diff --git a/operators/alloydb-omni-operator/1.1.1/bundle.Dockerfile b/operators/alloydb-omni-operator/1.1.1/bundle.Dockerfile new file mode 100644 index 00000000000..f997e9675aa --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/bundle.Dockerfile @@ -0,0 +1,20 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=desktop +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.37.0 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/ diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydb-omni-operator.clusterserviceversion.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydb-omni-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..d7e3fddb7e4 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydb-omni-operator.clusterserviceversion.yaml @@ -0,0 +1,1727 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: '[]' + capabilities: Basic Install + createdAt: "2024-10-21T10:49:26Z" + com.redhat.openshift.versions: "4.16" + marketplace.openshift.io/remote-workflow: https://marketplace.redhat.com/en-us/operators/alloydb-omni-operator/pricing?utm_source=openshift_console + marketplace.openshift.io/support-workflow: https://marketplace.redhat.com/en-us/operators/alloydb-omni-operator/support?utm_source=openshift_console + operators.operatorframework.io/builder: operator-sdk-v1.37.0 + operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 + name: alloydb-omni-operator.v1.1.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - kind: BackupPlan + name: backupplans.alloydbomni.dbadmin.goog + version: v1 + - kind: Backup + name: backups.alloydbomni.dbadmin.goog + version: v1 + - kind: CreateStandbyJob + name: createstandbyjobs.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: DBCluster + name: dbclusters.alloydbomni.dbadmin.goog + version: v1 + - kind: DBInstance + name: dbinstances.alloydbomni.dbadmin.goog + version: v1 + - kind: DeleteStandbyJob + name: deletestandbyjobs.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: Failover + name: failovers.alloydbomni.dbadmin.goog + version: v1 + - kind: Replication + name: replications.alloydbomni.dbadmin.goog + version: v1 + - kind: Restore + name: restores.alloydbomni.dbadmin.goog + version: v1 + - kind: Sidecar + name: sidecars.alloydbomni.dbadmin.goog + version: v1 + - kind: Switchover + name: switchovers.alloydbomni.dbadmin.goog + version: v1 + - kind: BackupRepository + name: backuprepositories.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: Failover + name: failovers.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: InstanceBackupPlan + name: instancebackupplans.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: InstanceBackup + name: instancebackups.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: InstanceRestore + name: instancerestores.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: Instance + name: instances.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: InstanceSwitchover + name: instanceswitchovers.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: LROJob + name: lrojobs.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: ReplicationConfig + name: replicationconfigs.alloydbomni.internal.dbadmin.goog + version: v1 + - kind: Sidecar + name: sidecars.alloydbomni.internal.dbadmin.goog + version: v1 + description: Alloydb Omni Operator description. TODO. + displayName: Alloydb Omni Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAgAAAAIACAYAAAD0eNT6AAAAAXNSR0IArs4c6QAAAIRlWElmTU0AKgAAAAgABQESAAMAAAABAAEAAAEaAAUAAAABAAAASgEbAAUAAAABAAAAUgEoAAMAAAABAAIAAIdpAAQAAAABAAAAWgAAAAAAAABIAAAAAQAAAEgAAAABAAOgAQADAAAAAQABAACgAgAEAAAAAQAAAgCgAwAEAAAAAQAAAgAAAAAA+MLYhgAAAAlwSFlzAAALEwAACxMBAJqcGAAAAVlpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDYuMC4wIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6dGlmZj0iaHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8iPgogICAgICAgICA8dGlmZjpPcmllbnRhdGlvbj4xPC90aWZmOk9yaWVudGF0aW9uPgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KGV7hBwAAQABJREFUeAHsXQecXFX1fveVKTu7SagiooiKhagoaVTZTQIIKqTtKr0TaoBkQwwEGSTFuOmhhRK6aCpYUDHJLqICyUZs8FdQsBd6stNf+3/nvXm7M29Ttszsvtk9w4/Mzsx797373fvu991zzz1HkvjFCDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AIMAKMACPACDACjAAjwAgwAowAI8AI7AIBsYvv+CtGgBEY4AjE47b80ktrned/+PB6Ox4X1gCvMlePEWAEGAFGgBEYvAgQ8devsRU/AvQd/eb/nj8zAozAwEWALQADt225ZoxAOwLOjP8ISaxtECZ9Wbsg/WFhWY30ty3Li1pmR/9Kf5MQGP6yxBYBAoNfjMAAR4AFwABvYK7e4EbAT/zjF2Q+YlnmdaD9i9RILEboGJlkUpLEallWlm2aHXmNvmMhQCjwixEY2AiwABjY7cu1G6QI+Im/dsGOj8m2eq1kSxeqkaqYmU1Ltm0ZBI8QsqqEoxACqaQkpAcsYSxvmT30z/QbCwFCgV+MwMBEgAXAwGxXrtUgRcBP/F+4bcfhmixjxi9foESqqgqIn/wAvOffxt+mJwTMTColSdaDumUt+/nNQ18lKFkIEAr8YgQGFgLeADCwasW1YQQGGQJ+4h83f+fHbVsB8UsXYMYf3Q3x+1EqEgKwCKRxwINCmMs23zjkFTqYhYAfMv7MCFQuAiwAKrft+M4ZAclP/HULM5+QDfN6W7LPxxp/pIvE70fSJwSSGSGJhyxVWdo8K/InOpiFgB8y/swIVB4CLAAqr834jhmBTsRfO3/nJ2VLTMeC/nkg/rCBNX6J1viFpGDdv2fPucCZtmRK8BFQHR+BZBaOAw9bsr2k5cYhf6RmYCHAnZERqFwEejYwVG59+c4ZgYpGwD/jHze/7Qjblq8HxZ+rhqtKQ/x+hPxCIJuCEJAeEcJauvnGmpfpcBYCftD4MyMQfARYAAS/jfgOGYFOM/66b7YNlxQxHQ/wOZjxh4ws/PZsu3cz/r3h3C4EBCwCVbR9MIe1gkcl017S/I2al+h0FgJ7A5F/ZwSCgwALgOC0Bd8JI9AJAf+M/+R5bZ82BEz9tkP8Wp8Qv/+uOgsBHRaIR1XbXvL0TTV/oMNZCPhB48+MQPAQYAEQvDbhO2IEOs34x38r8RnM72fYQjobM361X4jf3y6dhYAhbOkxoUqLN329+vd0OAsBP2j8mREIDgIsAILTFnwnjIBL/C8hZO9aN2TvuHnZzyJW3wx44xHxK4Egfn87dRYCJnYNPCZJ6uLNN4V/R4fX1yPE8HAOMeyHjj8zAv2JAAuA/kSfr80I5BFwTP0FxF87L/E5ZOaZgZ/PdIg/gzV+qcxr/L1tDU8ISPARiDg+ApR34HGkGVzcclP1b6h4FgK9BZnPZwRKhwALgNJhySUxAt1GoL5+DSLy1UvejH/8guTnLcumJD1fA/HLCMaDPwNO/P5adxYClGr4u7IsFm2aHXuRDichIElrUe8GJzmRvwj+zAgwAuVHgAVA+THmKzACnRBwiR8UmCfAsfOSR0kCxG87xC9c4pfg1Q+i7Ok+/k5X7eMvHCHgLGV4FgGqyXclWyzaclPs13Q3fhz6+A75cozAoEaABcCgbn6ufF8j4DeB185NjhSy3YgHsUENx0D8SMwnicomfj+o7ULAhhCISUY2aWP74BrbEota5sRa6XD/Eoi/CP7MCDACpUeABUDpMeUSGYFOCPiJf9yC5CjbNfU3OKQ4EInfj4JfCDh1ltYILA1snh3bRoezEPCDxp8ZgfIhwAKgfNhyyYxAJ6e3sXNTo2HWn4l1/SmDhvj9/WCXQkCsw9JA05Y5VVvpcBYCftD4MyNQegRYAJQeUy6REehE/OPn7jjaFmoj9vFPzkfRI5QQZ1+SK3aNv7ft7AgBiRwEFXdpIAVtJK0XtrFo05yhz1PxLAR6CzKfzwjsHgEWALvHhn9hBLqNQCdT//zUMbZlzhSyMlFxE+pQmfB8Jy94fvxcgCn5oOMs6AgBJ4OhZW4EZk2bb6x6jo5hIeAixf8yAqVEgEegUqLJZQ1aBPzEXzd/53FIxAfnPjFBCUXJ8Y2woS1vIH5+7QEBByM4REpmLg3jiP0EEhIuar5xyC/pHBYCe0COf2IEuokAC4BuAsaHMwKFCFCo27Uvg6figkzZ0vi56eMtYWDGr56uaBEm/kKwuvd3hxDQM5TZ+PuyrTZtmhP9hVNM3Jbrj0DExAY3YmL3iuajGQFGgBBgAcD9gBHoAQJ+4h83P32CbVtk6v+KooUlI5fE5NVd3+5B8XxKBwKOn4QaiglTRxZiy/yBEDKWBqLPOoewEOhAiv9iBLqJAAuAbgLGhw9uBPzEXze/7UTZFjMlWf0SE39Z+0aREJAs40eWsJuab6x5xrkqC4Gygs+FD0wEWAAMzHblWpUYAT/xj78tXWsJOPcp2mmKFnKC2+CSjkd7iS/NxRUjQEsDMgVNMvWcZJv6U7KtNG26OdriHMZCoBgt/sQI7AEBFgB7AId/YgQc4q8HsQtsUMNr7G1tY20hZsqq9kVZDUkmotrhayb+vu8qjhBQIAQsIweDgP4TYdtNW26u2eLcim2L+rWSzD4Cfd8wfMXKQYAFQOW0Fd9pHyLgJ/66eYlxyM43U1K0U5j4+7Ah9n6pIiEgmfpPocaamm+q3uycykJg7wjyEYMWARYAg7bpueK7QsBP/OPmJU7CFH+mrIROEqrGM/5dgRaM79qFgG3okmXmfobBrWnzTdU/c26PhUAwWonvIlAIsAAIVHPwzfQXAn7iH3tb4mSE6pmpKKHxWOdn4u+vhun+dTuEgKlLppnbhI2CWBqoftopioVA9xHlMwYsAiwABmzTcsW6goCf+Gtv2/FFWVEw4w+PFYrKxN8VEIN5TIEQMGARyG6xTLOp5eahP3Ful4VAMFuN76pPEWAB0Kdw88WCgoBD/A3kvJd37puXPBXheeHcF65DEB/JyiUtmP7JwY8j9wWl0Xp2HyYGOSGHYjKCCcFZMNuMj01bbor92C0OzoJr2FmwZ9DyWZWOAAuASm9Bvv9uIeAn/rp5yS8hJw2IP3Iigvgw8XcLzYo6uEAImBACmWdsCIHmm2I/cmvBQqCiWpNvtiQIsAAoCYxcSNAR8BP/uNuSX7Zlh/