diff --git a/e2e-tests/tests/users/02-assert.yaml b/02-check-users.yaml similarity index 76% rename from e2e-tests/tests/users/02-assert.yaml rename to 02-check-users.yaml index 49bc657b2..f3fbbe77a 100644 --- a/e2e-tests/tests/users/02-assert.yaml +++ b/02-check-users.yaml @@ -1,11 +1,4 @@ -apiVersion: kuttl.dev/v1beta1 -kind: TestAssert -timeout: 300 ---- apiVersion: v1 -kind: ConfigMap -metadata: - name: 02-check-users data: heartbeat: | GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost` @@ -17,7 +10,7 @@ data: GRANT SELECT ON `performance_schema`.* TO `monitor`@`%` operator: | GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION - GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION + GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_PRIVILEGES,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,OPTIMIZE_LOCAL_TABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION orchestrator: | GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%` GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%` @@ -29,10 +22,16 @@ data: GRANT BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,ROLE_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `replication`@`%` WITH GRANT OPTION GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO `replication`@`%` WITH GRANT OPTION GRANT SELECT ON `performance_schema`.`threads` TO `replication`@`%` - xtrabackup: | GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost` GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost` GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost` GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost` GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost` +kind: ConfigMap +metadata: + creationTimestamp: "2025-03-21T13:31:27Z" + name: 02-check-users + namespace: kuttl-test-comic-duck + resourceVersion: "255443" + uid: 6dea4937-c204-4c88-9261-a7a3f7b033da diff --git a/api/v1alpha1/perconaservermysql_types.go b/api/v1alpha1/perconaservermysql_types.go index 4b7786049..819130c08 100644 --- a/api/v1alpha1/perconaservermysql_types.go +++ b/api/v1alpha1/perconaservermysql_types.go @@ -26,6 +26,7 @@ import ( "strings" cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" + v "github.com/hashicorp/go-version" "github.com/pkg/errors" "github.com/robfig/cron/v3" "golang.org/x/text/cases" @@ -479,6 +480,7 @@ type StatefulAppStatus struct { Ready int32 `json:"ready,omitempty"` State StatefulAppState `json:"state,omitempty"` Version string `json:"version,omitempty"` + ImageID string `json:"imageID,omitempty"` } // PerconaServerMySQLStatus defines the observed state of PerconaServerMySQL @@ -497,6 +499,10 @@ type PerconaServerMySQLStatus struct { // INSERT ADDITIONAL STATUS FIELD - defin Host string `json:"host"` } +func (s *PerconaServerMySQLStatus) CompareMySQLVersion(ver string) int { + return v.Must(v.NewVersion(s.MySQL.Version)).Compare(v.Must(v.NewVersion(ver))) +} + const ConditionInnoDBClusterBootstrapped string = "InnoDBClusterBootstrapped" // PerconaServerMySQL is the Schema for the perconaservermysqls API diff --git a/build/ps-entrypoint.sh b/build/ps-entrypoint.sh index 94f89be3a..c609d8135 100755 --- a/build/ps-entrypoint.sh +++ b/build/ps-entrypoint.sh @@ -192,7 +192,7 @@ ensure_read_only() { MYSQL_VERSION=$(mysqld -V | awk '{print $3}' | awk -F'.' '{print $1"."$2}') -if [ "$MYSQL_VERSION" != '8.0' ]; then +if [[ "$MYSQL_VERSION" != '8.0' ]] && [[ "${MYSQL_VERSION}" != '8.4' ]]; then echo "Percona Distribution for MySQL Operator does not support $MYSQL_VERSION" exit 1 fi diff --git a/build/ps-pre-stop.sh b/build/ps-pre-stop.sh index fda32482b..eeada2dd3 100755 --- a/build/ps-pre-stop.sh +++ b/build/ps-pre-stop.sh @@ -13,4 +13,4 @@ FQDN="${HOSTNAME}.${SERVICE_NAME}.${NAMESPACE}" POD_IP=$(hostname -I | awk '{print $1}') echo "$(date +%Y-%m-%dT%H:%M:%S%Z): Removing ${FQDN} from cluster" >>${LOG_FILE} -mysqlsh -i -h "${POD_IP}" -P 33062 -u operator -p"${OPERATOR_PASSWORD}" -e "dba.getCluster().removeInstance('${FQDN}:3306')" >>${LOG_FILE} 2>&1 +mysqlsh --js -i -h "${POD_IP}" -P 33062 -u operator -p"${OPERATOR_PASSWORD}" -e "dba.getCluster().removeInstance('${FQDN}:3306')" >>${LOG_FILE} 2>&1 diff --git a/cmd/bootstrap/group_replication.go b/cmd/bootstrap/group_replication.go index a4b30ebd3..fc2f86732 100644 --- a/cmd/bootstrap/group_replication.go +++ b/cmd/bootstrap/group_replication.go @@ -12,9 +12,11 @@ import ( "regexp" "strings" + v "github.com/hashicorp/go-version" "github.com/pkg/errors" "github.com/sjmudd/stopwatch" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/client-go/util/retry" apiv1alpha1 "github.com/percona/percona-server-mysql-operator/api/v1alpha1" "github.com/percona/percona-server-mysql-operator/pkg/innodbcluster" @@ -32,15 +34,21 @@ var sensitiveRegexp = regexp.MustCompile(":.*@") type mysqlsh struct { clusterName string host string + version *v.Version } -func newShell(host string) *mysqlsh { +func newShell(host string, version *v.Version) *mysqlsh { return &mysqlsh{ clusterName: os.Getenv("INNODB_CLUSTER_NAME"), + version: version, host: host, } } +func (m *mysqlsh) compareVersionWith(ver string) int { + return m.version.Compare(v.Must(v.NewVersion(ver))) +} + func (m *mysqlsh) getURI() string { operatorPass, err := getSecret(apiv1alpha1.UserOperator) if err != nil { @@ -55,7 +63,7 @@ func (m *mysqlsh) run(ctx context.Context, cmd string) (bytes.Buffer, bytes.Buff log.Printf("Running %s", sensitiveRegexp.ReplaceAllString(cmd, ":*****@")) - c := exec.CommandContext(ctx, "mysqlsh", "--no-wizard", "--uri", m.getURI(), "-e", cmd) + c := exec.CommandContext(ctx, "mysqlsh", "--no-wizard", "--js", "--uri", m.getURI(), "-e", cmd) logWriter := util.NewSensitiveWriter(log.Writer(), sensitiveRegexp) @@ -64,13 +72,13 @@ func (m *mysqlsh) run(ctx context.Context, cmd string) (bytes.Buffer, bytes.Buff err := c.Run() - return stdoutb, stderrb, err + return stdoutb, stderrb, errors.Wrapf(err, "stderr: %s", stderrb.String()) } func (m *mysqlsh) clusterStatus(ctx context.Context) (innodbcluster.Status, error) { var stdoutb, stderrb bytes.Buffer - args := []string{"--result-format", "json", "--uri", m.getURI(), "--cluster", "--", "cluster", "status"} + args := []string{"--result-format", "json", "--uri", m.getURI(), "--cluster", "--js", "--", "cluster", "status"} c := exec.CommandContext(ctx, "mysqlsh", args...) c.Stdout = &stdoutb @@ -89,6 +97,21 @@ func (m *mysqlsh) clusterStatus(ctx context.Context) (innodbcluster.Status, erro return status, nil } +func (m *mysqlsh) rescanCluster(ctx context.Context) error { + var cmd string + if m.compareVersionWith("8.4") >= 0 { + cmd = fmt.Sprintf("dba.getCluster('%s').rescan({'addUnmanaged': true, 'removeObsolete': true})", m.clusterName) + } else { + cmd = fmt.Sprintf("dba.getCluster('%s').rescan({'addInstances': 'auto', 'removeInstances': 'auto'})", m.clusterName) + } + + if _, _, err := m.run(ctx, cmd); err != nil { + return errors.Wrap(err, "rescan cluster") + } + + return nil +} + type SQLResult struct { Error string `json:"error,omitempty"` Rows []map[string]string `json:"rows,omitempty"` @@ -98,7 +121,7 @@ func (m *mysqlsh) runSQL(ctx context.Context, sql string) (SQLResult, error) { var stdoutb, stderrb bytes.Buffer cmd := fmt.Sprintf("session.runSql('%s')", sql) - args := []string{"--uri", m.getURI(), "--json=raw", "--interactive", "--quiet-start", "2", "-e", cmd} + args := []string{"--uri", m.getURI(), "--js", "--json=raw", "--interactive", "--quiet-start", "2", "-e", cmd} c := exec.CommandContext(ctx, "mysqlsh", args...) c.Stdout = &stdoutb @@ -149,7 +172,7 @@ func (m *mysqlsh) setGroupSeeds(ctx context.Context, seeds string) (string, erro return "", nil } -func updateGroupPeers(ctx context.Context, peers sets.Set[string]) error { +func updateGroupPeers(ctx context.Context, peers sets.Set[string], version *v.Version) error { fqdn, err := getFQDN(os.Getenv("SERVICE_NAME")) if err != nil { return errors.Wrap(err, "get FQDN") @@ -157,7 +180,7 @@ func updateGroupPeers(ctx context.Context, peers sets.Set[string]) error { for _, peer := range peers.UnsortedList() { log.Printf("Connecting to peer %s", peer) - sh := newShell(peer) + sh := newShell(peer, version) seeds, err := sh.getGroupSeeds(ctx) if err != nil { @@ -188,10 +211,16 @@ func updateGroupPeers(ctx context.Context, peers sets.Set[string]) error { return nil } -func (m *mysqlsh) configureLocalInstance(ctx context.Context) error { - _, _, err := m.run(ctx, fmt.Sprintf("dba.configureLocalInstance('%s', {'clearReadOnly': true})", m.getURI())) - if err != nil { - return errors.Wrap(err, "configure local instance") +func (m *mysqlsh) configureInstance(ctx context.Context) error { + var cmd string + if m.compareVersionWith("8.4") >= 0 { + cmd = fmt.Sprintf("dba.configureInstance('%s')", m.getURI()) + } else { + cmd = fmt.Sprintf("dba.configureLocalInstance('%s', {'clearReadOnly': true})", m.getURI()) + } + + if _, _, err := m.run(ctx, cmd); err != nil { + return errors.Wrap(err, "configure instance") } return nil @@ -210,8 +239,23 @@ func (m *mysqlsh) createCluster(ctx context.Context) error { } func (m *mysqlsh) addInstance(ctx context.Context, instanceDef string) error { - _, _, err := m.run(ctx, fmt.Sprintf("dba.getCluster('%s').addInstance('%s', {'recoveryMethod': 'clone', 'waitRecovery': 3})", m.clusterName, instanceDef)) - if err != nil { + var cmd string + + if m.compareVersionWith("8.4") >= 0 { + cmd = fmt.Sprintf( + "dba.getCluster('%s').addInstance('%s', {'recoveryMethod': 'clone', 'recoveryProgress': 2})", + m.clusterName, + instanceDef, + ) + } else { + cmd = fmt.Sprintf( + "dba.getCluster('%s').addInstance('%s', {'recoveryMethod': 'clone', 'waitRecovery': 3})", + m.clusterName, + instanceDef, + ) + } + + if _, _, err := m.run(ctx, cmd); err != nil { return errors.Wrap(err, "add instance") } @@ -242,27 +286,18 @@ func (m *mysqlsh) removeInstance(ctx context.Context, instanceDef string, force return nil } -func (m *mysqlsh) rescanCluster(ctx context.Context) error { - _, _, err := m.run(ctx, fmt.Sprintf("dba.getCluster('%s').rescan({'addInstances': 'auto', 'removeInstances': 'auto'})", m.clusterName)) - if err != nil { - return errors.Wrap(err, "rescan cluster") - } - - return nil -} - -func connectToLocal(ctx context.Context) (*mysqlsh, error) { +func connectToLocal(ctx context.Context, version *v.Version) (*mysqlsh, error) { fqdn, err := getFQDN(os.Getenv("SERVICE_NAME")) if err != nil { return nil, errors.Wrap(err, "get FQDN") } - return newShell(fqdn), nil + return newShell(fqdn, version), nil } -func connectToCluster(ctx context.Context, peers sets.Set[string]) (*mysqlsh, error) { +func connectToCluster(ctx context.Context, peers sets.Set[string], version *v.Version) (*mysqlsh, error) { for _, peer := range sets.List(peers) { - shell := newShell(peer) + shell := newShell(peer, version) stdout, stderr, err := shell.run(ctx, fmt.Sprintf("dba.getCluster('%s')", shell.clusterName)) if err != nil { log.Printf("Failed get cluster from peer %s, stdout: %s stderr: %s", peer, stdout.String(), stderr.String()) @@ -275,8 +310,8 @@ func connectToCluster(ctx context.Context, peers sets.Set[string]) (*mysqlsh, er return nil, errors.New("failed to open connection to cluster") } -func handleFullClusterCrash(ctx context.Context) error { - localShell, err := connectToLocal(ctx) +func handleFullClusterCrash(ctx context.Context, version *v.Version) error { + localShell, err := connectToLocal(ctx, version) if err != nil { return errors.Wrap(err, "connect to local") } @@ -296,6 +331,35 @@ func handleFullClusterCrash(ctx context.Context) error { return nil } +func getMySQLShellVersion(ctx context.Context) (*v.Version, error) { + re, err := regexp.Compile(`MySQL (\d+\.\d+\.\d+)`) + if err != nil { + return nil, err + } + + var stdoutb, stderrb bytes.Buffer + + c := exec.CommandContext(ctx, "mysqlsh", "--version") + c.Stdout = &stdoutb + c.Stderr = &stderrb + + if err := c.Run(); err != nil { + return nil, errors.Wrapf(err, "run mysqlsh --version (stdout: %s, stderr: %s)", stdoutb.String(), stderrb.String()) + } + + f := re.FindSubmatch(stdoutb.Bytes()) + if len(f) < 1 { + return nil, errors.Errorf("couldn't extract version information from mysqlsh --version (stdout: %s, stderr: %s)", stdoutb.String(), stderrb.String()) + } + + version, err := v.NewVersion(string(f[1])) + if err != nil { + return nil, errors.Wrap(err, "parse version") + } + + return version, nil +} + func bootstrapGroupReplication(ctx context.Context) error { timer := stopwatch.NewNamedStopwatch() err := timer.Add("total") @@ -309,14 +373,20 @@ func bootstrapGroupReplication(ctx context.Context) error { log.Printf("bootstrap finished in %f seconds", timer.ElapsedSeconds("total")) }() - log.Println("Bootstrap starting...") + log.Println("Starting bootstrap...") - localShell, err := connectToLocal(ctx) + mysqlshVer, err := getMySQLShellVersion(ctx) + if err != nil { + return errors.Wrap(err, "get mysqlsh version") + } + log.Println("mysql-shell version:", mysqlshVer) + + localShell, err := connectToLocal(ctx, mysqlshVer) if err != nil { return errors.Wrap(err, "connect to local") } - err = localShell.configureLocalInstance(ctx) + err = localShell.configureInstance(ctx) if err != nil { return err } @@ -328,7 +398,7 @@ func bootstrapGroupReplication(ctx context.Context) error { } log.Printf("peers: %v", sets.List(peers)) - shell, err := connectToCluster(ctx, peers) + shell, err := connectToCluster(ctx, peers, mysqlshVer) if err != nil { log.Printf("Failed to connect to the cluster: %v", err) if peers.Len() == 1 { @@ -338,7 +408,7 @@ func bootstrapGroupReplication(ctx context.Context) error { if err != nil { if errors.Is(err, errRebootClusterFromCompleteOutage) { log.Printf("Cluster already exists, we need to reboot") - if err := handleFullClusterCrash(ctx); err != nil { + if err := handleFullClusterCrash(ctx, mysqlshVer); err != nil { return errors.Wrap(err, "handle full cluster crash") } @@ -349,13 +419,13 @@ func bootstrapGroupReplication(ctx context.Context) error { } } - shell, err = connectToCluster(ctx, peers) + shell, err = connectToCluster(ctx, peers, mysqlshVer) if err != nil { return errors.Wrap(err, "connect to the cluster") } } else { log.Printf("Can't connect to any of the peers, we need to reboot") - if err := handleFullClusterCrash(ctx); err != nil { + if err := handleFullClusterCrash(ctx, mysqlshVer); err != nil { return errors.Wrap(err, "handle full cluster crash") } @@ -377,7 +447,7 @@ func bootstrapGroupReplication(ctx context.Context) error { if member.MemberRole == innodbcluster.MemberRolePrimary && member.MemberState != innodbcluster.MemberStateOnline { log.Printf("Primary (%s) is not ONLINE. Starting full cluster crash recovery...", member.Address) - if err := handleFullClusterCrash(ctx); err != nil { + if err := handleFullClusterCrash(ctx, mysqlshVer); err != nil { return errors.Wrap(err, "handle full cluster crash") } @@ -434,15 +504,20 @@ func bootstrapGroupReplication(ctx context.Context) error { log.Printf("Instance (%s) state is %s", localShell.host, member.MemberState) } - if err := updateGroupPeers(ctx, peers); err != nil { + if err := updateGroupPeers(ctx, peers, mysqlshVer); err != nil { return err } if rescanNeeded { - err := shell.rescanCluster(ctx) + err := retry.OnError(retry.DefaultBackoff, func(err error) bool { + return strings.Contains(err.Error(), "Another operation requiring access to the member is still in progress") + }, func() error { + return shell.rescanCluster(ctx) + }) if err != nil { return err } + log.Println("Cluster rescanned") } diff --git a/cmd/bootstrap/main.go b/cmd/bootstrap/main.go index 2c5f1892f..b72ea0cb3 100644 --- a/cmd/bootstrap/main.go +++ b/cmd/bootstrap/main.go @@ -11,8 +11,9 @@ import ( ) const ( - fullClusterCrashFile = "/var/lib/mysql/full-cluster-crash" + noBootstrapFile = "/var/lib/mysql/no-bootstrap" manualRecoveryFile = "/var/lib/mysql/sleep-forever" + fullClusterCrashFile = "/var/lib/mysql/full-cluster-crash" ) func main() { @@ -24,16 +25,17 @@ func main() { log.SetOutput(io.MultiWriter(os.Stderr, f)) - fullClusterCrash, err := fileExists(fullClusterCrashFile) - if err == nil && fullClusterCrash { - log.Printf("%s exists. exiting...", fullClusterCrashFile) - os.Exit(0) + recoveryFiles := []string{ + noBootstrapFile, + manualRecoveryFile, + fullClusterCrashFile, } - - manualRecovery, err := fileExists(manualRecoveryFile) - if err == nil && manualRecovery { - log.Printf("%s exists. exiting...", manualRecoveryFile) - os.Exit(0) + for _, rFile := range recoveryFiles { + recovery, err := fileExists(rFile) + if err == nil && recovery { + log.Printf("%s exists. exiting...", rFile) + os.Exit(0) + } } exists, err := lockExists("bootstrap") diff --git a/cmd/healthcheck/main.go b/cmd/healthcheck/main.go index 66d3e3416..7e9034b75 100644 --- a/cmd/healthcheck/main.go +++ b/cmd/healthcheck/main.go @@ -21,21 +21,24 @@ import ( "github.com/percona/percona-server-mysql-operator/pkg/naming" ) -func main() { - fullClusterCrash, err := fileExists("/var/lib/mysql/full-cluster-crash") - if err != nil { - log.Fatalf("check /var/lib/mysql/full-cluster-crash: %s", err) - } - if fullClusterCrash { - os.Exit(0) - } +const ( + noBootstrapFile = "/var/lib/mysql/no-bootstrap" + manualRecoveryFile = "/var/lib/mysql/sleep-forever" + fullClusterCrashFile = "/var/lib/mysql/full-cluster-crash" +) - manualRecovery, err := fileExists("/var/lib/mysql/sleep-forever") - if err != nil { - log.Fatalf("check /var/lib/mysql/sleep-forever: %s", err) - } - if manualRecovery { - os.Exit(0) +func main() { + recoveryFiles := []string{ + noBootstrapFile, + manualRecoveryFile, + fullClusterCrashFile, + } + for _, rFile := range recoveryFiles { + recovery, err := fileExists(rFile) + if err == nil && recovery { + log.Printf("%s exists. exiting...", rFile) + os.Exit(0) + } } stateFilePath, ok := os.LookupEnv(naming.EnvMySQLStateFile) diff --git a/cmd/mysql-state-monitor/main.go b/cmd/mysql-state-monitor/main.go index 9619ba336..13135d37c 100644 --- a/cmd/mysql-state-monitor/main.go +++ b/cmd/mysql-state-monitor/main.go @@ -25,23 +25,61 @@ func parseDatum(datum string) state.MySQLState { if strings.HasPrefix(lines[0], "STATUS=") { status := strings.TrimPrefix(lines[0], "STATUS=") + switch status { case "Server is operational": return state.MySQLReady - case "Server shutdown in progress": + case "Server shutdown in progress", + "Forceful shutdown of connections in progress", + "Graceful shutdown of connections in progress", + "Components initialization unsuccessful", + "Execution of SQL Commands from Init-file unsuccessful", + "Initialization of dynamic plugins unsuccessful", + "Initialization of MySQL system tables unsuccessful", + "InnoDB crash recovery unsuccessful", + "InnoDB initialization unsuccessful": return state.MySQLDown case "Server startup in progress", - "Data Dictionary upgrade in progress", - "Data Dictionary upgrade complete", + "Server initialization in progress", "Server upgrade in progress", "Server upgrade complete", "Server downgrade in progress", "Server downgrade complete", + "Data Dictionary upgrade in progress", + "Data Dictionary upgrade complete", "Data Dictionary upgrade from MySQL 5.7 in progress", "Data Dictionary upgrade from MySQL 5.7 complete", + "Components initialization in progress", + "Components initialization successful", + "Connection shutdown complete", + "Execution of SQL Commands from Init-file successful", + "Initialization of dynamic plugins in progress", + "Initialization of dynamic plugins successful", + "Initialization of MySQL system tables in progress", + "Initialization of MySQL system tables successful", + "InnoDB crash recovery in progress", + "InnoDB crash recovery successful", + "InnoDB initialization in progress", + "InnoDB initialization successful", + "Shutdown of plugins complete", + "Shutdown of components in progress", + "Shutdown of components successful", + "Shutdown of plugins in progress", + "Shutdown of replica threads in progress", "Server shutdown complete": // we treat this as startup because during init, MySQL notifies this even if it's up return state.MySQLStartup } + + // these statuses have variables in it + // that's why we're handling them separately + switch { + case strings.HasPrefix(status, "Pre DD shutdown of MySQL SE plugin"): + return state.MySQLStartup + case strings.HasPrefix(status, "Server shutdown complete"): + return state.MySQLStartup + case strings.HasPrefix(status, "Server initialization complete"): + return state.MySQLStartup + } } return state.MySQLUnknown diff --git a/config/crd/bases/ps.percona.com_perconaservermysqls.yaml b/config/crd/bases/ps.percona.com_perconaservermysqls.yaml index 57c38c909..b798e9237 100644 --- a/config/crd/bases/ps.percona.com_perconaservermysqls.yaml +++ b/config/crd/bases/ps.percona.com_perconaservermysqls.yaml @@ -9447,6 +9447,8 @@ spec: type: array haproxy: properties: + imageID: + type: string ready: format: int32 type: integer @@ -9462,6 +9464,8 @@ spec: type: string mysql: properties: + imageID: + type: string ready: format: int32 type: integer @@ -9475,6 +9479,8 @@ spec: type: object orchestrator: properties: + imageID: + type: string ready: format: int32 type: integer @@ -9490,6 +9496,8 @@ spec: type: string router: properties: + imageID: + type: string ready: format: int32 type: integer diff --git a/config/crd/ps.percona.com_perconaservermysqlbackups.yaml b/config/crd/ps.percona.com_perconaservermysqlbackups.yaml new file mode 100644 index 000000000..b3171aaba --- /dev/null +++ b/config/crd/ps.percona.com_perconaservermysqlbackups.yaml @@ -0,0 +1,955 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.3 + name: perconaservermysqlbackups.ps.percona.com +spec: + group: ps.percona.com + names: + kind: PerconaServerMySQLBackup + listKind: PerconaServerMySQLBackupList + plural: perconaservermysqlbackups + shortNames: + - ps-backup + - ps-backups + singular: perconaservermysqlbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.storageName + name: Storage + type: string + - jsonPath: .status.destination + name: Destination + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.completed + name: Completed + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + clusterName: + type: string + storageName: + type: string + required: + - clusterName + - storageName + type: object + status: + properties: + completed: + format: date-time + type: string + destination: + type: string + image: + type: string + state: + type: string + stateDescription: + type: string + storage: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + azure: + properties: + containerName: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + storageClass: + type: string + required: + - containerName + - credentialsSecret + type: object + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + gcs: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + labels: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + s3: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + region: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + schedulerName: + type: string + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + type: + type: string + verifyTLS: + type: boolean + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - type + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/ps.percona.com_perconaservermysqlrestores.yaml b/config/crd/ps.percona.com_perconaservermysqlrestores.yaml new file mode 100644 index 000000000..fcc12e341 --- /dev/null +++ b/config/crd/ps.percona.com_perconaservermysqlrestores.yaml @@ -0,0 +1,954 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.3 + name: perconaservermysqlrestores.ps.percona.com +spec: + group: ps.percona.com + names: + kind: PerconaServerMySQLRestore + listKind: PerconaServerMySQLRestoreList + plural: perconaservermysqlrestores + shortNames: + - ps-restore + singular: perconaservermysqlrestore + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + backupName: + type: string + backupSource: + properties: + completed: + format: date-time + type: string + destination: + type: string + image: + type: string + state: + type: string + stateDescription: + type: string + storage: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + azure: + properties: + containerName: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + storageClass: + type: string + required: + - containerName + - credentialsSecret + type: object + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + gcs: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + labels: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + s3: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + region: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + schedulerName: + type: string + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + type: + type: string + verifyTLS: + type: boolean + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - type + type: object + type: object + clusterName: + type: string + required: + - clusterName + type: object + status: + properties: + completed: + format: date-time + type: string + state: + type: string + stateDescription: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/ps.percona.com_perconaservermysqls.yaml b/config/crd/ps.percona.com_perconaservermysqls.yaml new file mode 100644 index 000000000..d2b296929 --- /dev/null +++ b/config/crd/ps.percona.com_perconaservermysqls.yaml @@ -0,0 +1,9519 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.3 + name: perconaservermysqls.ps.percona.com +spec: + group: ps.percona.com + names: + kind: PerconaServerMySQL + listKind: PerconaServerMySQLList + plural: perconaservermysqls + shortNames: + - ps + singular: perconaservermysql + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.mysql.clusterType + name: Replication + type: string + - jsonPath: .status.host + name: Endpoint + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.mysql.ready + name: MySQL + type: string + - jsonPath: .status.orchestrator.ready + name: Orchestrator + type: string + - jsonPath: .status.haproxy.ready + name: HAProxy + type: string + - jsonPath: .status.router.ready + name: Router + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + backup: + properties: + backoffLimit: + format: int32 + type: integer + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + enabled: + type: boolean + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initImage: + type: string + pitr: + properties: + binlogServer: + properties: + affinity: + properties: + advanced: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + antiAffinityTopologyKey: + type: string + type: object + annotations: + additionalProperties: + type: string + type: object + configuration: + type: string + connectTimeout: + format: int32 + type: integer + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + gracePeriod: + format: int64 + type: integer + idleTime: + format: int32 + type: integer + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initImage: + type: string + labels: + additionalProperties: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + readTimeout: + format: int32 + type: integer + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + schedulerName: + type: string + serverId: + format: int32 + type: integer + serviceAccountName: + type: string + size: + format: int32 + type: integer + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + storage: + properties: + s3: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + region: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + writeTimeout: + format: int32 + type: integer + required: + - connectTimeout + - idleTime + - image + - readTimeout + - serverId + - size + - storage + - writeTimeout + type: object + enabled: + type: boolean + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + schedule: + items: + properties: + keep: + type: integer + name: + type: string + schedule: + type: string + storageName: + type: string + required: + - name + - schedule + - storageName + type: object + type: array + serviceAccountName: + type: string + storages: + additionalProperties: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + azure: + properties: + containerName: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + storageClass: + type: string + required: + - containerName + - credentialsSecret + type: object + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + gcs: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + labels: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + s3: + properties: + bucket: + type: string + credentialsSecret: + type: string + endpointUrl: + type: string + prefix: + type: string + region: + type: string + storageClass: + type: string + required: + - bucket + - credentialsSecret + type: object + schedulerName: + type: string + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + type: + type: string + verifyTLS: + type: boolean + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - type + type: object + type: object + required: + - image + type: object + crVersion: + type: string + ignoreAnnotations: + items: + type: string + type: array + ignoreLabels: + items: + type: string + type: array + initImage: + type: string + mysql: + properties: + affinity: + properties: + advanced: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + antiAffinityTopologyKey: + type: string + type: object + annotations: + additionalProperties: + type: string + type: object + autoRecovery: + type: boolean + clusterType: + type: string + configuration: + type: string + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + expose: + properties: + annotations: + additionalProperties: + type: string + type: object + enabled: + type: boolean + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object + loadBalancerSourceRanges: + items: + type: string + type: array + type: + type: string + type: object + gracePeriod: + format: int64 + type: integer + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initImage: + type: string + labels: + additionalProperties: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + schedulerName: + type: string + serviceAccountName: + type: string + sidecarPVCs: + items: + properties: + name: + type: string + spec: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - name + - spec + type: object + type: array + sidecarVolumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + default: ext4 + type: string + kind: + type: string + readOnly: + default: false + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + x-kubernetes-list-type: atomic + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + x-kubernetes-list-type: atomic + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + x-kubernetes-list-type: atomic + wwids: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + default: default + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + x-kubernetes-list-type: atomic + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + x-kubernetes-list-type: atomic + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + x-kubernetes-list-type: atomic + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + default: /etc/ceph/keyring + type: string + monitors: + items: + type: string + type: array + x-kubernetes-list-type: atomic + pool: + default: rbd + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + user: + default: admin + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + default: xfs + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + default: ThinProvisioned + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-type: atomic + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + sidecars: + items: + properties: + args: + items: + type: string + type: array + x-kubernetes-list-type: atomic + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + x-kubernetes-list-type: atomic + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + recursiveReadOnly: + type: string + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + workingDir: + type: string + required: + - name + type: object + type: array + size: + format: int32 + type: integer + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - image + - size + type: object + orchestrator: + properties: + affinity: + properties: + advanced: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + antiAffinityTopologyKey: + type: string + type: object + annotations: + additionalProperties: + type: string + type: object + configuration: + type: string + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + enabled: + type: boolean + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + expose: + properties: + annotations: + additionalProperties: + type: string + type: object + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object + loadBalancerSourceRanges: + items: + type: string + type: array + type: + type: string + type: object + gracePeriod: + format: int64 + type: integer + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initImage: + type: string + labels: + additionalProperties: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + schedulerName: + type: string + serviceAccountName: + type: string + size: + format: int32 + type: integer + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - image + - size + type: object + pause: + type: boolean + pmm: + properties: + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + enabled: + type: boolean + image: + type: string + imagePullPolicy: + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + serverHost: + type: string + serverUser: + type: string + required: + - image + type: object + proxy: + properties: + haproxy: + properties: + affinity: + properties: + advanced: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + antiAffinityTopologyKey: + type: string + type: object + annotations: + additionalProperties: + type: string + type: object + configuration: + type: string + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + enabled: + type: boolean + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + expose: + properties: + annotations: + additionalProperties: + type: string + type: object + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object + loadBalancerSourceRanges: + items: + type: string + type: array + type: + type: string + type: object + gracePeriod: + format: int64 + type: integer + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initImage: + type: string + labels: + additionalProperties: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + schedulerName: + type: string + serviceAccountName: + type: string + size: + format: int32 + type: integer + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - image + - size + type: object + router: + properties: + affinity: + properties: + advanced: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + type: object + x-kubernetes-map-type: atomic + type: array + x-kubernetes-list-type: atomic + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + x-kubernetes-list-type: atomic + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + x-kubernetes-list-type: atomic + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + antiAffinityTopologyKey: + type: string + type: object + annotations: + additionalProperties: + type: string + type: object + configuration: + type: string + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + enabled: + type: boolean + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + expose: + properties: + annotations: + additionalProperties: + type: string + type: object + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object + loadBalancerSourceRanges: + items: + type: string + type: array + type: + type: string + type: object + gracePeriod: + format: int64 + type: integer + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initImage: + type: string + labels: + additionalProperties: + type: string + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podSecurityContext: + properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxChangePolicy: + type: string + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + schedulerName: + type: string + serviceAccountName: + type: string + size: + format: int32 + type: integer + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + persistentVolumeClaim: + properties: + accessModes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeAttributesClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + required: + - image + - size + type: object + type: object + secretsName: + type: string + sslSecretName: + type: string + tls: + properties: + SANs: + items: + type: string + type: array + issuerConf: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - name + type: object + type: object + toolkit: + properties: + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + default: "" + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + imagePullSecrets: + items: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + type: array + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + request: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + required: + - image + type: object + unsafeFlags: + properties: + mysqlSize: + type: boolean + orchestrator: + type: boolean + orchestratorSize: + type: boolean + proxy: + type: boolean + proxySize: + type: boolean + type: object + updateStrategy: + type: string + upgradeOptions: + properties: + apply: + type: string + versionServiceEndpoint: + type: string + type: object + type: object + x-kubernetes-validations: + - message: 'Invalid configuration: When ''mysql.clusterType'' is set to + ''async'', ''orchestrator.enabled'' must be true unless ''unsafeFlags.orchestrator'' + is enabled' + rule: '!(self.mysql.clusterType == ''async'') || self.unsafeFlags.orchestrator + || self.orchestrator.enabled' + - message: 'Invalid configuration: When ''mysql.clusterType'' is set to + ''async'', ''proxy.haproxy.enabled'' must be true unless ''unsafeFlags.proxy'' + is enabled' + rule: '!(self.mysql.clusterType == ''async'') || self.unsafeFlags.proxy + || self.proxy.haproxy.enabled' + - message: 'Invalid configuration: When ''mysql.clusterType'' is set to + ''async'', ''proxy.router.enabled'' must be disabled' + rule: '!(self.mysql.clusterType == ''async'') || self.proxy.router == + null || !has(self.proxy.router.enabled) || !self.proxy.router.enabled' + status: + properties: + backupVersion: + type: string + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + maxLength: 32768 + type: string + observedGeneration: + format: int64 + minimum: 0 + type: integer + reason: + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + enum: + - "True" + - "False" + - Unknown + type: string + type: + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + haproxy: + properties: + imageID: + type: string + ready: + format: int32 + type: integer + size: + format: int32 + type: integer + state: + type: string + version: + type: string + type: object + host: + type: string + mysql: + properties: + imageID: + type: string + ready: + format: int32 + type: integer + size: + format: int32 + type: integer + state: + type: string + version: + type: string + type: object + orchestrator: + properties: + imageID: + type: string + ready: + format: int32 + type: integer + size: + format: int32 + type: integer + state: + type: string + version: + type: string + type: object + pmmVersion: + type: string + router: + properties: + imageID: + type: string + ready: + format: int32 + type: integer + size: + format: int32 + type: integer + state: + type: string + version: + type: string + type: object + state: + type: string + toolkitVersion: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/deploy/bundle.yaml b/deploy/bundle.yaml index c7b5ad99d..fbd2b6a6b 100644 --- a/deploy/bundle.yaml +++ b/deploy/bundle.yaml @@ -11370,6 +11370,8 @@ spec: type: array haproxy: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11385,6 +11387,8 @@ spec: type: string mysql: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11398,6 +11402,8 @@ spec: type: object orchestrator: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11413,6 +11419,8 @@ spec: type: string router: properties: + imageID: + type: string ready: format: int32 type: integer diff --git a/deploy/cr.yaml b/deploy/cr.yaml index 5e3b89299..e49ce4ce2 100644 --- a/deploy/cr.yaml +++ b/deploy/cr.yaml @@ -49,9 +49,9 @@ spec: # value: "600" resources: requests: - memory: 1G - limits: memory: 2G + limits: + memory: 4G # readinessProbe: # initialDelaySeconds: 30 diff --git a/deploy/crd.yaml b/deploy/crd.yaml index f12b35f6c..8fc273bb4 100644 --- a/deploy/crd.yaml +++ b/deploy/crd.yaml @@ -11370,6 +11370,8 @@ spec: type: array haproxy: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11385,6 +11387,8 @@ spec: type: string mysql: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11398,6 +11402,8 @@ spec: type: object orchestrator: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11413,6 +11419,8 @@ spec: type: string router: properties: + imageID: + type: string ready: format: int32 type: integer diff --git a/deploy/cw-bundle.yaml b/deploy/cw-bundle.yaml index 222e8fdd9..4ab2325e1 100644 --- a/deploy/cw-bundle.yaml +++ b/deploy/cw-bundle.yaml @@ -11370,6 +11370,8 @@ spec: type: array haproxy: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11385,6 +11387,8 @@ spec: type: string mysql: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11398,6 +11402,8 @@ spec: type: object orchestrator: properties: + imageID: + type: string ready: format: int32 type: integer @@ -11413,6 +11419,8 @@ spec: type: string router: properties: + imageID: + type: string ready: format: int32 type: integer diff --git a/e2e-tests/license/compare/go-licenses b/e2e-tests/license/compare/go-licenses index bfe5cc51f..9cff4042d 100644 --- a/e2e-tests/license/compare/go-licenses +++ b/e2e-tests/license/compare/go-licenses @@ -3,3 +3,4 @@ BSD-2-Clause BSD-3-Clause ISC MIT +MPL-2.0 diff --git a/e2e-tests/license/compare/golicense b/e2e-tests/license/compare/golicense index db7c44349..64653f306 100644 --- a/e2e-tests/license/compare/golicense +++ b/e2e-tests/license/compare/golicense @@ -3,3 +3,4 @@ BSD 2-Clause "Simplified" License BSD 3-Clause "New" or "Revised" License ISC License MIT License +Mozilla Public License 2.0 diff --git a/e2e-tests/tests/auto-config/01-assert.yaml b/e2e-tests/tests/auto-config/01-assert.yaml index d186027b8..e01573ff0 100644 --- a/e2e-tests/tests/auto-config/01-assert.yaml +++ b/e2e-tests/tests/auto-config/01-assert.yaml @@ -84,3 +84,20 @@ status: observedGeneration: 1 replicas: 3 readyReplicas: 3 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: auto-auto-config-mysql + ownerReferences: + - apiVersion: ps.percona.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: PerconaServerMySQL + name: auto-config +data: + my.cnf: |2- + + innodb_buffer_pool_size=1996488704 + innodb_buffer_pool_chunk_size=249561088 + max_connections=317 diff --git a/e2e-tests/tests/auto-config/02-assert.yaml b/e2e-tests/tests/auto-config/02-assert.yaml index 1168398bb..855706299 100644 --- a/e2e-tests/tests/auto-config/02-assert.yaml +++ b/e2e-tests/tests/auto-config/02-assert.yaml @@ -14,7 +14,7 @@ spec: - name: mysql resources: limits: - memory: 1Gi + memory: 4Gi - name: xtrabackup ports: - containerPort: 6450 diff --git a/e2e-tests/tests/auto-config/02-remove-requests-add-limits.yaml b/e2e-tests/tests/auto-config/02-remove-requests-add-limits.yaml index 36b7d1eec..32d2d701a 100644 --- a/e2e-tests/tests/auto-config/02-remove-requests-add-limits.yaml +++ b/e2e-tests/tests/auto-config/02-remove-requests-add-limits.yaml @@ -10,4 +10,4 @@ commands: kubectl -n "${NAMESPACE}" patch ps "$(get_cluster_name)" \ --type json \ - -p '[{"op": "replace", "path": "/spec/mysql/resources", "value": {"limits": {"memory": "1024Mi"}}}]' + -p '[{"op": "replace", "path": "/spec/mysql/resources", "value": {"limits": {"memory": "4096Mi"}}}]' diff --git a/e2e-tests/tests/auto-config/03-assert.yaml b/e2e-tests/tests/auto-config/03-assert.yaml new file mode 100644 index 000000000..e8eec43c3 --- /dev/null +++ b/e2e-tests/tests/auto-config/03-assert.yaml @@ -0,0 +1,20 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 120 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: auto-auto-config-mysql + ownerReferences: + - apiVersion: ps.percona.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: PerconaServerMySQL + name: auto-config +data: + my.cnf: |2- + + innodb_buffer_pool_size=2147483648 + innodb_buffer_pool_chunk_size=268435456 + max_connections=341 diff --git a/e2e-tests/tests/auto-config/03-check-auto-tuning.yaml b/e2e-tests/tests/auto-config/03-check-auto-tuning.yaml index 370542d78..84ca2ce1c 100644 --- a/e2e-tests/tests/auto-config/03-check-auto-tuning.yaml +++ b/e2e-tests/tests/auto-config/03-check-auto-tuning.yaml @@ -8,6 +8,6 @@ commands: source ../../functions - RAM_SIZE=1073741824 # 1024Mi + RAM_SIZE_BYTES=4294967296 # 4Gi - check_auto_tuning ${RAM_SIZE} + check_auto_tuning ${RAM_SIZE_BYTES} diff --git a/e2e-tests/tests/auto-config/04-assert.yaml b/e2e-tests/tests/auto-config/04-assert.yaml index 82df8d7ca..88f0055b9 100644 --- a/e2e-tests/tests/auto-config/04-assert.yaml +++ b/e2e-tests/tests/auto-config/04-assert.yaml @@ -14,7 +14,7 @@ spec: - name: mysql resources: requests: - memory: 4Gi + memory: 5Gi - name: xtrabackup - name: pt-heartbeat status: diff --git a/e2e-tests/tests/auto-config/04-remove-limits-add-requests.yaml b/e2e-tests/tests/auto-config/04-remove-limits-add-requests.yaml index 9e934f5d9..13ba7ae4f 100644 --- a/e2e-tests/tests/auto-config/04-remove-limits-add-requests.yaml +++ b/e2e-tests/tests/auto-config/04-remove-limits-add-requests.yaml @@ -10,4 +10,4 @@ commands: kubectl -n "${NAMESPACE}" patch ps "$(get_cluster_name)" \ --type json \ - -p '[{"op": "replace", "path": "/spec/mysql/resources", "value": {"requests": {"memory": "4Gi"}}}]' + -p '[{"op": "replace", "path": "/spec/mysql/resources", "value": {"requests": {"memory": "5Gi"}}}]' diff --git a/e2e-tests/tests/auto-config/05-assert.yaml b/e2e-tests/tests/auto-config/05-assert.yaml new file mode 100644 index 000000000..2e9bf3f82 --- /dev/null +++ b/e2e-tests/tests/auto-config/05-assert.yaml @@ -0,0 +1,20 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 120 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: auto-auto-config-mysql + ownerReferences: + - apiVersion: ps.percona.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: PerconaServerMySQL + name: auto-config +data: + my.cnf: |2- + + innodb_buffer_pool_size=2684354560 + innodb_buffer_pool_chunk_size=335544320 + max_connections=426 diff --git a/e2e-tests/tests/auto-config/05-check-auto-tuning.yaml b/e2e-tests/tests/auto-config/05-check-auto-tuning.yaml index 5daef87ce..aeea41e07 100644 --- a/e2e-tests/tests/auto-config/05-check-auto-tuning.yaml +++ b/e2e-tests/tests/auto-config/05-check-auto-tuning.yaml @@ -8,6 +8,6 @@ commands: source ../../functions - RAM_SIZE=4294967296 # 4Gi + RAM_SIZE_BYTES=5368709120 # 5Gi - check_auto_tuning ${RAM_SIZE} + check_auto_tuning ${RAM_SIZE_BYTES} diff --git a/e2e-tests/tests/auto-config/06-add-limits-change-requests.yaml b/e2e-tests/tests/auto-config/06-add-limits-change-requests.yaml index 6fda8941b..845ea7368 100644 --- a/e2e-tests/tests/auto-config/06-add-limits-change-requests.yaml +++ b/e2e-tests/tests/auto-config/06-add-limits-change-requests.yaml @@ -10,4 +10,4 @@ commands: kubectl -n "${NAMESPACE}" patch ps "$(get_cluster_name)" \ --type json \ - -p '[{"op": "replace", "path": "/spec/mysql/resources", "value": {"requests": {"memory": "512M"}, "limits": {"memory": "1Gi"}}}]' + -p '[{"op": "replace", "path": "/spec/mysql/resources", "value": {"requests": {"memory": "1Gi"}, "limits": {"memory": "4Gi"}}}]' diff --git a/e2e-tests/tests/auto-config/06-assert.yaml b/e2e-tests/tests/auto-config/06-assert.yaml index 7fdd81852..8012573da 100644 --- a/e2e-tests/tests/auto-config/06-assert.yaml +++ b/e2e-tests/tests/auto-config/06-assert.yaml @@ -14,9 +14,9 @@ spec: - name: mysql resources: limits: - memory: 1Gi + memory: 4Gi requests: - memory: 512M + memory: 1Gi - name: xtrabackup - name: pt-heartbeat status: diff --git a/e2e-tests/tests/auto-config/07-assert.yaml b/e2e-tests/tests/auto-config/07-assert.yaml new file mode 100644 index 000000000..e8eec43c3 --- /dev/null +++ b/e2e-tests/tests/auto-config/07-assert.yaml @@ -0,0 +1,20 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 120 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: auto-auto-config-mysql + ownerReferences: + - apiVersion: ps.percona.