican-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: barbican-operator-proxy-role +subjects: +- kind: ServiceAccount + name: barbican-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: barbican-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: barbican-operator diff --git a/bindata/rbac/cinder-operator-rbac.yaml b/bindata/rbac/cinder-operator-rbac.yaml new file mode 100644 index 000000000..a805053c3 --- /dev/null +++ b/bindata/rbac/cinder-operator-rbac.yaml @@ -0,0 +1,467 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cinder-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cinder-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: cinder-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinderapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinderapis/finalizers + verbs: + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinderapis/status + verbs: + - get + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinderbackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinderbackups/finalizers + verbs: + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinderbackups/status + verbs: + - get + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinders + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinders/finalizers + verbs: + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinders/status + verbs: + - get + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinderschedulers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinderschedulers/finalizers + verbs: + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cinderschedulers/status + verbs: + - get + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cindervolumes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cindervolumes/finalizers + verbs: + - patch + - update +- apiGroups: + - cinder.openstack.org + resources: + - cindervolumes/status + verbs: + - get + - patch + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cinder-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cinder-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: cinder-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cinder-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cinder-operator-manager-role +subjects: +- kind: ServiceAccount + name: cinder-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cinder-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cinder-operator-proxy-role +subjects: +- kind: ServiceAccount + name: cinder-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: cinder-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: cinder-operator diff --git a/bindata/rbac/designate-operator-rbac.yaml b/bindata/rbac/designate-operator-rbac.yaml new file mode 100644 index 000000000..772608bb2 --- /dev/null +++ b/bindata/rbac/designate-operator-rbac.yaml @@ -0,0 +1,583 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: designate-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: designate-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: designate-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - daemonsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designateapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designateapis/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateapis/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designatebackendbind9s + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designatebackendbind9s/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designatebackendbind9s/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designatecentrals + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designatecentrals/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designatecentrals/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designatemdnses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designatemdnses/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designatemdnses/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateproducers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designateproducers/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateproducers/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designates/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designates/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateunbounds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designateunbounds/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateunbounds/status + verbs: + - get + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateworkers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - designate.openstack.org + resources: + - designateworkers/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designateworkers/status + verbs: + - get + - patch + - update +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: designate-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: designate-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: designate-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: designate-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: designate-operator-manager-role +subjects: +- kind: ServiceAccount + name: designate-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: designate-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: designate-operator-proxy-role +subjects: +- kind: ServiceAccount + name: designate-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: designate-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: designate-operator diff --git a/bindata/rbac/glance-operator-rbac.yaml b/bindata/rbac/glance-operator-rbac.yaml new file mode 100644 index 000000000..dba6d617f --- /dev/null +++ b/bindata/rbac/glance-operator-rbac.yaml @@ -0,0 +1,402 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: glance-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: glance-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: glance-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets/status + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinders + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - glance.openstack.org + resources: + - glanceapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - glance.openstack.org + resources: + - glanceapis/finalizers + verbs: + - patch + - update +- apiGroups: + - glance.openstack.org + resources: + - glanceapis/status + verbs: + - get + - patch + - update +- apiGroups: + - glance.openstack.org + resources: + - glances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - glance.openstack.org + resources: + - glances/finalizers + verbs: + - patch + - update +- apiGroups: + - glance.openstack.org + resources: + - glances/status + verbs: + - get + - patch + - update +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: glance-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: glance-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: glance-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: glance-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: glance-operator-manager-role +subjects: +- kind: ServiceAccount + name: glance-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: glance-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: glance-operator-proxy-role +subjects: +- kind: ServiceAccount + name: glance-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: glance-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: glance-operator diff --git a/bindata/rbac/heat-operator-rbac.yaml b/bindata/rbac/heat-operator-rbac.yaml new file mode 100644 index 000000000..2546cf3c0 --- /dev/null +++ b/bindata/rbac/heat-operator-rbac.yaml @@ -0,0 +1,424 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: heat-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: heat-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: heat-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heatapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heatapis/finalizers + verbs: + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heatapis/status + verbs: + - get + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heatcfnapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heatcfnapis/finalizers + verbs: + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heatcfnapis/status + verbs: + - get + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heatengines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heatengines/finalizers + verbs: + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heatengines/status + verbs: + - get + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heats + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heats/finalizers + verbs: + - patch + - update +- apiGroups: + - heat.openstack.org + resources: + - heats/status + verbs: + - get + - patch + - update +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: heat-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: heat-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: heat-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: heat-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: heat-operator-manager-role +subjects: +- kind: ServiceAccount + name: heat-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: heat-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: heat-operator-proxy-role +subjects: +- kind: ServiceAccount + name: heat-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: heat-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: heat-operator diff --git a/bindata/rbac/horizon-operator-rbac.yaml b/bindata/rbac/horizon-operator-rbac.yaml new file mode 100644 index 000000000..709be2a9a --- /dev/null +++ b/bindata/rbac/horizon-operator-rbac.yaml @@ -0,0 +1,280 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: horizon-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: horizon-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: horizon-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - horizon.openstack.org + resources: + - horizons + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - horizon.openstack.org + resources: + - horizons/finalizers + verbs: + - patch + - update +- apiGroups: + - horizon.openstack.org + resources: + - horizons/status + verbs: + - get + - patch + - update +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - get + - list + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: horizon-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: horizon-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: horizon-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: horizon-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: horizon-operator-manager-role +subjects: +- kind: ServiceAccount + name: horizon-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: horizon-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: horizon-operator-proxy-role +subjects: +- kind: ServiceAccount + name: horizon-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: horizon-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: horizon-operator diff --git a/bindata/rbac/infra-operator-rbac.yaml b/bindata/rbac/infra-operator-rbac.yaml new file mode 100644 index 000000000..9aa05ed5b --- /dev/null +++ b/bindata/rbac/infra-operator-rbac.yaml @@ -0,0 +1,501 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: infra-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: infra-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: infra-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - instanceha.openstack.org + resources: + - instancehas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - instanceha.openstack.org + resources: + - instancehas/finalizers + verbs: + - patch + - update +- apiGroups: + - instanceha.openstack.org + resources: + - instancehas/status + verbs: + - get + - patch + - update +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds/finalizers + verbs: + - patch + - update +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds/status + verbs: + - get + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - dnsdata + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsdata/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - dnsdata/status + verbs: + - get + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - dnsdatas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsmasqs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsmasqs/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - dnsmasqs/status + verbs: + - get + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - ipsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - ipsets/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - ipsets/status + verbs: + - get + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - netconfigs + verbs: + - get + - list + - watch +- apiGroups: + - network.openstack.org + resources: + - reservations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - reservations/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - services/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - services/status + verbs: + - get + - patch + - update +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls/finalizers + verbs: + - update +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - redis.openstack.org + resources: + - redises + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - redis.openstack.org + resources: + - redises/finalizers + verbs: + - update +- apiGroups: + - redis.openstack.org + resources: + - redises/status + verbs: + - get + - patch + - update +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: infra-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: infra-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: infra-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: infra-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: infra-operator-manager-role +subjects: +- kind: ServiceAccount + name: infra-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: infra-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: infra-operator-proxy-role +subjects: +- kind: ServiceAccount + name: infra-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: infra-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: infra-operator diff --git a/bindata/rbac/ironic-operator-rbac.yaml b/bindata/rbac/ironic-operator-rbac.yaml new file mode 100644 index 000000000..2882763e2 --- /dev/null +++ b/bindata/rbac/ironic-operator-rbac.yaml @@ -0,0 +1,502 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ironic-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: ironic-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: ironic-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironicapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironicapis/finalizers + verbs: + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicapis/status + verbs: + - get + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicconductors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironicconductors/finalizers + verbs: + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicconductors/status + verbs: + - get + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicinspectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironicinspectors/finalizers + verbs: + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicinspectors/status + verbs: + - get + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicneutronagents + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironicneutronagents/finalizers + verbs: + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironicneutronagents/status + verbs: + - get + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironics/finalizers + verbs: + - patch + - update +- apiGroups: + - ironic.openstack.org + resources: + - ironics/status + verbs: + - get + - patch + - update +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - operator.openshift.io + resources: + - ingresscontrollers + verbs: + - get + - list +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: ironic-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ironic-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: ironic-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ironic-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ironic-operator-manager-role +subjects: +- kind: ServiceAccount + name: ironic-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ironic-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ironic-operator-proxy-role +subjects: +- kind: ServiceAccount + name: ironic-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: ironic-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: ironic-operator diff --git a/bindata/rbac/keystone-operator-rbac.yaml b/bindata/rbac/keystone-operator-rbac.yaml new file mode 100644 index 000000000..6bc45a7fe --- /dev/null +++ b/bindata/rbac/keystone-operator-rbac.yaml @@ -0,0 +1,406 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: keystone-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: keystone-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: keystone-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis/finalizers + verbs: + - patch + - update +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis/status + verbs: + - get + - patch + - update +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints/finalizers + verbs: + - patch + - update +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints/status + verbs: + - get + - patch + - update +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices/finalizers + verbs: + - patch + - update +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices/status + verbs: + - get + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds/finalizers + verbs: + - patch + - update +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: keystone-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: keystone-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: keystone-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: keystone-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: keystone-operator-manager-role +subjects: +- kind: ServiceAccount + name: keystone-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: keystone-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: keystone-operator-proxy-role +subjects: +- kind: ServiceAccount + name: keystone-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: keystone-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: keystone-operator diff --git a/bindata/rbac/manila-operator-rbac.yaml b/bindata/rbac/manila-operator-rbac.yaml new file mode 100644 index 000000000..0dbfa745a --- /dev/null +++ b/bindata/rbac/manila-operator-rbac.yaml @@ -0,0 +1,459 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: manila-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: manila-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: manila-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - manila.openstack.org + resources: + - manilaapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - manila.openstack.org + resources: + - manilaapis/finalizers + verbs: + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilaapis/status + verbs: + - get + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - manila.openstack.org + resources: + - manilas/finalizers + verbs: + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilas/status + verbs: + - get + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilaschedulers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - manila.openstack.org + resources: + - manilaschedulers/finalizers + verbs: + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilaschedulers/status + verbs: + - get + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilashares + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - manila.openstack.org + resources: + - manilashares/finalizers + verbs: + - patch + - update +- apiGroups: + - manila.openstack.org + resources: + - manilashares/status + verbs: + - get + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/finalizers + verbs: + - patch + - update +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: manila-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: manila-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: manila-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manila-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manila-operator-manager-role +subjects: +- kind: ServiceAccount + name: manila-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manila-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manila-operator-proxy-role +subjects: +- kind: ServiceAccount + name: manila-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: manila-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: manila-operator diff --git a/bindata/rbac/mariadb-operator-rbac.yaml b/bindata/rbac/mariadb-operator-rbac.yaml new file mode 100644 index 000000000..22f8e95df --- /dev/null +++ b/bindata/rbac/mariadb-operator-rbac.yaml @@ -0,0 +1,365 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mariadb-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mariadb-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: mariadb-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets/status + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - galeras + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - galeras/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - galeras/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/status + verbs: + - get + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mariadb-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mariadb-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: mariadb-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mariadb-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: mariadb-operator-manager-role +subjects: +- kind: ServiceAccount + name: mariadb-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mariadb-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: mariadb-operator-proxy-role +subjects: +- kind: ServiceAccount + name: mariadb-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: mariadb-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: mariadb-operator diff --git a/bindata/rbac/neutron-operator-rbac.yaml b/bindata/rbac/neutron-operator-rbac.yaml new file mode 100644 index 000000000..775bfb8ae --- /dev/null +++ b/bindata/rbac/neutron-operator-rbac.yaml @@ -0,0 +1,354 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: neutron-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: neutron-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: neutron-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - neutron.openstack.org + resources: + - neutronapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - neutron.openstack.org + resources: + - neutronapis/finalizers + verbs: + - patch + - update +- apiGroups: + - neutron.openstack.org + resources: + - neutronapis/status + verbs: + - get + - patch + - update +- apiGroups: + - ovn.openstack.org + resources: + - ovndbclusters + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: neutron-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: neutron-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: neutron-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: neutron-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: neutron-operator-manager-role +subjects: +- kind: ServiceAccount + name: neutron-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: neutron-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: neutron-operator-proxy-role +subjects: +- kind: ServiceAccount + name: neutron-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: neutron-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: neutron-operator diff --git a/bindata/rbac/nova-operator-rbac.yaml b/bindata/rbac/nova-operator-rbac.yaml new file mode 100644 index 000000000..f8236d207 --- /dev/null +++ b/bindata/rbac/nova-operator-rbac.yaml @@ -0,0 +1,575 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nova-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: nova-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: nova-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/finalizers + verbs: + - patch + - update +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - nova + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - nova/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - nova/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novaapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novaapis/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novaapis/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novacells + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novacells/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novacells/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novacomputes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novacomputes/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novacomputes/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novaconductors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novaconductors/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novaconductors/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novametadata + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novametadata/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novametadata/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novanovncproxies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novanovncproxies/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novanovncproxies/status + verbs: + - get + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novaschedulers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - novaschedulers/finalizers + verbs: + - patch + - update +- apiGroups: + - nova.openstack.org + resources: + - novaschedulers/status + verbs: + - get + - patch + - update +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: nova-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: nova-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: nova-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nova-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nova-operator-manager-role +subjects: +- kind: ServiceAccount + name: nova-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nova-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nova-operator-proxy-role +subjects: +- kind: ServiceAccount + name: nova-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: nova-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: nova-operator diff --git a/bindata/rbac/octavia-operator-rbac.yaml b/bindata/rbac/octavia-operator-rbac.yaml new file mode 100644 index 000000000..76e15796f --- /dev/null +++ b/bindata/rbac/octavia-operator-rbac.yaml @@ -0,0 +1,479 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: octavia-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: octavia-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: octavia-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - daemonsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/finalizers + verbs: + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octaviaamphoracontrollers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - octavia.openstack.org + resources: + - octaviaamphoracontrollers/finalizers + verbs: + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octaviaamphoracontrollers/status + verbs: + - get + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octaviaapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - octavia.openstack.org + resources: + - octaviaapis/finalizers + verbs: + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octaviaapis/status + verbs: + - get + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octaviarsyslogs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - octavia.openstack.org + resources: + - octaviarsyslogs/finalizers + verbs: + - update +- apiGroups: + - octavia.openstack.org + resources: + - octaviarsyslogs/status + verbs: + - get + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octavias + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - octavia.openstack.org + resources: + - octavias/finalizers + verbs: + - patch + - update +- apiGroups: + - octavia.openstack.org + resources: + - octavias/status + verbs: + - get + - patch + - update +- apiGroups: + - ovn.openstack.org + resources: + - ovndbclusters + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - hostmount-anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: octavia-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: octavia-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: octavia-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: octavia-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: octavia-operator-manager-role +subjects: +- kind: ServiceAccount + name: octavia-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: octavia-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: octavia-operator-proxy-role +subjects: +- kind: ServiceAccount + name: octavia-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: octavia-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: octavia-operator diff --git a/bindata/rbac/openstack-baremetal-operator-rbac.yaml b/bindata/rbac/openstack-baremetal-operator-rbac.yaml new file mode 100644 index 000000000..59b9f86c2 --- /dev/null +++ b/bindata/rbac/openstack-baremetal-operator-rbac.yaml @@ -0,0 +1,361 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: openstack-baremetal-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: openstack-baremetal-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: openstack-baremetal-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - baremetal.openstack.org + resources: + - openstackbaremetalsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - baremetal.openstack.org + resources: + - openstackbaremetalsets/finalizers + verbs: + - patch + - update +- apiGroups: + - baremetal.openstack.org + resources: + - openstackbaremetalsets/status + verbs: + - get + - patch + - update +- apiGroups: + - baremetal.openstack.org + resources: + - openstackprovisionservers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - baremetal.openstack.org + resources: + - openstackprovisionservers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - baremetal.openstack.org + resources: + - openstackprovisionservers/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - volumes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - metal3.io + resources: + - baremetalhosts + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - metal3.io + resources: + - baremetalhosts/status + verbs: + - get +- apiGroups: + - metal3.io + resources: + - provisionings + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - hostnetwork + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: openstack-baremetal-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: openstack-baremetal-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: openstack-baremetal-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openstack-baremetal-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openstack-baremetal-operator-manager-role +subjects: +- kind: ServiceAccount + name: openstack-baremetal-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openstack-baremetal-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openstack-baremetal-operator-proxy-role +subjects: +- kind: ServiceAccount + name: openstack-baremetal-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: openstack-baremetal-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: openstack-baremetal-operator diff --git a/bindata/rbac/ovn-operator-rbac.yaml b/bindata/rbac/ovn-operator-rbac.yaml new file mode 100644 index 000000000..22748d6f2 --- /dev/null +++ b/bindata/rbac/ovn-operator-rbac.yaml @@ -0,0 +1,386 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ovn-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: ovn-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: ovn-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - daemonsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsdata + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovncontroller + verbs: + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovncontrollers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovncontrollers/finalizers + verbs: + - patch + - update +- apiGroups: + - ovn.openstack.org + resources: + - ovncontrollers/status + verbs: + - get + - patch + - update +- apiGroups: + - ovn.openstack.org + resources: + - ovndbclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovndbclusters/finalizers + verbs: + - patch + - update +- apiGroups: + - ovn.openstack.org + resources: + - ovndbclusters/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovnnorthds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovnnorthds/finalizers + verbs: + - patch + - update +- apiGroups: + - ovn.openstack.org + resources: + - ovnnorthds/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - security.openshift.io + resourceNames: + - restricted-v2 + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: ovn-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ovn-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: ovn-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ovn-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ovn-operator-manager-role +subjects: +- kind: ServiceAccount + name: ovn-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ovn-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ovn-operator-proxy-role +subjects: +- kind: ServiceAccount + name: ovn-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: ovn-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: ovn-operator diff --git a/bindata/rbac/placement-operator-rbac.yaml b/bindata/rbac/placement-operator-rbac.yaml new file mode 100644 index 000000000..9d188ff70 --- /dev/null +++ b/bindata/rbac/placement-operator-rbac.yaml @@ -0,0 +1,345 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: placement-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: placement-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: placement-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/finalizers + verbs: + - patch + - update +- apiGroups: + - placement.openstack.org + resources: + - placementapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - placement.openstack.org + resources: + - placementapis/finalizers + verbs: + - patch + - update +- apiGroups: + - placement.openstack.org + resources: + - placementapis/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: placement-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: placement-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: placement-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: placement-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: placement-operator-manager-role +subjects: +- kind: ServiceAccount + name: placement-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: placement-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: placement-operator-proxy-role +subjects: +- kind: ServiceAccount + name: placement-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: placement-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: placement-operator diff --git a/bindata/rbac/rabbitmq-cluster-operator-rbac.yaml b/bindata/rbac/rabbitmq-cluster-operator-rbac.yaml new file mode 100644 index 000000000..7295ab732 --- /dev/null +++ b/bindata/rbac/rabbitmq-cluster-operator-rbac.yaml @@ -0,0 +1,230 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rabbitmq-cluster-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: rabbitmq-cluster-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: rabbitmq-cluster-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - patch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - update + - watch +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters/finalizers + verbs: + - update +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters/status + verbs: + - get + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: rabbitmq-cluster-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: rabbitmq-cluster-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: rabbitmq-cluster-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: rabbitmq-cluster-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rabbitmq-cluster-operator-manager-role +subjects: +- kind: ServiceAccount + name: rabbitmq-cluster-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: rabbitmq-cluster-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rabbitmq-cluster-operator-proxy-role +subjects: +- kind: ServiceAccount + name: rabbitmq-cluster-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: rabbitmq-cluster-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: rabbitmq-cluster-operator diff --git a/bindata/rbac/rbac.yaml b/bindata/rbac/rbac.yaml new file mode 100644 index 000000000..01f1e8a19 --- /dev/null +++ b/bindata/rbac/rbac.yaml @@ -0,0 +1,957 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: openstack-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: openstack-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: openstack-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - imagestreamimages + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - imagestreammappings + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - imagestreams + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - imagestreams/layers + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - imagestreamtags + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - imagetags + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - projects + verbs: + - get +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - baremetal.openstack.org + resources: + - openstackbaremetalsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - baremetal.openstack.org + resources: + - openstackbaremetalsets/finalizers + verbs: + - patch + - update +- apiGroups: + - baremetal.openstack.org + resources: + - openstackbaremetalsets/status + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cert-manager.io + resources: + - issuers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cinder.openstack.org + resources: + - cinders + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - client.openstack.org + resources: + - openstackclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - client.openstack.org + resources: + - openstackclients/finalizers + verbs: + - update +- apiGroups: + - client.openstack.org + resources: + - openstackclients/status + verbs: + - get + - patch + - update +- apiGroups: + - config.openshift.io + resources: + - networks + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - core.openstack.org + resources: + - openstackcontrolplanes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - core.openstack.org + resources: + - openstackcontrolplanes/finalizers + verbs: + - patch + - update +- apiGroups: + - core.openstack.org + resources: + - openstackcontrolplanes/status + verbs: + - get + - patch + - update +- apiGroups: + - core.openstack.org + resources: + - openstackversions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - core.openstack.org + resources: + - openstackversions/finalizers + verbs: + - patch + - update +- apiGroups: + - core.openstack.org + resources: + - openstackversions/status + verbs: + - get + - patch + - update +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplanedeployments + verbs: + - create + - delete + - get + - list + - watch +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplanedeployments/finalizers + verbs: + - patch + - update +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplanedeployments/status + verbs: + - get + - patch + - update +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplanenodesets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplanenodesets/finalizers + verbs: + - patch + - update +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplanenodesets/status + verbs: + - get + - patch + - update +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplaneservices + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - dataplane.openstack.org + resources: + - openstackdataplaneservices/finalizers + verbs: + - patch + - update +- apiGroups: + - designate.openstack.org + resources: + - designates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - glance.openstack.org + resources: + - glances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heats + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - horizon.openstack.org + resources: + - horizons + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - image.openshift.io + resources: + - imagestreamimages + verbs: + - get + - list + - watch +- apiGroups: + - image.openshift.io + resources: + - imagestreammappings + verbs: + - get + - list + - watch +- apiGroups: + - image.openshift.io + resources: + - imagestreams + verbs: + - get + - list + - watch +- apiGroups: + - image.openshift.io + resources: + - imagestreams/layers + verbs: + - get +- apiGroups: + - image.openshift.io + resources: + - imagestreamtags + verbs: + - get + - list + - watch +- apiGroups: + - image.openshift.io + resources: + - imagetags + verbs: + - get + - list + - watch +- apiGroups: + - ironic.openstack.org + resources: + - ironics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - machineconfiguration.openshift.io + resources: + - machineconfigs + verbs: + - get + - list + - watch +- apiGroups: + - manila.openstack.org + resources: + - manilas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - galeras + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsdata + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsdata/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - dnsdata/status + verbs: + - get +- apiGroups: + - network.openstack.org + resources: + - dnsmasqs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsmasqs/status + verbs: + - get +- apiGroups: + - network.openstack.org + resources: + - ipsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - network.openstack.org + resources: + - ipsets/finalizers + verbs: + - patch + - update +- apiGroups: + - network.openstack.org + resources: + - ipsets/status + verbs: + - get +- apiGroups: + - network.openstack.org + resources: + - netconfigs + verbs: + - get + - list + - watch +- apiGroups: + - neutron.openstack.org + resources: + - neutronapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nova.openstack.org + resources: + - nova + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - octavia.openstack.org + resources: + - octavias + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - operator.openshift.io + resources: + - imagecontentsourcepolicies + verbs: + - get + - list +- apiGroups: + - ovn.openstack.org + resources: + - ovncontrollers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovndbclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ovn.openstack.org + resources: + - ovnnorthds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - placement.openstack.org + resources: + - placementapis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - project.openshift.io + resources: + - projects + verbs: + - get +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - redis.openstack.org + resources: + - redises + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes/custom-host + verbs: + - create + - patch + - update +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - swift.openstack.org + resources: + - swifts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - metricstorages + verbs: + - get + - list + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - telemetries + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: openstack-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: openstack-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: openstack-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: openstack-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: openstack-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openstack-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openstack-operator-manager-role +subjects: +- kind: ServiceAccount + name: openstack-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openstack-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openstack-operator-proxy-role +subjects: +- kind: ServiceAccount + name: openstack-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: openstack-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: openstack diff --git a/bindata/rbac/swift-operator-rbac.yaml b/bindata/rbac/swift-operator-rbac.yaml new file mode 100644 index 000000000..4c7902e4c --- /dev/null +++ b/bindata/rbac/swift-operator-rbac.yaml @@ -0,0 +1,468 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: swift-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: swift-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: swift-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - '*' + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - barbican.openstack.org + resources: + - barbicanapis + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - network.openstack.org + resources: + - dnsdata + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - nonroot-v2 + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - swift.openstack.org + resources: + - swiftproxies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - swift.openstack.org + resources: + - swiftproxies/finalizers + verbs: + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swiftproxies/status + verbs: + - get + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swiftrings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - swift.openstack.org + resources: + - swiftrings/finalizers + verbs: + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swiftrings/status + verbs: + - get + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swifts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - swift.openstack.org + resources: + - swifts/finalizers + verbs: + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swifts/status + verbs: + - get + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swiftstorages + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - swift.openstack.org + resources: + - swiftstorages/finalizers + verbs: + - patch + - update +- apiGroups: + - swift.openstack.org + resources: + - swiftstorages/status + verbs: + - get + - patch + - update +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: swift-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: swift-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: swift-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: swift-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: swift-operator-manager-role +subjects: +- kind: ServiceAccount + name: swift-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: swift-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: swift-operator-proxy-role +subjects: +- kind: ServiceAccount + name: swift-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: swift-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: swift-operator diff --git a/bindata/rbac/telemetry-operator-rbac.yaml b/bindata/rbac/telemetry-operator-rbac.yaml new file mode 100644 index 000000000..7cb7f4ad7 --- /dev/null +++ b/bindata/rbac/telemetry-operator-rbac.yaml @@ -0,0 +1,569 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: telemetry-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: telemetry-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: telemetry-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - heat.openstack.org + resources: + - heats + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneapis + verbs: + - get + - list + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - keystone.openstack.org + resources: + - keystoneservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbaccounts/finalizers + verbs: + - patch + - update +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - mariadb.openstack.org + resources: + - mariadbdatabases/finalizers + verbs: + - patch + - update +- apiGroups: + - memcached.openstack.org + resources: + - memcacheds + verbs: + - get + - list + - watch +- apiGroups: + - monitoring.rhobs + resources: + - alertmanagers + verbs: + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - monitoring.rhobs + resources: + - monitoringstacks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - monitoring.rhobs + resources: + - prometheuses + verbs: + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - monitoring.rhobs + resources: + - prometheusrules + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - monitoring.rhobs + resources: + - scrapeconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - monitoring.rhobs + resources: + - servicemonitors + verbs: + - delete + - get + - list +- apiGroups: + - network.openstack.org + resources: + - ipsets + verbs: + - get + - list + - watch +- apiGroups: + - observability.openshift.io + resources: + - uiplugins + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters + verbs: + - get + - list + - watch +- apiGroups: + - rabbitmq.openstack.org + resources: + - transporturls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - telemetry.openstack.org + resources: + - autoscalings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - autoscalings/finalizers + verbs: + - delete + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - autoscalings/status + verbs: + - get + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - ceilometers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - ceilometers/finalizers + verbs: + - delete + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - ceilometers/status + verbs: + - get + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - loggings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - loggings/finalizers + verbs: + - delete + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - loggings/status + verbs: + - get + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - metricstorages + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - metricstorages/finalizers + verbs: + - delete + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - metricstorages/status + verbs: + - get + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - telemetries + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - telemetry.openstack.org + resources: + - telemetries/finalizers + verbs: + - patch + - update +- apiGroups: + - telemetry.openstack.org + resources: + - telemetries/status + verbs: + - get + - patch + - update +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: telemetry-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: telemetry-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: telemetry-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: telemetry-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: telemetry-operator-manager-role +subjects: +- kind: ServiceAccount + name: telemetry-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: telemetry-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: telemetry-operator-proxy-role +subjects: +- kind: ServiceAccount + name: telemetry-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: telemetry-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: telemetry-operator diff --git a/bindata/rbac/test-operator-rbac.yaml b/bindata/rbac/test-operator-rbac.yaml new file mode 100644 index 000000000..c82d11bcb --- /dev/null +++ b/bindata/rbac/test-operator-rbac.yaml @@ -0,0 +1,336 @@ +# NOTE: this file is automatically generated by hack/sync-bindata.sh! +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: test-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: test-operator-leader-election-role + namespace: '{{ .OperatorNamespace }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: test-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + - nonroot + - nonroot-v2 + - privileged + resources: + - securitycontextconstraints + verbs: + - use +- apiGroups: + - test.openstack.org + resources: + - ansibletests + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - test.openstack.org + resources: + - ansibletests/finalizers + verbs: + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - ansibletests/status + verbs: + - get + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - horizontests + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - test.openstack.org + resources: + - horizontests/finalizers + verbs: + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - horizontests/status + verbs: + - get + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - tempests + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - test.openstack.org + resources: + - tempests/finalizers + verbs: + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - tempests/status + verbs: + - get + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - tobikoes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - test.openstack.org + resources: + - tobikoes/finalizers + verbs: + - patch + - update +- apiGroups: + - test.openstack.org + resources: + - tobikoes/status + verbs: + - get + - patch + - update +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: test-operator-leader-election-rolebinding + namespace: '{{ .OperatorNamespace }}' +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: test-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: test-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: test-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: test-operator-manager-role +subjects: +- kind: ServiceAccount + name: test-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: test-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: test-operator-proxy-role +subjects: +- kind: ServiceAccount + name: test-operator-controller-manager + namespace: '{{ .OperatorNamespace }}' +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: test-operator-controller-manager-metrics-service + namespace: '{{ .OperatorNamespace }}' +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + openstack.org/operator-name: test-operator diff --git a/config/operator/manager_operator_images.yaml b/config/operator/manager_operator_images.yaml index ded483abb..182904b7f 100644 --- a/config/operator/manager_operator_images.yaml +++ b/config/operator/manager_operator_images.yaml @@ -14,44 +14,44 @@ spec: - name: operator env: - name: RELATED_IMAGE_BARBICAN_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/barbican-operator@sha256:f6c85e80f70b7b7334d74fe6d9f86a9b2a5006566db9a6024d0f8966c80167cf + value: quay.io/openstack-k8s-operators/barbican-operator@sha256:7386602444254c1ad8214a3a3e85beb793f65736303de1193c0290432ffa4eaa - name: RELATED_IMAGE_CINDER_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/cinder-operator@sha256:23972d5bc7d91b5ce22a12d7d7f8cba5c68c8eade0bf7c0d27c1cb5be7168468 + value: quay.io/openstack-k8s-operators/cinder-operator@sha256:acc717d177a04ac6bea665aa7458817ed61d2c225c8708ecc08992a963f161de - name: RELATED_IMAGE_DESIGNATE_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/designate-operator@sha256:98b7d7960bdfceec9b682fb48401b332a360eb2047d3e745553c81a9c3c8e1fd + value: quay.io/openstack-k8s-operators/designate-operator@sha256:6440dec2e82755e110127593c1c1b90d26bf376d0eea8db9ea5f1879391e8d07 - name: RELATED_IMAGE_GLANCE_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/glance-operator@sha256:9838dad960de475da993d98b8d5d543ee8f0030efc9f47b4a534ab90cc098556 + value: quay.io/openstack-k8s-operators/glance-operator@sha256:fc65bc0fabd399126ab400d331afc8cb3ad94a5d268e23f97ecf5d0691dcbb2c - name: RELATED_IMAGE_HEAT_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/heat-operator@sha256:59fdb9653bd85003cadd7a05161a665bda2ecb77a464bf30fc73064fd13519a5 + value: quay.io/openstack-k8s-operators/heat-operator@sha256:57555df49d1efa118745e920f84e71a1329db554125ade1f1d1261d174ebf30e - name: RELATED_IMAGE_HORIZON_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/horizon-operator@sha256:6eabb8c57ce9de3d1ba9f4748bd36c5bbd36c8acb223375211b95ac9904e4e2a + value: quay.io/openstack-k8s-operators/horizon-operator@sha256:9e326d5dd2960b273f79d767563f07a7ca373c2d12bcb29986551a10f43e16c0 - name: RELATED_IMAGE_INFRA_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/infra-operator@sha256:a7f2d7883d811d2dea6bbb20f215def498afbb0c428508b54ca2792a86d68bdd + value: quay.io/openstack-k8s-operators/infra-operator@sha256:ecba2bae0bf034a326e960e0697636b682b64866dd7ead4f80e559798a012358 - name: RELATED_IMAGE_IRONIC_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/ironic-operator@sha256:c26aee3592941c2ea62834d0a03f471d95ef777ae339b26bc5115a384aa48b3a + value: quay.io/openstack-k8s-operators/ironic-operator@sha256:b9992a3db9298f9231733175a24767149644a450bd2f2e072d5277dd711294cf - name: RELATED_IMAGE_KEYSTONE_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/keystone-operator@sha256:d8c3c098edcb972bcee5b944f8182113951d3435aabf5794c02ff39da1d36bba + value: quay.io/openstack-k8s-operators/keystone-operator@sha256:7d1f2432781bd4dd67bda8060bda32221005de180d6e2cd7a6fc36f70001c681 - name: RELATED_IMAGE_MANILA_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/manila-operator@sha256:07fb8c80d9648b5c1f2f0c47855542861374c214b9df9df27906b736ccfa79fc + value: quay.io/openstack-k8s-operators/manila-operator@sha256:8139d01a3c94cde675150c0647f4029e906e898af2866a159a90a71da340fcf0 - name: RELATED_IMAGE_MARIADB_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/mariadb-operator@sha256:4e539d5414535f03c274051013b304339741e19f797632a39861ba2309b3518a + value: quay.io/openstack-k8s-operators/mariadb-operator@sha256:557e92b940c06ec78fdffbb9d738847b3f5f2f5f50826c904f05f08d72b8571a - name: RELATED_IMAGE_NEUTRON_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/neutron-operator@sha256:bf373ff7eb87a3b587b10ef6b2b276ff8d5c5166772f3c09233e735d6ac308f5 + value: quay.io/openstack-k8s-operators/neutron-operator@sha256:3467b77b7580cb68e3fede842f038ac4972bec5c5cee9b508638039c127d74e4 - name: RELATED_IMAGE_NOVA_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/nova-operator@sha256:468f90dcdbc174cc789dde192493bb170fa18f688c8af5a97c2a81000e7bb6bd + value: quay.io/openstack-k8s-operators/nova-operator@sha256:2f1956fe8ce891b4db7b2a3ab9fe7299eb06aa39269548567f4ae4230b1cd4b5 - name: RELATED_IMAGE_OCTAVIA_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/octavia-operator@sha256:b376450aa86e083e2a9b93b4af6b6efd6978451187990d5d21ac967e5ef0ef8c + value: quay.io/openstack-k8s-operators/octavia-operator@sha256:7ddd189aff6e450418768c2a5f4c598e9647984f84c5d109b38960b9acfbf1e8 - name: RELATED_IMAGE_OPENSTACK_BAREMETAL_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/openstack-baremetal-operator@sha256:fd552ef3c74923dc69f7fc5ce44f1a5de91bb8e85839f0c4b48387f769e79820 + value: quay.io/openstack-k8s-operators/openstack-baremetal-operator@sha256:6fc250413468eea62fe34531b0db459a5a903b4bc8f3c886e13433b760ea080d - name: RELATED_IMAGE_OVN_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/ovn-operator@sha256:b900bb87fef70e4c6eded20fc4be5a595cfe3d4b3ebacc88af7dff2af29991a5 + value: quay.io/openstack-k8s-operators/ovn-operator@sha256:a0886a5e3fda186ead8e698221a55aacda5bb2bf75e95d2ee49fe06576952d62 - name: RELATED_IMAGE_PLACEMENT_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/placement-operator@sha256:70f80e0f966c61504a6d64dd3d2937ef7d7b17a65e9c1c9501a13abfb535a5b7 + value: quay.io/openstack-k8s-operators/placement-operator@sha256:788922154c1bd21fd034623c84dc8c452d1519afff88cfd7fe1ec6a13beb1b84 - name: RELATED_IMAGE_RABBITMQ_CLUSTER_OPERATOR_MANAGER_IMAGE_URL value: quay.io/openstack-k8s-operators/rabbitmq-cluster-operator@sha256:225524223bf2a7f3a4ce95958fc9ca6fdab02745fb70374e8ff5bf1ddaceda4b - name: RELATED_IMAGE_SWIFT_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/swift-operator@sha256:0c7b99f5d18487c3a3c834fd099fd32a9fbd595a8bfb0dc401390088dbe07662 + value: quay.io/openstack-k8s-operators/swift-operator@sha256:feae7aad3659a299204228d0354100d4abda8fb2b1c59e8909ea3fd1ea914b11 - name: RELATED_IMAGE_TELEMETRY_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/telemetry-operator@sha256:b18442d853a996d3cdde52944815c722861e7ea2ae87a75c6396b606ee571e1d + value: quay.io/openstack-k8s-operators/telemetry-operator@sha256:8b1c06cdc55e34f8d7220e20f578a22d35bf6b99921a1cd8a7db0d5d18be3597 - name: RELATED_IMAGE_TEST_OPERATOR_MANAGER_IMAGE_URL - value: quay.io/openstack-k8s-operators/test-operator@sha256:1840e87b584328ad53cde0635d28550d2f75a27995b8bc2c9419bd2083614b04 + value: quay.io/openstack-k8s-operators/test-operator@sha256:2d851847946ff12971a78c1fa0c152b92fab8fcfe5d1fed85a4487d2a4f27e43 diff --git a/hack/export_operator_related_images.sh b/hack/export_operator_related_images.sh index 4a9eb1eba..124bad3a3 100644 --- a/hack/export_operator_related_images.sh +++ b/hack/export_operator_related_images.sh @@ -1,23 +1,23 @@ # NOTE: this file is automatically generated by hack/sync-bindata.sh! -export RELATED_IMAGE_BARBICAN_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/barbican-operator@sha256:f6c85e80f70b7b7334d74fe6d9f86a9b2a5006566db9a6024d0f8966c80167cf -export RELATED_IMAGE_CINDER_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/cinder-operator@sha256:23972d5bc7d91b5ce22a12d7d7f8cba5c68c8eade0bf7c0d27c1cb5be7168468 -export RELATED_IMAGE_DESIGNATE_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/designate-operator@sha256:98b7d7960bdfceec9b682fb48401b332a360eb2047d3e745553c81a9c3c8e1fd -export RELATED_IMAGE_GLANCE_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/glance-operator@sha256:9838dad960de475da993d98b8d5d543ee8f0030efc9f47b4a534ab90cc098556 -export RELATED_IMAGE_HEAT_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/heat-operator@sha256:59fdb9653bd85003cadd7a05161a665bda2ecb77a464bf30fc73064fd13519a5 -export RELATED_IMAGE_HORIZON_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/horizon-operator@sha256:6eabb8c57ce9de3d1ba9f4748bd36c5bbd36c8acb223375211b95ac9904e4e2a -export RELATED_IMAGE_INFRA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/infra-operator@sha256:a7f2d7883d811d2dea6bbb20f215def498afbb0c428508b54ca2792a86d68bdd -export RELATED_IMAGE_IRONIC_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/ironic-operator@sha256:c26aee3592941c2ea62834d0a03f471d95ef777ae339b26bc5115a384aa48b3a -export RELATED_IMAGE_KEYSTONE_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/keystone-operator@sha256:d8c3c098edcb972bcee5b944f8182113951d3435aabf5794c02ff39da1d36bba -export RELATED_IMAGE_MANILA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/manila-operator@sha256:07fb8c80d9648b5c1f2f0c47855542861374c214b9df9df27906b736ccfa79fc -export RELATED_IMAGE_MARIADB_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/mariadb-operator@sha256:4e539d5414535f03c274051013b304339741e19f797632a39861ba2309b3518a -export RELATED_IMAGE_NEUTRON_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/neutron-operator@sha256:bf373ff7eb87a3b587b10ef6b2b276ff8d5c5166772f3c09233e735d6ac308f5 -export RELATED_IMAGE_NOVA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/nova-operator@sha256:468f90dcdbc174cc789dde192493bb170fa18f688c8af5a97c2a81000e7bb6bd -export RELATED_IMAGE_OCTAVIA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/octavia-operator@sha256:b376450aa86e083e2a9b93b4af6b6efd6978451187990d5d21ac967e5ef0ef8c -export RELATED_IMAGE_OPENSTACK_BAREMETAL_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/openstack-baremetal-operator@sha256:fd552ef3c74923dc69f7fc5ce44f1a5de91bb8e85839f0c4b48387f769e79820 -export RELATED_IMAGE_OVN_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/ovn-operator@sha256:b900bb87fef70e4c6eded20fc4be5a595cfe3d4b3ebacc88af7dff2af29991a5 -export RELATED_IMAGE_PLACEMENT_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/placement-operator@sha256:70f80e0f966c61504a6d64dd3d2937ef7d7b17a65e9c1c9501a13abfb535a5b7 +export RELATED_IMAGE_BARBICAN_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/barbican-operator@sha256:7386602444254c1ad8214a3a3e85beb793f65736303de1193c0290432ffa4eaa +export RELATED_IMAGE_CINDER_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/cinder-operator@sha256:acc717d177a04ac6bea665aa7458817ed61d2c225c8708ecc08992a963f161de +export RELATED_IMAGE_DESIGNATE_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/designate-operator@sha256:6440dec2e82755e110127593c1c1b90d26bf376d0eea8db9ea5f1879391e8d07 +export RELATED_IMAGE_GLANCE_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/glance-operator@sha256:fc65bc0fabd399126ab400d331afc8cb3ad94a5d268e23f97ecf5d0691dcbb2c +export RELATED_IMAGE_HEAT_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/heat-operator@sha256:57555df49d1efa118745e920f84e71a1329db554125ade1f1d1261d174ebf30e +export RELATED_IMAGE_HORIZON_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/horizon-operator@sha256:9e326d5dd2960b273f79d767563f07a7ca373c2d12bcb29986551a10f43e16c0 +export RELATED_IMAGE_INFRA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/infra-operator@sha256:ecba2bae0bf034a326e960e0697636b682b64866dd7ead4f80e559798a012358 +export RELATED_IMAGE_IRONIC_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/ironic-operator@sha256:b9992a3db9298f9231733175a24767149644a450bd2f2e072d5277dd711294cf +export RELATED_IMAGE_KEYSTONE_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/keystone-operator@sha256:7d1f2432781bd4dd67bda8060bda32221005de180d6e2cd7a6fc36f70001c681 +export RELATED_IMAGE_MANILA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/manila-operator@sha256:8139d01a3c94cde675150c0647f4029e906e898af2866a159a90a71da340fcf0 +export RELATED_IMAGE_MARIADB_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/mariadb-operator@sha256:557e92b940c06ec78fdffbb9d738847b3f5f2f5f50826c904f05f08d72b8571a +export RELATED_IMAGE_NEUTRON_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/neutron-operator@sha256:3467b77b7580cb68e3fede842f038ac4972bec5c5cee9b508638039c127d74e4 +export RELATED_IMAGE_NOVA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/nova-operator@sha256:2f1956fe8ce891b4db7b2a3ab9fe7299eb06aa39269548567f4ae4230b1cd4b5 +export RELATED_IMAGE_OCTAVIA_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/octavia-operator@sha256:7ddd189aff6e450418768c2a5f4c598e9647984f84c5d109b38960b9acfbf1e8 +export RELATED_IMAGE_OPENSTACK_BAREMETAL_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/openstack-baremetal-operator@sha256:6fc250413468eea62fe34531b0db459a5a903b4bc8f3c886e13433b760ea080d +export RELATED_IMAGE_OVN_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/ovn-operator@sha256:a0886a5e3fda186ead8e698221a55aacda5bb2bf75e95d2ee49fe06576952d62 +export RELATED_IMAGE_PLACEMENT_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/placement-operator@sha256:788922154c1bd21fd034623c84dc8c452d1519afff88cfd7fe1ec6a13beb1b84 export RELATED_IMAGE_RABBITMQ_CLUSTER_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/rabbitmq-cluster-operator@sha256:225524223bf2a7f3a4ce95958fc9ca6fdab02745fb70374e8ff5bf1ddaceda4b -export RELATED_IMAGE_SWIFT_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/swift-operator@sha256:0c7b99f5d18487c3a3c834fd099fd32a9fbd595a8bfb0dc401390088dbe07662 -export RELATED_IMAGE_TELEMETRY_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/telemetry-operator@sha256:b18442d853a996d3cdde52944815c722861e7ea2ae87a75c6396b606ee571e1d -export RELATED_IMAGE_TEST_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/test-operator@sha256:1840e87b584328ad53cde0635d28550d2f75a27995b8bc2c9419bd2083614b04 +export RELATED_IMAGE_SWIFT_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/swift-operator@sha256:feae7aad3659a299204228d0354100d4abda8fb2b1c59e8909ea3fd1ea914b11 +export RELATED_IMAGE_TELEMETRY_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/telemetry-operator@sha256:8b1c06cdc55e34f8d7220e20f578a22d35bf6b99921a1cd8a7db0d5d18be3597 +export RELATED_IMAGE_TEST_OPERATOR_MANAGER_IMAGE_URL=quay.io/openstack-k8s-operators/test-operator@sha256:2d851847946ff12971a78c1fa0c152b92fab8fcfe5d1fed85a4487d2a4f27e43 diff --git a/hack/sync-bindata.sh b/hack/sync-bindata.sh index fc128c84f..bfb90f301 100755 --- a/hack/sync-bindata.sh +++ b/hack/sync-bindata.sh @@ -53,7 +53,7 @@ metadata: name: ${OPERATOR_NAME}-leader-election-role namespace: '{{ .OperatorNamespace }}' ${LEADER_ELECTION_ROLE_RULES} ---- +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: