diff --git a/.github/crd-config/config.yaml b/.github/crd-config/config.yaml index c2bb6d748..e802f1ff9 100644 --- a/.github/crd-config/config.yaml +++ b/.github/crd-config/config.yaml @@ -1,25 +1,6 @@ processor: # RE2 regular expressions describing types that should be excluded from the generated documentation. ignoreTypes: - - "User$" - - "UserList$" - - "UserSpec$" - - "UserStatus$" - - "UserAuthenticationSpec$" - - "UserAuthorizationSpec$" - - "UserTemplateSpec$" - - "Password$" - - "PasswordSource$" - - "ACLRule$" - - "ACLType$" - - "ACLOperation$" - - "PatternType$" - - "ResourceType$" - - "ACLResourceSpec$" - - "ClusterSource$" - - "AdminAPISpec$" - - "AdminSASL$" - - "MetadataTemplate$" render: kubernetesVersion: 1.23 knownTypes: diff --git a/.github/workflows/fetch-acceptance-tests.yml b/.github/workflows/fetch-acceptance-tests.yml new file mode 100644 index 000000000..a83d8991d --- /dev/null +++ b/.github/workflows/fetch-acceptance-tests.yml @@ -0,0 +1,55 @@ +--- + name: Fetch and Save K8s Acceptance Tests + on: + workflow_dispatch: # Allows manual trigger of the workflow + repository_dispatch: # Allows other repositories to trigger this workflow + types: [trigger-acceptance-test-pull] + jobs: + fetch-and-save: + runs-on: ubuntu-latest + steps: + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_SM_READONLY_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SM_READONLY_SECRET_ACCESS_KEY }} + aws-region: us-west-2 + - name: get secrets from aws sm + uses: aws-actions/aws-secretsmanager-get-secrets@v2 + with: + secret-ids: | + ,sdlc/prod/github/actions_bot_token + parse-json-secrets: true + + - name: Checkout the repository + uses: actions/checkout@v4 + with: + ref: api + token: ${{ env.ACTIONS_BOT_TOKEN }} + path: redpanda-docs + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: '18' + + - name: Install dependencies + run: | + cd ./redpanda-docs/scripts/fetch-from-github + npm install + + - name: Run the script and save the output + run: node ./redpanda-docs/scripts/fetch-from-github/fetch.js redpanda-data redpanda-operator acceptance/features ../../modules/manage/examples/kubernetes + env: + VBOT_GITHUB_API_TOKEN: ${{ env.ACTIONS_BOT_TOKEN }} + + - name: Create pull request + uses: peter-evans/create-pull-request@v6 + with: + commit-message: "auto-docs: Update K8s acceptance tests" + token: ${{ env.ACTIONS_BOT_TOKEN }} + branch: update-acceptance-tests + title: "auto-docs: Update K8s acceptance tests" + body: "This PR auto-updates the acceptance tests that we use as examples in our Kubernetes docs." + labels: auto-docs + reviewers: JakeSCahill \ No newline at end of file diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc index 6d74a5812..2b6f8c7fd 100644 --- a/modules/ROOT/nav.adoc +++ b/modules/ROOT/nav.adoc @@ -113,7 +113,9 @@ **** xref:manage:kubernetes/security/tls/index.adoc[TLS Encryption] ***** xref:manage:kubernetes/security/tls/k-cert-manager.adoc[Use cert-manager] ***** xref:manage:kubernetes/security/tls/k-secrets.adoc[Use Secrets] -**** xref:manage:kubernetes/security/authentication/k-authentication.adoc[Authentication] +**** xref:manage:kubernetes/security/authentication/index.adoc[Authentication] +***** xref:manage:kubernetes/security/authentication/k-authentication.adoc[Enable Authentication] +***** xref:manage:kubernetes/security/authentication/k-user-controller.adoc[Manage Users and ACLs] **** xref:manage:kubernetes/security/k-audit-logging.adoc[Audit Logging] *** xref:manage:kubernetes/k-rack-awareness.adoc[Rack Awareness] *** xref:manage:kubernetes/k-remote-read-replicas.adoc[Remote Read Replicas] diff --git a/modules/deploy/pages/deployment-option/self-hosted/kubernetes/k-production-deployment.adoc b/modules/deploy/pages/deployment-option/self-hosted/kubernetes/k-production-deployment.adoc index 7172b5b38..02229be59 100644 --- a/modules/deploy/pages/deployment-option/self-hosted/kubernetes/k-production-deployment.adoc +++ b/modules/deploy/pages/deployment-option/self-hosted/kubernetes/k-production-deployment.adoc @@ -122,9 +122,9 @@ spec: ---- + - `metadata.name`: Name to assign the Redpanda cluster. This name is also assigned to the Helm release. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-src-go-k8s-apis-redpanda-v1alpha1-chartref[`spec.chartRef`]: Information about the Helm chart that will be used to deploy Redpanda. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-api-redpanda-v1alpha2-chartref[`spec.chartRef`]: Information about the Helm chart that will be used to deploy Redpanda. - `spec.chartRef.chartVersion`: This field specifies the exact version of the Redpanda Helm chart to use for deployment. By setting this value, you <>, which prevents automatic updates that might introduce breaking changes or new features that have not been tested in your environment. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-src-go-k8s-apis-redpanda-v1alpha1-redpandaclusterspec[`spec.clusterSpec`]: This is where you can override default values in the Redpanda Helm chart. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-api-redpanda-v1alpha2-redpandaclusterspec[`spec.clusterSpec`]: This is where you can override default values in the Redpanda Helm chart. Here, you mount the <> to the Pods that run Redpanda. For other configuration details, see <>. - `spec.clusterSpec.enterprise`: If you want to use enterprise features in Redpanda, uncomment this section and add the details of a Secret that stores your Enterprise Edition license key. For details, see xref:get-started:licensing/add-license-redpanda/kubernetes.adoc[]. - `spec.clusterSpec.statefulset`: Here, you mount the <> to the Pods that run Redpanda. For other configuration details, see <>. diff --git a/modules/get-started/pages/whats-new.adoc b/modules/get-started/pages/whats-new.adoc index 6e4f07891..01e8ad4e5 100644 --- a/modules/get-started/pages/whats-new.adoc +++ b/modules/get-started/pages/whats-new.adoc @@ -7,6 +7,16 @@ This topic includes new content added in version {page-component-version}. For a * xref:redpanda-cloud:get-started:whats-new-cloud.adoc[] * xref:redpanda-cloud:get-started:cloud-overview.adoc#redpanda-cloud-vs-self-managed-feature-compatibility[Redpanda Cloud vs Self-Managed feature compatibility] +== Declarative user and ACL management in Kubernetes + +Redpanda now supports declarative management of users and access control lists (ACLs) using the new User resource with the Redpanda Operator. This feature allows you to: + +- Create and manage Redpanda users and their authentication settings. +- Define and manage ACLs to control access to Redpanda resources. +- Automatically reconcile changes to users and ACLs using the Redpanda Operator. + +To learn more, see the xref:manage:kubernetes/security/authentication/k-user-controller.adoc[User resource documentation]. + == Licensing updates This release includes several updates to xref:get-started:licensing/overview.adoc[Redpanda's licensing system] to both improve transparency and make it easier to manage licenses across Redpanda clusters and Redpanda Console. diff --git a/modules/manage/examples/kubernetes/user-crds.feature b/modules/manage/examples/kubernetes/user-crds.feature new file mode 100644 index 000000000..3712f6cb9 --- /dev/null +++ b/modules/manage/examples/kubernetes/user-crds.feature @@ -0,0 +1,86 @@ +@cluster:sasl +Feature: User CRDs + Background: Cluster available + Given cluster "sasl" is available + + @skip:gke @skip:aks @skip:eks + Scenario: Manage users + Given there is no user "bob" in cluster "sasl" + And there is no user "james" in cluster "sasl" + And there is no user "alice" in cluster "sasl" + When I create CRD-based users for cluster "sasl": + | name | password | mechanism | acls | + | bob | | SCRAM-SHA-256 | | + | james | | SCRAM-SHA-512 | | + | alice | qwerty | SCRAM-SHA-512 | | + Then "bob" should exist and be able to authenticate to the "sasl" cluster + And "james" should exist and be able to authenticate to the "sasl" cluster + And "alice" should exist and be able to authenticate to the "sasl" cluster + + @skip:gke @skip:aks @skip:eks + Scenario: Manage authentication-only users + Given there is no user "jason" in cluster "sasl" + And there are already the following ACLs in cluster "sasl": + | user | acls | + | jason | [{"type":"allow","resource":{"type":"cluster"},"operations":["Read"]}] | + When I apply Kubernetes manifest: + """ + # tag::manage-authn-only-manifest[] + # In this example manifest, a user called "jason" is created in a cluster called "sasl". + # The user's password is defined in a Secret called "jason-password". + # This example assumes that you will create ACLs for this user separately. + --- + apiVersion: cluster.redpanda.com/v1alpha2 + kind: User + metadata: + name: jason + spec: + cluster: + clusterRef: + name: sasl + authentication: + type: scram-sha-512 + password: + valueFrom: + secretKeyRef: + name: jason-password + key: password + # end::manage-authn-only-manifest[] + """ + And user "jason" is successfully synced + And I delete the CRD user "jason" + Then there should be ACLs in the cluster "sasl" for user "jason" + + @skip:gke @skip:aks @skip:eks + Scenario: Manage authorization-only users + Given there are the following pre-existing users in cluster "sasl" + | name | password | mechanism | + | travis | password | SCRAM-SHA-256 | + When I apply Kubernetes manifest: + """ + # tag::manage-authz-only-manifest[] + # In this example manifest, an ACL called "travis" is created in a cluster called "sasl". + # The ACL give an existing user called "travis" permissions to read from all topics whose names start with some-topic. + # This example assumes that you already have a user called "travis" in your cluster. + --- + apiVersion: cluster.redpanda.com/v1alpha2 + kind: User + metadata: + name: travis + spec: + cluster: + clusterRef: + name: sasl + authorization: + acls: + - type: allow + resource: + type: topic + name: some-topic + patternType: prefixed + operations: [Read] + # end::manage-authz-only-manifest[] + """ + And user "travis" is successfully synced + And I delete the CRD user "travis" + Then "travis" should be able to authenticate to the "sasl" cluster with password "password" and mechanism "SCRAM-SHA-256" diff --git a/modules/manage/pages/kubernetes/k-manage-topics.adoc b/modules/manage/pages/kubernetes/k-manage-topics.adoc index 3dc1e6a03..3d234d0c4 100644 --- a/modules/manage/pages/kubernetes/k-manage-topics.adoc +++ b/modules/manage/pages/kubernetes/k-manage-topics.adoc @@ -5,21 +5,24 @@ :env-kubernetes: true :page-aliases: manage:kubernetes/manage-topics.adoc -The Redpanda Operator allows you to declaratively create and manage Kafka topics using xref:reference:k-crd.adoc##k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topic[Topic custom resources] (resources) in Kubernetes. Each Topic resource is mapped to a topic in your Redpanda cluster. The topic controller, a component of the Redpanda Operator, keeps the corresponding Kafka topic in sync with the Topic resource. This resource allows you to create topics as part of a Redpanda deployment. +The Redpanda Operator allows you to declaratively create and manage Kafka topics using xref:reference:k-crd.adoc##k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topic[Topic custom resources] (resources) in Kubernetes. Each Topic resource is mapped to a topic in your Redpanda cluster. The topic controller, a component of the Redpanda Operator, keeps the corresponding Kafka topic in sync with the Topic resource. This resource allows you to create topics as part of a Redpanda deployment. == Prerequisites You must have the following: -* Kubernetes cluster: Ensure you have a running Kubernetes cluster, either locally, such as with minikube or kind, or remotely. +* *Kubectl*: Ensure you have the https://kubernetes.io/docs/tasks/tools/#kubectl[`kubectl`^] command-line tool installed and configured to communicate with your cluster. -* https://kubernetes.io/docs/tasks/tools/#kubectl[Kubectl^]: Ensure you have the `kubectl` command-line tool installed and configured to communicate with your cluster. - -* Redpanda: Ensure you have the xref:deploy:deployment-option/self-hosted/kubernetes/kubernetes-deploy.adoc[Redpanda Operator and a Redpanda resource deployed] in your Kubernetes cluster. +* *Redpanda*: Ensure you have the xref:deploy:deployment-option/self-hosted/kubernetes/kubernetes-deploy.adoc[Redpanda Operator and a Redpanda resource deployed] in your Kubernetes cluster. == Limitations -You cannot create access control lists (ACLs) directly in the Topic resource. To create ACLs for your topics, you must use `rpk` or another Kafka client. For details about ACLs, see xref:security/authorization/index.adoc[]. +You cannot create access control lists (ACLs) directly in the Topic resource. To create ACLs for your topics, you can use: + +- xref:manage:kubernetes/security/authentication/k-user-controller.adoc[The User resource] +- xref:get-started:rpk-install.adoc[`rpk`] or another Kafka client + +For details about ACLs, see xref:security/authorization/index.adoc[]. == Create a topic @@ -44,23 +47,23 @@ spec: interval: ---- -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`metadata.name`] (*required*): The name of the Topic resource. If the <> property is not set, the name of the Topic resource is also given to the topic in Redpanda. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`metadata.name`] (*required*): The name of the Topic resource. If the <> property is not set, the name of the Topic resource is also given to the topic in Redpanda. + Valid names must consist of lowercase alphanumeric characters, hyphens (-), or periods (.). Names cannot start or end with a non-alphanumeric character. Underscores (_) are not allowed. For example, `chat-room` is a valid name, whereas `chat_room` is not. To use other characters such as underscores in your topic names, use the <> property. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkaapispec[`spec.kafkaApiSpec`] (*required*): Configuration details for connecting to Redpanda brokers. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkaapispec[`spec.kafkaApiSpec`] (*required*): Configuration details for connecting to Redpanda brokers. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`spec.partitions`]: The number of topic shards distributed across the brokers in a Redpanda cluster. This value cannot be decreased post-creation. Overrides the default cluster property xref:reference:cluster-properties.adoc#default_topic_partitions[`default_topic_partitions`]. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`spec.partitions`]: The number of topic shards distributed across the brokers in a Redpanda cluster. This value cannot be decreased post-creation. Overrides the default cluster property xref:reference:cluster-properties.adoc#default_topic_partitions[`default_topic_partitions`]. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`spec.replicationFactor`]: Specifies the number of topic replicas. The value must be an odd number. Overrides the default cluster property xref:reference:cluster-properties.adoc#default_topic_replications[`default_topic_replications`]. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`spec.replicationFactor`]: Specifies the number of topic replicas. The value must be an odd number. Overrides the default cluster property xref:reference:cluster-properties.adoc#default_topic_replications[`default_topic_replications`]. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`spec.additionalConfig`]: A map of any topic-specific configuration options. See xref:reference:topic-properties.adoc[]. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`spec.additionalConfig`]: A map of any topic-specific configuration options. See xref:reference:topic-properties.adoc[]. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`spec.metricsNamespace`]: The fully-qualified name of the topic metrics for use in multi-operator environments. Defaults to `redpanda-operator`. +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`spec.metricsNamespace`]: The fully-qualified name of the topic metrics for use in multi-operator environments. Defaults to `redpanda-operator`. -- [[overwrite]]xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`spec.overwriteTopicName`]: Overwrites the topic name in `metadata.name`. +- [[overwrite]]xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`spec.overwriteTopicName`]: Overwrites the topic name in `metadata.name`. -- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[`spec.interval`]: Sets the reconciliation interval for the topic controller. Default is 3 seconds (`3s`). +- xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[`spec.interval`]: Sets the reconciliation interval for the topic controller. Default is 3 seconds (`3s`). The default settings are best suited to a one-broker cluster in a development environment. To learn how to modify the default values in the configuration file, see xref:manage:cluster-maintenance/cluster-property-configuration.adoc[Configure Cluster Properties]. Even if you set default values that work for most topics, you may still want to change some properties for a specific topic. diff --git a/modules/manage/pages/kubernetes/security/authentication/index.adoc b/modules/manage/pages/kubernetes/security/authentication/index.adoc new file mode 100644 index 000000000..b8ac87f4f --- /dev/null +++ b/modules/manage/pages/kubernetes/security/authentication/index.adoc @@ -0,0 +1,6 @@ += Authentication for Redpanda in Kubernetes +:page-layout: index +:description: Learn how to configure authentication for Redpanda in Kubernetes using Helm values or the User resource with the Redpanda Operator. +:page-aliases: security:sasl-kubernetes.adoc, manage:kubernetes/security/sasl-kubernetes.adoc, security:kubernetes-sasl.adoc, manage:kubernetes/security/authentication/sasl-kubernetes.adoc, reference:redpanda-operator/kubernetes-mtls.adoc, reference:redpanda-operator/kubernetes-sasl.adoc + +Redpanda offers two methods to manage authentication in a Kubernetes environment. These options allow administrators to control user access and permissions, ensuring secure communication with the Redpanda cluster. \ No newline at end of file diff --git a/modules/manage/pages/kubernetes/security/authentication/k-authentication.adoc b/modules/manage/pages/kubernetes/security/authentication/k-authentication.adoc index 8f97f12cd..56df29cc2 100644 --- a/modules/manage/pages/kubernetes/security/authentication/k-authentication.adoc +++ b/modules/manage/pages/kubernetes/security/authentication/k-authentication.adoc @@ -1,8 +1,7 @@ = Configure Authentication for Redpanda in Kubernetes -:description: Learn how to configure authentication for Redpanda in Kubernetes. +:description: Use Helm values or the Redpanda resource manifest to enable authentication for Redpanda. This method provides a way to configure authentication during the initial deployment or updates to the cluster configuration. :page-context-links: [{"name": "Linux", "to": "manage:security/authentication.adoc" },{"name": "Kubernetes", "to": "manage:kubernetes/security/authentication/k-authentication.adoc" } ] :tags: ["Kubernetes", "Helm configuration"] -:page-aliases: security:sasl-kubernetes.adoc, manage:kubernetes/security/sasl-kubernetes.adoc, security:kubernetes-sasl.adoc, manage:kubernetes/security/authentication/sasl-kubernetes.adoc, reference:redpanda-operator/kubernetes-mtls.adoc, reference:redpanda-operator/kubernetes-sasl.adoc :page-categories: Management, Security :env-kubernetes: true :page-toclevels: 3 diff --git a/modules/manage/pages/kubernetes/security/authentication/k-user-controller.adoc b/modules/manage/pages/kubernetes/security/authentication/k-user-controller.adoc new file mode 100644 index 000000000..6b1b6c98a --- /dev/null +++ b/modules/manage/pages/kubernetes/security/authentication/k-user-controller.adoc @@ -0,0 +1,274 @@ += Manage Users and ACLs with the Redpanda Operator +:description: Use the User resource to declaratively create and manage users and ACLs as part of a Redpanda deployment. Each User resource is mapped to a user in your Redpanda cluster. The user controller keeps the corresponding user in sync with the User resource. +:page-categories: Management, Development +:env-kubernetes: true + +With the Redpanda Operator, you can declaratively create and manage Redpanda users and glossterm:ACL[,access control lists (ACLs)] using xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[User custom resources] (resources) in Kubernetes. Each User resource is mapped to a user in your Redpanda cluster. The user controller, a component of the Redpanda Operator, keeps the corresponding user in sync with the User resource. + +== Prerequisites + +You must have the following: + +* *Kubectl*: Ensure you have the https://kubernetes.io/docs/tasks/tools/#kubectl[kubectl^] command-line tool installed and configured to communicate with your cluster. +* *Redpanda Operator*: Ensure you have the xref:deploy:deployment-option/self-hosted/kubernetes/k-production-deployment.adoc[Redpanda Operator]. +* *Redpanda cluster with SASL enabled*: Ensure you have a Redpanda resource deployed with xref:manage:kubernetes/security/authentication/k-authentication.adoc#enable[SASL authentication enabled]. + +== Create a user + +You can use the User resource to: + +- <> +- <> +- <> + +Each User instance is responsible for managing both the user credentials (authentication) and the user's ACLs within the Redpanda cluster. You cannot use one User resource to manage the user and another resource to manage the ACLs. Only one User instance is allowed per user in the Redpanda cluster. + +[[no-acl]] +=== Create a new user without any ACLs + +- *Use case*: You want to create and manage user credentials (authentication) without managing ACLs. Use this option if you have a separate process to manage ACLs or if you're working in an environment where access control is handled externally. +- *What happens when deleted*: The user is deleted, but ACLs for that user will remain in the cluster. + +This example shows how to manage the creation and authentication of a user without configuring ACLs. + +.