diff --git a/charts/pxc-db/Chart.yaml b/charts/pxc-db/Chart.yaml index d8b1f197..40cc7196 100644 --- a/charts/pxc-db/Chart.yaml +++ b/charts/pxc-db/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.14.0 +appVersion: 1.15.0 description: A Helm chart for installing Percona XtraDB Cluster Databases using the PXC Operator. name: pxc-db home: https://www.percona.com/doc/kubernetes-operator-for-pxc/kubernetes.html -version: 1.14.4 +version: 1.15.0 maintainers: - name: tplavcic email: tomislav.plavcic@percona.com diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 20adfc27..0bab16d0 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -8,7 +8,7 @@ Useful links ## Pre-requisites * [Percona Operator for MySQL](https://hub.helm.sh/charts/percona/pxc-operator) running in your Kubernetes cluster. See installation details [here](https://github.com/percona/percona-helm-charts/tree/main/charts/pxc-operator) or in the [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-pxc/helm.html). -* Kubernetes 1.24+ +* Kubernetes 1.28+ * Helm v3 @@ -20,270 +20,279 @@ To install the chart with the `pxc` release name using a dedicated namespace (re ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-db percona/pxc-db --version 1.14.0 --namespace my-namespace +helm install my-db percona/pxc-db --version 1.15.0 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: -| Parameter | Description | Default | -| ------------------------------- | ------------------------------------------------------------------------------|--------------------------------------------------------------------------| -| `crVersion` | Version of the Operator the Custom Resource belongs to | `1.14.0` | -| `ignoreAnnotations` | Operator will not remove following annotations | `[]` | -| `ignoreLabels` | Operator will not remove following labels | `[]` | -| `pause` | Stop PXC Database safely | `false` | -| `allowUnsafeConfigurations` | Allows forbidden configurations like even number of PXC cluster pods | `false` | -| `enableCRValidationWebhook` | Enables or disables schema validation before applying custom resource | `false` | -| `initContainer.image` | An alternative image for the initial Operator installation | `""` | -| `initContainer.resources.requests` | Init container resource requests | `{}` | -| `initContainer.resources.limits` | Init container resource limits | `{}` | -| `updateStrategy` | Regulates the way how PXC Cluster Pods will be updated after setting a new image | `SmartUpdate` | -| `upgradeOptions.versionServiceEndpoint` | Endpoint for actual PXC Versions provider | `https://check.percona.com/versions` | -| `upgradeOptions.apply` | PXC image to apply from version service - `recommended`, `latest`, actual version like `8.0.19-10.1` | `disabled` | -| `upgradeOptions.schedule` | Cron formatted time to execute the update | `"0 4 * * *"` | -| `finalizers:delete-pxc-pods-in-order` | Set this if you want to delete PXC pods in order on cluster deletion | [] | -| `finalizers:delete-proxysql-pvc` | Set this if you want to delete proxysql persistent volumes on cluster deletion | [] | -| `finalizers:delete-pxc-pvc` | Set this if you want to delete database persistent volumes on cluster deletion | [] | -| `finalizers:delete-ssl` | Deletes objects created for SSL (Secret, certificate, and issuer) after the cluster deletion | [] | -| `annotations` | PerconaXtraDBCluster custom resource annotations | {} | -| `tls.SANs` | Additional domains (SAN) to be added to the TLS certificate within the extended cert-manager configuration | `[]` | -| `tls.issuerConf.name` | A cert-manager issuer name | `""` | -| `tls.issuerConf.kind` | A cert-manager issuer type | `""` | -| `tls.issuerConf.group` | A cert-manager issuer group | `""` | -| `pxc.size` | PXC Cluster target member (pod) quantity. Can't even if `allowUnsafeConfigurations` is `true` | `3` | -| `pxc.clusterSecretName` | Specify if you want to use custom or Operator generated users secret (if the one specified doesn't exist) | `` | -| `pxc.image.repository` | PXC Container image repository | `percona/percona-xtradb-cluster` | -| `pxc.image.tag` | PXC Container image tag | `8.0.36-28.1` | -| `pxc.imagePullPolicy` | The policy used to update images | `` | -| `pxc.autoRecovery` | Enable full cluster crash auto recovery | `true` | -| `pxc.expose.enabled` | Enable or disable exposing `Percona XtraDB Cluster` nodes with dedicated IP addresses | `true` | -| `pxc.expose.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | -| `pxc.expose.externalTrafficPolicy` | Specifies whether Service for Percona XtraDB Cluster should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `"" | -| `pxc.expose.internalTrafficPolicy` | Specifies whether Service for Percona XtraDB Cluster should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | -| `pxc.expose.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | -| `pxc.expose.loadBalancerIP` | The static IP-address for the load balancer | `""` | -| `pxc.expose.annotations` | The Kubernetes annotations for exposed service | `{}` | -| `pxc.expose.labels` | The Kubernetes labels for exposed service | `{}` | -| `pxc.replicationChannels.name` | Name of the replication channel for cross-site replication | `pxc1_to_pxc2` | -| `pxc.replicationChannels.isSource` | Should the cluster act as Source (true) or Replica (false) in cross-site replication | `false` | -| `pxc.replicationChannels.sourcesList.host` | For the cross-site replication Replica cluster, this key should contain the hostname or IP address of the Source cluster | `10.95.251.101` | -| `pxc.replicationChannels.sourcesList.port` | For the cross-site replication Replica cluster, this key should contain the Source port number | `3306` | -| `pxc.replicationChannels.sourcesList.weight`| For the cross-site replication Replica cluster, this key should contain the Source cluster weight | `100` | -| `pxc.imagePullSecrets` | PXC Container pull secret | `[]` | -| `pxc.annotations` | PXC Pod user-defined annotations | `{}` | -| `pxc.priorityClassName` | PXC Pod priority Class defined by user | | -| `pxc.runtimeClassName` | Name of the Kubernetes Runtime Class for PXC Pods | | -| `pxc.labels` | PXC Pod user-defined labels | `{}` | -| `pxc.schedulerName` | The Kubernetes Scheduler | | -| `pxc.readinessDelaySec` | PXC Pod delay for readiness probe in seconds | `15` | -| `pxc.livenessDelaySec` | PXC Pod delay for liveness probe in seconds | `300` | -| `pxc.configuration` | User defined MySQL options according to MySQL configuration file syntax | `` | -| `pxc.envVarsSecret` | A secret with environment variables | `` | -| `pxc.resources.requests` | PXC Pods resource requests | `{"memory": "1G", "cpu": "600m"}` | -| `pxc.resources.limits` | PXC Pods resource limits | `{}` | -| `pxc.sidecars` | PXC Pods sidecars | `[]` | -| `pxc.sidecarVolumes` | PXC Pods sidecarVolumes | `[]` | -| `pxc.sidecarPVCs` | PXC Pods sidecar PVCs | `[]` | -| `pxc.sidecarResources.requests` | PXC sidecar resource requests | `{}` | -| `pxc.sidecarResources.limits` | PXC sidecar resource limits | `{}` | -| `pxc.nodeSelector` | PXC Pods key-value pairs setting for K8S node assingment | `{}` | -| `pxc.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | -| `pxc.affinity.antiAffinityTopologyKey` | PXC Pods simple scheduling restriction on/off for host, zone, region | `"kubernetes.io/hostname"` | -| `pxc.affinity.advanced` | PXC Pods advanced scheduling restriction with match expression engine | `{}` | -| `pxc.tolerations` | List of node taints to tolerate for PXC Pods | `[]` | -| `pxc.gracePeriod` | Allowed time for graceful shutdown | `600` | -| `pxc.lifecycle.preStop.exec.command` | Command for the [preStop lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for Percona XtraDB Cluster Pods | `""` | -| `pxc.lifecycle.postStart.exec.command` | Command for the [postStart lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for Percona XtraDB Cluster Pods | `600` | -| `pxc.podDisruptionBudget.maxUnavailable` | Instruct Kubernetes about the failed pods allowed quantity | `1` | -| `pxc.persistence.enabled` | Requests a persistent storage (`hostPath` or `storageClass`) from K8S for PXC Pods datadir | `true` | -| `pxc.persistence.hostPath` | Sets datadir path on K8S node for all PXC Pods. Available only when `pxc.persistence.enabled: true` | | -| `pxc.persistence.storageClass` | Sets K8S storageClass name for all PXC Pods PVC. Available only when `pxc.persistence.enabled: true` | `-` | -| `pxc.persistence.accessMode` | Sets K8S persistent storage access policy for all PXC Pods | `ReadWriteOnce` | -| `pxc.persistence.size` | Sets K8S persistent storage size for all PXC Pods | `8Gi` | -| `pxc.disableTLS` | Disable PXC Pod communication with TLS | `false` | -| `pxc.certManager` | Enable this option if you want the operator to request certificates from `cert-manager` | `false` | -| `pxc.readinessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `5` | -| `pxc.readinessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `15` | -| `pxc.readinessProbes.periodSeconds` | How often (in seconds) to perform the probe | `30` | -| `pxc.readinessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | -| `pxc.readinessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `15` | -| `pxc.livenessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `3` | -| `pxc.livenessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `300` | -| `pxc.livenessProbes.periodSeconds` | How often (in seconds) to perform the probe | `10` | -| `pxc.livenessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | -| `pxc.livenessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `5` | -| `pxc.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | -| `pxc.