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: PerconaServerMySQL + name: auto-config +data: + my.cnf: |2- + + innodb_buffer_pool_size=2147483648 + innodb_buffer_pool_chunk_size=268435456 + max_connections=341 diff --git a/e2e-tests/tests/auto-config/07-check-auto-tuning.yaml b/e2e-tests/tests/auto-config/07-check-auto-tuning.yaml index bf384b559..84ca2ce1c 100644 --- a/e2e-tests/tests/auto-config/07-check-auto-tuning.yaml +++ b/e2e-tests/tests/auto-config/07-check-auto-tuning.yaml @@ -8,6 +8,6 @@ commands: source ../../functions - RAM_SIZE=1073741824 # 1Gi + RAM_SIZE_BYTES=4294967296 # 4Gi - check_auto_tuning ${RAM_SIZE} + check_auto_tuning ${RAM_SIZE_BYTES} diff --git a/e2e-tests/tests/auto-config/09-assert.yaml b/e2e-tests/tests/auto-config/09-assert.yaml new file mode 100644 index 000000000..2d7b5fadd --- /dev/null +++ b/e2e-tests/tests/auto-config/09-assert.yaml @@ -0,0 +1,18 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 120 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: auto-auto-config-mysql + ownerReferences: + - apiVersion: ps.percona.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: PerconaServerMySQL + name: auto-config +data: + my.cnf: |2- + + max_connections=341 diff --git a/e2e-tests/tests/auto-config/09-check-auto-tuning.yaml b/e2e-tests/tests/auto-config/09-check-auto-tuning.yaml index 65bddd090..78b1051e2 100644 --- a/e2e-tests/tests/auto-config/09-check-auto-tuning.yaml +++ b/e2e-tests/tests/auto-config/09-check-auto-tuning.yaml @@ -8,7 +8,7 @@ commands: source ../../functions - RAM_SIZE=1073741824 # 1Gi + RAM_SIZE_BYTES=4294967296 # 4Gi CUSTOM_INNODB_SIZE=2147483648 - check_auto_tuning ${RAM_SIZE} ${CUSTOM_INNODB_SIZE} + check_auto_tuning ${RAM_SIZE_BYTES} ${CUSTOM_INNODB_SIZE} diff --git a/e2e-tests/tests/auto-config/10-change-cfg-template-params.yaml b/e2e-tests/tests/auto-config/10-change-cfg-template-params.yaml index 6da629923..7c39609fd 100644 --- a/e2e-tests/tests/auto-config/10-change-cfg-template-params.yaml +++ b/e2e-tests/tests/auto-config/10-change-cfg-template-params.yaml @@ -10,4 +10,4 @@ commands: kubectl -n "${NAMESPACE}" patch ps "$(get_cluster_name)" \ --type merge \ - -p '{"spec": {"mysql": {"configuration": "innodb_buffer_pool_size={{containerMemoryLimit * 2}}\nmax_connections=200"}}}' + -p '{"spec": {"mysql": {"configuration": "innodb_buffer_pool_size={{containerMemoryLimit / 2}}\nmax_connections=200"}}}' diff --git a/e2e-tests/tests/auto-config/11-assert.yaml b/e2e-tests/tests/auto-config/11-assert.yaml new file mode 100644 index 000000000..a5f7e9727 --- /dev/null +++ b/e2e-tests/tests/auto-config/11-assert.yaml @@ -0,0 +1,16 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 120 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: auto-auto-config-mysql + ownerReferences: + - apiVersion: ps.percona.com/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: PerconaServerMySQL + name: auto-config +data: + my.cnf: "" diff --git a/e2e-tests/tests/auto-config/11-check-auto-tuning.yaml b/e2e-tests/tests/auto-config/11-check-auto-tuning.yaml index 9214250ad..2ee7a48e3 100644 --- a/e2e-tests/tests/auto-config/11-check-auto-tuning.yaml +++ b/e2e-tests/tests/auto-config/11-check-auto-tuning.yaml @@ -8,8 +8,8 @@ commands: source ../../functions - RAM_SIZE=1073741824 # 1Gi + RAM_SIZE_BYTES=4294967296 # 4Gi CUSTOM_INNODB_SIZE=2147483648 CUSTOM_CONNECTIONS=200 - check_auto_tuning ${RAM_SIZE} ${CUSTOM_INNODB_SIZE} ${CUSTOM_CONNECTIONS} + check_auto_tuning ${RAM_SIZE_BYTES} ${CUSTOM_INNODB_SIZE} ${CUSTOM_CONNECTIONS} diff --git a/e2e-tests/tests/gr-recreate/04-assert.yaml b/e2e-tests/tests/gr-recreate/04-assert.yaml index 432e827c9..514129079 100644 --- a/e2e-tests/tests/gr-recreate/04-assert.yaml +++ b/e2e-tests/tests/gr-recreate/04-assert.yaml @@ -1,6 +1,6 @@ apiVersion: kuttl.dev/v1beta1 kind: TestAssert -timeout: 480 +timeout: 600 --- kind: StatefulSet apiVersion: apps/v1 diff --git a/e2e-tests/tests/gr-users/02-assert.yaml b/e2e-tests/tests/gr-users/02-assert.yaml deleted file mode 100644 index 269a3b291..000000000 --- a/e2e-tests/tests/gr-users/02-assert.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: kuttl.dev/v1beta1 -kind: TestAssert -timeout: 300 ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: 02-check-users -data: - heartbeat: | - GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost` - GRANT SYSTEM_USER ON *.* TO `heartbeat`@`localhost` - GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `sys_operator`.`heartbeat` TO `heartbeat`@`localhost` - monitor: | - GRANT SELECT, RELOAD, PROCESS, SUPER, REPLICATION CLIENT ON *.* TO `monitor`@`%` - GRANT BACKUP_ADMIN,SERVICE_CONNECTION_ADMIN,SYSTEM_USER ON *.* TO `monitor`@`%` - GRANT SELECT ON `performance_schema`.* TO `monitor`@`%` - operator: | - GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION - GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION - orchestrator: | - GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%` - GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%` - GRANT SELECT ON `sys_operator`.* TO `orchestrator`@`%` - GRANT SELECT ON `mysql`.`slave_master_info` TO `orchestrator`@`%` - GRANT SELECT ON `performance_schema`.`replication_group_members` TO `orchestrator`@`%` - xtrabackup: | - GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost` - GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost` - GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost` - GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost` - GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost` diff --git a/e2e-tests/tests/gr-users/02-check-users.yaml b/e2e-tests/tests/gr-users/02-check-users.yaml index 0e766e4b8..56a26dfed 100644 --- a/e2e-tests/tests/gr-users/02-check-users.yaml +++ b/e2e-tests/tests/gr-users/02-check-users.yaml @@ -29,3 +29,18 @@ commands: kubectl create configmap -n "${NAMESPACE}" 02-check-users $args kubectl get configmap -n "${NAMESPACE}" 02-check-users -o yaml + + version=$(kubectl -n ${NAMESPACE} get ps gr-users -o yaml | yq .status.mysql.version) + + if [[ ${version} =~ "8.0" ]]; then + kubectl get -n ${NAMESPACE} cm 02-check-users -o yaml | yq .data | diff -u - 02-grants-80.txt + exit 0 + fi + + if [[ ${version} =~ "8.4" ]]; then + kubectl get -n ${NAMESPACE} cm 02-check-users -o yaml | yq .data | diff -u - 02-grants-84.txt + exit 0 + fi + + echo "unsupported MySQL version" + exit 1 diff --git a/e2e-tests/tests/gr-users/02-grants-80.txt b/e2e-tests/tests/gr-users/02-grants-80.txt new file mode 100644 index 000000000..1757904dd --- /dev/null +++ b/e2e-tests/tests/gr-users/02-grants-80.txt @@ -0,0 +1,28 @@ +heartbeat: | + GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost` + GRANT SYSTEM_USER ON *.* TO `heartbeat`@`localhost` + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `sys_operator`.`heartbeat` TO `heartbeat`@`localhost` +monitor: | + GRANT SELECT, RELOAD, PROCESS, SUPER, REPLICATION CLIENT ON *.* TO `monitor`@`%` + GRANT BACKUP_ADMIN,SERVICE_CONNECTION_ADMIN,SYSTEM_USER ON *.* TO `monitor`@`%` + GRANT SELECT ON `performance_schema`.* TO `monitor`@`%` +operator: | + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION + GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION +orchestrator: | + GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%` + GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%` + GRANT SELECT ON `sys_operator`.* TO `orchestrator`@`%` + GRANT SELECT ON `mysql`.`slave_master_info` TO `orchestrator`@`%` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `orchestrator`@`%` +replication: | + GRANT SELECT, RELOAD, SHUTDOWN, PROCESS, FILE, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE USER ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,ROLE_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO `replication`@`%` WITH GRANT OPTION + GRANT SELECT ON `performance_schema`.`threads` TO `replication`@`%` +xtrabackup: | + GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost` + GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost` diff --git a/e2e-tests/tests/gr-users/02-grants-84.txt b/e2e-tests/tests/gr-users/02-grants-84.txt new file mode 100644 index 000000000..94209d805 --- /dev/null +++ b/e2e-tests/tests/gr-users/02-grants-84.txt @@ -0,0 +1,28 @@ +heartbeat: | + GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost` + GRANT SYSTEM_USER ON *.* TO `heartbeat`@`localhost` + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `sys_operator`.`heartbeat` TO `heartbeat`@`localhost` +monitor: | + GRANT SELECT, RELOAD, PROCESS, SUPER, REPLICATION CLIENT ON *.* TO `monitor`@`%` + GRANT BACKUP_ADMIN,SERVICE_CONNECTION_ADMIN,SYSTEM_USER ON *.* TO `monitor`@`%` + GRANT SELECT ON `performance_schema`.* TO `monitor`@`%` +operator: | + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION + GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_PRIVILEGES,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,OPTIMIZE_LOCAL_TABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION +orchestrator: | + GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%` + GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%` + GRANT SELECT ON `sys_operator`.* TO `orchestrator`@`%` + GRANT SELECT ON `mysql`.`slave_master_info` TO `orchestrator`@`%` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `orchestrator`@`%` +replication: | + GRANT SELECT, RELOAD, SHUTDOWN, PROCESS, FILE, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE USER ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,ROLE_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO `replication`@`%` WITH GRANT OPTION + GRANT SELECT ON `performance_schema`.`threads` TO `replication`@`%` +xtrabackup: | + GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost` + GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost` diff --git a/e2e-tests/tests/init-deploy/00-assert.yaml b/e2e-tests/tests/init-deploy/00-assert.yaml index 25ef8218a..d9146fe1b 100644 --- a/e2e-tests/tests/init-deploy/00-assert.yaml +++ b/e2e-tests/tests/init-deploy/00-assert.yaml @@ -2,11 +2,6 @@ apiVersion: kuttl.dev/v1beta1 kind: TestAssert timeout: 120 --- -kind: ResourceQuota -apiVersion: v1 -metadata: - name: init-deploy-resource-quota ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: diff --git a/e2e-tests/tests/init-deploy/00-deploy-operator.yaml b/e2e-tests/tests/init-deploy/00-deploy-operator.yaml index 1a4807f47..755246211 100644 --- a/e2e-tests/tests/init-deploy/00-deploy-operator.yaml +++ b/e2e-tests/tests/init-deploy/00-deploy-operator.yaml @@ -1,14 +1,3 @@ -apiVersion: v1 -kind: ResourceQuota -metadata: - name: init-deploy-resource-quota -spec: - hard: - requests.cpu: "8" - requests.memory: "10Gi" - limits.cpu: "10" - limits.memory: "12Gi" ---- apiVersion: kuttl.dev/v1beta1 kind: TestStep timeout: 10 diff --git a/e2e-tests/tests/init-deploy/01-assert.yaml b/e2e-tests/tests/init-deploy/01-assert.yaml index bf99ec956..4e3937e4b 100644 --- a/e2e-tests/tests/init-deploy/01-assert.yaml +++ b/e2e-tests/tests/init-deploy/01-assert.yaml @@ -1,6 +1,11 @@ apiVersion: kuttl.dev/v1beta1 kind: TestAssert -timeout: 420 +timeout: 600 +--- +kind: ResourceQuota +apiVersion: v1 +metadata: + name: init-deploy-resource-quota --- kind: StatefulSet apiVersion: apps/v1 diff --git a/e2e-tests/tests/init-deploy/01-create-cluster.yaml b/e2e-tests/tests/init-deploy/01-create-cluster.yaml index c153de667..3b21e3697 100644 --- a/e2e-tests/tests/init-deploy/01-create-cluster.yaml +++ b/e2e-tests/tests/init-deploy/01-create-cluster.yaml @@ -1,3 +1,14 @@ +apiVersion: v1 +kind: ResourceQuota +metadata: + name: init-deploy-resource-quota +spec: + hard: + requests.cpu: "8" + requests.memory: "16Gi" + limits.cpu: "10" + limits.memory: "24Gi" +--- apiVersion: kuttl.dev/v1beta1 kind: TestStep timeout: 10 @@ -9,30 +20,30 @@ commands: source ../../functions get_cr \ - | yq eval '.spec.mysql.clusterType="async"' - \ - | yq eval '.spec.mysql.size=3' - \ - | yq eval '.spec.proxy.haproxy.enabled=true' - \ - | yq eval '.spec.proxy.haproxy.size=3' - \ - | yq eval '.spec.orchestrator.enabled=true' - \ - | yq eval '.spec.mysql.resources.limits.cpu="500m"' - \ - | yq eval '.spec.mysql.resources.limits.memory="1G"' - \ - | yq eval '.spec.mysql.resources.requests.cpu="400m"' - \ - | yq eval '.spec.mysql.resources.requests.memory="1G"' - \ - | yq eval '.spec.backup.resources.limits.cpu="200m"' - \ - | yq eval '.spec.backup.resources.limits.memory="256Mi"' - \ - | yq eval '.spec.backup.resources.requests.cpu="100m"' - \ - | yq eval '.spec.backup.resources.requests.memory="128Mi"' - \ - | yq eval '.spec.toolkit.resources.limits.cpu="150m"' - \ - | yq eval '.spec.toolkit.resources.limits.memory="256Mi"' - \ - | yq eval '.spec.toolkit.resources.requests.cpu="100m"' - \ - | yq eval '.spec.toolkit.resources.requests.memory="128Mi"' - \ - | yq eval '.spec.proxy.haproxy.resources.limits.cpu="600m"' - \ - | yq eval '.spec.proxy.haproxy.resources.limits.memory="512Mi"' - \ - | yq eval '.spec.proxy.haproxy.resources.requests.cpu="500m"' - \ - | yq eval '.spec.proxy.haproxy.resources.requests.memory="256Mi"' - \ - | yq eval '.spec.orchestrator.resources.limits.cpu="200m"' - \ - | yq eval '.spec.orchestrator.resources.limits.memory="256Mi"' - \ - | yq eval '.spec.orchestrator.resources.requests.cpu="100m"' - \ - | yq eval '.spec.orchestrator.resources.requests.memory="128Mi"' - \ - | yq eval '.spec.orchestrator.size=3' - \ - | kubectl -n "${NAMESPACE}" apply -f - + | yq eval '.spec.mysql.clusterType="async"' - \ + | yq eval '.spec.mysql.size=3' - \ + | yq eval '.spec.proxy.haproxy.enabled=true' - \ + | yq eval '.spec.proxy.haproxy.size=3' - \ + | yq eval '.spec.orchestrator.enabled=true' - \ + | yq eval '.spec.mysql.resources.limits.cpu="1000m"' - \ + | yq eval '.spec.mysql.resources.limits.memory="4G"' - \ + | yq eval '.spec.mysql.resources.requests.cpu="400m"' - \ + | yq eval '.spec.mysql.resources.requests.memory="2G"' - \ + | yq eval '.spec.backup.resources.limits.cpu="200m"' - \ + | yq eval '.spec.backup.resources.limits.memory="256Mi"' - \ + | yq eval '.spec.backup.resources.requests.cpu="100m"' - \ + | yq eval '.spec.backup.resources.requests.memory="128Mi"' - \ + | yq eval '.spec.toolkit.resources.limits.cpu="150m"' - \ + | yq eval '.spec.toolkit.resources.limits.memory="256Mi"' - \ + | yq eval '.spec.toolkit.resources.requests.cpu="100m"' - \ + | yq eval '.spec.toolkit.resources.requests.memory="128Mi"' - \ + | yq eval '.spec.proxy.haproxy.resources.limits.cpu="600m"' - \ + | yq eval '.spec.proxy.haproxy.resources.limits.memory="512Mi"' - \ + | yq eval '.spec.proxy.haproxy.resources.requests.cpu="500m"' - \ + | yq eval '.spec.proxy.haproxy.resources.requests.memory="256Mi"' - \ + | yq eval '.spec.orchestrator.resources.limits.cpu="200m"' - \ + | yq eval '.spec.orchestrator.resources.limits.memory="256Mi"' - \ + | yq eval '.spec.orchestrator.resources.requests.cpu="100m"' - \ + | yq eval '.spec.orchestrator.resources.requests.memory="128Mi"' - \ + | yq eval '.spec.orchestrator.size=3' - \ + | kubectl -n "${NAMESPACE}" apply -f - diff --git a/e2e-tests/tests/init-deploy/06-check-async-repl-not-ready-cr-status.yaml b/e2e-tests/tests/init-deploy/06-check-async-repl-not-ready-cr-status.yaml index 04fdc3f99..e80274a75 100644 --- a/e2e-tests/tests/init-deploy/06-check-async-repl-not-ready-cr-status.yaml +++ b/e2e-tests/tests/init-deploy/06-check-async-repl-not-ready-cr-status.yaml @@ -1,7 +1,6 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep -timeout: 30 commands: - script: |- set -o errexit @@ -34,3 +33,4 @@ commands: echo "Status state should be ready, but is $state." exit 1 fi + timeout: 60 diff --git a/e2e-tests/tests/limits/01-assert.yaml b/e2e-tests/tests/limits/01-assert.yaml index 71a6c3a69..be4803bc7 100644 --- a/e2e-tests/tests/limits/01-assert.yaml +++ b/e2e-tests/tests/limits/01-assert.yaml @@ -106,7 +106,7 @@ spec: timeoutSeconds: 3 resources: requests: - memory: 1G + memory: 2G startupProbe: exec: command: diff --git a/e2e-tests/tests/limits/03-assert.yaml b/e2e-tests/tests/limits/03-assert.yaml index e6bea217a..638b52b77 100644 --- a/e2e-tests/tests/limits/03-assert.yaml +++ b/e2e-tests/tests/limits/03-assert.yaml @@ -106,7 +106,7 @@ spec: timeoutSeconds: 3 resources: limits: - memory: 2G + memory: 4G startupProbe: exec: command: diff --git a/e2e-tests/tests/users/02-check-users.yaml b/e2e-tests/tests/users/02-check-users.yaml index 980b5eb79..bd5fbd8a0 100644 --- a/e2e-tests/tests/users/02-check-users.yaml +++ b/e2e-tests/tests/users/02-check-users.yaml @@ -29,3 +29,18 @@ commands: kubectl create configmap -n "${NAMESPACE}" 02-check-users $args kubectl get configmap -n "${NAMESPACE}" 02-check-users -o yaml + + version=$(kubectl -n ${NAMESPACE} get ps users -o yaml | yq .status.mysql.version) + + if [[ ${version} =~ "8.0" ]]; then + kubectl get -n ${NAMESPACE} cm 02-check-users -o yaml | yq .data | diff -u - 02-grants-80.txt + exit 0 + fi + + if [[ ${version} =~ "8.4" ]]; then + kubectl get -n ${NAMESPACE} cm 02-check-users -o yaml | yq .data | diff -u - 02-grants-84.txt + exit 0 + fi + + echo "unsupported MySQL version" + exit 1 diff --git a/e2e-tests/tests/users/02-grants-80.txt b/e2e-tests/tests/users/02-grants-80.txt new file mode 100644 index 000000000..1757904dd --- /dev/null +++ b/e2e-tests/tests/users/02-grants-80.txt @@ -0,0 +1,28 @@ +heartbeat: | + GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost` + GRANT SYSTEM_USER ON *.* TO `heartbeat`@`localhost` + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `sys_operator`.`heartbeat` TO `heartbeat`@`localhost` +monitor: | + GRANT SELECT, RELOAD, PROCESS, SUPER, REPLICATION CLIENT ON *.* TO `monitor`@`%` + GRANT BACKUP_ADMIN,SERVICE_CONNECTION_ADMIN,SYSTEM_USER ON *.* TO `monitor`@`%` + GRANT SELECT ON `performance_schema`.* TO `monitor`@`%` +operator: | + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION + GRANT APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION +orchestrator: | + GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%` + GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%` + GRANT SELECT ON `sys_operator`.* TO `orchestrator`@`%` + GRANT SELECT ON `mysql`.`slave_master_info` TO `orchestrator`@`%` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `orchestrator`@`%` +replication: | + GRANT SELECT, RELOAD, SHUTDOWN, PROCESS, FILE, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE USER ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,ROLE_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO `replication`@`%` WITH GRANT OPTION + GRANT SELECT ON `performance_schema`.`threads` TO `replication`@`%` +xtrabackup: | + GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost` + GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost` diff --git a/e2e-tests/tests/users/02-grants-84.txt b/e2e-tests/tests/users/02-grants-84.txt new file mode 100644 index 000000000..94209d805 --- /dev/null +++ b/e2e-tests/tests/users/02-grants-84.txt @@ -0,0 +1,28 @@ +heartbeat: | + GRANT REPLICATION CLIENT ON *.* TO `heartbeat`@`localhost` + GRANT SYSTEM_USER ON *.* TO `heartbeat`@`localhost` + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `sys_operator`.`heartbeat` TO `heartbeat`@`localhost` +monitor: | + GRANT SELECT, RELOAD, PROCESS, SUPER, REPLICATION CLIENT ON *.* TO `monitor`@`%` + GRANT BACKUP_ADMIN,SERVICE_CONNECTION_ADMIN,SYSTEM_USER ON *.* TO `monitor`@`%` + GRANT SELECT ON `performance_schema`.* TO `monitor`@`%` +operator: | + GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `operator`@`%` WITH GRANT OPTION + GRANT ALLOW_NONEXISTENT_DEFINER,APPLICATION_PASSWORD_ADMIN,AUDIT_ABORT_EXEMPT,AUDIT_ADMIN,AUTHENTICATION_POLICY_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,FIREWALL_EXEMPT,FLUSH_OPTIMIZER_COSTS,FLUSH_PRIVILEGES,FLUSH_STATUS,FLUSH_TABLES,FLUSH_USER_RESOURCES,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,INNODB_REDO_LOG_ARCHIVE,INNODB_REDO_LOG_ENABLE,OPTIMIZE_LOCAL_TABLE,PASSWORDLESS_USER_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SENSITIVE_VARIABLES_OBSERVER,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_ANY_DEFINER,SHOW_ROUTINE,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN,TABLE_ENCRYPTION_ADMIN,TELEMETRY_LOG_ADMIN,TRANSACTION_GTID_TAG,XA_RECOVER_ADMIN ON *.* TO `operator`@`%` WITH GRANT OPTION +orchestrator: | + GRANT RELOAD, PROCESS, SUPER, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO `orchestrator`@`%` + GRANT SYSTEM_USER ON *.* TO `orchestrator`@`%` + GRANT SELECT ON `sys_operator`.* TO `orchestrator`@`%` + GRANT SELECT ON `mysql`.`slave_master_info` TO `orchestrator`@`%` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `orchestrator`@`%` +replication: | + GRANT SELECT, RELOAD, SHUTDOWN, PROCESS, FILE, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE USER ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT BACKUP_ADMIN,CLONE_ADMIN,CONNECTION_ADMIN,GROUP_REPLICATION_ADMIN,GROUP_REPLICATION_STREAM,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_APPLIER,REPLICATION_SLAVE_ADMIN,ROLE_ADMIN,SYSTEM_USER,SYSTEM_VARIABLES_ADMIN ON *.* TO `replication`@`%` WITH GRANT OPTION + GRANT INSERT, UPDATE, DELETE ON `mysql`.* TO `replication`@`%` WITH GRANT OPTION + GRANT SELECT ON `performance_schema`.`threads` TO `replication`@`%` +xtrabackup: | + GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO `xtrabackup`@`localhost` + GRANT BACKUP_ADMIN,GROUP_REPLICATION_ADMIN,REPLICATION_SLAVE_ADMIN,SYSTEM_USER ON *.* TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`keyring_component_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`log_status` TO `xtrabackup`@`localhost` + GRANT SELECT ON `performance_schema`.