`new-user.yaml` +[,yaml,indent=0] +---- +include::manage:example$kubernetes/user-crds.feature[tags=manage-authn-only-manifest,indent=0] +---- + +[[only-acl]] +=== Create only ACLs + +- *Use case*: You want to manage ACLs for an existing user in the Redpanda cluster, but not modify the user's credentials. Use this option if user credentials are managed by another process or tool, and you only want to control what resources the user can access (authorization). +- *What happens when deleted*: The ACLs are removed, but the user remains. This is useful when you want to revoke access but retain the user's credentials for future use. + +When you create ACLs with the User resource, the specified ACLs are applied only to the user defined in the `metadata.name` field. For example, if you create ACLs for a user named `data-consumer`, those ACLs apply only to that user. Other users in the Redpanda cluster are not affected by these ACLs. + +This example shows how to manage only the ACLs for an existing user in the Redpanda cluster. + +.`new-acl.yaml` +[,yaml,indent=0] +---- +include::manage:example$kubernetes/user-crds.feature[tags=manage-authz-only-manifest,indent=0] +---- + +[[both]] +=== Create a new user and assign ACLs + +- *Use case*: You want to manage both user credentials and ACLs within the same resource. +- *What happens when deleted*: Both the user and the associated ACLs are removed. + +This example shows how to manage both authentication and ACLs for a user within the same User resource. + +.`new-user-and-acl.yaml` +[source,yaml,indent=0] +---- +# In this example manifest, the user "full-user" is created and managed for both authentication and authorization. +# The user is granted both read and write access to the topic critical-topic. +apiVersion: cluster.redpanda.com/v1alpha2 +kind: User +metadata: + name: full-user +spec: + cluster: + clusterRef: + name: sasl + authentication: + type: scram-sha-512 + password: + valueFrom: + secretKeyRef: + name: full-user-secret + key: password + authorization: + acls: + - type: allow + resource: + type: topic + name: critical-topic + patternType: literal + operations: [Read,Write] +---- + +== Configuration best practices + +The following sections provide guidance on setting up user authentication, managing secrets, and defining ACLs within your Kubernetes environment. These recommendations ensure proper user management while minimizing manual interventions and preventing potential security issues. By following these best practices, you can ensure that user access and permissions are correctly configured and maintained across your Redpanda cluster. + +You can find all configuration options for the User resource in the xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[CRD reference]. + +=== Choose a username + +The `metadata.name` field in the User resource is used to specify the username. Keep in mind the following best practices when choosing a username: + +- *Unique*: Ensure each user has a unique name to avoid conflicts. The username must be unique within the Redpanda cluster. +- *Descriptive*: Choose a name that identifies the purpose or role of the user. For example, use names like `app-consumer` or `admin-user`. +- *Stable*: Avoid changing usernames frequently. Usernames are tied to authentication and authorization rules (ACLs). Renaming a user involves deleting and recreating the user. + +[,yaml] +---- +metadata: + name: full-user +---- + +In this example, `full-user` is the username, which will be referenced in both authentication and authorization rules. + +=== Configure authentication + +This section provides guidance on configuring authentication for users with the User resource. + +You can find all configuration options for authentication in the xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthenticationspec[UserAuthenticationSpec] of the CRD reference. + +==== Choose an authentication type + +You can specify the authentication type for a user using the xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthenticationspec[`spec.authentication.type`] field. Supported values include `scram-sha-256`, `scram-sha-512`, and their uppercase variants. + +[source,yaml] +---- +spec: + authentication: + type: scram-sha-512 +---- + +If no authentication credentials are provided, no user will be created, but ACLs can still be managed for existing users. + +==== Manage user secrets + +Redpanda users require a password, which you can provide directly, using the xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-password[`spec.password.value`] field, or through a Kubernetes Secret, using the xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-password[`spec.password.valueFrom.secretKeyRef`]. The Redpanda operator offers flexibility in how these secrets are handled: + +- If the Secret exists and the key exists within that Secret, the existing password will be used. +- If the Secret exists but the key does not exist, the Secret will be updated with an autogenerated password. +- If the Secret does not exist, a new Secret with the provided key will be created with an autogenerated password. + +This behavior ensures that you can manage user credentials securely and programmatically, while also automating password generation if necessary. + +To use an existing Kubernetes Secret, ensure that the Secret and key are both defined. For example: + +[source,yaml] +---- +spec: + authentication: + password: + valueFrom: + secretKeyRef: + name: user-secret + key: password +---- + +This example is based on the assumption that a Kubernetes Secret named `user-secret` with a key `password` exists. If the Secret does not exist or the key is missing, the Redpanda Operator will handle it by creating or updating the Secret with an autogenerated password. The autogenerated password will follow best practices for secure password generation. + +If you need to create a Secret, you can use the following command as an example: + +[source,bash] +---- +kubectl --namespace create secret generic user-secret --from-file=password.txt +---- + +In this example, the `password.txt` file contains the password you want to use. + +=== Define ACLs + +The xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthorizationspec[`spec.authorization`] field allows you to manage ACLs for users. ACLs define the permissions users have over specific resources in Redpanda, such as topics, consumer groups, and clusters. + +You can define ACLs for a user by specifying which resources they can access and the operations they are permitted to perform. Here's an example configuration for managing ACLs: + +[source,yaml] +---- +spec: + authorization: + acls: + - type: allow + resource: + type: topic + name: my-topic + patternType: literal + operations: [Read, Write] +---- + +- `type`: Defines whether the ACL is `allow` or `deny`. +- `resource.type`: Specifies the resource type. +- `patternType`: Specifies if the resource name is treated as a `literal` or a `prefixed` pattern. Default: `literal`. ++ +TIP: Use specific resource names where possible. Using `literal` names for resources ensures that only the exact resources you intend are accessible. Use `prefixed` patterns cautiously to avoid accidental permission grants. +- `operations`: Lists the allowed operations, such as `Read`, `Write`, `Create`, and `Delete`. + +You can find all configuration options for authorization in the xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthorizationspec[UserAuthorizationSpec] of the CRD reference. + +For more details about ACLs, including supported operations and resources in Redpanda, see xref:manage:security/authorization/acl.adoc[]. + +== Deploy a User resource + +To deploy a User resource, apply the manifest to the same namespace as your Redpanda cluster: + +[,bash] +---- +kubectl apply -f .yaml --namespace +---- + +- Replace `` with the filename of your manifest. +- Replace `` with the namespace in which you deployed Redpanda. + +== Verify a user + +After deploying a User resource, verify that the Redpanda Operator reconciled it: + +[,bash] +---- +kubectl logs -l app.kubernetes.io/name=operator -c manager --namespace +---- + +Example output: + +[source,json] +---- +{ + "level": "info", + "ts": "2024-09-25T16:20:09.538Z", + "logger": "UserReconciler.Reconcile", + "msg": "Starting reconcile loop", + "controller": "user", + "User": { + "name": "my-user", + "namespace": "" + }, + "reconcileID": "c0cf9abc-a553-48b7-9b6e-2de3cdfb4432" +} +{ + "level": "info", + "ts": "2024-09-25T16:20:09.581Z", + "logger": "UserReconciler.Reconcile", + "msg": "Reconciliation finished in 43.436125ms, next run in 3s", +} +---- + +== Update a user + +To update a user, edit the User resource configuration and apply the changes. + +[,bash] +---- +kubectl apply -f .yaml --namespace +---- + +== Delete a user + +To delete a user, delete the User resource: + +[,bash] +---- +kubectl delete -f example-user.yaml --namespace +---- + +When a User resource is deleted, its underlying data is removed as well. If the user has ACLs, those ACLs are also removed. + +Deleting a User resource will have different impacts depending on how it is configured: + +- **Authentication-only**: When a User resource that manages only authentication is deleted, the user is removed from the cluster. However, any ACLs not managed by the same resource will remain in place. +- **Authorization-only**: When a User resource that manages only ACLs is deleted, the ACLs are removed, but the user remains in the cluster. +- **Full user management (both authentication and authorization)**: When the resource manages both users and ACLs, the user and its associated ACLs are removed. + +== Suggested reading + +* xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[User resource] +* xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userlist[UserList resource] +* xref:manage:kubernetes/security/authentication/k-authentication.adoc[] \ No newline at end of file diff --git a/modules/manage/partials/authentication.adoc b/modules/manage/partials/authentication.adoc index ef553e050..f5171f923 100644 --- a/modules/manage/partials/authentication.adoc +++ b/modules/manage/partials/authentication.adoc @@ -43,6 +43,7 @@ You must have the following: * https://kubernetes.io/docs/tasks/tools/#kubectl[Kubectl^]. Ensure you have the `kubectl` command-line tool installed and configured to communicate with your cluster. endif::[] +[[enable]] == Enable authentication ifndef::env-kubernetes[] diff --git a/modules/reference/pages/k-crd.adoc b/modules/reference/pages/k-crd.adoc index a8850ba0c..28ac982b8 100644 --- a/modules/reference/pages/k-crd.adoc +++ b/modules/reference/pages/k-crd.adoc @@ -8,14 +8,87 @@ Package v1alpha2 defines the v1alpha2 schema for the Redpanda API. It is part of an evolving API architecture, representing an initial stage that may be subject to change based on user feedback and further development. .Resource Types -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandalist[$$RedpandaList$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topic[$$Topic$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topiclist[$$TopicList$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandalist[$$RedpandaList$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topic[$$Topic$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topiclist[$$TopicList$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[$$User$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userlist[$$UserList$$] -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-admin"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-acloperation"] +== ACLOperation (string) + +ACLOperation specifies the type of operation for an ACL. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule[$$ACLRule$$] + + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclresourcespec"] +== ACLResourceSpec + +ACLResourceSpec indicates the resource for which given ACL rule applies. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule[$$ACLRule$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resourcetype[$$ResourceType$$]__ | +| *`name`* __string__ | Name of resource for which given ACL rule applies. + +Can be combined with patternType field to use prefix pattern. + +| *`patternType`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-patterntype[$$PatternType$$]__ | Describes the pattern used in the resource field. The supported types are literal + +and prefixed. With literal pattern type, the resource field will be used as a definition + +of a full topic name. With prefix pattern type, the resource name will be used only as + +a prefix. Default value is literal. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule"] +== ACLRule + +ACLRule defines an ACL rule applied to the given user. + + +Validations taken from https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=75978240 + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthorizationspec[$$UserAuthorizationSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-acltype[$$ACLType$$]__ | +| *`resource`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclresourcespec[$$ACLResourceSpec$$]__ | Indicates the resource for which given ACL rule applies. + +| *`host`* __string__ | The host from which the action described in the ACL rule is allowed or denied. + +If not set, it defaults to *, allowing or denying the action from any host. + +| *`operations`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-acloperation[$$ACLOperation$$] array__ | List of operations which will be allowed or denied. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-acltype"] +== ACLType (string) + +ACLType specifies the type, either allow or deny of an ACL rule. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule[$$ACLRule$$] + + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-admin"] == Admin Admin configures settings for the Admin API listeners. @@ -23,19 +96,58 @@ Admin configures settings for the Admin API listeners. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners[$$Listeners$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners[$$Listeners$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + +| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + | *`port`* __integer__ | Specifies the container port number for the internal listener. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + | *`appProtocol`* __string__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-auditlogging"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminapispec"] +== AdminAPISpec + +AdminAPISpec defines client configuration for connecting to Redpanda's admin API. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-staticconfigurationsource[$$StaticConfigurationSource$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`urls`* __string array__ | Specifies a list of broker addresses in the format : + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-commontls[$$CommonTLS$$]__ | Defines TLS configuration settings for Redpanda clusters that have TLS enabled. + +| *`sasl`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminsasl[$$AdminSASL$$]__ | Defines authentication configuration settings for Redpanda clusters that have authentication enabled. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminsasl"] +== AdminSASL + +AdminSASL configures credentials to connect to Redpanda cluster that has authentication enabled. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminapispec[$$AdminAPISpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Specifies the username. + +| *`passwordSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + +| *`mechanism`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + +| *`token`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-auditlogging"] == AuditLogging AuditLogging configures how to perform audit logging for a redpanda cluster @@ -43,7 +155,7 @@ AuditLogging configures how to perform audit logging for a redpanda cluster .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -64,7 +176,7 @@ Redpanda will use the `internal_topic_replication_factor` cluster config value. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-auth"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-auth"] == Auth Auth configures authentication in the Helm values. See https://docs.redpanda.com/current/manage/kubernetes/security/authentication/sasl-kubernetes/. @@ -72,20 +184,49 @@ Auth configures authentication in the Helm values. See https://docs.redpanda.com .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`sasl`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sasl[$$SASL$$]__ | Configures SASL authentication in the Helm values. + +| *`sasl`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sasl[$$SASL$$]__ | Configures SASL authentication in the Helm values. + |=== +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-authorizationtype"] +== AuthorizationType (string) + +AuthorizationType specifies the type of authorization to use in creating a user. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthorizationspec[$$UserAuthorizationSpec$$] + + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-bootstrapuser"] +== BootstrapUser +BootstrapUser configures the user used to bootstrap Redpanda when SASL is enabled. -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-budget"] + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sasl[$$SASL$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretKeyRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | Specifies the location where the generated password will be written or a pre-existing + +password will be read from. + +| *`mechanism`* __string__ | Specifies the authentication mechanism to use for the bootstrap user. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-budget"] == Budget Budget configures the management of disruptions affecting the Pods in the StatefulSet. @@ -93,7 +234,7 @@ Budget configures the management of disruptions affecting the Pods in the Statef .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -102,7 +243,7 @@ Budget configures the management of disruptions affecting the Pods in the Statef |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-cpu"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-cpu"] == CPU CPU configures CPU resources for containers. See https://docs.redpanda.com/current/manage/kubernetes/manage-resources/. @@ -110,7 +251,7 @@ CPU configures CPU resources for containers. See https://docs.redpanda.com/curre .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-resources[$$Resources$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resources[$$Resources$$] [cols="25a,75a", options="header"] |=== @@ -120,7 +261,7 @@ CPU configures CPU resources for containers. See https://docs.redpanda.com/curre |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-certificate"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-certificate"] == Certificate Certificate configures TLS certificates. @@ -128,14 +269,14 @@ Certificate configures TLS certificates. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tls[$$TLS$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tls[$$TLS$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`issuerRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-issuerref[$$IssuerRef$$]__ | Specify the name of an existing Issuer or ClusterIssuer resource to use to generate certificates. Requires cert-manager. See https://cert-manager.io/v1.1-docs. + -| *`secretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretref[$$SecretRef$$]__ | Specify the name of an existing Secret resource that contains your TLS certificate. + -| *`clientSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretref[$$SecretRef$$]__ | Specify the name of an existing Secret resource that contains your client TLS certificate. + +| *`issuerRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-issuerref[$$IssuerRef$$]__ | Specify the name of an existing Issuer or ClusterIssuer resource to use to generate certificates. Requires cert-manager. See https://cert-manager.io/v1.1-docs. + +| *`secretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretref[$$SecretRef$$]__ | Specify the name of an existing Secret resource that contains your TLS certificate. + +| *`clientSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretref[$$SecretRef$$]__ | Specify the name of an existing Secret resource that contains your client TLS certificate. + | *`duration`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#duration-v1-meta[$$Duration$$]__ | Specifies the validity duration of certificates generated with `issuerRef`. + | *`caEnabled`* __boolean__ | Specifies whether to include the `ca.crt` file in the trust stores of all listeners. Set to `true` only for certificates that are not authenticated using public certificate authorities (CAs). + | *`applyInternalDNSNames`* __boolean__ | Specifies you wish to have Kubernetes internal dns names (IE the headless service of the redpanda StatefulSet) included in `dnsNames` of the certificate even, when supplying an issuer. + @@ -143,7 +284,7 @@ Certificate configures TLS certificates. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-chartref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-chartref"] == ChartRef @@ -151,7 +292,7 @@ Certificate configures TLS certificates. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$] [cols="25a,75a", options="header"] |=== @@ -161,15 +302,69 @@ Certificate configures TLS certificates. | *`helmRepositoryName`* __string__ | Defines the chart repository to use. Defaults to `redpanda` if not defined. + | *`timeout`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#duration-v1-meta[$$Duration$$]__ | Specifies the time to wait for any individual Kubernetes operation (like Jobs + for hooks) during Helm actions. Defaults to `15m0s`. + -| *`upgrade`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-helmupgrade[$$HelmUpgrade$$]__ | Defines how to handle upgrades, including failures. + +| *`upgrade`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-helmupgrade[$$HelmUpgrade$$]__ | Defines how to handle upgrades, including failures. + +| *`useFlux`* __boolean__ | NOTE! Alpha feature + +UseFlux flag set to `false` will prevent helm controller from reconciling helm chart. The operator would be + +tight with `go` based Redpanda helm chart version. The rest of the ChartRef fields would be ignored. + + + +Before setting UseFlux flag to `false` please alight your ChartVersion to at least `5.9.3` + +version of the Redpanda chart. + + + +RedpandaStatus might not be accurate if flag is set to `false` and HelmRelease is manually deleted. + + + +To achieve dynamic switch for Flux controllers (HelmRelease and HelmRepository) the resources + +would not be removed, but they will be put in suspended mode (if flag is provided and set to `false`). + + + +https://fluxcd.io/flux/components/helm/helmreleases/#suspend + +https://fluxcd.io/flux/components/source/helmrepositories/#suspend + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clusterref"] +== ClusterRef + +ClusterRef represents a reference to a cluster that is being targeted. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$] + +[cols="25a,75a", options="header"] |=== +| Field | Description +| *`name`* __string__ | Name specifies the name of the cluster being referenced. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource"] +== ClusterSource +ClusterSource defines how to connect to a particular Redpanda cluster. -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-commontls"] +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[$$TopicSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userspec[$$UserSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`clusterRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clusterref[$$ClusterRef$$]__ | ClusterRef is a reference to the cluster where the object should be created. + +It is used in constructing the client created to configure a cluster. + +This takes precedence over StaticConfigurationSource. + +| *`staticConfiguration`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-staticconfigurationsource[$$StaticConfigurationSource$$]__ | StaticConfiguration holds connection parameters to Kafka and Admin APIs. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-commontls"] == CommonTLS CommonTLS specifies TLS configuration settings for Redpanda clusters that have authentication enabled. @@ -177,19 +372,20 @@ CommonTLS specifies TLS configuration settings for Redpanda clusters that have a .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminapispec[$$AdminAPISpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`caCertSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | CaCert is the reference for certificate authority used to establish TLS connection to Redpanda + -| *`certSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Cert is the reference for client public certificate to establish mTLS connection to Redpanda + -| *`keySecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Key is the reference for client private certificate to establish mTLS connection to Redpanda + +| *`caCertSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | CaCert is the reference for certificate authority used to establish TLS connection to Redpanda + +| *`certSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Cert is the reference for client public certificate to establish mTLS connection to Redpanda + +| *`keySecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Key is the reference for client private certificate to establish mTLS connection to Redpanda + | *`insecureSkipTlsVerify`* __boolean__ | InsecureSkipTLSVerify can skip verifying Redpanda self-signed certificate when establish TLS connection to Redpanda + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-config"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-config"] == Config Config configures Redpanda config properties supported by Redpanda that may not work correctly in a Kubernetes cluster. Changing these values from the defaults comes with some risk. Use these properties to customize various Redpanda configurations that are not available in the `RedpandaClusterSpec`. These values have no impact on the configuration or behavior of the Kubernetes objects deployed by Helm, and therefore should not be modified for the purpose of configuring those objects. Instead, these settings get passed directly to the Redpanda binary at startup. @@ -197,7 +393,7 @@ Config configures Redpanda config properties supported by Redpanda that may not .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -211,7 +407,7 @@ Config configures Redpanda config properties supported by Redpanda that may not |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configsynonyms"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configsynonyms"] == ConfigSynonyms ConfigSynonyms was copied from https://github.com/twmb/franz-go/blob/01651affd204d4a3577a341e748c5d09b52587f8/pkg/kmsg/generated.go#L24569-L24578 @@ -219,7 +415,7 @@ ConfigSynonyms was copied from https://github.com/twmb/franz-go/blob/01651affd20 .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configuration[$$Configuration$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configuration[$$Configuration$$] [cols="25a,75a", options="header"] |=== @@ -231,7 +427,7 @@ ConfigSynonyms was copied from https://github.com/twmb/franz-go/blob/01651affd20 |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configwatcher"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configwatcher"] == ConfigWatcher ConfigWatcher configures a sidecar that watches for changes to the Secret in `auth.sasl.secretRef` and applies the changes to the Redpanda cluster. @@ -239,7 +435,7 @@ ConfigWatcher configures a sidecar that watches for changes to the Secret in `au .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecars[$$SideCars$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecars[$$SideCars$$] [cols="25a,75a", options="header"] |=== @@ -251,7 +447,7 @@ ConfigWatcher configures a sidecar that watches for changes to the Secret in `au |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configuration"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configuration"] == Configuration Configuration was copied from https://github.com/twmb/franz-go/blob/01651affd204d4a3577a341e748c5d09b52587f8/pkg/kmsg/generated.go#L24593-L24634 @@ -259,7 +455,7 @@ Configuration was copied from https://github.com/twmb/franz-go/blob/01651affd204 .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicstatus[$$TopicStatus$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicstatus[$$TopicStatus$$] [cols="25a,75a", options="header"] |=== @@ -280,7 +476,7 @@ replaced in favor of Source. + This field has a default of -1. + | *`isSensitive`* __boolean__ | IsSensitive signifies whether this is a sensitive config key, which + is either a password or an unknown type. + -| *`configSynonyms`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configsynonyms[$$ConfigSynonyms$$] array__ | ConfigSynonyms contains fallback key/value pairs for this config + +| *`configSynonyms`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configsynonyms[$$ConfigSynonyms$$] array__ | ConfigSynonyms contains fallback key/value pairs for this config + entry, in order of preference. That is, if a config entry is both + dynamically configured and has a default, the top level return will be + the dynamic configuration, while its "synonym" will be the default. + @@ -290,7 +486,7 @@ the dynamic configuration, while its "synonym" will be the default. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configurator"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configurator"] == Configurator @@ -298,7 +494,7 @@ the dynamic configuration, while its "synonym" will be the default. + .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] [cols="25a,75a", options="header"] |=== @@ -308,7 +504,7 @@ the dynamic configuration, while its "synonym" will be the default. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-connectormonitoring"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-connectormonitoring"] == ConnectorMonitoring ConnectorMonitoring configures monitoring resources for Connectors. See https://docs.redpanda.com/current/manage/kubernetes/monitoring/monitor-redpanda/. @@ -316,7 +512,7 @@ ConnectorMonitoring configures monitoring resources for Connectors. See https:// .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$] [cols="25a,75a", options="header"] |=== @@ -329,7 +525,7 @@ ConnectorMonitoring configures monitoring resources for Connectors. See https:// |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-connectorscreateobj"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-connectorscreateobj"] == ConnectorsCreateObj ConnectorsCreateObj configures Kubernetes resources for Redpanda Connectors. @@ -337,7 +533,7 @@ ConnectorsCreateObj configures Kubernetes resources for Redpanda Connectors. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$] [cols="25a,75a", options="header"] |=== @@ -348,7 +544,7 @@ never used. Prefer Create. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-consolecreateobj"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolecreateobj"] == ConsoleCreateObj ConsoleCreateObj represents configuration options for creating Kubernetes objects such as ConfigMaps, Secrets, and Deployments. @@ -356,7 +552,7 @@ ConsoleCreateObj represents configuration options for creating Kubernetes object .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] [cols="25a,75a", options="header"] |=== @@ -365,7 +561,7 @@ ConsoleCreateObj represents configuration options for creating Kubernetes object |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-container"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-container"] == Container @@ -373,7 +569,7 @@ ConsoleCreateObj represents configuration options for creating Kubernetes object .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podspec[$$PodSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podspec[$$PodSpec$$] [cols="25a,75a", options="header"] |=== @@ -384,7 +580,7 @@ ConsoleCreateObj represents configuration options for creating Kubernetes object |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-containerresources"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-containerresources"] == ContainerResources ContainerResources defines resource limits for containers. @@ -392,7 +588,7 @@ ContainerResources defines resource limits for containers. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-memory[$$Memory$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-memory[$$Memory$$] [cols="25a,75a", options="header"] |=== @@ -402,7 +598,7 @@ ContainerResources defines resource limits for containers. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-credentialsecretref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-credentialsecretref"] == CredentialSecretRef CredentialSecretRef can be used to set cloud_storage_secret_key from referenced Kubernetes Secret @@ -410,17 +606,17 @@ CredentialSecretRef can be used to set cloud_storage_secret_key from referenced .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tiered[$$Tiered$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tiered[$$Tiered$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`accessKey`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretwithconfigfield[$$SecretWithConfigField$$]__ | -| *`secretKey`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretwithconfigfield[$$SecretWithConfigField$$]__ | +| *`accessKey`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretwithconfigfield[$$SecretWithConfigField$$]__ | +| *`secretKey`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretwithconfigfield[$$SecretWithConfigField$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enablable"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enablable"] == Enablable @@ -428,8 +624,8 @@ CredentialSecretRef can be used to set cloud_storage_secret_key from referenced .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] [cols="25a,75a", options="header"] |=== @@ -438,7 +634,7 @@ CredentialSecretRef can be used to set cloud_storage_secret_key from referenced |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enterprise"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enterprise"] == Enterprise Enterprise configures an Enterprise license key to enable Redpanda Enterprise features. Requires the post-install job to be enabled (default). See https://docs.redpanda.com/current/get-started/licenses/. @@ -446,17 +642,17 @@ Enterprise configures an Enterprise license key to enable Redpanda Enterprise fe .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`license`* __string__ | Specifies the Enterprise license key. + -| *`licenseSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enterpriselicensesecretref[$$EnterpriseLicenseSecretRef$$]__ | Defines a reference to a Secret resource that contains the Enterprise license key. + +| *`licenseSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enterpriselicensesecretref[$$EnterpriseLicenseSecretRef$$]__ | Defines a reference to a Secret resource that contains the Enterprise license key. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enterpriselicensesecretref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enterpriselicensesecretref"] == EnterpriseLicenseSecretRef EnterpriseLicenseSecretRef configures a reference to a Secret resource that contains the Enterprise license key. @@ -464,7 +660,7 @@ EnterpriseLicenseSecretRef configures a reference to a Secret resource that cont .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enterprise[$$Enterprise$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enterprise[$$Enterprise$$] [cols="25a,75a", options="header"] |=== @@ -474,7 +670,7 @@ EnterpriseLicenseSecretRef configures a reference to a Secret resource that cont |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-external"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-external"] == External External defines external connectivity settings in the Helm values. @@ -482,7 +678,7 @@ External defines external connectivity settings in the Helm values. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -491,15 +687,15 @@ External defines external connectivity settings in the Helm values. | *`annotations`* __object (keys:string, values:string)__ | Adds custom annotations to the external Service. + | *`domain`* __string__ | Specifies the domain to advertise to external clients. If specified, then it will be appended to the `external.addresses` values as each broker's advertised address. + | *`enabled`* __boolean__ | Specifies whether the external access is enabled. + -| *`service`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externalservice[$$ExternalService$$]__ | Configures the external Service resource. + +| *`service`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalservice[$$ExternalService$$]__ | Configures the external Service resource. + | *`sourceRanges`* __string array__ | Source range for external access. Only applicable when `external.type` is LoadBalancer. + | *`type`* __string__ | Specifies the external Service type. Only NodePort and LoadBalancer are supported. If undefined, then advertised listeners will be configured in Redpanda, but the Helm chart will not create a Service. NodePort is recommended in cases where latency is a priority. + -| *`externalDns`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externaldns[$$ExternalDNS$$]__ | Defines externalDNS configurations. + +| *`externalDns`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externaldns[$$ExternalDNS$$]__ | Defines externalDNS configurations. + | *`prefixTemplate`* __string__ | Specifies a naming prefix template for external Services. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externaldns"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externaldns"] == ExternalDNS ExternalDNS configures externalDNS. @@ -507,7 +703,7 @@ ExternalDNS configures externalDNS. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-external[$$External$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-external[$$External$$] [cols="25a,75a", options="header"] |=== @@ -516,7 +712,7 @@ ExternalDNS configures externalDNS. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externallistener"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externallistener"] == ExternalListener ExternalListener configures settings for the external listeners. @@ -524,10 +720,10 @@ ExternalListener configures settings for the external listeners. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-admin[$$Admin$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-http[$$HTTP$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafka[$$Kafka$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-schemaregistry[$$SchemaRegistry$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-admin[$$Admin$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-http[$$HTTP$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafka[$$Kafka$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-schemaregistry[$$SchemaRegistry$$] [cols="25a,75a", options="header"] |=== @@ -535,14 +731,14 @@ ExternalListener configures settings for the external listeners. | *`enabled`* __boolean__ | | *`authenticationMethod`* __string__ | Specifies the authentication method for the external listener. For example, 'mtls_identity' or `sasl`. + | *`port`* __integer__ | Specifies the container port number for the external listener. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the external listener. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the external listener. + | *`advertisedPorts`* __integer array__ | Specifies the network port that the external Service listens on. + | *`prefixTemplate`* __string__ | Specifies the template used for generating the advertised addresses of Services. This field accepts a string template that dynamically constructs Service addresses based on various parameters such as Service name and port number. + | *`nodePort`* __integer__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externalservice"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalservice"] == ExternalService ExternalService allows you to enable or disable the creation of an external Service type. @@ -550,7 +746,7 @@ ExternalService allows you to enable or disable the creation of an external Serv .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-external[$$External$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-external[$$External$$] [cols="25a,75a", options="header"] |=== @@ -559,7 +755,7 @@ ExternalService allows you to enable or disable the creation of an external Serv |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-fsvalidator"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-fsvalidator"] == FsValidator @@ -567,7 +763,7 @@ ExternalService allows you to enable or disable the creation of an external Serv .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] [cols="25a,75a", options="header"] |=== @@ -579,7 +775,7 @@ ExternalService allows you to enable or disable the creation of an external Serv |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-http"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-http"] == HTTP HTTP configures settings for the HTTP Proxy listeners. @@ -587,22 +783,22 @@ HTTP configures settings for the HTTP Proxy listeners. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners[$$Listeners$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners[$$Listeners$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`authenticationMethod`* __string__ | Specifies the authentication method for the external listener. For example, 'mtls_identity' or `sasl`. + | *`enabled`* __boolean__ | Specifies whether the HTTP Proxy is enabled. + -| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + +| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + | *`kafkaEndpoint`* __string__ | Configures the listener to use for HTTP connections. For example `default` for the internal listener. + | *`port`* __integer__ | Specifies the container port number for the internal listener. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + | *`prefixTemplate`* __string__ | Specifies the template used for generating the advertised addresses of Services. This field accepts a string template that dynamically constructs Service addresses based on various parameters such as Service name and port number. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-helmupgrade"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-helmupgrade"] == HelmUpgrade HelmUpgrade configures the behavior and strategy for Helm chart upgrades. @@ -610,7 +806,7 @@ HelmUpgrade configures the behavior and strategy for Helm chart upgrades. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-chartref[$$ChartRef$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-chartref[$$ChartRef$$] [cols="25a,75a", options="header"] |=== @@ -622,7 +818,7 @@ HelmUpgrade configures the behavior and strategy for Helm chart upgrades. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainerimage"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainerimage"] == InitContainerImage InitContainerImage configures the init container image used to perform initial setup tasks before the main containers start. @@ -630,7 +826,7 @@ InitContainerImage configures the init container image used to perform initial s .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -640,7 +836,7 @@ InitContainerImage configures the init container image used to perform initial s |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers"] == InitContainers InitContainers configures the init container used to perform initial setup tasks before the main containers start. @@ -648,21 +844,21 @@ InitContainers configures the init container used to perform initial setup tasks .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`configurator`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configurator[$$Configurator$$]__ | +| *`configurator`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configurator[$$Configurator$$]__ | | *`extraInitContainers`* __string__ | -| *`setDataDirOwnership`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-setdatadirownership[$$SetDataDirOwnership$$]__ | Defines the settings related to ownership of the Redpanda data directory in environments where root access is restricted. + -| *`setTieredStorageCacheDirOwnership`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-settieredstoragecachedirownership[$$SetTieredStorageCacheDirOwnership$$]__ | Defines the settings related to ownership of the Tiered Storage cache in environments where root access is restricted. + -| *`fsValidator`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-fsvalidator[$$FsValidator$$]__ | Defines the setting for init container that not allow to start Redpanda until filesystem matches + -| *`tuning`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tuning[$$Tuning$$]__ | Defines settings for the autotuner tool in Redpanda. The autotuner identifies the hardware configuration in the container and optimizes the Linux kernel to give you the best performance. + +| *`setDataDirOwnership`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-setdatadirownership[$$SetDataDirOwnership$$]__ | Defines the settings related to ownership of the Redpanda data directory in environments where root access is restricted. + +| *`setTieredStorageCacheDirOwnership`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-settieredstoragecachedirownership[$$SetTieredStorageCacheDirOwnership$$]__ | Defines the settings related to ownership of the Tiered Storage cache in environments where root access is restricted. + +| *`fsValidator`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-fsvalidator[$$FsValidator$$]__ | Defines the setting for init container that not allow to start Redpanda until filesystem matches + +| *`tuning`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tuning[$$Tuning$$]__ | Defines settings for the autotuner tool in Redpanda. The autotuner identifies the hardware configuration in the container and optimizes the Linux kernel to give you the best performance. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-issuerref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-issuerref"] == IssuerRef IssuerRef configures the Issuer or ClusterIssuer resource to use to generate certificates. Requires cert-manager. See https://cert-manager.io/v1.1-docs. @@ -670,7 +866,7 @@ IssuerRef configures the Issuer or ClusterIssuer resource to use to generate cer .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-certificate[$$Certificate$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-certificate[$$Certificate$$] [cols="25a,75a", options="header"] |=== @@ -681,7 +877,7 @@ IssuerRef configures the Issuer or ClusterIssuer resource to use to generate cer |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafka"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafka"] == Kafka Kafka configures settings for the Kafka API listeners. @@ -689,20 +885,20 @@ Kafka configures settings for the Kafka API listeners. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners[$$Listeners$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners[$$Listeners$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`authenticationMethod`* __string__ | Specifies the authentication method for the external listener. For example, 'mtls_identity' or `sasl`. + -| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + +| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + | *`port`* __integer__ | Specifies the container port number for the internal listener. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + | *`prefixTemplate`* __string__ | Specifies the template used for generating the advertised addresses of Services. This field accepts a string template that dynamically constructs Service addresses based on various parameters such as Service name and port number. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkaapispec"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkaapispec"] == KafkaAPISpec KafkaAPISpec configures client configuration settings for connecting to Redpanda brokers. @@ -710,15 +906,15 @@ KafkaAPISpec configures client configuration settings for connecting to Redpanda .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-staticconfigurationsource[$$StaticConfigurationSource$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[$$TopicSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-staticconfigurationsource[$$StaticConfigurationSource$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[$$TopicSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`brokers`* __string array__ | Specifies a list of broker addresses in the format : + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-commontls[$$CommonTLS$$]__ | Defines TLS configuration settings for Redpanda clusters that have TLS enabled. + -| *`sasl`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$]__ | Defines authentication configuration settings for Redpanda clusters that have authentication enabled. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-commontls[$$CommonTLS$$]__ | Defines TLS configuration settings for Redpanda clusters that have TLS enabled. + +| *`sasl`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$]__ | Defines authentication configuration settings for Redpanda clusters that have authentication enabled. + |=== @@ -726,7 +922,7 @@ KafkaAPISpec configures client configuration settings for connecting to Redpanda -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl"] == KafkaSASL KafkaSASL configures credentials to connect to Redpanda cluster that has authentication enabled. @@ -734,21 +930,21 @@ KafkaSASL configures credentials to connect to Redpanda cluster that has authent .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + -| *`mechanism`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + -| *`oauth`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$]__ | -| *`gssapi`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$]__ | -| *`awsMskIam`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + +| *`mechanism`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + +| *`oauth`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$]__ | +| *`gssapi`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$]__ | +| *`awsMskIam`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasaslawsmskiam"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam"] == KafkaSASLAWSMskIam KafkaSASLAWSMskIam is the config for AWS IAM SASL mechanism, @@ -757,14 +953,14 @@ see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.ht .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`accessKey`* __string__ | -| *`secretKeySecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | -| *`sessionTokenSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | SessionToken, if non-empty, is a session / security token to use for authentication. + +| *`secretKeySecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`sessionTokenSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | SessionToken, if non-empty, is a session / security token to use for authentication. + See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html + | *`userAgent`* __string__ | UserAgent is the user agent to for the client to use when connecting + to Kafka, overriding the default "franz-go//". + @@ -776,7 +972,7 @@ https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-ke |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasaslgssapi"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi"] == KafkaSASLGSSAPI KafkaSASLGSSAPI represents the Kafka Kerberos config. @@ -784,7 +980,7 @@ KafkaSASLGSSAPI represents the Kafka Kerberos config. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] [cols="25a,75a", options="header"] |=== @@ -794,7 +990,7 @@ KafkaSASLGSSAPI represents the Kafka Kerberos config. | *`kerberosConfigPath`* __string__ | | *`serviceName`* __string__ | | *`username`* __string__ | -| *`passwordSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | | *`realm`* __string__ | | *`enableFast`* __boolean__ | EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. + It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. + @@ -802,7 +998,7 @@ FAST provides increased resistance to passive password guessing attacks. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasloauthbearer"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer"] == KafkaSASLOAuthBearer KafkaSASLOAuthBearer is the config struct for the SASL OAuthBearer mechanism @@ -810,16 +1006,16 @@ KafkaSASLOAuthBearer is the config struct for the SASL OAuthBearer mechanism .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`tokenSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`tokenSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-licensesecretref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-licensesecretref"] == LicenseSecretRef LicenseSecretRef is deprecated. Use `EnterpriseLicenseSecretRef` instead. @@ -827,7 +1023,7 @@ LicenseSecretRef is deprecated. Use `EnterpriseLicenseSecretRef` instead. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -837,7 +1033,7 @@ LicenseSecretRef is deprecated. Use `EnterpriseLicenseSecretRef` instead. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls"] == ListenerTLS ListenerTLS configures TLS configuration for each listener in the Helm values. @@ -845,12 +1041,12 @@ ListenerTLS configures TLS configuration for each listener in the Helm values. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-admin[$$Admin$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-http[$$HTTP$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafka[$$Kafka$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rpc[$$RPC$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-schemaregistry[$$SchemaRegistry$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-admin[$$Admin$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-http[$$HTTP$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafka[$$Kafka$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rpc[$$RPC$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-schemaregistry[$$SchemaRegistry$$] [cols="25a,75a", options="header"] |=== @@ -863,12 +1059,12 @@ ListenerTLS configures TLS configuration for each listener in the Helm values. Deprecated: Setting SecretRef has no affect and will be removed in + future releases. + | *`requireClientAuth`* __boolean__ | Indicates whether client authentication (mTLS) is required. + -| *`trustStore`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-truststore[$$TrustStore$$]__ | TrustStore allows setting the `truststore_path` on this listener. If + +| *`trustStore`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-truststore[$$TrustStore$$]__ | TrustStore allows setting the `truststore_path` on this listener. If + specified, this field takes precedence over [Certificate.CAEnabled]. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners"] == Listeners Listeners configures settings for listeners, including HTTP Proxy, Schema Registry, the Admin API and the Kafka API. See https://docs.redpanda.com/current/manage/kubernetes/networking/configure-listeners/. @@ -876,20 +1072,20 @@ Listeners configures settings for listeners, including HTTP Proxy, Schema Regist .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`admin`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-admin[$$Admin$$]__ | Configures settings for the Admin API listeners. + -| *`http`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-http[$$HTTP$$]__ | Configures settings for the HTTP Proxy listeners. + -| *`kafka`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafka[$$Kafka$$]__ | Configures settings for the Kafka API listeners. + -| *`rpc`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rpc[$$RPC$$]__ | Configures settings for the RPC API listener. + -| *`schemaRegistry`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-schemaregistry[$$SchemaRegistry$$]__ | Configures settings for the Schema Registry listeners. + +| *`admin`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-admin[$$Admin$$]__ | Configures settings for the Admin API listeners. + +| *`http`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-http[$$HTTP$$]__ | Configures settings for the HTTP Proxy listeners. + +| *`kafka`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafka[$$Kafka$$]__ | Configures settings for the Kafka API listeners. + +| *`rpc`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rpc[$$RPC$$]__ | Configures settings for the RPC API listener. + +| *`schemaRegistry`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-schemaregistry[$$SchemaRegistry$$]__ | Configures settings for the Schema Registry listeners. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-livenessprobe"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-livenessprobe"] == LivenessProbe LivenessProbe configures liveness probes to monitor the health of the Pods and restart them if necessary. @@ -897,8 +1093,8 @@ LivenessProbe configures liveness probes to monitor the health of the Pods and r .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -911,7 +1107,7 @@ LivenessProbe configures liveness probes to monitor the health of the Pods and r |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-logging"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-logging"] == Logging Logging configures logging settings in the Helm values. See https://docs.redpanda.com/current/manage/kubernetes/troubleshooting/troubleshoot/. @@ -919,17 +1115,17 @@ Logging configures logging settings in the Helm values. See https://docs.redpand .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`logLevel`* __string__ | Sets the verbosity level of logs. + -| *`usageStats`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-usagestats[$$UsageStats$$]__ | Specifies whether to send usage statistics to Redpanda Data. + +| *`usageStats`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usagestats[$$UsageStats$$]__ | Specifies whether to send usage statistics to Redpanda Data. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-memory"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-memory"] == Memory Memory configures memory resources. @@ -937,18 +1133,36 @@ Memory configures memory resources. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-resources[$$Resources$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resources[$$Resources$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`container`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-containerresources[$$ContainerResources$$]__ | Defines resource limits for containers. + +| *`container`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-containerresources[$$ContainerResources$$]__ | Defines resource limits for containers. + | *`enable_memory_locking`* __boolean__ | Enables memory locking. For production, set to `true`. + -| *`redpanda`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandamemory[$$RedpandaMemory$$]__ | Allows you to optionally specify the memory size for both the Redpanda process and the underlying reserved memory used by Seastar. + +| *`redpanda`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandamemory[$$RedpandaMemory$$]__ | Allows you to optionally specify the memory size for both the Redpanda process and the underlying reserved memory used by Seastar. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-migration"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-metadatatemplate"] +== MetadataTemplate + +MetadataTemplate defines additional metadata to associate with a resource. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resourcetemplate[$$ResourceTemplate$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`labels`* __object (keys:string, values:string)__ | Labels specifies the Kubernetes labels to apply to a managed resource. + +| *`annotations`* __object (keys:string, values:string)__ | Annotations specifies the Kubernetes annotations to apply to a managed resource. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-migration"] == Migration Migration can configure old Cluster and Console custom resource that will be disabled. @@ -957,20 +1171,20 @@ With Migration the ChartRef and ClusterSpec still need to be correctly configure .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`enabled`* __boolean__ | -| *`clusterRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-vectorized-v1alpha1-namespacenameref[$$NamespaceNameRef$$]__ | ClusterRef by default will not be able to reach different namespaces, but it can be + +| *`clusterRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-vectorized-v1alpha1-namespacenameref[$$NamespaceNameRef$$]__ | ClusterRef by default will not be able to reach different namespaces, but it can be + overwritten by adding ClusterRole and ClusterRoleBinding to operator ServiceAccount. + -| *`consoleRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-vectorized-v1alpha1-namespacenameref[$$NamespaceNameRef$$]__ | ConsoleRef by default will not be able to reach different namespaces, but it can be + +| *`consoleRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-vectorized-v1alpha1-namespacenameref[$$NamespaceNameRef$$]__ | ConsoleRef by default will not be able to reach different namespaces, but it can be + overwritten by adding ClusterRole and ClusterRoleBinding to operator ServiceAccount. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-monitoring"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-monitoring"] == Monitoring Monitoring configures monitoring resources for Redpanda. See https://docs.redpanda.com/current/manage/kubernetes/monitoring/monitor-redpanda/. @@ -978,7 +1192,7 @@ Monitoring configures monitoring resources for Redpanda. See https://docs.redpan .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -991,7 +1205,57 @@ Monitoring configures monitoring resources for Redpanda. See https://docs.redpan |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-persistentvolume"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-password"] +== Password + +Password specifies a password for the user. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthenticationspec[$$UserAuthenticationSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`value`* __string__ | +| *`valueFrom`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-passwordsource[$$PasswordSource$$]__ | +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-passwordsource"] +== PasswordSource + +PasswordSource contains the source for a password. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-password[$$Password$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretKeyRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | SecretKeyRef specifies the secret used in reading a User password. + +If the Secret exists and has a value in it, then that value is used. + +If the Secret does not exist, or is empty, a password is generated and + +stored based on this configuration. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-patterntype"] +== PatternType (string) + +PatternType specifies the type of pattern applied for ACL resource matching. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclresourcespec[$$ACLResourceSpec$$] + + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-persistentvolume"] == PersistentVolume PersistentVolume configures configurations for a PersistentVolumeClaim to use to store the Redpanda data directory. @@ -999,8 +1263,8 @@ PersistentVolume configures configurations for a PersistentVolumeClaim to use to .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-storage[$$Storage$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tiered[$$Tiered$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-storage[$$Storage$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tiered[$$Tiered$$] [cols="25a,75a", options="header"] |=== @@ -1014,7 +1278,7 @@ PersistentVolume configures configurations for a PersistentVolumeClaim to use to |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podantiaffinity"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podantiaffinity"] == PodAntiAffinity PodAntiAffinity configures Pod anti-affinity rules to prevent Pods from being scheduled together on the same node. @@ -1022,7 +1286,7 @@ PodAntiAffinity configures Pod anti-affinity rules to prevent Pods from being sc .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -1034,7 +1298,7 @@ PodAntiAffinity configures Pod anti-affinity rules to prevent Pods from being sc |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podspec"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podspec"] == PodSpec PodSpec is a subset of [corev1.PodSpec] that will be merged into the objects @@ -1046,17 +1310,17 @@ field. Ideally, a more generally applicable solution should be used. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`containers`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-container[$$Container$$] array__ | +| *`containers`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-container[$$Container$$] array__ | | *`securityContext`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#podsecuritycontext-v1-core[$$PodSecurityContext$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podtemplate"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podtemplate"] == PodTemplate PodTemplate will pass label and annotation to Statefulset Pod template. @@ -1064,20 +1328,20 @@ PodTemplate will pass label and annotation to Statefulset Pod template. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-postinstalljob[$$PostInstallJob$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-postupgradejob[$$PostUpgradeJob$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-postinstalljob[$$PostInstallJob$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-postupgradejob[$$PostUpgradeJob$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`labels`* __object (keys:string, values:string)__ | | *`annotations`* __object (keys:string, values:string)__ | -| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podspec[$$PodSpec$$]__ | +| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podspec[$$PodSpec$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-postinstalljob"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-postinstalljob"] == PostInstallJob PostInstallJob configures configurations for the post-install job that run after installation of the Helm chart. @@ -1085,7 +1349,7 @@ PostInstallJob configures configurations for the post-install job that run after .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1098,12 +1362,12 @@ PostInstallJob configures configurations for the post-install job that run after [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). + | *`securityContext`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#securitycontext-v1-core[$$SecurityContext$$]__ | SecurityContext is deprecated. Prefer [PodTemplate.Spec.SecurityContext] + or [PodTemplate.Spec.Containers[*].SecurityContext]. + -| *`podTemplate`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$]__ | PodTemplate is a subset of Kubernetes' PodTemplate that will be merged + +| *`podTemplate`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$]__ | PodTemplate is a subset of Kubernetes' PodTemplate that will be merged + into this Job's PodTemplate. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-postupgradejob"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-postupgradejob"] == PostUpgradeJob PostUpgradeJob configures configurations for the post-upgrade job that run after each upgrade of the Helm chart. @@ -1111,7 +1375,7 @@ PostUpgradeJob configures configurations for the post-upgrade job that run after .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1127,12 +1391,12 @@ PostUpgradeJob configures configurations for the post-upgrade job that run after [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). + | *`securityContext`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#securitycontext-v1-core[$$SecurityContext$$]__ | SecurityContext is deprecated. Prefer [PodTemplate.Spec.SecurityContext] + or [PodTemplate.Spec.Containers[*].SecurityContext]. + -| *`podTemplate`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$]__ | PodTemplate is a subset of Kubernetes' PodTemplate that will be merged + +| *`podTemplate`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$]__ | PodTemplate is a subset of Kubernetes' PodTemplate that will be merged + into this Job's PodTemplate. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rbac"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rbac"] == RBAC RBAC configures role-based access control (RBAC). @@ -1140,7 +1404,7 @@ RBAC configures role-based access control (RBAC). .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1150,7 +1414,7 @@ RBAC configures role-based access control (RBAC). |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rpc"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rpc"] == RPC RPC configures settings for the RPC API listeners. @@ -1158,17 +1422,17 @@ RPC configures settings for the RPC API listeners. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners[$$Listeners$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners[$$Listeners$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`port`* __integer__ | Specifies the container port number for the internal listener. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rpcontrollers"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rpcontrollers"] == RPControllers RPControllers configures additional controllers that can be deployed as sidecars in rp helm @@ -1176,7 +1440,7 @@ RPControllers configures additional controllers that can be deployed as sidecars .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecars[$$SideCars$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecars[$$SideCars$$] [cols="25a,75a", options="header"] |=== @@ -1184,7 +1448,7 @@ RPControllers configures additional controllers that can be deployed as sidecars | *`enabled`* __boolean__ | Specifies whether the Controllers are enabled. + | *`resources`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#resourcerequirements-v1-core[$$ResourceRequirements$$]__ | | *`securityContext`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#securitycontext-v1-core[$$SecurityContext$$]__ | -| *`image`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaimage[$$RedpandaImage$$]__ | +| *`image`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaimage[$$RedpandaImage$$]__ | | *`healthProbeAddress`* __string__ | | *`metricsAddress`* __string__ | | *`run`* __string array__ | @@ -1192,7 +1456,7 @@ RPControllers configures additional controllers that can be deployed as sidecars |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rackawareness"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rackawareness"] == RackAwareness RackAwareness configures rack awareness in the Helm values. See https://docs.redpanda.com/current/manage/kubernetes/kubernetes-rack-awareness/. @@ -1200,7 +1464,7 @@ RackAwareness configures rack awareness in the Helm values. See https://docs.red .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1210,7 +1474,7 @@ RackAwareness configures rack awareness in the Helm values. See https://docs.red |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-readinessprobe"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-readinessprobe"] == ReadinessProbe ReadinessProbe configures readiness probes to determine when a Pod is ready to handle traffic. @@ -1218,8 +1482,8 @@ ReadinessProbe configures readiness probes to determine when a Pod is ready to h .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -1232,7 +1496,7 @@ ReadinessProbe configures readiness probes to determine when a Pod is ready to h |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpanda"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda"] == Redpanda Redpanda defines the CRD for Redpanda clusters. @@ -1240,7 +1504,7 @@ Redpanda defines the CRD for Redpanda clusters. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandalist[$$RedpandaList$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandalist[$$RedpandaList$$] [cols="25a,75a", options="header"] |=== @@ -1258,12 +1522,12 @@ may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$]__ | Defines the desired state of the Redpanda cluster. + -| *`status`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandastatus[$$RedpandaStatus$$]__ | Represents the current status of the Redpanda cluster. + +| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$]__ | Defines the desired state of the Redpanda cluster. + +| *`status`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandastatus[$$RedpandaStatus$$]__ | Represents the current status of the Redpanda cluster. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec"] == RedpandaClusterSpec RedpandaClusterSpec defines the desired state of a Redpanda cluster. These settings are the same as those defined in the Redpanda Helm chart. The values in these settings are passed to the Redpanda Helm chart through Flux. For all default values and links to more documentation, see https://docs.redpanda.com/current/reference/redpanda-helm-spec/. @@ -1273,7 +1537,7 @@ For descriptions and default values, see xref:k-redpanda-helm-spec.adoc[]. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaspec[$$RedpandaSpec$$] [cols="25a,75a", options="header"] |=== @@ -1285,41 +1549,41 @@ For descriptions and default values, see xref:k-redpanda-helm-spec.adoc[]. | *`commonLabels`* __object (keys:string, values:string)__ | Assigns custom labels to all resources generated by the Redpanda Helm chart. Specify labels as key/value pairs. + | *`nodeSelector`* __object (keys:string, values:string)__ | Specifies on which nodes a Pod should be scheduled. These key/value pairs ensure that Pods are scheduled onto nodes with the specified labels. + | *`tolerations`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#toleration-v1-core[$$Toleration$$] array__ | Specifies tolerations to allow Pods to be scheduled onto nodes where they otherwise wouldn’t. + -| *`image`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaimage[$$RedpandaImage$$]__ | Defines the container image settings to use for the Redpanda cluster. + +| *`image`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaimage[$$RedpandaImage$$]__ | Defines the container image settings to use for the Redpanda cluster. + | *`imagePullSecrets`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$] array__ | Specifies credentials for a private image repository. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. + | *`license_key`* __string__ | Deprecated: Use `Enterprise` instead. + -| *`license_secret_ref`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-licensesecretref[$$LicenseSecretRef$$]__ | Deprecated: Use `EnterpriseLicenseSecretRef` instead. + -| *`enterprise`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enterprise[$$Enterprise$$]__ | Defines an Enterprise license. + -| *`rackAwareness`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rackawareness[$$RackAwareness$$]__ | Defines rack awareness settings. + -| *`console`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$]__ | Defines Redpanda Console settings. + -| *`connectors`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$]__ | Defines Redpanda Connector settings. + -| *`auth`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-auth[$$Auth$$]__ | Defines authentication settings for listeners. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tls[$$TLS$$]__ | Defines TLS settings for listeners. + -| *`external`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-external[$$External$$]__ | Defines external access settings. + -| *`logging`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-logging[$$Logging$$]__ | Defines the log level settings. + -| *`auditLogging`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-auditlogging[$$AuditLogging$$]__ | Defines the log level settings. + -| *`resources`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-resources[$$Resources$$]__ | Defines container resource settings. + -| *`service`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-service[$$Service$$]__ | Defines settings for the headless ClusterIP Service. + -| *`storage`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-storage[$$Storage$$]__ | Defines storage settings for the Redpanda data directory and the Tiered Storage cache. + -| *`post_install_job`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-postinstalljob[$$PostInstallJob$$]__ | Defines settings for the post-install hook, which runs after each install or upgrade. For example, this job is responsible for setting the Enterprise license, if specified. + -| *`post_upgrade_job`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-postupgradejob[$$PostUpgradeJob$$]__ | Defines settings for the post-upgrade hook, which runs after each update. For example, this job is responsible for setting cluster configuration properties and restarting services such as Schema Registry, if required. + -| *`statefulset`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$]__ | Defines settings for the StatefulSet that manages Redpanda brokers. + -| *`tuning`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tuning[$$Tuning$$]__ | Defines settings for the autotuner tool in Redpanda. The autotuner identifies the hardware configuration in the container and optimizes the Linux kernel to give you the best performance. + -| *`listeners`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners[$$Listeners$$]__ | Defines settings for listeners, including HTTP Proxy, Schema Registry, the Admin API and the Kafka API. + -| *`config`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-config[$$Config$$]__ | Defines configuration properties supported by Redpanda that may not work correctly in a Kubernetes cluster. Changing these values from the defaults comes with some risk. Use these properties to customize various Redpanda configurations that are not available in the `RedpandaClusterSpec`. These values have no impact on the configuration or behavior of the Kubernetes objects deployed by Helm, and therefore should not be modified for the purpose of configuring those objects. Instead, these settings get passed directly to the Redpanda binary at startup. + -| *`rbac`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rbac[$$RBAC$$]__ | Defines Role Based Access Control (RBAC) settings. + -| *`serviceAccount`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-serviceaccount[$$ServiceAccount$$]__ | Defines Service account settings. + -| *`monitoring`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-monitoring[$$Monitoring$$]__ | Defines settings for monitoring Redpanda. + +| *`license_secret_ref`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-licensesecretref[$$LicenseSecretRef$$]__ | Deprecated: Use `EnterpriseLicenseSecretRef` instead. + +| *`enterprise`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enterprise[$$Enterprise$$]__ | Defines an Enterprise license. + +| *`rackAwareness`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rackawareness[$$RackAwareness$$]__ | Defines rack awareness settings. + +| *`console`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconsole[$$RedpandaConsole$$]__ | Defines Redpanda Console settings. + +| *`connectors`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$]__ | Defines Redpanda Connector settings. + +| *`auth`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-auth[$$Auth$$]__ | Defines authentication settings for listeners. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tls[$$TLS$$]__ | Defines TLS settings for listeners. + +| *`external`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-external[$$External$$]__ | Defines external access settings. + +| *`logging`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-logging[$$Logging$$]__ | Defines the log level settings. + +| *`auditLogging`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-auditlogging[$$AuditLogging$$]__ | Defines the log level settings. + +| *`resources`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resources[$$Resources$$]__ | Defines container resource settings. + +| *`service`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-service[$$Service$$]__ | Defines settings for the headless ClusterIP Service. + +| *`storage`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-storage[$$Storage$$]__ | Defines storage settings for the Redpanda data directory and the Tiered Storage cache. + +| *`post_install_job`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-postinstalljob[$$PostInstallJob$$]__ | Defines settings for the post-install hook, which runs after each install or upgrade. For example, this job is responsible for setting the Enterprise license, if specified. + +| *`post_upgrade_job`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-postupgradejob[$$PostUpgradeJob$$]__ | Defines settings for the post-upgrade hook, which runs after each update. For example, this job is responsible for setting cluster configuration properties and restarting services such as Schema Registry, if required. + +| *`statefulset`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$]__ | Defines settings for the StatefulSet that manages Redpanda brokers. + +| *`tuning`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tuning[$$Tuning$$]__ | Defines settings for the autotuner tool in Redpanda. The autotuner identifies the hardware configuration in the container and optimizes the Linux kernel to give you the best performance. + +| *`listeners`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners[$$Listeners$$]__ | Defines settings for listeners, including HTTP Proxy, Schema Registry, the Admin API and the Kafka API. + +| *`config`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-config[$$Config$$]__ | Defines configuration properties supported by Redpanda that may not work correctly in a Kubernetes cluster. Changing these values from the defaults comes with some risk. Use these properties to customize various Redpanda configurations that are not available in the `RedpandaClusterSpec`. These values have no impact on the configuration or behavior of the Kubernetes objects deployed by Helm, and therefore should not be modified for the purpose of configuring those objects. Instead, these settings get passed directly to the Redpanda binary at startup. + +| *`rbac`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rbac[$$RBAC$$]__ | Defines Role Based Access Control (RBAC) settings. + +| *`serviceAccount`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-serviceaccount[$$ServiceAccount$$]__ | Defines Service account settings. + +| *`monitoring`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-monitoring[$$Monitoring$$]__ | Defines settings for monitoring Redpanda. + | *`force`* __boolean__ | Adds the `--force` flag in `helm upgrade` commands. Used for allowing a change of TLS configuration for the RPC listener. + Setting `force` to `true` will result in a short period of downtime. + | *`affinity`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#affinity-v1-core[$$Affinity$$]__ | Affinity constraints for scheduling Pods, can override this for + StatefulSets and Jobs. For details, see the [Kubernetes + documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). + -| *`tests`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enablable[$$Enablable$$]__ | +| *`tests`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enablable[$$Enablable$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconnectors"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconnectors"] == RedpandaConnectors RedpandaConnectors configures Redpanda Connectors. Redpanda Connectors is a package that includes Kafka Connect and built-in connectors, sometimes known as plugins. See https://docs.redpanda.com/current/deploy/deployment-option/self-hosted/kubernetes/k-deploy-connectors/. @@ -1327,21 +1591,21 @@ RedpandaConnectors configures Redpanda Connectors. Redpanda Connectors is a pack .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`enabled`* __boolean__ | -| *`test`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-connectorscreateobj[$$ConnectorsCreateObj$$]__ | Specifies whether to create Helm tests. + -| *`monitoring`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-connectormonitoring[$$ConnectorMonitoring$$]__ | Specifies monitoring resources + +| *`test`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-connectorscreateobj[$$ConnectorsCreateObj$$]__ | Specifies whether to create Helm tests. + +| *`monitoring`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-connectormonitoring[$$ConnectorMonitoring$$]__ | Specifies monitoring resources + | *`connectors`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Connectors specified manual configurations + | *`deployment`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Connectors specified manual configurations + | *`nameOverride`* __string__ | Specifies a custom name for the Redpanda Console resources, overriding the default naming convention. + | *`fullnameOverride`* __string__ | Specifies a full custom name, which overrides the entire naming convention including release name and chart name. + | *`commonLabels`* __object (keys:string, values:string)__ | Assigns custom labels to all resources generated by the Connector Helm chart. Specify labels as key/value pairs. + | *`tolerations`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#toleration-v1-core[$$Toleration$$] array__ | Applies tolerations to allow Pods to be scheduled on nodes with matching taints, enabling control over where Pods can run. + -| *`image`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaimage[$$RedpandaImage$$]__ | Defines the container image settings to use for the Redpanda cluster. + +| *`image`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaimage[$$RedpandaImage$$]__ | Defines the container image settings to use for the Redpanda cluster. + | *`imagePullSecrets`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$] array__ | Specifies credentials for a private image repository. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/. + | *`auth`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Specifies superuser credentials + | *`container`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Specifies container information + @@ -1352,7 +1616,7 @@ RedpandaConnectors configures Redpanda Connectors. Redpanda Connectors is a pack |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconsole"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconsole"] == RedpandaConsole RedpandaConsole configures the Redpanda Console subchart of the Redpanda Helm chart. Use these settings to configure the subchart. For more details on each setting, see the Helm values for the Redpanda Console chart: https://artifacthub.io/packages/helm/redpanda-data/console?modal=values @@ -1360,7 +1624,7 @@ RedpandaConsole configures the Redpanda Console subchart of the Redpanda Helm ch .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1394,9 +1658,9 @@ RedpandaConsole configures the Redpanda Console subchart of the Redpanda Helm ch | *`extraContainers`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$] array__ | Adds extra containers to the Pods that run Redpanda Console. + | *`initContainers`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Specifies init containers for the Pods that run Redpanda Console. + | *`secretMounts`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$] array__ | Mounts additional Secret resources inside the containers that run Redpanda Console. + -| *`configmap`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-consolecreateobj[$$ConsoleCreateObj$$]__ | Deprecated: this field exists for storage backwards compatibility and is + +| *`configmap`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolecreateobj[$$ConsoleCreateObj$$]__ | Deprecated: this field exists for storage backwards compatibility and is + never used. Prefer ConfigMap (configmap). + -| *`configMap`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-consolecreateobj[$$ConsoleCreateObj$$]__ | Specifies whether a ConfigMap should be created for Redpanda Console. + +| *`configMap`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolecreateobj[$$ConsoleCreateObj$$]__ | Specifies whether a ConfigMap should be created for Redpanda Console. + | *`secret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Specifies whether a Secret should be created for Redpanda Console. + | *`deployment`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Specifies whether a Deployment should be created for Redpanda Console. + | *`console`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Configures custom settings for Redpanda Console. + @@ -1404,13 +1668,13 @@ never used. Prefer ConfigMap (configmap). + | *`enterprise`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#rawextension-runtime-pkg[$$RawExtension$$]__ | Settings for license key, as an alternative to secret.enterprise when a + license secret is available + | *`automountServiceAccountToken`* __boolean__ | Automount API credentials for the Service Account into the pod. + -| *`readinessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-readinessprobe[$$ReadinessProbe$$]__ | Settings for console's Deployment's readiness probe. + -| *`livenessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-livenessprobe[$$LivenessProbe$$]__ | Settings for console's Deployment's liveness probe. + -| *`tests`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-enablable[$$Enablable$$]__ | Controls the creation of helm tests for console. + +| *`readinessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-readinessprobe[$$ReadinessProbe$$]__ | Settings for console's Deployment's readiness probe. + +| *`livenessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-livenessprobe[$$LivenessProbe$$]__ | Settings for console's Deployment's liveness probe. + +| *`tests`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-enablable[$$Enablable$$]__ | Controls the creation of helm tests for console. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaimage"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaimage"] == RedpandaImage RedpandaImage configures the Redpanda container image settings in the Helm values. @@ -1418,9 +1682,9 @@ RedpandaImage configures the Redpanda container image settings in the Helm value .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rpcontrollers[$$RPControllers$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rpcontrollers[$$RPControllers$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaconnectors[$$RedpandaConnectors$$] [cols="25a,75a", options="header"] |=== @@ -1431,7 +1695,7 @@ RedpandaImage configures the Redpanda container image settings in the Helm value |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandalist"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandalist"] == RedpandaList RedpandaList contains a list of Redpanda objects. @@ -1456,11 +1720,11 @@ may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#listmeta-v1-meta[$$ListMeta$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. -| *`items`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] array__ | Specifies a list of Redpanda resources. + +| *`items`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] array__ | Specifies a list of Redpanda resources. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandamemory"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandamemory"] == RedpandaMemory RedpandaMemory allows you to optionally specify the memory size for both the Redpanda process and the underlying reserved memory used by Seastar. This section is omitted by default, and memory sizes are calculated automatically based on container memory. Configuring this section and setting `memory` and `reserveMemory` values will disable automatic calculation. @@ -1474,7 +1738,7 @@ If you are setting the following values manually, keep in mind the following gui .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-memory[$$Memory$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-memory[$$Memory$$] [cols="25a,75a", options="header"] |=== @@ -1484,7 +1748,7 @@ If you are setting the following values manually, keep in mind the following gui |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaspec"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaspec"] == RedpandaSpec RedpandaSpec defines the desired state of the Redpanda cluster. @@ -1492,20 +1756,18 @@ RedpandaSpec defines the desired state of the Redpanda cluster. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`chartRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-chartref[$$ChartRef$$]__ | Defines chart details, including the version and repository. + -| *`clusterSpec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$]__ | Defines the Helm values to use to deploy the cluster. + -| *`migration`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-migration[$$Migration$$]__ | Migration flag that adjust Kubernetes core resources with annotation and labels, so + -flux controller can import resources. + -Doc: https://docs.redpanda.com/current/upgrade/migrate/kubernetes/operator/ + +| *`chartRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-chartref[$$ChartRef$$]__ | Defines chart details, including the version and repository. + +| *`clusterSpec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$]__ | Defines the Helm values to use to deploy the cluster. + +| *`migration`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-migration[$$Migration$$]__ | Deprecated and Removed in v2.2.3-24.2.X. Downgrade to v2.2.2-24.2.4 perform the migration + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandastatus"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandastatus"] == RedpandaStatus RedpandaStatus defines the observed state of Redpanda @@ -1513,7 +1775,7 @@ RedpandaStatus defines the observed state of Redpanda .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] [cols="25a,75a", options="header"] |=== @@ -1540,9 +1802,37 @@ decommissioned from the cluster and provides its ordinal number. + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resourcetemplate"] +== ResourceTemplate + +ResourceTemplate specifies additional configuration for a resource. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usertemplatespec[$$UserTemplateSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-metadatatemplate[$$MetadataTemplate$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resourcetype"] +== ResourceType (string) + +ResourceType specifies the type of resource an ACL is applied to. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclresourcespec[$$ACLResourceSpec$$] + -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-resources"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resources"] == Resources Resources configures resource allocation. The default values are for a development environment. Production-level values and other considerations are documented, where those values are different from the default. @@ -1550,17 +1840,17 @@ Resources configures resource allocation. The default values are for a developme .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`cpu`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-cpu[$$CPU$$]__ | Specifies the number of CPU cores. + -| *`memory`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-memory[$$Memory$$]__ | Specifies the amount of memory. + +| *`cpu`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-cpu[$$CPU$$]__ | Specifies the number of CPU cores. + +| *`memory`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-memory[$$Memory$$]__ | Specifies the amount of memory. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sasl"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sasl"] == SASL SASL configures SASL authentication in the Helm values. @@ -1568,7 +1858,7 @@ SASL configures SASL authentication in the Helm values. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-auth[$$Auth$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-auth[$$Auth$$] [cols="25a,75a", options="header"] |=== @@ -1576,11 +1866,12 @@ SASL configures SASL authentication in the Helm values. | *`enabled`* __boolean__ | Enables SASL authentication. If you enable SASL authentication, you must provide a Secret name in `secretRef`. + | *`mechanism`* __string__ | Specifies the default authentication mechanism to use for superusers. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. + | *`secretRef`* __string__ | If `users` is empty, `secretRef` specifies the name of the Secret that contains your superuser credentials in the format ::. Otherwise, `secretRef` specifies the name of the Secret that the chart creates to store the credentials in `users`. + -| *`users`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-usersitems[$$UsersItems$$] array__ | Specifies a list of superuser credentials. + +| *`users`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usersitems[$$UsersItems$$] array__ | Specifies a list of superuser credentials. + +| *`bootstrapUser`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-bootstrapuser[$$BootstrapUser$$]__ | Specifies configuration about the bootstrap user. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-saslmechanism"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism"] == SASLMechanism (string) SASLMechanism specifies a SASL auth mechanism. @@ -1588,11 +1879,13 @@ SASLMechanism specifies a SASL auth mechanism. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminsasl[$$AdminSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthenticationspec[$$UserAuthenticationSpec$$] -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-schemaregistry"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-schemaregistry"] == SchemaRegistry SchemaRegistry configures settings for the Schema Registry listeners. @@ -1600,21 +1893,21 @@ SchemaRegistry configures settings for the Schema Registry listeners. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listeners[$$Listeners$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listeners[$$Listeners$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`authenticationMethod`* __string__ | Specifies the authentication method for the external listener. For example, 'mtls_identity' or `sasl`. + | *`enabled`* __boolean__ | Specifies whether the Schema Registry is enabled. + -| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + +| *`external`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externallistener[$$ExternalListener$$])__ | Defines settings for the external listener. + | *`kafkaEndpoint`* __string__ | Configures the listener to use for HTTP connections. For example `default` for the internal listener. + | *`port`* __integer__ | Specifies the container port number for the internal listener. + -| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + +| *`tls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-listenertls[$$ListenerTLS$$]__ | Configures TLS settings for the internal listener. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretkeyref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref"] == SecretKeyRef SecretKeyRef contains enough information to inspect or modify the referred Secret data @@ -1623,11 +1916,12 @@ See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-commontls[$$CommonTLS$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminsasl[$$AdminSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-commontls[$$CommonTLS$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$] [cols="25a,75a", options="header"] |=== @@ -1638,7 +1932,7 @@ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/nam |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretref"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretref"] == SecretRef SecretRef configures the Secret resource that contains existing TLS certificates. @@ -1646,7 +1940,7 @@ SecretRef configures the Secret resource that contains existing TLS certificates .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-certificate[$$Certificate$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-certificate[$$Certificate$$] [cols="25a,75a", options="header"] |=== @@ -1655,7 +1949,7 @@ SecretRef configures the Secret resource that contains existing TLS certificates |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-secretwithconfigfield"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretwithconfigfield"] == SecretWithConfigField @@ -1663,7 +1957,7 @@ SecretRef configures the Secret resource that contains existing TLS certificates .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-credentialsecretref[$$CredentialSecretRef$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-credentialsecretref[$$CredentialSecretRef$$] [cols="25a,75a", options="header"] |=== @@ -1674,7 +1968,7 @@ SecretRef configures the Secret resource that contains existing TLS certificates |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-service"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-service"] == Service @@ -1682,17 +1976,17 @@ SecretRef configures the Secret resource that contains existing TLS certificates .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`name`* __string__ | -| *`internal`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-serviceinternal[$$ServiceInternal$$]__ | +| *`internal`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-serviceinternal[$$ServiceInternal$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-serviceaccount"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-serviceaccount"] == ServiceAccount ServiceAccount configures Service Accounts. @@ -1700,7 +1994,7 @@ ServiceAccount configures Service Accounts. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1711,7 +2005,7 @@ ServiceAccount configures Service Accounts. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-serviceinternal"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-serviceinternal"] == ServiceInternal @@ -1719,7 +2013,7 @@ ServiceAccount configures Service Accounts. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-service[$$Service$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-service[$$Service$$] [cols="25a,75a", options="header"] |=== @@ -1728,7 +2022,7 @@ ServiceAccount configures Service Accounts. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-setdatadirownership"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-setdatadirownership"] == SetDataDirOwnership SetDataDirOwnership defines the settings related to ownership of the Redpanda data directory in environments where root access is restricted. @@ -1736,7 +2030,7 @@ SetDataDirOwnership defines the settings related to ownership of the Redpanda da .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] [cols="25a,75a", options="header"] |=== @@ -1747,7 +2041,7 @@ SetDataDirOwnership defines the settings related to ownership of the Redpanda da |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-settieredstoragecachedirownership"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-settieredstoragecachedirownership"] == SetTieredStorageCacheDirOwnership SetTieredStorageCacheDirOwnership configures the settings related to ownership of the Tiered Storage cache in environments where root access is restricted. @@ -1755,7 +2049,7 @@ SetTieredStorageCacheDirOwnership configures the settings related to ownership o .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] [cols="25a,75a", options="header"] |=== @@ -1765,7 +2059,7 @@ SetTieredStorageCacheDirOwnership configures the settings related to ownership o |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecarobj"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecarobj"] == SideCarObj SideCarObj represents a generic sidecar object. This is a placeholder for now. @@ -1773,7 +2067,7 @@ SideCarObj represents a generic sidecar object. This is a placeholder for now. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecars[$$SideCars$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecars[$$SideCars$$] [cols="25a,75a", options="header"] |=== @@ -1784,7 +2078,7 @@ SideCarObj represents a generic sidecar object. This is a placeholder for now. |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecars"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecars"] == SideCars SideCars configures the additional sidecar containers that run alongside the main Redpanda container in the Pod. @@ -1792,18 +2086,18 @@ SideCars configures the additional sidecar containers that run alongside the mai .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`configWatcher`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configwatcher[$$ConfigWatcher$$]__ | Configures the `config-watcher` sidecar. The `config-watcher` sidecar polls the Secret resource in `auth.sasl.secretRef` for changes and triggers a rolling upgrade to add the new superusers to the Redpanda cluster. + -| *`rpkStatus`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecarobj[$$SideCarObj$$]__ | -| *`controllers`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-rpcontrollers[$$RPControllers$$]__ | +| *`configWatcher`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configwatcher[$$ConfigWatcher$$]__ | Configures the `config-watcher` sidecar. The `config-watcher` sidecar polls the Secret resource in `auth.sasl.secretRef` for changes and triggers a rolling upgrade to add the new superusers to the Redpanda cluster. + +| *`rpkStatus`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecarobj[$$SideCarObj$$]__ | +| *`controllers`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rpcontrollers[$$RPControllers$$]__ | |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-startupprobe"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-startupprobe"] == StartupProbe StartupProbe configures the startup probe to determine when the Redpanda application within the Pod has started successfully. @@ -1811,7 +2105,7 @@ StartupProbe configures the startup probe to determine when the Redpanda applica .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -1824,7 +2118,7 @@ StartupProbe configures the startup probe to determine when the Redpanda applica |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset"] == Statefulset Statefulset defines configurations for the StatefulSet in Helm values. @@ -1832,7 +2126,7 @@ Statefulset defines configurations for the StatefulSet in Helm values. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -1841,34 +2135,53 @@ Statefulset defines configurations for the StatefulSet in Helm values. | *`additionalRedpandaCmdFlags`* __string array__ | Includes additional command flags for Redpanda at startup to customize its runtime behavior. + | *`annotations`* __object (keys:string, values:string)__ | Adds annotations to the StatefulSet to provide additional information or metadata. + Please use PodTemplate to add additional annotation or labels for Pods managed by Statefulset. + -| *`podTemplate`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$]__ | PodTemplate is a subset of Kubernetes' PodTemplate that will be merged + +| *`podTemplate`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podtemplate[$$PodTemplate$$]__ | PodTemplate is a subset of Kubernetes' PodTemplate that will be merged + into this StatefulSet's PodTemplate. + -| *`budget`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-budget[$$Budget$$]__ | Defines the management of disruptions affecting the Pods in the StatefulSet. + +| *`budget`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-budget[$$Budget$$]__ | Defines the management of disruptions affecting the Pods in the StatefulSet. + | *`extraVolumeMounts`* __string__ | Specifies extra volume mounts for the Pods. + | *`extraVolumes`* __string__ | Defines additional volumes for the Pods. + -| *`initContainerImage`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainerimage[$$InitContainerImage$$]__ | Defines the init container image used to perform initial setup tasks before the main containers start. + -| *`initContainers`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$]__ | Configures the init container used to perform initial setup tasks before the main containers start. + -| *`livenessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-livenessprobe[$$LivenessProbe$$]__ | Defines liveness probes to monitor the health of the Pods and restart them if necessary. + +| *`initContainerImage`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainerimage[$$InitContainerImage$$]__ | Defines the init container image used to perform initial setup tasks before the main containers start. + +| *`initContainers`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$]__ | Configures the init container used to perform initial setup tasks before the main containers start. + +| *`livenessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-livenessprobe[$$LivenessProbe$$]__ | Defines liveness probes to monitor the health of the Pods and restart them if necessary. + | *`nodeSelector`* __object (keys:string, values:string)__ | Applies node selectors to schedule Pods on specific nodes based on labels. + | *`podAffinity`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#podaffinity-v1-core[$$PodAffinity$$]__ | Defines Pod affinity rules to influence the scheduling and placement of Pods relative to other Pods. + -| *`podAntiAffinity`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-podantiaffinity[$$PodAntiAffinity$$]__ | Defines Pod anti-affinity rules to prevent Pods from being scheduled together on the same node. + +| *`podAntiAffinity`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-podantiaffinity[$$PodAntiAffinity$$]__ | Defines Pod anti-affinity rules to prevent Pods from being scheduled together on the same node. + | *`priorityClassName`* __string__ | Defines the priority class name to assign priority levels to the Pods, influencing their scheduling order. + -| *`readinessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-readinessprobe[$$ReadinessProbe$$]__ | Defines readiness probes to determine when a Pod is ready to handle traffic. + +| *`readinessProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-readinessprobe[$$ReadinessProbe$$]__ | Defines readiness probes to determine when a Pod is ready to handle traffic. + | *`replicas`* __integer__ | Specifies the number of replicas to determine the desired number of Pods (Redpanda brokers) in the StatefulSet. + | *`securityContext`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#securitycontext-v1-core[$$SecurityContext$$]__ | Sets a security context for the Pods to define privilege and access control settings. + -| *`sideCars`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sidecars[$$SideCars$$]__ | Defines the additional sidecar containers that run alongside the main Redpanda container in the Pod. + +| *`sideCars`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sidecars[$$SideCars$$]__ | Defines the additional sidecar containers that run alongside the main Redpanda container in the Pod. + | *`skipChown`* __boolean__ | Specifies whether to skip the changing of file ownership (chown) during Pod initialization. + -| *`startupProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-startupprobe[$$StartupProbe$$]__ | Configures the startup probe to determine when the Redpanda application within the Pod has started successfully. + +| *`startupProbe`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-startupprobe[$$StartupProbe$$]__ | Configures the startup probe to determine when the Redpanda application within the Pod has started successfully. + | *`tolerations`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#toleration-v1-core[$$Toleration$$] array__ | Applies tolerations to allow Pods to be scheduled on nodes with matching taints, enabling control over where Pods can run. + -| *`topologySpreadConstraints`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topologyspreadconstraints[$$TopologySpreadConstraints$$] array__ | Defines topology spread constraints to control how Pods are spread across different topology domains. + -| *`updateStrategy`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-updatestrategy[$$UpdateStrategy$$]__ | Defines the update strategy for the StatefulSet to manage how updates are rolled out to the Pods. + +| *`topologySpreadConstraints`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topologyspreadconstraints[$$TopologySpreadConstraints$$] array__ | Defines topology spread constraints to control how Pods are spread across different topology domains. + +| *`updateStrategy`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-updatestrategy[$$UpdateStrategy$$]__ | Defines the update strategy for the StatefulSet to manage how updates are rolled out to the Pods. + | *`terminationGracePeriodSeconds`* __integer__ | Specifies the termination grace period in seconds to control the time delay before forcefully terminating a Pod. + |=== +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-staticconfigurationsource"] +== StaticConfigurationSource +StaticConfigurationSource configures connections to a Redpanda cluster via hard-coded +connection strings and manually configured TLS and authentication parameters. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`kafka`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$]__ | Kafka is the configuration information for communicating with the Kafka + +API of a Redpanda cluster where the object should be created. + +| *`admin`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminapispec[$$AdminAPISpec$$]__ | AdminAPISpec is the configuration information for communicating with the Admin + +API of a Redpanda cluster where the object should be created. + +|=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-storage"] + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-storage"] == Storage Storage configures storage-related settings in the Helm values. See https://docs.redpanda.com/current/manage/kubernetes/storage/. @@ -1876,18 +2189,18 @@ Storage configures storage-related settings in the Helm values. See https://docs .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`hostPath`* __string__ | Specifies the absolute path on the worker node to store the Redpanda data directory. If unspecified, then an `emptyDir` volume is used. If specified but `persistentVolume.enabled` is true, `storage.hostPath` has no effect. + -| *`persistentVolume`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-persistentvolume[$$PersistentVolume$$]__ | Configures a PersistentVolumeClaim (PVC) template to create for each Pod. This PVC is used to store the Redpanda data directory. + -| *`tiered`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tiered[$$Tiered$$]__ | Configures storage for the Tiered Storage cache. + +| *`persistentVolume`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-persistentvolume[$$PersistentVolume$$]__ | Configures a PersistentVolumeClaim (PVC) template to create for each Pod. This PVC is used to store the Redpanda data directory. + +| *`tiered`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tiered[$$Tiered$$]__ | Configures storage for the Tiered Storage cache. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tls"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tls"] == TLS TLS configures TLS in the Helm values. See https://docs.redpanda.com/current/manage/kubernetes/security/tls/. @@ -1895,17 +2208,17 @@ TLS configures TLS in the Helm values. See https://docs.redpanda.com/current/man .