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | +| Parameter | Description | Default | +| ------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ------------------------------------ | +| `crVersion` | Version of the Operator the Custom Resource belongs to | `1.15.0` | +| `ignoreAnnotations` | Operator will not remove following annotations | `[]` | +| `ignoreLabels` | Operator will not remove following labels | `[]` | +| `pause` | Stop PXC Database safely | `false` | +| `unsafeFlags.tls` | Allows users to configure a cluster without TLS/SSL certificates | `false` | +| `unsafeFlags.pxcSize` | Allows users to configure a cluster with less than 3 Percona XtraDB Cluster instances | `false` | +| `unsafeFlags.proxySize` | Allows users to configure a cluster with less than 2 ProxySQL or HAProxy Pods | `false` | +| `unsafeFlags.backupIfUnhealthy` | Allows running a backup even if the cluster status is not `ready` | `false` | +| `enableCRValidationWebhook` | Enables or disables schema validation before applying custom resource | `false` | +| `initContainer.image` | An alternative image for the initial Operator installation | `""` | +| `initContainer.resources.requests` | Init container resource requests | `{}` | +| `initContainer.resources.limits` | Init container resource limits | `{}` | +| `updateStrategy` | Regulates the way how PXC Cluster Pods will be updated after setting a new image | `SmartUpdate` | +| `upgradeOptions.versionServiceEndpoint` | Endpoint for actual PXC Versions provider | `https://check.percona.com/versions` | +| `upgradeOptions.apply` | PXC image to apply from version service - `recommended`, `latest`, actual version like `8.0.19-10.1` | `disabled` | +| `upgradeOptions.schedule` | Cron formatted time to execute the update | `"0 4 * * *"` | +| `finalizers:percona.com/delete-pxc-pods-in-order` | Set this if you want to delete PXC pods in order on cluster deletion | [] | +| `finalizers:percona.com/delete-proxysql-pvc` | Set this if you want to delete proxysql persistent volumes on cluster deletion | [] | +| `finalizers:percona.com/delete-pxc-pvc` | Set this if you want to delete database persistent volumes on cluster deletion | [] | +| `finalizers:percona.com/delete-ssl` | Deletes objects created for SSL (Secret, certificate, and issuer) after the cluster deletion | [] | +| `annotations` | PerconaXtraDBCluster custom resource annotations | {} | | | -| `haproxy.enabled` | Use HAProxy as TCP proxy for PXC cluster | `true` | -| `haproxy.size` | HAProxy target pod quantity. Can't even if `allowUnsafeConfigurations` is `true` | `3` | -| `haproxy.image` | HAProxy Container image repository | `percona/percona-xtradb-cluster-operator:1.14.0-haproxy` | -| `haproxy.imagePullPolicy` | The policy used to update images | `` | -| `haproxy.imagePullSecrets` | HAProxy Container pull secret | `[]` | -| `haproxy.configuration` | User defined HAProxy options according to HAProxy configuration file syntax | `` | -| `haproxy.priorityClassName` | HAProxy Pod priority Class defined by user | | -| `haproxy.runtimeClassName` | Name of the Kubernetes Runtime Class for HAProxy Pods | | -| `haproxy.exposePrimary.enabled` | Enable or disable exposing `HAProxy` nodes with dedicated IP addresses | `true` | -| `haproxy.exposePrimary.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | -| `haproxy.exposePrimary.externalTrafficPolicy` | Specifies whether Service for HAProxy primary should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `"" | -| `haproxy.exposePrimary.internalTrafficPolicy` | Specifies whether Service for HAProxy primary should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | -| `haproxy.exposePrimary.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | -| `haproxy.exposePrimary.loadBalancerIP` | The static IP-address for the load balancer | `""` | -| `haproxy.exposePrimary.annotations` | The Kubernetes annotations for exposed service | `{}` | -| `haproxy.exposePrimary.labels` | The Kubernetes labels for exposed service | `{}` | -| `haproxy.exposeReplicas.enabled` | Enable or disable exposing `HAProxy` primary service with dedicated IP addresses | `true` | -| `haproxy.exposeReplicas.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | -| `haproxy.exposeReplicas.externalTrafficPolicy` | Specifies whether Service for HAProxy replicas should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `"" | -| `haproxy.exposeReplicas.internalTrafficPolicy` | Specifies whether Service for HAProxy replicas should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | -| `haproxy.exposeReplicas.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | -| `haproxy.exposeReplicas.loadBalancerIP` | The static IP-address for the load balancer | `""` | -| `haproxy.exposeReplicas.annotations` | The Kubernetes annotations for exposed service | `{}` | -| `haproxy.exposeReplicas.labels` | The Kubernetes labels for exposed service | `{}` | -| `haproxy.annotations` | HAProxy Pod user-defined annotations | `{}` | -| `haproxy.labels` | HAProxy Pod user-defined labels | `{}` | -| `haproxy.schedulerName` | The Kubernetes Scheduler | | -| `haproxy.readinessDelaySec` | HAProxy Pod delay for readiness probe in seconds | `15` | -| `haproxy.livenessDelaySec` | HAProxy Pod delay for liveness probe in seconds | `300` | -| `haproxy.envVarsSecret` | A secret with environment variables | `` | -| `haproxy.resources.requests` | HAProxy Pods resource requests | `{"memory": "1G", "cpu": "600m"}` | -| `haproxy.resources.limits` | HAProxy Pods resource limits | `{}` | -| `haproxy.sidecars` | HAProxy Pods sidecars | `[]` | -| `haproxy.sidecarVolumes` | HAProxy Pods sidecarVolumes | `[]` | -| `haproxy.sidecarPVCs` | HAProxy Pods sidecar PVCs | `[]` | -| `haproxy.sidecarResources.requests` | HAProxy sidecar resource requests | `{}` | -| `haproxy.sidecarResources.limits` | HAProxy sidecar resource limits | `{}` | -| `haproxy.nodeSelector` | HAProxy Pods key-value pairs setting for K8S node assingment | `{}` | -| `haproxy.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | -| `haproxy.affinity.antiAffinityTopologyKey` | HAProxy Pods simple scheduling restriction on/off for host, zone, region | `"kubernetes.io/hostname"` | -| `haproxy.affinity.advanced` | HAProxy Pods advanced scheduling restriction with match expression engine | `{}` | -| `haproxy.tolerations` | List of node taints to tolerate for HAProxy Pods | `[]` | -| `haproxy.gracePeriod` | Allowed time for graceful shutdown | `600` | -| `haproxy.lifecycle.preStop.exec.command` | Command for the [preStop lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for HAProxy Pods | `""` | -| `haproxy.lifecycle.postStart.exec.command` | Command for the [postStart lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for HAProxy Pods | `600` | -| `haproxy.podDisruptionBudget.maxUnavailable` | Instruct Kubernetes about the failed pods allowed quantity | `1` | -| `haproxy.readinessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `5` | -| `haproxy.readinessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `15` | -| `haproxy.readinessProbes.periodSeconds` | How often (in seconds) to perform the probe | `30` | -| `haproxy.readinessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | -| `haproxy.readinessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `15` | -| `haproxy.livenessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `3` | -| `haproxy.livenessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `300` | -| `haproxy.livenessProbes.periodSeconds` | How often (in seconds) to perform the probe | `10` | -| `haproxy.livenessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | -| `haproxy.livenessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `5` | -| `haproxy.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | -| `haproxy.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | +| `tls.enabled` | Enable PXC Pod communication with TLS | `true` | +| `tls.SANs` | Additional domains (SAN) to be added to the TLS certificate within the extended cert-manager configuration | `[]` | +| `tls.issuerConf.name` | A cert-manager issuer name | `""` | +| `tls.issuerConf.kind` | A cert-manager issuer type | `""` | +| `tls.issuerConf.group` | A cert-manager issuer group | `""` | | | -| `proxysql.enabled` | Use ProxySQL as TCP proxy for PXC cluster | `false` | -| `proxysql.size` | ProxySQL target pod quantity. Can't even if `allowUnsafeConfigurations` is `true` | `3` | -| `proxysql.image` | ProxySQL Container image | `percona/percona-xtradb-cluster-operator:1.14.0-proxysql2.5.5-1.2` | -| `proxysql.imagePullPolicy` | The policy used to update images | `` | -| `proxysql.imagePullSecrets` | ProxySQL Container pull secret | `[]` | -| `proxysql.configuration` | User defined ProxySQL options according to ProxySQL configuration file syntax | `` | -| `proxysql.priorityClassName` | ProxySQL Pod priority Class defined by user | | -| `proxysql.runtimeClassName` | Name of the Kubernetes Runtime Class for ProxySQL Pods | | -| `proxysql.expose.enabled` | Enable or disable exposing `ProxySQL` nodes with dedicated IP addresses | `true` | -| `proxysql.expose.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | -| `proxysql.expose.externalTrafficPolicy` | Specifies whether Service for ProxySQL nodes should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `"" | -| `proxysql.expose.internalTrafficPolicy` | Specifies whether Service for ProxySQL nodes should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | -| `proxysql.expose.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | -| `proxysql.expose.loadBalancerIP` | The static IP-address for the load balancer | `""` | -| `proxysql.expose.annotations` | The Kubernetes annotations for exposed service | `{}` | -| `proxysql.expose.labels` | The Kubernetes labels for exposed service | `{}` | -| `proxysql.annotations` | ProxySQL Pod user-defined annotations | `{}` | -| `proxysql.labels` | ProxySQL Pod user-defined labels | `{}` | -| `proxysql.schedulerName` | The Kubernetes Scheduler | | -| `proxysql.readinessDelaySec` | ProxySQL Pod delay for readiness probe in seconds | `15` | -| `proxysql.livenessDelaySec` | ProxySQL Pod delay for liveness probe in seconds | `300` | -| `proxysql.envVarsSecret` | A secret with environment variables | `` | -| `proxysql.resources.requests` | ProxySQL Pods resource requests | `{"memory": "1G", "cpu": "600m"}` | -| `proxysql.resources.limits` | ProxySQL Pods resource limits | `{}` | -| `proxysql.sidecars` | ProxySQL Pods sidecars | `[]` | -| `proxysql.sidecarVolumes` | ProxySQL Pods sidecarVolumes | `[]` | -| `proxysql.sidecarPVCs` | ProxySQL Pods sidecar PVCs | `[]` | -| `proxysql.sidecarResources.requests` | ProxySQL sidecar resource requests | `{}` | -| `proxysql.sidecarResources.limits` | ProxySQL sidecar resource limits | `{}` | -| `proxysql.nodeSelector` | ProxySQL Pods key-value pairs setting for K8S node assingment | `{}` | -| `proxysql.