`replication_group_members` TO `xtrabackup`@`localhost` diff --git a/go.mod b/go.mod index 95331a1ca..fca8d66ab 100644 --- a/go.mod +++ b/go.mod @@ -15,6 +15,7 @@ require ( github.com/go-sql-driver/mysql v1.9.2 github.com/gocarina/gocsv v0.0.0-20230616125104-99d496ca653d github.com/google/go-cmp v0.7.0 + github.com/hashicorp/go-version v1.7.0 github.com/minio/minio-go/v7 v7.0.92 github.com/onsi/ginkgo/v2 v2.23.4 github.com/onsi/gomega v1.37.0 diff --git a/go.sum b/go.sum index 69660af87..5b1815bcd 100644 --- a/go.sum +++ b/go.sum @@ -130,6 +130,8 @@ github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDa github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8= github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 h1:5ZPtiqj0JL5oKWmcsq4VMaAW5ukBEgSGXEN89zeH1Jo= github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3/go.mod h1:ndYquD05frm2vACXE1nsccT4oJzjhw2arTS2cpUD1PI= +github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= +github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/iancoleman/orderedmap v0.3.0 h1:5cbR2grmZR/DiVt+VJopEhtVs9YGInGIxAoMJn+Ichc= github.com/iancoleman/orderedmap v0.3.0/go.mod h1:XuLcCUkdL5owUCQeF2Ue9uuw1EptkJDkXXS7VoV7XGE= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= diff --git a/pkg/controller/ps/controller.go b/pkg/controller/ps/controller.go index d792cf4a5..4065d5a47 100644 --- a/pkg/controller/ps/controller.go +++ b/pkg/controller/ps/controller.go @@ -268,6 +268,10 @@ func (r *PerconaServerMySQLReconciler) deleteMySQLPods(ctx context.Context, cr * log.Info("Removing member from GR", "member", pod.Name, "memberState", state) err = mysh.RemoveInstanceWithExec(ctx, cr.InnoDBClusterName(), podUri) if err != nil { + // member already removed from metadata + if strings.Contains(err.Error(), "MYSQLSH 51104") { + continue + } return errors.Wrapf(err, "remove instance %s", pod.Name) } log.Info("Member removed from GR", "member", pod.Name) @@ -928,12 +932,24 @@ func (r *PerconaServerMySQLReconciler) reconcileReplication(ctx context.Context, } func (r *PerconaServerMySQLReconciler) reconcileGroupReplication(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error { - log := logf.FromContext(ctx).WithName("reconcileGroupReplication") - if cr.Spec.MySQL.ClusterType != apiv1alpha1.ClusterTypeGR { return nil } + if err := r.reconcileBootstrapStatus(ctx, cr); err != nil { + return errors.Wrap(err, "reconcile bootstrap status") + } + + if err := r.rescanClusterIfNeeded(ctx, cr); err != nil { + return errors.Wrap(err, "rescan cluster if needed") + } + + return nil +} + +func (r *PerconaServerMySQLReconciler) reconcileBootstrapStatus(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error { + log := logf.FromContext(ctx) + if cr.Status.MySQL.Ready == 0 || cr.Status.MySQL.Ready != cr.Spec.MySQL.Size { log.V(1).Info("Waiting for MySQL pods to be ready") return nil @@ -975,6 +991,52 @@ func (r *PerconaServerMySQLReconciler) reconcileGroupReplication(ctx context.Con return nil } +func (r *PerconaServerMySQLReconciler) rescanClusterIfNeeded(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error { + _, ok := cr.Annotations[string(naming.AnnotationRescanNeeded)] + if !ok { + return nil + } + + log := logf.FromContext(ctx) + + pod, err := getReadyMySQLPod(ctx, r.Client, cr) + if err != nil { + return errors.Wrap(err, "get ready mysql pod") + } + + operatorPass, err := k8s.UserPassword(ctx, r.Client, cr, apiv1alpha1.UserOperator) + if err != nil { + return errors.Wrap(err, "get operator password") + } + + uri := fmt.Sprintf("%s:%s@%s", apiv1alpha1.UserOperator, operatorPass, mysql.PodFQDN(cr, pod)) + + msh, err := mysqlsh.NewWithExec(r.ClientCmd, pod, uri) + if err != nil { + return err + } + + err = k8sretry.OnError(k8sretry.DefaultBackoff, func(err error) bool { return true }, func() error { + if cr.Status.CompareMySQLVersion("8.4") < 0 { + return msh.Rescan80WithExec(ctx, cr.InnoDBClusterName()) + } + + return msh.Rescan84WithExec(ctx, cr.InnoDBClusterName()) + }) + if err != nil { + return errors.Wrap(err, "start rescan") + } + + log.Info("Cluster rescan started", "pod", pod.Name, "cluster", cr.InnoDBClusterName()) + + err = k8s.DeannotateObject(ctx, r.Client, cr, string(naming.AnnotationRescanNeeded)) + if err != nil { + return errors.Wrap(err, "remove rescan-needed annotation") + } + + return nil +} + func (r *PerconaServerMySQLReconciler) cleanupOutdatedServices(ctx context.Context, exposer Exposer, ns string) error { log := logf.FromContext(ctx).WithName("cleanupOutdatedServices") size := int(exposer.Size()) @@ -1421,7 +1483,7 @@ func getReadyMySQLPod(ctx context.Context, cl client.Reader, cr *apiv1alpha1.Per return &pods[i], nil } } - return nil, errors.New("no ready pods") + return nil, ErrNoReadyPods } func getMySQLPod(ctx context.Context, cl client.Reader, cr *apiv1alpha1.PerconaServerMySQL, idx int) (*corev1.Pod, error) { @@ -1446,7 +1508,7 @@ func getReadyOrcPod(ctx context.Context, cl client.Reader, cr *apiv1alpha1.Perco return &pods[i], nil } } - return nil, errors.New("no ready pods") + return nil, ErrNoReadyPods } func getPodIndexFromHostname(hostname string) (int, error) { diff --git a/pkg/controller/ps/crash_recovery.go b/pkg/controller/ps/crash_recovery.go index 90cb07643..2ebf2f0b7 100644 --- a/pkg/controller/ps/crash_recovery.go +++ b/pkg/controller/ps/crash_recovery.go @@ -86,10 +86,10 @@ func (r *PerconaServerMySQLReconciler) reconcileFullClusterCrash(ctx context.Con continue } - log.Info("Attempting to reboot cluster from complete outage") + log.Info("Attempting to reboot cluster from complete outage", "pod", pod.Name) err = mysh.RebootClusterFromCompleteOutageWithExec(ctx, cr.InnoDBClusterName()) if err == nil { - log.Info("Cluster was successfully rebooted") + log.Info("Cluster was successfully rebooted", "pod", pod.Name) r.Recorder.Event(cr, "Normal", "FullClusterCrashRecovered", "Cluster recovered from full cluster crash") err := r.cleanupFullClusterCrashFile(ctx, cr) if err != nil { @@ -99,8 +99,7 @@ func (r *PerconaServerMySQLReconciler) reconcileFullClusterCrash(ctx context.Con } if strings.Contains(err.Error(), "The Cluster is ONLINE") { - log.Info("Tried to reboot the cluster but MySQL says the cluster is already online") - log.Info("Deleting all MySQL pods") + log.Info("Tried to reboot the cluster but MySQL says the cluster is already online. Deleting all MySQL pods.") err := r.Client.DeleteAllOf(ctx, &corev1.Pod{}, &client.DeleteAllOfOptions{ ListOptions: client.ListOptions{ LabelSelector: labels.SelectorFromSet(mysql.MatchLabels(cr)), @@ -113,7 +112,7 @@ func (r *PerconaServerMySQLReconciler) reconcileFullClusterCrash(ctx context.Con break } - log.Error(err, "failed to reboot cluster from complete outage") + log.Error(err, "failed to reboot cluster from complete outage", "pod", pod.Name) } return nil diff --git a/pkg/controller/ps/errors.go b/pkg/controller/ps/errors.go new file mode 100644 index 000000000..e8adc73f0 --- /dev/null +++ b/pkg/controller/ps/errors.go @@ -0,0 +1,7 @@ +package ps + +import "github.com/pkg/errors" + +var ( + ErrNoReadyPods = errors.New("no ready pods") +) diff --git a/pkg/controller/ps/status.go b/pkg/controller/ps/status.go index df1599a73..9afeaab37 100644 --- a/pkg/controller/ps/status.go +++ b/pkg/controller/ps/status.go @@ -24,6 +24,8 @@ import ( "github.com/percona/percona-server-mysql-operator/pkg/innodbcluster" "github.com/percona/percona-server-mysql-operator/pkg/k8s" "github.com/percona/percona-server-mysql-operator/pkg/mysql" + "github.com/percona/percona-server-mysql-operator/pkg/mysqlsh" + "github.com/percona/percona-server-mysql-operator/pkg/naming" "github.com/percona/percona-server-mysql-operator/pkg/orchestrator" "github.com/percona/percona-server-mysql-operator/pkg/router" ) @@ -250,26 +252,62 @@ func (r *PerconaServerMySQLReconciler) isGRReady(ctx context.Context, cr *apiv1a return false, nil } - members, err := db.GetGroupReplicationMembers(ctx) + uri := fmt.Sprintf("%s:%s@%s", apiv1alpha1.UserOperator, operatorPass, mysql.PodFQDN(cr, pod)) + + msh, err := mysqlsh.NewWithExec(r.ClientCmd, pod, uri) if err != nil { return false, err } - onlineMembers := 0 - for _, member := range members { + status, err := msh.ClusterStatusWithExec(ctx, cr.InnoDBClusterName()) + if err != nil { + return false, errors.Wrapf(err, "check cluster status from %s", pod.Name) + } + + rescanNeeded := false + var onlineMembers int32 + for _, member := range status.DefaultReplicaSet.Topology { + for _, instErr := range member.InstanceErrors { + log.WithName(member.Address).Info(instErr) + if strings.Contains(instErr, "rescan") { + log.Info("Cluster rescan is needed") + rescanNeeded = true + } + } + if member.MemberState != innodbcluster.MemberStateOnline { log.WithName(member.Address).Info("Member is not ONLINE", "state", member.MemberState) - return false, nil + continue } + onlineMembers++ } - if onlineMembers < int(cr.Spec.MySQL.Size) { - log.V(1).Info("Not enough ONLINE members", "onlineMembers", onlineMembers, "size", cr.Spec.MySQL.Size) + if rescanNeeded { + err := k8s.AnnotateObject(ctx, r.Client, cr, map[string]string{ + string(naming.AnnotationRescanNeeded): "true", + }) + if err != nil { + return false, errors.Wrap(err, "add rescan-needed annotation") + } + } + + if onlineMembers < cr.Spec.MySQL.Size { + log.Info("Not all members are online", "online", onlineMembers, "size", cr.Spec.MySQL.Size) + return false, nil + } + + switch status.DefaultReplicaSet.Status { + case innodbcluster.ClusterStatusOK, + innodbcluster.ClusterStatusOKPartial, + innodbcluster.ClusterStatusOKNoTolerance, + innodbcluster.ClusterStatusOKNoTolerancePartial: + default: + log.Info("Cluster status is not OK", "status", status.DefaultReplicaSet.Status) return false, nil } - log.V(1).Info("GR is ready") + log.V(1).Info("Group replication is ready", "primary", status.DefaultReplicaSet.Primary, "status", status.DefaultReplicaSet.Status) return true, nil } diff --git a/pkg/controller/ps/status_test.go b/pkg/controller/ps/status_test.go index 0869e450e..55053244e 100644 --- a/pkg/controller/ps/status_test.go +++ b/pkg/controller/ps/status_test.go @@ -434,12 +434,13 @@ func TestReconcileStatusHAProxyGR(t *testing.T) { } tests := []struct { - name string - cr *apiv1alpha1.PerconaServerMySQL - objects []client.Object - expected apiv1alpha1.PerconaServerMySQLStatus - mysqlMemberStates []innodbcluster.MemberState - noMetadataDB bool + name string + cr *apiv1alpha1.PerconaServerMySQL + objects []client.Object + expected apiv1alpha1.PerconaServerMySQLStatus + innodbClusterState innodbcluster.ClusterStatus + mysqlMemberStates []innodbcluster.MemberState + noMetadataDB bool }{ { name: "without pods", @@ -503,6 +504,7 @@ func TestReconcileStatusHAProxyGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOK, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOnline, innodbcluster.MemberStateOnline, @@ -543,6 +545,7 @@ func TestReconcileStatusHAProxyGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOK, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOnline, innodbcluster.MemberStateOnline, @@ -584,6 +587,7 @@ func TestReconcileStatusHAProxyGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOffline, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOffline, innodbcluster.MemberStateOffline, @@ -624,6 +628,7 @@ func TestReconcileStatusHAProxyGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOKPartial, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOnline, innodbcluster.MemberStateOnline, @@ -635,7 +640,7 @@ func TestReconcileStatusHAProxyGR(t *testing.T) { t.Run(tt.name, func(t *testing.T) { cr := tt.cr.DeepCopy() cb := fake.NewClientBuilder().WithScheme(scheme).WithObjects(cr).WithStatusSubresource(cr).WithObjects(tt.objects...).WithStatusSubresource(tt.objects...) - cliCmd, err := getFakeClient(cr, tt.mysqlMemberStates, tt.noMetadataDB) + cliCmd, err := getFakeClient(cr, tt.innodbClusterState, tt.mysqlMemberStates, tt.noMetadataDB) if err != nil { t.Fatal(err) } @@ -698,12 +703,13 @@ func TestReconcileStatusRouterGR(t *testing.T) { } tests := []struct { - name string - cr *apiv1alpha1.PerconaServerMySQL - objects []client.Object - expected apiv1alpha1.PerconaServerMySQLStatus - mysqlMemberStates []innodbcluster.MemberState - noMetadataDB bool + name string + cr *apiv1alpha1.PerconaServerMySQL + objects []client.Object + expected apiv1alpha1.PerconaServerMySQLStatus + innodbClusterState innodbcluster.ClusterStatus + mysqlMemberStates []innodbcluster.MemberState + noMetadataDB bool }{ { name: "without pods", @@ -767,6 +773,7 @@ func TestReconcileStatusRouterGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOK, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOnline, innodbcluster.MemberStateOnline, @@ -807,6 +814,7 @@ func TestReconcileStatusRouterGR(t *testing.T) { }, Host: cr.Name + "-router." + cr.Namespace, }, + innodbClusterState: innodbcluster.ClusterStatusOK, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOnline, innodbcluster.MemberStateOnline, @@ -848,6 +856,7 @@ func TestReconcileStatusRouterGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOffline, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOffline, innodbcluster.MemberStateOffline, @@ -888,6 +897,7 @@ func TestReconcileStatusRouterGR(t *testing.T) { }, }, }, + innodbClusterState: innodbcluster.ClusterStatusOKPartial, mysqlMemberStates: []innodbcluster.MemberState{ innodbcluster.MemberStateOnline, innodbcluster.MemberStateOnline, @@ -899,7 +909,7 @@ func TestReconcileStatusRouterGR(t *testing.T) { t.Run(tt.name, func(t *testing.T) { cr := tt.cr.DeepCopy() cb := fake.NewClientBuilder().WithScheme(scheme).WithObjects(cr).WithStatusSubresource(cr).WithObjects(tt.objects...).WithStatusSubresource(tt.objects...) - cliCmd, err := getFakeClient(cr, tt.mysqlMemberStates, tt.noMetadataDB) + cliCmd, err := getFakeClient(cr, tt.innodbClusterState, tt.mysqlMemberStates, tt.noMetadataDB) if err != nil { t.Fatal(err) } @@ -1064,7 +1074,12 @@ type fakeClientScript struct { // getFakeClient returns a fake clientcmd.Client object with the array of fakeClientScript objects. // This array is constructed to cover every possible client call in the reconcileCRStatus function. -func getFakeClient(cr *apiv1alpha1.PerconaServerMySQL, mysqlMemberStates []innodbcluster.MemberState, noMetadataDB bool) (clientcmd.Client, error) { +func getFakeClient( + cr *apiv1alpha1.PerconaServerMySQL, + innodbClusterStatus innodbcluster.ClusterStatus, + mysqlMemberStates []innodbcluster.MemberState, + noMetadataDB bool, +) (clientcmd.Client, error) { queryScript := func(query string, out any) fakeClientScript { buf := new(bytes.Buffer) w := csv.NewWriter(buf) @@ -1080,12 +1095,30 @@ func getFakeClient(cr *apiv1alpha1.PerconaServerMySQL, mysqlMemberStates []innod "--database", "performance_schema", "-ptest", - "-u", - "operator", - "-h", - host, - "-e", - query, + "-u", "operator", + "-h", host, + "-e", query, + }, + stdout: buf.Bytes(), + } + } + + mysqlshClusterStatus := func(out innodbcluster.Status) fakeClientScript { + buf := new(bytes.Buffer) + + if err := json.NewEncoder(buf).Encode(out); err != nil { + panic(err) + } + + host := fmt.Sprintf("%s.