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`certs`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-certificate[$$Certificate$$])__ | Lists all available certificates in the cluster. You can reference a specific certificate’s name in each listener’s `listeners..tls.cert` setting. + +| *`certs`* __object (keys:string, values:xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-certificate[$$Certificate$$])__ | Lists all available certificates in the cluster. You can reference a specific certificate’s name in each listener’s `listeners..tls.cert` setting. + | *`enabled`* __boolean__ | Enables TLS globally for all listeners. Each listener must include a certificate name in its `.tls` object. To allow you to enable TLS for individual listeners, certificates are always loaded, even if TLS is disabled. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tiered"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tiered"] == Tiered Tiered configures storage for the Tiered Storage cache. See https://docs.redpanda.com/current/manage/kubernetes/tiered-storage-kubernetes/. @@ -1913,7 +2226,7 @@ Tiered configures storage for the Tiered Storage cache. See https://docs.redpand .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-storage[$$Storage$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-storage[$$Storage$$] [cols="25a,75a", options="header"] |=== @@ -1926,13 +2239,13 @@ Tiered configures storage for the Tiered Storage cache. See https://docs.redpand - `emptyDir`: Mounts an empty directory every time the Pod starts. + - `persistentVolume`: Creates and mounts a PersistentVolumeClaim using the template defined in `persistentVolume`. + | *`hostPath`* __string__ | Specifies the absolute path on the worker node to store the Tiered Storage cache. + -| *`persistentVolume`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-persistentvolume[$$PersistentVolume$$]__ | Configures a PersistentVolumeClaim (PVC) template to create for each Pod. This PVC is used to store the Tiered Storage cache. + -| *`config`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tieredconfig[$$TieredConfig$$]__ | Configures Tiered Storage, which requires an Enterprise license configured in `enterprise.licenseKey` or `enterprised.licenseSecretRef`. + -| *`credentialsSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-credentialsecretref[$$CredentialSecretRef$$]__ | CredentialSecretRef can be used to set `cloud_storage_secret_key` and/or `cloud_storage_access_key` from referenced Kubernetes Secret + +| *`persistentVolume`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-persistentvolume[$$PersistentVolume$$]__ | Configures a PersistentVolumeClaim (PVC) template to create for each Pod. This PVC is used to store the Tiered Storage cache. + +| *`config`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tieredconfig[$$TieredConfig$$]__ | Configures Tiered Storage, which requires an Enterprise license configured in `enterprise.licenseKey` or `enterprised.licenseSecretRef`. + +| *`credentialsSecretRef`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-credentialsecretref[$$CredentialSecretRef$$]__ | CredentialSecretRef can be used to set `cloud_storage_secret_key` and/or `cloud_storage_access_key` from referenced Kubernetes Secret + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tieredconfig"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tieredconfig"] == TieredConfig TieredConfig configures Tiered Storage, which requires an Enterprise license configured in `enterprise.licenseKey` or `enterprise.licenseSecretRef`.TieredConfig is a top-level field of the Helm values. @@ -1940,12 +2253,12 @@ TieredConfig configures Tiered Storage, which requires an Enterprise license con .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tiered[$$Tiered$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tiered[$$Tiered$$] [cols="25a,75a", options="header"] |=== | Field | Description -| *`cloud_storage_enabled`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-apiutil-jsonboolean[$$JSONBoolean$$]__ | Enables Tiered Storage, if a license key is provided. See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_enabled. + +| *`cloud_storage_enabled`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-apiutil-jsonboolean[$$JSONBoolean$$]__ | Enables Tiered Storage, if a license key is provided. See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_enabled. + | *`cloud_storage_api_endpoint`* __string__ | See https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_api_endpoint. + | *`cloud_storage_api_endpoint_port`* __integer__ | See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_api_endpoint_port. + | *`cloud_storage_bucket`* __string__ | See https://docs.redpanda.com/current/reference/cluster-properties/#cloud_storage_bucket. + @@ -1979,7 +2292,7 @@ TieredConfig configures Tiered Storage, which requires an Enterprise license con |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topic"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topic"] == Topic Topic defines the CRD for Topic resources. See https://docs.redpanda.com/current/manage/kubernetes/manage-topics/. @@ -1987,7 +2300,7 @@ Topic defines the CRD for Topic resources. See https://docs.redpanda.com/current .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topiclist[$$TopicList$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topiclist[$$TopicList$$] [cols="25a,75a", options="header"] |=== @@ -2005,12 +2318,12 @@ may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. -| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec[$$TopicSpec$$]__ | Defines the desired state of the Topic resource. + -| *`status`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicstatus[$$TopicStatus$$]__ | Represents the current status of the Topic resource. + +| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec[$$TopicSpec$$]__ | Defines the desired state of the Topic resource. + +| *`status`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicstatus[$$TopicStatus$$]__ | Represents the current status of the Topic resource. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topiclist"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topiclist"] == TopicList TopicList contains a list of Topic objects. @@ -2035,11 +2348,11 @@ may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#listmeta-v1-meta[$$ListMeta$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. -| *`items`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topic[$$Topic$$] array__ | Specifies a list of Topic resources. + +| *`items`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topic[$$Topic$$] array__ | Specifies a list of Topic resources. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicspec"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec"] == TopicSpec TopicSpec defines the desired state of the topic. See https://docs.redpanda.com/current/manage/kubernetes/manage-topics/. @@ -2047,7 +2360,7 @@ TopicSpec defines the desired state of the topic. See https://docs.redpanda.com/ .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topic[$$Topic$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topic[$$Topic$$] [cols="25a,75a", options="header"] |=== @@ -2071,7 +2384,11 @@ Examples: + `redpanda.remote.read=true` + `redpanda.remote.recovery=true` + `redpanda.remote.delete=true` + -| *`kafkaApiSpec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$]__ | Defines client configuration for connecting to Redpanda brokers. + +| *`cluster`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$]__ | ClusterSource is a reference to the cluster where the user should be created. + +It is used in constructing the client created to configure a cluster. + +| *`kafkaApiSpec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkaapispec[$$KafkaAPISpec$$]__ | Defines client configuration for connecting to Redpanda brokers. + +Deprecated: Use cluster.staticConfiguration.kafkaApiSpec if explicit connection + +configuration is required. Otherwise, prefer cluster.clusterRef. + | *`metricsNamespace`* __string__ | Overwrites the fully-qualified + name of the metric. This should be easier to identify if + multiple operator instances runs inside the same Kubernetes cluster. + @@ -2081,7 +2398,7 @@ Default is 3 seconds. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topicstatus"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicstatus"] == TopicStatus TopicStatus defines the observed state of the Topic resource. @@ -2089,18 +2406,18 @@ TopicStatus defines the observed state of the Topic resource. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topic[$$Topic$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topic[$$Topic$$] [cols="25a,75a", options="header"] |=== | Field | Description | *`observedGeneration`* __integer__ | ObservedGeneration is the last observed generation of the Topic. + | *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Conditions holds the conditions for the Topic. + -| *`topicConfiguration`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-configuration[$$Configuration$$] array__ | TopicConfiguration is the last snapshot of the topic configuration during successful reconciliation. + +| *`topicConfiguration`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-configuration[$$Configuration$$] array__ | TopicConfiguration is the last snapshot of the topic configuration during successful reconciliation. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-topologyspreadconstraints"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topologyspreadconstraints"] == TopologySpreadConstraints TopologySpreadConstraints configures topology spread constraints to control how Pods are spread across different topology domains. @@ -2108,7 +2425,7 @@ TopologySpreadConstraints configures topology spread constraints to control how .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -2121,7 +2438,7 @@ TopologySpreadConstraints configures topology spread constraints to control how -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-tuning"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-tuning"] == Tuning Tuning configures settings for the autotuner tool in Redpanda. The autotuner identifies the hardware configuration in the container and optimizes the Linux kernel to give you the best performance. @@ -2129,8 +2446,8 @@ Tuning configures settings for the autotuner tool in Redpanda. The autotuner ide .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-initcontainers[$$InitContainers$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[$$RedpandaClusterSpec$$] [cols="25a,75a", options="header"] |=== @@ -2146,7 +2463,7 @@ Tuning configures settings for the autotuner tool in Redpanda. The autotuner ide |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-updatestrategy"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-updatestrategy"] == UpdateStrategy UpdateStrategy configures the update strategy for the StatefulSet to manage how updates are rolled out to the Pods. @@ -2154,7 +2471,7 @@ UpdateStrategy configures the update strategy for the StatefulSet to manage how .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-statefulset[$$Statefulset$$] [cols="25a,75a", options="header"] |=== @@ -2163,7 +2480,7 @@ UpdateStrategy configures the update strategy for the StatefulSet to manage how |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-usagestats"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usagestats"] == UsageStats UsageStats configures the reporting of usage statistics. Redpanda Data uses these metrics to learn how the software is used, which can guide future improvements. @@ -2171,7 +2488,7 @@ UsageStats configures the reporting of usage statistics. Redpanda Data uses thes .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-logging[$$Logging$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-logging[$$Logging$$] [cols="25a,75a", options="header"] |=== @@ -2184,7 +2501,166 @@ and will be removed in a future version. + |=== -[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-usersitems"] +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user"] +== User + +User defines the CRD for a Redpanda user. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userlist[$$UserList$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`apiVersion`* __string__ | `cluster.redpanda.com/v1alpha2` +| *`kind`* __string__ | `User` +| *`kind`* __string__ | Kind is a string value representing the REST resource this object represents. + +Servers may infer this from the endpoint the client submits requests to. + +Cannot be updated. + +In CamelCase. + +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + +| *`apiVersion`* __string__ | APIVersion defines the versioned schema of this representation of an object. + +Servers should convert recognized schemas to the latest internal value, and + +may reject unrecognized values. + +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userspec[$$UserSpec$$]__ | Defines the desired state of the Redpanda user. + +| *`status`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userstatus[$$UserStatus$$]__ | Represents the current status of the Redpanda user. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthenticationspec"] +== UserAuthenticationSpec + +UserAuthenticationSpec defines the authentication mechanism enabled for this Redpanda user. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userspec[$$UserSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | +| *`password`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-password[$$Password$$]__ | Password specifies where a password is read from. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthorizationspec"] +== UserAuthorizationSpec + +UserAuthorizationSpec defines authorization rules for this user. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userspec[$$UserSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-authorizationtype[$$AuthorizationType$$]__ | +| *`acls`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule[$$ACLRule$$] array__ | List of ACL rules which should be applied to this user. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userlist"] +== UserList + +UserList contains a list of Redpanda user objects. + + + + + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`apiVersion`* __string__ | `cluster.redpanda.com/v1alpha2` +| *`kind`* __string__ | `UserList` +| *`kind`* __string__ | Kind is a string value representing the REST resource this object represents. + +Servers may infer this from the endpoint the client submits requests to. + +Cannot be updated. + +In CamelCase. + +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + +| *`apiVersion`* __string__ | APIVersion defines the versioned schema of this representation of an object. + +Servers should convert recognized schemas to the latest internal value, and + +may reject unrecognized values. + +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#listmeta-v1-meta[$$ListMeta$$]__ | Refer to the Kubernetes API documentation for fields of `metadata`. + +| *`items`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[$$User$$] array__ | Specifies a list of Redpanda user resources. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userspec"] +== UserSpec + +UserSpec defines the configuration of a Redpanda user. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[$$User$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`cluster`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$]__ | ClusterSource is a reference to the cluster where the user should be created. + +It is used in constructing the client created to configure a cluster. + +| *`authentication`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthenticationspec[$$UserAuthenticationSpec$$]__ | Authentication defines the authentication information for a user. If no + +Authentication credentials are specified, then no user will be created. + +This is useful when wanting to manage ACLs for an already-existing user. + +| *`authorization`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userauthorizationspec[$$UserAuthorizationSpec$$]__ | Authorization rules defined for this user. + +| *`template`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usertemplatespec[$$UserTemplateSpec$$]__ | Template to specify how user secrets are generated. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userstatus"] +== UserStatus + +UserStatus defines the observed state of a Redpanda user + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-user[$$User$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`observedGeneration`* __integer__ | Specifies the last observed generation. + +| *`conditions`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#condition-v1-meta[$$Condition$$] array__ | Conditions holds the conditions for the Redpanda user. + +| *`managedAcls`* __boolean__ | ManagedACLs returns whether the user has managed ACLs that need + +to be cleaned up. + +| *`managedUser`* __boolean__ | ManagedUser returns whether the user has a managed SCRAM user that need + +to be cleaned up. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usertemplatespec"] +== UserTemplateSpec + +UserTemplateSpec defines the template metadata (labels and annotations) +for any subresources, such as Secrets, created by a User object. + + + +.Appears in: +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-userspec[$$UserSpec$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secret`* __xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-resourcetemplate[$$ResourceTemplate$$]__ | Specifies how the Secret with a user password is generated. + +|=== + + +[id="{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-usersitems"] == UsersItems UsersItems configures a list of superusers in the Helm values. @@ -2192,7 +2668,7 @@ UsersItems configures a list of superusers in the Helm values. .Appears in: -- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha2-sasl[$$SASL$$] +- xref:{anchor_prefix}-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-sasl[$$SASL$$] [cols="25a,75a", options="header"] |=== @@ -2201,3 +2677,5 @@ UsersItems configures a list of superusers in the Helm values. | *`name`* __string__ | Specifies the name of the superuser. + | *`password`* __string__ | Specifies the superuser password. + |=== + + diff --git a/modules/upgrade/pages/migrate/kubernetes/strimzi.adoc b/modules/upgrade/pages/migrate/kubernetes/strimzi.adoc index 6037a8618..0020703b1 100644 --- a/modules/upgrade/pages/migrate/kubernetes/strimzi.adoc +++ b/modules/upgrade/pages/migrate/kubernetes/strimzi.adoc @@ -322,7 +322,7 @@ The Redpanda Operator does not support a custom resource for MirrorMaker2. Redpa The Redpanda Operator does not have an equivalent for KafkaNodePool resources in Strimzi. The Redpanda Helm chart allows you to deploy only homogenous broker configuration in a single Redpanda cluster, unlike the heterogeneous configurations available in KafkaNodePools. -Brokers in Redpanda are uniformly configured according to the specifications in xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-src-go-k8s-api-redpanda-v1alpha1-redpandaclusterspec[`RedpandaClusterSpec`]. Given this difference, you must adapt your Kafka setup to a unified broker configuration model by standardizing the broker settings that were previously varied across different KafkaNodePool resources. +Brokers in Redpanda are uniformly configured according to the specifications in xref:reference:k-crd.adoc#k8s-api-github.aaakk.us.kg-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpandaclusterspec[`RedpandaClusterSpec`]. Given this difference, you must adapt your Kafka setup to a unified broker configuration model by standardizing the broker settings that were previously varied across different KafkaNodePool resources. === Adjust monitoring and alerting