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | -| `proxysql.affinity.antiAffinityTopologyKey` | ProxySQL Pods simple scheduling restriction on/off for host, zone, region | `"kubernetes.io/hostname"` | -| `proxysql.affinity.advanced` | ProxySQL Pods advanced scheduling restriction with match expression engine | `{}` | -| `proxysql.tolerations` | List of node taints to tolerate for ProxySQL Pods | `[]` | -| `proxysql.gracePeriod` | Allowed time for graceful shutdown | `600` | -| `proxysql.lifecycle.preStop.exec.command` | Command for the [preStop lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for ProxySQL Pods | `""` | -| `proxysql.lifecycle.postStart.exec.command` | Command for the [postStart lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for ProxySQL Pods | `600` | -| `proxysql.podDisruptionBudget.maxUnavailable` | Instruct Kubernetes about the failed pods allowed quantity | `1` | -| `proxysql.persistence.enabled` | Requests a persistent storage (`hostPath` or `storageClass`) from K8S for ProxySQL Pods | `true` | -| `proxysql.persistence.hostPath` | Sets datadir path on K8S node for all ProxySQL Pods. Available only when `proxysql.persistence.enabled: true` | | -| `proxysql.persistence.storageClass` | Sets K8S storageClass name for all ProxySQL Pods PVC. Available only when `proxysql.persistence.enabled: true` | `-` | -| `proxysql.persistence.accessMode` | Sets K8S persistent storage access policy for all ProxySQL Pods | `ReadWriteOnce` | -| `proxysql.persistence.size` | Sets K8S persistent storage size for all ProxySQL Pods | `8Gi` | -| `proxysql.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | -| `proxysql.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | +| `pxc.size` | PXC Cluster target member (pod) quantity. Can't even if `unsafeFlags.pxcSize` is `true` | `3` | +| `pxc.clusterSecretName` | Specify if you want to use custom or Operator generated users secret (if the one specified doesn't exist) | `` | +| `pxc.image.repository` | PXC Container image repository | `percona/percona-xtradb-cluster` | +| `pxc.image.tag` | PXC Container image tag | `8.0.36-28.1` | +| `pxc.imagePullPolicy` | The policy used to update images | `` | +| `pxc.autoRecovery` | Enable full cluster crash auto recovery | `true` | +| `pxc.expose.enabled` | Enable or disable exposing `Percona XtraDB Cluster` nodes with dedicated IP addresses | `true` | +| `pxc.expose.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | +| `pxc.expose.externalTrafficPolicy` | Specifies whether Service for Percona XtraDB Cluster should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `""` | +| `pxc.expose.internalTrafficPolicy` | Specifies whether Service for Percona XtraDB Cluster should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | +| `pxc.expose.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | +| `pxc.expose.loadBalancerIP` | The static IP-address for the load balancer | `""` | +| `pxc.expose.annotations` | The Kubernetes annotations for exposed service | `{}` | +| `pxc.expose.labels` | The Kubernetes labels for exposed service | `{}` | +| `pxc.replicationChannels.name` | Name of the replication channel for cross-site replication | `pxc1_to_pxc2` | +| `pxc.replicationChannels.isSource` | Should the cluster act as Source (true) or Replica (false) in cross-site replication | `false` | +| `pxc.replicationChannels.sourcesList.host` | For the cross-site replication Replica cluster, this key should contain the hostname or IP address of the Source cluster | `10.95.251.101` | +| `pxc.replicationChannels.sourcesList.port` | For the cross-site replication Replica cluster, this key should contain the Source port number | `3306` | +| `pxc.replicationChannels.sourcesList.weight` | For the cross-site replication Replica cluster, this key should contain the Source cluster weight | `100` | +| `pxc.imagePullSecrets` | PXC Container pull secret | `[]` | +| `pxc.annotations` | PXC Pod user-defined annotations | `{}` | +| `pxc.priorityClassName` | PXC Pod priority Class defined by user | | +| `pxc.runtimeClassName` | Name of the Kubernetes Runtime Class for PXC Pods | | +| `pxc.labels` | PXC Pod user-defined labels | `{}` | +| `pxc.schedulerName` | The Kubernetes Scheduler | | +| `pxc.readinessDelaySec` | PXC Pod delay for readiness probe in seconds | `15` | +| `pxc.livenessDelaySec` | PXC Pod delay for liveness probe in seconds | `300` | +| `pxc.configuration` | User defined MySQL options according to MySQL configuration file syntax | `` | +| `pxc.envVarsSecret` | A secret with environment variables | `` | +| `pxc.resources.requests` | PXC Pods resource requests | `{"memory": "1G", "cpu": "600m"}` | +| `pxc.resources.limits` | PXC Pods resource limits | `{}` | +| `pxc.sidecars` | PXC Pods sidecars | `[]` | +| `pxc.sidecarVolumes` | PXC Pods sidecarVolumes | `[]` | +| `pxc.sidecarPVCs` | PXC Pods sidecar PVCs | `[]` | +| `pxc.sidecarResources.requests` | PXC sidecar resource requests | `{}` | +| `pxc.sidecarResources.limits` | PXC sidecar resource limits | `{}` | +| `pxc.nodeSelector` | PXC Pods key-value pairs setting for K8S node assingment | `{}` | +| `pxc.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | +| `pxc.affinity.antiAffinityTopologyKey` | PXC Pods simple scheduling restriction on/off for host, zone, region | `"kubernetes.io/hostname"` | +| `pxc.affinity.advanced` | PXC Pods advanced scheduling restriction with match expression engine | `{}` | +| `pxc.tolerations` | List of node taints to tolerate for PXC Pods | `[]` | +| `pxc.gracePeriod` | Allowed time for graceful shutdown | `600` | +| `pxc.lifecycle.preStop.exec.command` | Command for the [preStop lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for Percona XtraDB Cluster Pods | `""` | +| `pxc.lifecycle.postStart.exec.command` | Command for the [postStart lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for Percona XtraDB Cluster Pods | `600` | +| `pxc.podDisruptionBudget.maxUnavailable` | Instruct Kubernetes about the failed pods allowed quantity | `1` | +| `pxc.persistence.enabled` | Requests a persistent storage (`hostPath` or `storageClass`) from K8S for PXC Pods datadir | `true` | +| `pxc.persistence.hostPath` | Sets datadir path on K8S node for all PXC Pods. Available only when `pxc.persistence.enabled: true` | | +| `pxc.persistence.storageClass` | Sets K8S storageClass name for all PXC Pods PVC. Available only when `pxc.persistence.enabled: true` | `-` | +| `pxc.persistence.accessMode` | Sets K8S persistent storage access policy for all PXC Pods | `ReadWriteOnce` | +| `pxc.persistence.dataSource.name` | The name of PVC used as a data source to [create the Percona XtraDB Cluster Volumes by cloning :octicons-link-external-16:](https://kubernetes.io/docs/concepts/storage/volume-pvc-datasource/). | `` | +| `pxc.persistence.dataSource.kind` | The [Kubernetes DataSource type :octicons-link-external-16:](https://kubernetes-csi.github.io/docs/volume-datasources.html#supported-datasources). | `` | +| `pxc.persistence.dataSource.apiGroup` | The [Kubernetes API group :octicons-link-external-16:](https://kubernetes.io/docs/reference/using-api/#api-groups) to use for [PVC Data Source :octicons-link-external-16:](https://kubernetes-csi.github.io/docs/volume-datasources.html). | `` | +| `pxc.persistence.size` | Sets K8S persistent storage size for all PXC Pods | `8Gi` | +| `pxc.certManager` | Enable this option if you want the operator to request certificates from `cert-manager` | `false` | +| `pxc.readinessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `5` | +| `pxc.readinessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `15` | +| `pxc.readinessProbes.periodSeconds` | How often (in seconds) to perform the probe | `30` | +| `pxc.readinessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | +| `pxc.readinessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `15` | +| `pxc.livenessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `3` | +| `pxc.livenessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `300` | +| `pxc.livenessProbes.periodSeconds` | How often (in seconds) to perform the probe | `10` | +| `pxc.livenessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | +| `pxc.livenessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `5` | +| `pxc.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | +| `pxc.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | | | -| `logcollector.enabled` | Enable log collector container | `true` | -| `logcollector.image` | Log collector image repository | `percona/percona-xtradb-cluster-operator:1.14.0-logcollector` | -| `logcollector.imagePullSecrets` | Log collector pull secret | `[]` | -| `logcollector.imagePullPolicy` | The policy used to update images | `` | -| `logcollector.configuration` | User defined configuration for logcollector | `` | -| `logcollector.resources.requests` | Log collector resource requests | `{"memory": "100M", "cpu": "200m"}` | -| `logcollector.resources.limits` | Log collector resource limits | `{}` | -| `logcollector.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | +| `haproxy.enabled` | Use HAProxy as TCP proxy for PXC cluster | `true` | +| `haproxy.size` | HAProxy target pod quantity. Can't even if `unsafeFlags.pxcSize` is `true` | `3` | +| `haproxy.image` | HAProxy Container image repository | `percona/haproxy:2.8.5` | +| `haproxy.imagePullPolicy` | The policy used to update images | `` | +| `haproxy.imagePullSecrets` | HAProxy Container pull secret | `[]` | +| `haproxy.configuration` | User defined HAProxy options according to HAProxy configuration file syntax | `` | +| `haproxy.priorityClassName` | HAProxy Pod priority Class defined by user | | +| `haproxy.runtimeClassName` | Name of the Kubernetes Runtime Class for HAProxy Pods | | +| `haproxy.exposePrimary.enabled` | Enable or disable exposing `HAProxy` nodes with dedicated IP addresses | `true` | +| `haproxy.exposePrimary.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | +| `haproxy.exposePrimary.externalTrafficPolicy` | Specifies whether Service for HAProxy primary should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `""` | +| `haproxy.exposePrimary.internalTrafficPolicy` | Specifies whether Service for HAProxy primary should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | +| `haproxy.exposePrimary.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | +| `haproxy.exposePrimary.loadBalancerIP` | The static IP-address for the load balancer | `""` | +| `haproxy.exposePrimary.annotations` | The Kubernetes annotations for exposed service | `{}` | +| `haproxy.exposePrimary.labels` | The Kubernetes labels for exposed service | `{}` | +| `haproxy.exposeReplicas.enabled` | Enables or disables `haproxy-replicas` Service. This Service default forwards requests to all Percona XtraDB Cluster instances, and it **should not be used for write requests**! | `true` | +| `haproxy.exposeReplicas.onlyReaders` | Setting it to `true` excludes current MySQL primary instance (writer) from the list of Pods, to which `haproxy-replicas` Service directs connections, leaving only the reader instances. | `false` | +| `haproxy.exposeReplicas.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | +| `haproxy.exposeReplicas.externalTrafficPolicy` | Specifies whether Service for HAProxy replicas should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `""` | +| `haproxy.exposeReplicas.internalTrafficPolicy` | Specifies whether Service for HAProxy replicas should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | +| `haproxy.exposeReplicas.