%s.%s", mysql.PodName(cr, 0), mysql.ServiceName(cr), cr.Namespace) + + return fakeClientScript{ + cmd: []string{ + "mysqlsh", + "--result-format", "json", + "--js", + "--uri", fmt.Sprintf("operator:test@%s", host), + "--cluster", "--", "cluster", "status", }, stdout: buf.Bytes(), } @@ -1109,20 +1142,24 @@ func getFakeClient(cr *apiv1alpha1.PerconaServerMySQL, mysqlMemberStates []innod } scripts = append(scripts, s) - // GetGroupReplicationMembers if !noMetadataDB { - type member struct { - Member string `csv:"member"` - State string `csv:"state"` + status := innodbcluster.Status{ + ClusterName: cr.Name, + DefaultReplicaSet: innodbcluster.ReplicaSetStatus{ + Status: innodbClusterStatus, + Topology: map[string]innodbcluster.Member{}, + }, } - var members []*member - for _, state := range mysqlMemberStates { - members = append(members, &member{ - Member: cr.Name + "-mysql-0." + cr.Namespace, - State: string(state), - }) + + for i, state := range mysqlMemberStates { + host := fmt.Sprintf("%s-mysql-%d.%s", cr.Name, i, cr.Namespace) + status.DefaultReplicaSet.Topology[host] = innodbcluster.Member{ + Address: host, + MemberState: state, + } } - scripts = append(scripts, queryScript("SELECT MEMBER_HOST as member, MEMBER_STATE as state FROM replication_group_members", members)) + + scripts = append(scripts, mysqlshClusterStatus(status)) } scripts = append(scripts, fakeClientScript{ diff --git a/pkg/controller/ps/version.go b/pkg/controller/ps/version.go index 9cc6db9fd..53b3ea849 100644 --- a/pkg/controller/ps/version.go +++ b/pkg/controller/ps/version.go @@ -1,17 +1,88 @@ package ps import ( + "bytes" "context" "os" + "regexp" + v "github.com/hashicorp/go-version" "github.com/pkg/errors" "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" apiv1alpha1 "github.com/percona/percona-server-mysql-operator/api/v1alpha1" + "github.com/percona/percona-server-mysql-operator/pkg/k8s" + "github.com/percona/percona-server-mysql-operator/pkg/mysql" vs "github.com/percona/percona-server-mysql-operator/pkg/version/service" ) +func (r *PerconaServerMySQLReconciler) reconcileVersions(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error { + if err := r.reconcileMySQLVersion(ctx, cr); err != nil { + return errors.Wrap(err, "reconcile mysql version") + } + + if err := r.upgradeVersions(ctx, cr); err != nil { + return errors.Wrap(err, "upgrade versions") + } + + return nil +} + +func (r *PerconaServerMySQLReconciler) reconcileMySQLVersion( + ctx context.Context, + cr *apiv1alpha1.PerconaServerMySQL, +) error { + log := logf.FromContext(ctx) + + pod, err := getReadyMySQLPod(ctx, r.Client, cr) + if err != nil { + if errors.Is(err, ErrNoReadyPods) { + return nil + } + return errors.Wrap(err, "get ready mysql pod") + } + + imageId, err := k8s.GetImageIDFromPod(pod, mysql.ComponentName) + if err != nil { + return errors.Wrapf(err, "get MySQL image id from %s", pod.Name) + } + + if len(cr.Status.MySQL.Version) > 0 && cr.Status.MySQL.ImageID == imageId { + return nil + } + + re, err := regexp.Compile(`Ver (\d+\.\d+\.\d+(?:-\d+)?)`) + if err != nil { + return err + } + + var stdoutb, stderrb bytes.Buffer + + err = r.ClientCmd.Exec(ctx, pod, mysql.ComponentName, []string{"mysqld", "--version"}, nil, &stdoutb, &stderrb, false) + if err != nil { + return errors.Wrapf(err, "run mysqld --version (stdout: %s, stderr: %s)", stdoutb.String(), stderrb.String()) + } + + f := re.FindSubmatch(stdoutb.Bytes()) + if len(f) < 1 { + return errors.Errorf( + "couldn't extract version information from mysqld --version (stdout: %s, stderr: %s)", + stdoutb.String(), stderrb.String()) + } + + version, err := v.NewVersion(string(f[1])) + if err != nil { + return errors.Wrap(err, "parse version") + } + + cr.Status.MySQL.ImageID = imageId + cr.Status.MySQL.Version = version.String() + log.V(1).Info("MySQL Server Version: " + cr.Status.MySQL.Version) + + return nil +} + func telemetryEnabled() bool { value, ok := os.LookupEnv("DISABLE_TELEMETRY") if ok { @@ -26,7 +97,7 @@ func versionUpgradeEnabled(cr *apiv1alpha1.PerconaServerMySQL) bool { cr.Spec.UpgradeOptions.Apply != apiv1alpha1.UpgradeStrategyNever } -func (r *PerconaServerMySQLReconciler) reconcileVersions(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error { +func (r *PerconaServerMySQLReconciler) upgradeVersions(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error { if !(versionUpgradeEnabled(cr) || telemetryEnabled()) { return nil } diff --git a/pkg/k8s/utils.go b/pkg/k8s/utils.go index 12948a6d0..44defe8c2 100644 --- a/pkg/k8s/utils.go +++ b/pkg/k8s/utils.go @@ -8,6 +8,7 @@ import ( "fmt" "os" "reflect" + "slices" "strings" cm "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" @@ -79,6 +80,52 @@ func AddAnnotation(obj client.Object, key, value string) { obj.SetAnnotations(annotations) } +// AnnotateObject adds the specified annotations to the object +func AnnotateObject(ctx context.Context, c client.Client, obj client.Object, annotations map[string]string) error { + o := obj.DeepCopyObject().(client.Object) + + err := c.Get(ctx, client.ObjectKeyFromObject(obj), o) + if err != nil { + return err + } + + orig := o.DeepCopyObject().(client.Object) + + a := o.GetAnnotations() + if a == nil { + a = make(map[string]string) + } + + for k, v := range annotations { + a[k] = v + } + o.SetAnnotations(a) + + return c.Patch(ctx, o, client.MergeFrom(orig)) +} + +// DeannotateObject removes the specified annotation from the object +func DeannotateObject(ctx context.Context, c client.Client, obj client.Object, annotation string) error { + o := obj.DeepCopyObject().(client.Object) + + err := c.Get(ctx, client.ObjectKeyFromObject(obj), o) + if err != nil { + return err + } + + orig := o.DeepCopyObject().(client.Object) + + a := o.GetAnnotations() + if a == nil { + a = make(map[string]string) + } + + delete(a, annotation) + o.SetAnnotations(a) + + return c.Patch(ctx, o, client.MergeFrom(orig)) +} + func IsPodWithNameReady(ctx context.Context, cl client.Client, nn types.NamespacedName) (bool, error) { pod := &corev1.Pod{} @@ -449,3 +496,15 @@ func DeleteSecrets(ctx context.Context, cl client.Client, cr *apiv1alpha1.Percon return nil } + +func GetImageIDFromPod(pod *corev1.Pod, containerName string) (string, error) { + idx := slices.IndexFunc(pod.Status.ContainerStatuses, func(s corev1.ContainerStatus) bool { + return s.Name == containerName + }) + + if idx == -1 { + return "", errors.Errorf("%s not found in pod", containerName) + } + + return pod.Status.ContainerStatuses[idx].ImageID, nil +} diff --git a/pkg/mysqlsh/mysqlsh.go b/pkg/mysqlsh/mysqlsh.go index a36a7daa2..b2b4ae103 100644 --- a/pkg/mysqlsh/mysqlsh.go +++ b/pkg/mysqlsh/mysqlsh.go @@ -31,7 +31,7 @@ func New(e k8sexec.Interface, uri string) *mysqlsh { func (m *mysqlsh) run(ctx context.Context, cmd string) error { var errb, outb bytes.Buffer - args := []string{"--no-wizard", "--uri", m.uri, "-e", cmd} + args := []string{"--no-wizard", "--js", "--uri", m.uri, "-e", cmd} c := m.exec.CommandContext(ctx, "mysqlsh", args...) c.SetStdout(&outb) @@ -129,7 +129,7 @@ func (m *mysqlsh) DoesClusterExist(ctx context.Context, clusterName string) bool func (m *mysqlsh) ClusterStatus(ctx context.Context, clusterName string) (innodbcluster.Status, error) { var errb, outb bytes.Buffer - args := []string{"--result-format", "json", "--uri", m.uri, "--cluster", "--", "cluster", "status"} + args := []string{"--result-format", "json", "--js", "--uri", m.uri, "-e", "dba.getCluster().status()"} c := m.exec.CommandContext(ctx, "mysqlsh", args...) c.SetStdout(&outb) diff --git a/pkg/mysqlsh/mysqlshexec.go b/pkg/mysqlsh/mysqlshexec.go index 18a0cb193..7fe500990 100644 --- a/pkg/mysqlsh/mysqlshexec.go +++ b/pkg/mysqlsh/mysqlshexec.go @@ -28,7 +28,7 @@ func NewWithExec(cliCmd clientcmd.Client, pod *corev1.Pod, uri string) (*mysqlsh func (m *mysqlshExec) runWithExec(ctx context.Context, cmd string) error { var errb, outb bytes.Buffer - c := []string{"mysqlsh", "--no-wizard", "--uri", m.uri, "-e", cmd} + c := []string{"mysqlsh", "--js", "--no-wizard", "--uri", m.uri, "-e", cmd} err := m.client.Exec(ctx, m.pod, "mysql", c, nil, &outb, &errb, false) if err != nil { sout := sensitiveRegexp.ReplaceAllString(outb.String(), ":*****@") @@ -40,7 +40,7 @@ func (m *mysqlshExec) runWithExec(ctx context.Context, cmd string) error { } func (m *mysqlshExec) RemoveInstanceWithExec(ctx context.Context, clusterName, instance string) error { - cmd := fmt.Sprintf("dba.getCluster('%s').removeInstance('%s', {'interactive': false, 'force': true})", clusterName, instance) + cmd := fmt.Sprintf("dba.getCluster('%s').removeInstance('%s', {'force': true})", clusterName, instance) if err := m.runWithExec(ctx, cmd); err != nil { return errors.Wrap(err, "remove instance") @@ -67,7 +67,7 @@ func (m *mysqlshExec) ClusterStatusWithExec(ctx context.Context, clusterName str stdoutBuffer := bytes.Buffer{} stderrBuffer := bytes.Buffer{} - c := []string{"mysqlsh", "--result-format", "json", "--uri", m.uri, "--cluster", "--", "cluster", "status"} + c := []string{"mysqlsh", "--result-format", "json", "--js", "--uri", m.uri, "--cluster", "--", "cluster", "status"} err := m.client.Exec(ctx, m.pod, "mysql", c, nil, &stdoutBuffer, &stderrBuffer, false) if err != nil { @@ -102,3 +102,29 @@ func (m *mysqlshExec) SetPrimaryInstanceWithExec(ctx context.Context, clusterNam return nil } + +func (m *mysqlshExec) Rescan80WithExec(ctx context.Context, clusterName string) error { + cmd := fmt.Sprintf( + "dba.getCluster('%s').rescan({'addInstances': 'auto', 'removeInstances': 'auto', 'repairMetadata': true})", + clusterName, + ) + + if err := m.runWithExec(ctx, cmd); err != nil { + return errors.Wrap(err, "8.0: rescan cluster") + } + + return nil +} + +func (m *mysqlshExec) Rescan84WithExec(ctx context.Context, clusterName string) error { + cmd := fmt.Sprintf( + "dba.getCluster('%s').rescan({'addUnmanaged': true, 'removeObsolete': true, 'repairMetadata': true})", + clusterName, + ) + + if err := m.runWithExec(ctx, cmd); err != nil { + return errors.Wrap(err, "8.4: rescan cluster") + } + + return nil +} diff --git a/pkg/naming/naming.go b/pkg/naming/naming.go index 0e7d3c1f2..997b92f5f 100644 --- a/pkg/naming/naming.go +++ b/pkg/naming/naming.go @@ -50,6 +50,7 @@ const ( AnnotationTLSHash AnnotationKey = perconaPrefix + "last-applied-tls" AnnotationPasswordsUpdated AnnotationKey = perconaPrefix + "passwords-updated" AnnotationLastConfigHash AnnotationKey = perconaPrefix + "last-config-hash" + AnnotationRescanNeeded AnnotationKey = perconaPrefix + "rescan-needed" ) // Labels returns a minimal set of labels.