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | +| `haproxy.exposeReplicas.loadBalancerIP` | The static IP-address for the load balancer | `""` | +| `haproxy.exposeReplicas.annotations` | The Kubernetes annotations for exposed service | `{}` | +| `haproxy.exposeReplicas.labels` | The Kubernetes labels for exposed service | `{}` | +| `haproxy.annotations` | HAProxy Pod user-defined annotations | `{}` | +| `haproxy.labels` | HAProxy Pod user-defined labels | `{}` | +| `haproxy.schedulerName` | The Kubernetes Scheduler | | +| `haproxy.readinessDelaySec` | HAProxy Pod delay for readiness probe in seconds | `15` | +| `haproxy.livenessDelaySec` | HAProxy Pod delay for liveness probe in seconds | `300` | +| `haproxy.envVarsSecret` | A secret with environment variables | `` | +| `haproxy.resources.requests` | HAProxy Pods resource requests | `{"memory": "1G", "cpu": "600m"}` | +| `haproxy.resources.limits` | HAProxy Pods resource limits | `{}` | +| `haproxy.sidecars` | HAProxy Pods sidecars | `[]` | +| `haproxy.sidecarVolumes` | HAProxy Pods sidecarVolumes | `[]` | +| `haproxy.sidecarPVCs` | HAProxy Pods sidecar PVCs | `[]` | +| `haproxy.sidecarResources.requests` | HAProxy sidecar resource requests | `{}` | +| `haproxy.sidecarResources.limits` | HAProxy sidecar resource limits | `{}` | +| `haproxy.nodeSelector` | HAProxy Pods key-value pairs setting for K8S node assingment | `{}` | +| `haproxy.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | +| `haproxy.affinity.antiAffinityTopologyKey` | HAProxy Pods simple scheduling restriction on/off for host, zone, region | `"kubernetes.io/hostname"` | +| `haproxy.affinity.advanced` | HAProxy Pods advanced scheduling restriction with match expression engine | `{}` | +| `haproxy.tolerations` | List of node taints to tolerate for HAProxy Pods | `[]` | +| `haproxy.gracePeriod` | Allowed time for graceful shutdown | `600` | +| `haproxy.lifecycle.preStop.exec.command` | Command for the [preStop lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for HAProxy Pods | `""` | +| `haproxy.lifecycle.postStart.exec.command` | Command for the [postStart lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for HAProxy Pods | `600` | +| `haproxy.podDisruptionBudget.maxUnavailable` | Instruct Kubernetes about the failed pods allowed quantity | `1` | +| `haproxy.readinessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `5` | +| `haproxy.readinessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `15` | +| `haproxy.readinessProbes.periodSeconds` | How often (in seconds) to perform the probe | `30` | +| `haproxy.readinessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | +| `haproxy.readinessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `15` | +| `haproxy.livenessProbes.failureThreshold` | When a probe fails, Kubernetes will try failureThreshold times before giving up | `3` | +| `haproxy.livenessProbes.initialDelaySeconds` | Number of seconds after the container has started before liveness or readiness probes are initiated | `300` | +| `haproxy.livenessProbes.periodSeconds` | How often (in seconds) to perform the probe | `10` | +| `haproxy.livenessProbes.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | `1` | +| `haproxy.livenessProbes.timeoutSeconds` | Number of seconds after which the probe times out | `5` | +| `haproxy.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | +| `haproxy.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | | | -| `pmm.enabled` | Enable integration with [Percona Monitoring and Management software](https://www.percona.com/doc/kubernetes-operator-for-pxc/monitoring.html) | `false` | -| `pmm.image.repository` | PMM Container image repository | `percona/pmm-client` | -| `pmm.image.tag` | PMM Container image tag | `2.41.2` | -| `pmm.imagePullSecrets` | PMM Container pull secret | `[]` | -| `pmm.imagePullPolicy` | The policy used to update images | `` | -| `pmm.serverHost` | PMM server related K8S service hostname | `monitoring-service` | -| `pmm.serverUser` | Username for accessing PXC database internals | `admin` | -| `pmm.resources.requests` | PMM Container resource requests | `{"memory": "150M", "cpu": "300m"}` | -| `pmm.resources.limits` | PMM Container resource limits | `{}` | -| `pmm.pxcParams` | Additional parameters which will be passed to the [pmm-admin add mysql](https://docs.percona.com/percona-monitoring-and-management/setting-up/client/mysql.html#add-service) command for `pxc` Pods | `""` | -| `pmm.proxysqlParams` | Additional parameters which will be passed to the [pmm-admin add proxysql](https://docs.percona.com/percona-monitoring-and-management/setting-up/client/proxysql.html) command for `proxysql` Pods | `""` | -| `pmm.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | +| `proxysql.enabled` | Use ProxySQL as TCP proxy for PXC cluster | `false` | +| `proxysql.size` | ProxySQL target pod quantity. Can't even if `unsafeFlags.pxcSize` is `true` | `3` | +| `proxysql.image` | ProxySQL Container image | `percona/proxysql2:2.5.5` | +| `proxysql.imagePullPolicy` | The policy used to update images | `` | +| `proxysql.imagePullSecrets` | ProxySQL Container pull secret | `[]` | +| `proxysql.configuration` | User defined ProxySQL options according to ProxySQL configuration file syntax | `` | +| `proxysql.priorityClassName` | ProxySQL Pod priority Class defined by user | | +| `proxysql.runtimeClassName` | Name of the Kubernetes Runtime Class for ProxySQL Pods | | +| `proxysql.expose.enabled` | Enable or disable exposing `ProxySQL` nodes with dedicated IP addresses | `true` | +| `proxysql.expose.type` | The Kubernetes Service Type used for exposure | `LoadBalancer` | +| `proxysql.expose.externalTrafficPolicy` | Specifies whether Service for ProxySQL nodes should [route external traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) (it can influence the load balancing effectiveness) | `""` | +| `proxysql.expose.internalTrafficPolicy` | Specifies whether Service for ProxySQL nodes should [route internal traffic to cluster-wide or to node-local endpoints](https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/) (it can influence the load balancing effectiveness) | `""` | +| `proxysql.expose.loadBalancerSourceRanges` | The range of client IP addresses from which the load balancer should be reachable (if not set, there is no limitations) | `[]` | +| `proxysql.expose.loadBalancerIP` | The static IP-address for the load balancer | `""` | +| `proxysql.expose.annotations` | The Kubernetes annotations for exposed service | `{}` | +| `proxysql.expose.labels` | The Kubernetes labels for exposed service | `{}` | +| `proxysql.annotations` | ProxySQL Pod user-defined annotations | `{}` | +| `proxysql.labels` | ProxySQL Pod user-defined labels | `{}` | +| `proxysql.schedulerName` | The Kubernetes Scheduler | | +| `proxysql.readinessDelaySec` | ProxySQL Pod delay for readiness probe in seconds | `15` | +| `proxysql.livenessDelaySec` | ProxySQL Pod delay for liveness probe in seconds | `300` | +| `proxysql.envVarsSecret` | A secret with environment variables | `` | +| `proxysql.resources.requests` | ProxySQL Pods resource requests | `{"memory": "1G", "cpu": "600m"}` | +| `proxysql.resources.limits` | ProxySQL Pods resource limits | `{}` | +| `proxysql.sidecars` | ProxySQL Pods sidecars | `[]` | +| `proxysql.sidecarVolumes` | ProxySQL Pods sidecarVolumes | `[]` | +| `proxysql.sidecarPVCs` | ProxySQL Pods sidecar PVCs | `[]` | +| `proxysql.sidecarResources.requests` | ProxySQL sidecar resource requests | `{}` | +| `proxysql.sidecarResources.limits` | ProxySQL sidecar resource limits | `{}` | +| `proxysql.nodeSelector` | ProxySQL Pods key-value pairs setting for K8S node assingment | `{}` | +| `proxysql.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | +| `proxysql.affinity.antiAffinityTopologyKey` | ProxySQL Pods simple scheduling restriction on/off for host, zone, region | `"kubernetes.io/hostname"` | +| `proxysql.affinity.advanced` | ProxySQL Pods advanced scheduling restriction with match expression engine | `{}` | +| `proxysql.tolerations` | List of node taints to tolerate for ProxySQL Pods | `[]` | +| `proxysql.gracePeriod` | Allowed time for graceful shutdown | `600` | +| `proxysql.lifecycle.preStop.exec.command` | Command for the [preStop lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for ProxySQL Pods | `""` | +| `proxysql.lifecycle.postStart.exec.command` | Command for the [postStart lifecycle hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) for ProxySQL Pods | `600` | +| `proxysql.podDisruptionBudget.maxUnavailable` | Instruct Kubernetes about the failed pods allowed quantity | `1` | +| `proxysql.persistence.enabled` | Requests a persistent storage (`hostPath` or `storageClass`) from K8S for ProxySQL Pods | `true` | +| `proxysql.persistence.hostPath` | Sets datadir path on K8S node for all ProxySQL Pods. Available only when `proxysql.persistence.enabled: true` | | +| `proxysql.persistence.storageClass` | Sets K8S storageClass name for all ProxySQL Pods PVC. Available only when `proxysql.persistence.enabled: true` | `-` | +| `proxysql.persistence.accessMode` | Sets K8S persistent storage access policy for all ProxySQL Pods | `ReadWriteOnce` | +| `proxysql.persistence.size` | Sets K8S persistent storage size for all ProxySQL Pods | `8Gi` | +| `proxysql.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | +| `proxysql.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | | | -| `backup.enabled` | Enables backups for PXC cluster | `true` | -| `backup.allowParallel` | Allow taking multiple backups in parallel | `true` | -| `backup.image.repository` | Backup Container image | `percona/percona-xtradb-cluster-operator` | -| `backup.image.tag` | Backup Container tag | `1.14.0-pxc8.0-backup-pxb8.0.35` | -| `backup.backoffLimit` | The number of retries to make a backup | `10` | -| `backup.imagePullSecrets` | Backup Container pull secret | `[]` | -| `backup.imagePullPolicy` | The policy used to update images | `` | -| `backup.pitr.enabled` | Enable point in time recovery | `false` | -| `backup.pitr.storageName` | Storage name for PITR | `s3-us-west-binlogs` | -| `backup.pitr.timeBetweenUploads` | Time between uploads for PITR | `60` | -| `backup.pitr.timeoutSeconds` | Timeout in seconds for the binlog to be uploaded; the binlog uploader container will be restarted after exceeding this timeout | `60` | -| `backup.pitr.resources.requests` | PITR Container resource requests | `{}` | -| `backup.pitr.resources.limits` | PITR Container resource limits | `{}` | -| `backup.storages.fs-pvc` | Backups storage configuration, where `storages:` is a high-level key for the underlying structure. `fs-pvc` is a user-defined storage name. | | -| `backup.storages.fs-pvc.type` | Backup storage type | `filysystem` | -| `backup.storages.fs-pvc.verifyTLS` | Enable or disable verification of the storage server TLS certificate | `true` | -| `backup.storages.fs-pvc.volume.persistentVolumeClaim.accessModes` | Backup PVC access policy | `["ReadWriteOnce"]` | -| `backup.storages.fs-pvc.volume.persistentVolumeClaim.resources` | Backup Pod resources specification | `{}` | -| `backup.storages.fs-pvc.volume.persistentVolumeClaim.resources.requests.storage` | Backup Pod datadir backups size | `6Gi` | -| `backup.storages.fs-pvc.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | -| `backup.storages.fs-pvc.containerOptions.env` | Environment variables to add to the backup container | `[]` | -| `backup.storages.fs-pvc.containerOptions.args.xtrabackup` | Additional arguments for xtrabackup | `[]` | -| `backup.storages.fs-pvc.containerOptions.args.xbstream` | Additional arguments for xbstream | `[]` | -| `backup.storages.fs-pvc.containerOptions.args.xbcloud` | Additional arguments for xbcloud | `[]` | -| `backup.schedule` | Backup execution timetable | `[]` | -| `backup.schedule.0.name` | Backup execution timetable name | `daily-backup` | -| `backup.schedule.0.schedule` | Backup execution timetable cron timing | `0 0 * * *` | -| `backup.schedule.0.keep` | Backup items to keep | `5` | -| `backup.schedule.0.storageName` | Backup target storage | `fs-pvc` | +| `logcollector.enabled` | Enable log collector container | `true` | +| `logcollector.image` | Log collector image repository | `percona/percona-xtradb-cluster-operator:1.15.0-logcollector-fluentbit3.1.4` | +| `logcollector.imagePullSecrets` | Log collector pull secret | `[]` | +| `logcollector.imagePullPolicy` | The policy used to update images | `` | +| `logcollector.configuration` | User defined configuration for logcollector | `` | +| `logcollector.resources.requests` | Log collector resource requests | `{"memory": "100M", "cpu": "200m"}` | +| `logcollector.resources.limits` | Log collector resource limits | `{}` | +| `logcollector.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | | | -| `secrets.passwords.root` | Default user secret | `insecure-root-password` | -| `secrets.passwords.xtrabackup` | Default user secret | `insecure-xtrabackup-password` | -| `secrets.passwords.monitor` | Default user secret | `insecure-monitor-password` | -| `secrets.passwords.clustercheck` | Default user secret | `insecure-clustercheck-password` | -| `secrets.passwords.proxyadmin` | Default user secret | `insecure-proxyadmin-password` | -| `secrets.passwords.pmmserver` | Default user secret | `insecure-pmmserver-password` | -| `secrets.passwords.pmmserverkey` | PMM server API key | `` | -| `secrets.passwords.operator` | Default user secret | `insecure-operator-password` | -| `secrets.passwords.replication` | Default user secret | `insecure-replication-password` | -| `secrets.tls.cluster` | Specify secret name for TLS. Not needed in case if you're using cert-manager. Structure expects keys `ca.crt`, `tls.crt`, `tls.key` and files contents encoded in base64. | `` | -| `secrets.tls.internal` | Specify internal secret name for TLS. | `` | -| `secrets.logCollector` | Specify secret name used for Fluent Bit Log Collector | `` | -| `secrets.vault` | Specify secret name used for HashiCorp Vault to carry on Data at Rest Encryption | `` | +| `pmm.enabled` | Enable integration with [Percona Monitoring and Management software](https://www.percona.com/doc/kubernetes-operator-for-pxc/monitoring.html) | `false` | +| `pmm.image.repository` | PMM Container image repository | `percona/pmm-client` | +| `pmm.image.tag` | PMM Container image tag | `2.42.0` | +| `pmm.imagePullSecrets` | PMM Container pull secret | `[]` | +| `pmm.imagePullPolicy` | The policy used to update images | `` | +| `pmm.serverHost` | PMM server related K8S service hostname | `monitoring-service` | +| `pmm.serverUser` | Username for accessing PXC database internals | `admin` | +| `pmm.resources.requests` | PMM Container resource requests | `{"memory": "150M", "cpu": "300m"}` | +| `pmm.resources.limits` | PMM Container resource limits | `{}` | +| `pmm.pxcParams` | Additional parameters which will be passed to the [pmm-admin add mysql](https://docs.percona.com/percona-monitoring-and-management/setting-up/client/mysql.html#add-service) command for `pxc` Pods | `""` | +| `pmm.proxysqlParams` | Additional parameters which will be passed to the [pmm-admin add proxysql](https://docs.percona.com/percona-monitoring-and-management/setting-up/client/proxysql.html) command for `proxysql` Pods | `""` | +| `pmm.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | +| | +| `backup.enabled` | Enables backups for PXC cluster | `true` | +| `backup.allowParallel` | Allow taking multiple backups in parallel | `true` | +| `backup.image.repository` | Backup Container image | `percona/percona-xtradb-cluster-operator` | +| `backup.image.tag` | Backup Container tag | `1.15.0-pxc8.0-backup-pxb8.0.35` | +| `backup.backoffLimit` | The number of retries to make a backup | `10` | +| `backup.imagePullSecrets` | Backup Container pull secret | `[]` | +| `backup.imagePullPolicy` | The policy used to update images | `` | +| `backup.pitr.enabled` | Enable point in time recovery | `false` | +| `backup.pitr.storageName` | Storage name for PITR | `s3-us-west-binlogs` | +| `backup.pitr.timeBetweenUploads` | Time between uploads for PITR | `60` | +| `backup.pitr.timeoutSeconds` | Timeout in seconds for the binlog to be uploaded; the binlog uploader container will be restarted after exceeding this timeout | `60` | +| `backup.pitr.resources.requests` | PITR Container resource requests | `{}` | +| `backup.pitr.resources.limits` | PITR Container resource limits | `{}` | +| `backup.storages.fs-pvc` | Backups storage configuration, where `storages:` is a high-level key for the underlying structure. `fs-pvc` is a user-defined storage name. | | +| `backup.storages.fs-pvc.type` | Backup storage type | `filysystem` | +| `backup.storages.fs-pvc.verifyTLS` | Enable or disable verification of the storage server TLS certificate | `true` | +| `backup.storages.fs-pvc.volume.persistentVolumeClaim.accessModes` | Backup PVC access policy | `["ReadWriteOnce"]` | +| `backup.storages.fs-pvc.volume.persistentVolumeClaim.resources` | Backup Pod resources specification | `{}` | +| `backup.storages.fs-pvc.volume.persistentVolumeClaim.resources.requests.storage` | Backup Pod datadir backups size | `6Gi` | +| `backup.storages.fs-pvc.topologySpreadConstraints` | The Label selector for the [Kubernetes Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) | `[]` | +| `backup.storages.fs-pvc.containerOptions.env` | Environment variables to add to the backup container | `[]` | +| `backup.storages.fs-pvc.containerOptions.args.xtrabackup` | Additional arguments for xtrabackup | `[]` | +| `backup.storages.fs-pvc.containerOptions.args.xbstream` | Additional arguments for xbstream | `[]` | +| `backup.storages.fs-pvc.containerOptions.args.xbcloud` | Additional arguments for xbcloud | `[]` | +| `backup.schedule` | Backup execution timetable | `[]` | +| `backup.schedule.0.name` | Backup execution timetable name | `daily-backup` | +| `backup.schedule.0.schedule` | Backup execution timetable cron timing | `0 0 * * *` | +| `backup.schedule.0.keep` | Backup items to keep | `5` | +| `backup.schedule.0.storageName` | Backup target storage | `fs-pvc` | +| | +| `secrets.passwords.root` | Default user secret | `insecure-root-password` | +| `secrets.passwords.xtrabackup` | Default user secret | `insecure-xtrabackup-password` | +| `secrets.passwords.monitor` | Default user secret | `insecure-monitor-password` | +| `secrets.passwords.clustercheck` | Default user secret | `insecure-clustercheck-password` | +| `secrets.passwords.proxyadmin` | Default user secret | `insecure-proxyadmin-password` | +| `secrets.passwords.pmmserver` | Default user secret | `insecure-pmmserver-password` | +| `secrets.passwords.pmmserverkey` | PMM server API key | `` | +| `secrets.passwords.operator` | Default user secret | `insecure-operator-password` | +| `secrets.passwords.replication` | Default user secret | `insecure-replication-password` | +| `secrets.tls.cluster` | Specify secret name for TLS. Not needed in case if you're using cert-manager. Structure expects keys `ca.crt`, `tls.crt`, `tls.key` and files contents encoded in base64. | `` | +| `secrets.tls.internal` | Specify internal secret name for TLS. | `` | +| `secrets.logCollector` | Specify secret name used for Fluent Bit Log Collector | `` | +| `secrets.vault` | Specify secret name used for HashiCorp Vault to carry on Data at Rest Encryption | `` | Specify parameters using `--set key=value[,key=value]` argument to `helm install` @@ -296,7 +305,7 @@ This is great for a dev cluster as it doesn't require a persistent disk and does ```bash $ helm install dev --namespace pxc . \ - --set proxysql.enabled=false --set pxc.disableTLS=true \ + --set proxysql.enabled=false --set tls.enabled=false --set unsafeFlags.tls=true \ --set pxc.persistence.enabled=false --set backup-enabled=false ``` diff --git a/charts/pxc-db/templates/_helpers.tpl b/charts/pxc-db/templates/_helpers.tpl index 09615400..0b0611ad 100644 --- a/charts/pxc-db/templates/_helpers.tpl +++ b/charts/pxc-db/templates/_helpers.tpl @@ -68,30 +68,6 @@ This filters the backup.storages hash for S3 credentials. If we detect them, the {{/* Functions returns image URI according to parameters set */}} -{{- define "pxc-db.haproxy-image" -}} -{{- if .Values.haproxy.image }} -{{- .Values.haproxy.image }} -{{- else }} -{{- printf "%s:%s-haproxy" .Values.operatorImageRepository .Chart.AppVersion }} -{{- end }} -{{- end -}} - -{{- define "pxc-db.proxysql-image" -}} -{{- if .Values.proxysql.image }} -{{- .Values.proxysql.image }} -{{- else }} -{{- printf "%s:%s-proxysql" .Values.operatorImageRepository .Chart.AppVersion }} -{{- end }} -{{- end -}} - -{{- define "pxc-db.logcollector-image" -}} -{{- if .Values.logcollector.image }} -{{- .Values.logcollector.image }} -{{- else }} -{{- printf "%s:%s-logcollector" .Values.operatorImageRepository .Chart.AppVersion }} -{{- end }} -{{- end -}} - {{- define "pxc-db.operator-image" -}} {{- if .Values.image }} {{- .Values.image }} diff --git a/charts/pxc-db/templates/cluster-ssl-secret.yaml b/charts/pxc-db/templates/cluster-ssl-secret.yaml index 4b870710..0d217275 100644 --- a/charts/pxc-db/templates/cluster-ssl-secret.yaml +++ b/charts/pxc-db/templates/cluster-ssl-secret.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.pxc.disableTLS }} +{{- if .Values.tls.enabled }} {{- if not .Values.pxc.certManager }} {{- $nameDB := printf "%s" (include "pxc-database.fullname" .) }} {{ $ca := genCA (printf "%s-ca" $nameDB ) 365 }} diff --git a/charts/pxc-db/templates/cluster.yaml b/charts/pxc-db/templates/cluster.yaml index 628c0410..037c40ab 100644 --- a/charts/pxc-db/templates/cluster.yaml +++ b/charts/pxc-db/templates/cluster.yaml @@ -26,7 +26,7 @@ spec: {{- else }} secretsName: {{ include "pxc-database.fullname" . }}-secrets {{- end }} - {{- if not .Values.pxc.disableTLS }} + {{- if .Values.tls.enabled }} {{- if hasKey .Values.secrets.tls "cluster" }} sslSecretName: {{ .Values.secrets.tls.cluster }} {{- else }} @@ -67,11 +67,12 @@ spec: {{- end }} {{- end }} {{- end }} - {{- if or .Values.allowUnsafeConfigurations .Values.pxc.disableTLS }} - allowUnsafeConfigurations: true - {{- end }} enableCRValidationWebhook: {{ .Values.enableCRValidationWebhook }} pause: {{ .Values.pause }} + {{- if .Values.unsafeFlags }} + unsafeFlags: +{{ .Values.unsafeFlags | toYaml | indent 4 }} + {{- end }} updateStrategy: {{ .Values.updateStrategy }} {{- if hasKey .Values.upgradeOptions "versionServiceEndpoint" }} upgradeOptions: @@ -81,6 +82,7 @@ spec: {{- end }} {{- if .Values.tls }} tls: + enabled: {{ .Values.tls.enabled }} {{- if hasKey .Values.tls "SANs" }} SANs: {{ .Values.tls.SANs | toYaml | indent 6 }} @@ -181,6 +183,10 @@ spec: {{- end }} {{- end }} accessModes: [{{ $pxc.persistence.accessMode | quote }}] + {{- if $pxc.persistence.dataSource }} + dataSource: +{{ $pxc.persistence.dataSource| toYaml | indent 10 }} + {{- end }} resources: requests: storage: {{ $pxc.persistence.size | quote }} @@ -221,7 +227,7 @@ spec: haproxy: enabled: true size: {{ $haproxy.size }} - image: {{ include "pxc-db.haproxy-image" . }} + image: {{ .Values.haproxy.image }} {{- if $haproxy.imagePullPolicy }} imagePullPolicy: {{ $haproxy.imagePullPolicy }} {{- end }} @@ -329,7 +335,7 @@ spec: proxysql: enabled: true size: {{ $proxysql.size }} - image: {{ include "pxc-db.proxysql-image" . }} + image: {{ .Values.proxysql.image }} {{- if $proxysql.imagePullPolicy }} imagePullPolicy: {{ $proxysql.imagePullPolicy }} {{- end }} @@ -442,7 +448,7 @@ spec: {{- else }} {{- $logcollector := .Values.logcollector }} enabled: true - image: {{ include "pxc-db.logcollector-image" . }} + image: {{ .Values.logcollector.image }} {{- if $logcollector.imagePullPolicy }} imagePullPolicy: {{ $logcollector.imagePullPolicy }} {{- end }} diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index 430be291..23ac5780 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -3,13 +3,13 @@ # Declare variables to be passed into your templates. finalizers: - - delete-pxc-pods-in-order + - percona.com/delete-pxc-pods-in-order ## Set this if you want to delete proxysql persistent volumes on cluster deletion -# - delete-proxysql-pvc +# - percona.com/delete-proxysql-pvc ## Set this if you want to delete database persistent volumes on cluster deletion -# - delete-pxc-pvc +# - percona.com/delete-pxc-pvc ## Set this if you want to delete cert manager certificates on cluster deletion -# - delete-ssl +# - percona.com/delete-ssl nameOverride: "" fullnameOverride: "" @@ -19,14 +19,14 @@ annotations: {} operatorImageRepository: percona/percona-xtradb-cluster-operator -crVersion: 1.14.0 +crVersion: 1.15.0 ignoreAnnotations: [] # - iam.amazonaws.com/role ignoreLabels: [] # - rack pause: false # initContainer: -# image: "" +# image: "percona/percona-xtradb-cluster-operator:1.15.0" # resources: # requests: # memory: 100M @@ -34,14 +34,19 @@ pause: false # limits: # memory: 200M # cpu: 200m -allowUnsafeConfigurations: false +# unsafeFlags: +# tls: false +# pxcSize: false +# proxySize: false +# backupIfUnhealthy: false updateStrategy: SmartUpdate upgradeOptions: versionServiceEndpoint: https://check.percona.com apply: disabled schedule: "0 4 * * *" enableCRValidationWebhook: false -tls: {} +tls: + enabled: true # SANs: # - pxc-1.example.com # - pxc-2.example.com @@ -164,11 +169,12 @@ pxc: ## # storageClass: "-" accessMode: ReadWriteOnce + # dataSource: + # name: new-snapshot-test + # kind: VolumeSnapshot + # apiGroup: snapshot.storage.k8s.io size: 8Gi - # If you set this to true the cluster will be created without TLS - disableTLS: false - # disable Helm creating TLS certificates if you want to let the operator # request certificates from cert-manager certManager: false @@ -201,13 +207,13 @@ pxc: haproxy: enabled: true size: 3 - image: "" + image: percona/haproxy:2.8.5 # imagePullPolicy: Always imagePullSecrets: [] # - name: private-registry-credentials # configuration: | # -# the actual default configuration file can be found here https://github.com/percona/percona-docker/blob/main/haproxy/dockerdir/etc/haproxy/haproxy-global.cfg +# the actual default configuration file can be found here https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/main/build/haproxy-global.cfg # # global # maxconn 2048 @@ -344,7 +350,8 @@ haproxy: # - 10.0.0.0/8 # loadBalancerIP: 127.0.0.1 # exposeReplicas: - # enabled: false + # enabled: true + # onlyReaders: false # type: ClusterIP # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp @@ -367,7 +374,7 @@ haproxy: proxysql: enabled: false size: 3 - image: "percona/percona-xtradb-cluster-operator:1.14.0-proxysql2.5.5-1.2" + image: "percona/proxysql2:2.5.5" # imagePullPolicy: Always imagePullSecrets: [] # configuration: | @@ -519,7 +526,7 @@ proxysql: logcollector: enabled: true - image: "" + image: percona/percona-xtradb-cluster-operator:1.15.0-logcollector-fluentbit3.1.4 # imagePullPolicy: Always imagePullSecrets: [] # configuration: | @@ -543,7 +550,7 @@ pmm: enabled: false image: repository: percona/pmm-client - tag: 2.41.2 + tag: 2.42.0 # imagePullPolicy: Always imagePullSecrets: [] serverHost: monitoring-service @@ -563,7 +570,7 @@ backup: # allowParallel: true image: repository: percona/percona-xtradb-cluster-operator - tag: 1.14.0-pxc8.0-backup-pxb8.0.35 + tag: 1.15.0-pxc8.0-backup-pxb8.0.35 # backoffLimit: 6 # serviceAccountName: percona-xtradb-cluster-operator # imagePullPolicy: Always diff --git a/charts/pxc-operator/Chart.yaml b/charts/pxc-operator/Chart.yaml index e94272a7..cc492a4d 100644 --- a/charts/pxc-operator/Chart.yaml +++ b/charts/pxc-operator/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.14.0 +appVersion: 1.15.0 description: A Helm chart for deploying the Percona Operator for MySQL (based on Percona XtraDB Cluster) name: pxc-operator home: https://docs.percona.com/percona-operator-for-mysql/pxc/ -version: 1.14.2 +version: 1.15.0 maintainers: - name: tplavcic email: tomislav.plavcic@percona.com diff --git a/charts/pxc-operator/README.md b/charts/pxc-operator/README.md index 671ec3be..4934d11a 100644 --- a/charts/pxc-operator/README.md +++ b/charts/pxc-operator/README.md @@ -7,7 +7,7 @@ Useful links * [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-pxc/index.html) ## Pre-requisites -* Kubernetes 1.24+ +* Kubernetes 1.28+ * Helm v3 # Installation @@ -19,14 +19,14 @@ To install the chart with the `pxc` release name using a dedicated namespace (re ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-operator percona/pxc-operator --version 1.14.0 --namespace my-namespace +helm install my-operator percona/pxc-operator --version 1.15.0 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | ------------------------------- | -----------------------------------------------------------------------------------------------| -------------------------------------------------| -| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.14.0` | +| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.15.0` | | `imagePullPolicy` | PXC Operator Container pull policy | `Always` | | `containerSecurityContext` | PXC Operator Container securityContext | `{}` | | `imagePullSecrets` | PXC Operator Pod pull secret | `[]` | diff --git a/charts/pxc-operator/crds/crd.yaml b/charts/pxc-operator/crds/crd.yaml index 8cb8b233..0d782304 100644 --- a/charts/pxc-operator/crds/crd.yaml +++ b/charts/pxc-operator/crds/crd.yaml @@ -2,8 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.15.0 name: perconaxtradbclusterbackups.pxc.percona.com spec: group: pxc.percona.com @@ -88,12 +87,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -103,6 +104,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -118,17 +120,20 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -233,19 +238,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.15.0 name: perconaxtradbclusterrestores.pxc.percona.com spec: group: pxc.percona.com @@ -408,12 +406,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -423,6 +423,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -438,17 +439,20 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -604,19 +608,12 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.15.0 name: perconaxtradbclusters.pxc.percona.com spec: group: pxc.percona.com @@ -975,8 +972,10 @@ spec: items: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic type: array pitr: properties: @@ -1062,11 +1061,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -1078,12 +1079,15 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -1092,6 +1096,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -1108,11 +1113,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -1124,16 +1131,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -1155,16 +1167,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -1188,20 +1203,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -1215,6 +1234,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1231,16 +1251,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -1264,26 +1287,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: properties: @@ -1305,16 +1333,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -1338,20 +1369,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -1365,6 +1400,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1381,16 +1417,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -1414,26 +1453,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object annotations: @@ -1482,12 +1526,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1497,6 +1543,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1512,17 +1559,20 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1533,16 +1583,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -1600,6 +1661,15 @@ spec: type: object podSecurityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object fsGroup: format: int64 type: integer @@ -1638,6 +1708,7 @@ spec: format: int64 type: integer type: array + x-kubernetes-list-type: atomic sysctls: items: properties: @@ -1650,6 +1721,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: @@ -1742,16 +1814,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -1809,6 +1884,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -1821,6 +1897,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -1867,16 +1944,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -1918,11 +1998,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -1934,12 +2016,15 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -1948,6 +2033,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -1964,11 +2050,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -1980,16 +2068,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -2011,16 +2104,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2044,20 +2140,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -2071,6 +2171,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -2087,16 +2188,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2120,26 +2224,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: properties: @@ -2161,16 +2270,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2194,20 +2306,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -2221,6 +2337,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -2237,16 +2354,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2270,26 +2390,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object antiAffinityTopologyKey: @@ -2305,16 +2430,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -2415,6 +2551,8 @@ spec: items: type: string type: array + onlyReaders: + type: boolean trafficPolicy: type: string type: @@ -2437,8 +2575,10 @@ spec: items: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic type: array labels: additionalProperties: @@ -2454,6 +2594,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -2471,6 +2612,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -2512,6 +2654,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -2529,6 +2672,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -2574,6 +2718,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -2604,6 +2749,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -2669,6 +2815,15 @@ spec: type: object podSecurityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object fsGroup: format: int64 type: integer @@ -2707,6 +2862,7 @@ spec: format: int64 type: integer type: array + x-kubernetes-list-type: atomic sysctls: items: properties: @@ -2719,6 +2875,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: @@ -2744,6 +2901,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -2774,6 +2932,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -2896,6 +3055,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -2908,6 +3068,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -2954,16 +3115,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -2979,6 +3143,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic allocatedResourceStatuses: additionalProperties: type: string @@ -3022,6 +3187,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map currentVolumeAttributesClassName: type: string modifyVolumeStatus: @@ -3122,6 +3290,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic path: type: string readOnly: @@ -3131,8 +3300,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic user: type: string required: @@ -3147,8 +3318,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic volumeID: type: string required: @@ -3174,11 +3347,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic csi: properties: driver: @@ -3188,8 +3364,10 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: @@ -3216,6 +3394,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: format: int32 type: integer @@ -3236,10 +3415,12 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: properties: @@ -3264,6 +3445,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -3276,6 +3458,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -3322,16 +3505,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -3358,10 +3544,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: properties: @@ -3378,8 +3566,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -3457,13 +3647,16 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic targetPortal: type: string required: @@ -3537,16 +3730,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic name: type: string optional: @@ -3575,11 +3771,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: properties: items: @@ -3594,6 +3793,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: format: int32 type: integer @@ -3614,10 +3814,12 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: properties: @@ -3636,11 +3838,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: @@ -3655,6 +3860,7 @@ spec: type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: properties: @@ -3686,6 +3892,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic pool: type: string readOnly: @@ -3693,8 +3900,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic user: type: string required: @@ -3714,8 +3923,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: @@ -3751,6 +3962,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic optional: type: boolean secretName: @@ -3765,8 +3977,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: @@ -3796,10 +4010,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: items: type: string type: array + x-kubernetes-list-type: atomic env: items: properties: @@ -3814,12 +4030,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -3829,6 +4047,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -3844,43 +4063,54 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: type: string imagePullPolicy: @@ -3895,6 +4125,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -3912,6 +4143,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -3953,6 +4185,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -3970,6 +4203,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -4012,6 +4246,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -4042,6 +4277,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -4116,6 +4352,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -4146,6 +4383,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -4236,16 +4474,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -4301,6 +4550,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -4331,6 +4581,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -4393,6 +4644,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: items: properties: @@ -4404,6 +4658,8 @@ spec: type: string readOnly: type: boolean + recursiveReadOnly: + type: string subPath: type: string subPathExpr: @@ -4413,6 +4669,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: type: string required: @@ -4458,16 +4717,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -4523,6 +4785,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -4535,6 +4798,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -4581,16 +4845,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -4658,16 +4925,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -4767,16 +5045,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -4896,11 +5185,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -4912,12 +5203,15 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -4926,6 +5220,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -4942,11 +5237,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -4958,16 +5255,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -4989,16 +5291,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -5022,20 +5327,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -5049,6 +5358,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -5065,16 +5375,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -5098,26 +5411,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: properties: @@ -5139,16 +5457,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -5172,20 +5493,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -5199,6 +5524,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -5215,16 +5541,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -5248,26 +5577,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object antiAffinityTopologyKey: @@ -5283,16 +5617,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -5388,8 +5733,10 @@ spec: items: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic type: array labels: additionalProperties: @@ -5405,6 +5752,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -5422,6 +5770,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -5463,6 +5812,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -5480,6 +5830,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -5525,6 +5876,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -5555,6 +5907,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -5620,6 +5973,15 @@ spec: type: object podSecurityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object fsGroup: format: int64 type: integer @@ -5658,6 +6020,7 @@ spec: format: int64 type: integer type: array + x-kubernetes-list-type: atomic sysctls: items: properties: @@ -5670,6 +6033,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: @@ -5695,6 +6059,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -5725,6 +6090,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -5839,6 +6205,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -5851,6 +6218,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -5897,16 +6265,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -5922,6 +6293,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic allocatedResourceStatuses: additionalProperties: type: string @@ -5965,6 +6337,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map currentVolumeAttributesClassName: type: string modifyVolumeStatus: @@ -6065,6 +6440,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic path: type: string readOnly: @@ -6074,8 +6450,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic user: type: string required: @@ -6090,8 +6468,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic volumeID: type: string required: @@ -6117,11 +6497,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic csi: properties: driver: @@ -6131,8 +6514,10 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: @@ -6159,6 +6544,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: format: int32 type: integer @@ -6179,10 +6565,12 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: properties: @@ -6207,6 +6595,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -6219,6 +6608,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -6265,16 +6655,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -6301,10 +6694,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: properties: @@ -6321,8 +6716,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -6400,13 +6797,16 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic targetPortal: type: string required: @@ -6480,16 +6880,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic name: type: string optional: @@ -6518,11 +6921,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: properties: items: @@ -6537,6 +6943,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: format: int32 type: integer @@ -6557,10 +6964,12 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: properties: @@ -6579,11 +6988,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: @@ -6598,6 +7010,7 @@ spec: type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: properties: @@ -6629,6 +7042,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic pool: type: string readOnly: @@ -6636,8 +7050,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic user: type: string required: @@ -6657,8 +7073,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: @@ -6694,6 +7112,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic optional: type: boolean secretName: @@ -6708,8 +7127,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: @@ -6739,10 +7160,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: items: type: string type: array + x-kubernetes-list-type: atomic env: items: properties: @@ -6757,12 +7180,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -6772,6 +7197,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -6787,43 +7213,54 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: type: string imagePullPolicy: @@ -6838,6 +7275,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -6855,6 +7293,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -6896,6 +7335,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -6913,6 +7353,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -6955,6 +7396,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -6985,6 +7427,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -7059,6 +7502,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -7089,6 +7533,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -7179,16 +7624,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -7244,6 +7700,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -7274,6 +7731,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -7336,6 +7794,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: items: properties: @@ -7347,6 +7808,8 @@ spec: type: string readOnly: type: boolean + recursiveReadOnly: + type: string subPath: type: string subPathExpr: @@ -7356,6 +7819,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: type: string required: @@ -7401,16 +7867,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -7466,6 +7935,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -7478,6 +7948,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -7524,16 +7995,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -7569,11 +8043,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -7585,12 +8061,15 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -7599,6 +8078,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -7615,11 +8095,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -7631,16 +8113,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -7662,16 +8149,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -7695,20 +8185,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -7722,6 +8216,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -7738,16 +8233,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -7771,26 +8269,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: properties: @@ -7812,16 +8315,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -7845,20 +8351,24 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -7872,6 +8382,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -7888,16 +8399,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -7921,26 +8435,31 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object antiAffinityTopologyKey: @@ -7958,16 +8477,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -8063,8 +8593,10 @@ spec: items: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic type: array labels: additionalProperties: @@ -8080,6 +8612,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -8097,6 +8630,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -8138,6 +8672,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -8155,6 +8690,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -8200,6 +8736,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -8230,6 +8767,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -8295,6 +8833,15 @@ spec: type: object podSecurityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object fsGroup: format: int64 type: integer @@ -8333,6 +8880,7 @@ spec: format: int64 type: integer type: array + x-kubernetes-list-type: atomic sysctls: items: properties: @@ -8345,6 +8893,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: @@ -8370,6 +8919,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -8400,6 +8950,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -8547,6 +9098,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -8559,6 +9111,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -8605,16 +9158,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -8630,6 +9186,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic allocatedResourceStatuses: additionalProperties: type: string @@ -8673,6 +9230,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map currentVolumeAttributesClassName: type: string modifyVolumeStatus: @@ -8773,6 +9333,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic path: type: string readOnly: @@ -8782,8 +9343,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic user: type: string required: @@ -8798,8 +9361,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic volumeID: type: string required: @@ -8825,11 +9390,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic csi: properties: driver: @@ -8839,8 +9407,10 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: @@ -8867,6 +9437,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: format: int32 type: integer @@ -8887,10 +9458,12 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: properties: @@ -8915,6 +9488,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -8927,6 +9501,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -8973,16 +9548,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -9009,10 +9587,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: properties: @@ -9029,8 +9609,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object @@ -9108,13 +9690,16 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic targetPortal: type: string required: @@ -9188,16 +9773,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic name: type: string optional: @@ -9226,11 +9814,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: properties: items: @@ -9245,6 +9836,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: format: int32 type: integer @@ -9265,10 +9857,12 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: properties: @@ -9287,11 +9881,14 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: @@ -9306,6 +9903,7 @@ spec: type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: properties: @@ -9337,6 +9935,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic pool: type: string readOnly: @@ -9344,8 +9943,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic user: type: string required: @@ -9365,8 +9966,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: @@ -9402,6 +10005,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic optional: type: boolean secretName: @@ -9416,8 +10020,10 @@ spec: secretRef: properties: name: + default: "" type: string type: object + x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: @@ -9447,10 +10053,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: items: type: string type: array + x-kubernetes-list-type: atomic env: items: properties: @@ -9465,12 +10073,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -9480,6 +10090,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -9495,43 +10106,54 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: + default: "" type: string optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: type: string imagePullPolicy: @@ -9546,6 +10168,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -9563,6 +10186,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -9604,6 +10228,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: properties: @@ -9621,6 +10246,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -9663,6 +10289,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -9693,6 +10320,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -9767,6 +10395,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -9797,6 +10426,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -9887,16 +10517,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -9952,6 +10593,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -9982,6 +10624,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -10044,6 +10687,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: items: properties: @@ -10055,6 +10701,8 @@ spec: type: string readOnly: type: boolean + recursiveReadOnly: + type: string subPath: type: string subPathExpr: @@ -10064,6 +10712,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: type: string required: @@ -10109,16 +10760,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -10174,6 +10828,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -10186,6 +10841,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: @@ -10232,16 +10888,19 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object + x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: @@ -10265,6 +10924,8 @@ spec: items: type: string type: array + enabled: + type: boolean issuerConf: properties: group: @@ -10277,6 +10938,17 @@ spec: - name type: object type: object + unsafeFlags: + properties: + backupIfUnhealthy: + type: boolean + proxySize: + type: boolean + pxcSize: + type: boolean + tls: + type: boolean + type: object updateStrategy: type: string upgradeOptions: @@ -10453,9 +11125,3 @@ spec: specReplicasPath: .spec.pxc.size statusReplicasPath: .status.pxc.size status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/charts/pxc-operator/templates/role.yaml b/charts/pxc-operator/templates/role.yaml index dd1f9fc3..c1aeb0e3 100644 --- a/charts/pxc-operator/templates/role.yaml +++ b/charts/pxc-operator/templates/role.yaml @@ -114,12 +114,16 @@ rules: - patch - delete - apiGroups: + - events.k8s.io - "" resources: - events verbs: - create - patch + - get + - list + - watch - apiGroups: - certmanager.k8s.io - cert-manager.io