i/QMRvYsaPOvCMP+gN2fv7o6UBoTgWAUcI/FxYomnzzbEfukWzEOg9xFxCpSDAAqBSWorvs0cIuMTfES8eSXpOF7bcKGvRExBSlom/R6gOiJM6hIBtSZaeftYWFiUd+r5XO3/f8b7nd0ZgoCDAAmCgtCTXowgB/+A9fm7yDEtYM2Wt6jgm/iKoBvsHnxBI/VK2ZSQdij3pAePvS973/M4IVDoCLAAqvQX5/osQ8A/WY+funAiDbyMy8x0LVzCe8RehxR8KEGgXAsg4hHhCmV8hzvCiLXOGbPSO8fct73t+ZwQqFQEWAJXacnzfhQjAk9suCvuKJD2ThCQ3Kmr0GITxdYkf3n74j736C5Hjv4sRQFdBH3F8BCTblkwj/RySOmJpoGaDd2BeCHg+I97X/M4IVBwCLAAqrsn4hjsQsEVtvEVpidcZ3nfj5rdNwRZvzPirxlCyazOXQhx/Jn4PH37vIgLtQqBKRu+BRSD1AtJBLNp8Y806r4TaeLPaEq+F5cDdSup9z++MQKUgwAKgUlqK77MAgc7EP3Zuqh7jcKMSio6mA5n4C+DiP3uOQKEQcPpVeqtkCywNVK31CmUh4CHB75WGAAuASmuxQX2/nYm/dm7bV4UQjWooNpJ28Zl6GjMyTNnY1D+oe0rJK09CAKYkRYtiCUlIRi7Zatv2opY5Nd/zrsVCwEOC3ysFARYAldJSg/o+fcQPG/+4+YmvYqkWM/7YCHetNkVOXEz8g7qf9EHlHSGA8JBqlZL3LdmOFSYsDVR/z0sZzUKgD9qBL1ESBFgAlARGLqQ8CPiIP27LdVrya7ItNcrh2Oc7iB/d2LbZua88jcCl7goBQbElYGbKCwErm3zREtKiZj32XSkuyEFQYiGwK+D4uyAhwAIgSK3B95JHoJj44yD+Z8PJMxG5vxEx3T/XTvwwAeAEmWFjBPoRAcfJtF0I5JK/QY9cdEI29nichUA/NgtfuisIsADoCkp8TB8hQMQvwatfOF79tN3q7VeSZ2FAnQFT/5G25URsI1M/E38ftQhfpssIONsCEWFSEbITb+K3EKyL9/t47DtrG9xIlLVxG7sGHF8CCjnNL0ag3xFgAdDvTcA3AFNqEfHTQCm05FnonDOUcOyzTPxl6yOOqRqlsxWldBAXC4Fs8ndg+8W2HvuOJ2xZCJQObC6pdwiwAOgdfnx2rxAoJv4Rl7VqQw/95NmY30/HjP8zTPy9AndPJztma1klj3YJmfGwc4KXU/aEV09+KxYCueTvgfGSHX/742Pb7xmpU4EsBHoCK59TSgRYAJQSTS6riwj4iH+VrQ19O3kOTKYzlEhsOBN/F2Hs/mHtpCTDTG1kk9upCDUcG2Hx8kr30ezaGe2YO0sDmeRLsLcs3rFf7NHtUwULga5hyEeVCQEWAGUClovdFQLFxF8ft0PvhFLnYj/1dJj6j2Di3xVmJfmumITazdLbvkOlC20UL7eUBOY9FuJvg5cRv2LJvrmqR9bGRY7OZIvAHvHjH8uAAAuAMoDKRfoRKCb+U6+xw9n3p84Ttn09iP9TloW87HqGnfv8sPX+s0M6TvCavGOasJVF+x4eedxzTPMuQQ6X77yaOdMWJsVWOFKCRcANqsQOlx5GJXrPC4GIIsuKZGaT/2cLsTT8n6qHf7xSZOkaLARKhDQXs1cEWADsFSI+oOcIFBN/bfz1iNAOBPFb09VI9ScsE8RvMPH3HN/dnlm0Nc3Mpl4Uir1411vTiHA68inE81subVPAAbOqI9YC+wjsFuwe/uAKARVCQFEkI5P4ky3kJbb+xsMt8cMyVCYLgR4iy6d1GQEWAF2Gig/sOgI+4n/Ajsj/SlyAueT1arj640z8XUeyW0f6gtOYueSvJexJ3/J1BKdBJhsqa/fBaajNOoQAYi2Isd9Kfo1iL8AicFR77AUyCHDQpW41y14OLhYC2cQrcBZcan2g+sGWCwULgb2Axz/3DgEWAL3Dj88uQqCY+I9ZYkejmdQFyK9+PWb8h1sGz/iL4CrVh92Fp70J4Wnzmep2T/z+m/AJAWzRHDePwy77USrD5w4hoDoWgVclIS9NR6oefG66SNP12CJQBtQHeZEsAAZ5ByhJ9TFbrL21I4DPV+J2VUpLXYgp53VqpOpjTPwlQblzIb4ENUhZuw3e/ItLk6DGLwRAQEi8hN0DM5BqeRSFweXES52bpATf+IRA6s8YpJdV6VUP/CAuUlS+IwRuQUChvFWnBNfkIgYpAiwABmnDl6TaPuI/uem/MSMXuwhxZa4F8X/UMgys8WfZua8kYBcUQsSPNXklhFz1eJm5cqao7SwEOPVyQVuU78+8EAgrsqrCRyD1F0RsWK6GkqufnnlQki7LQqB84A+WklkADJaWLmU9fcSPgahaUdMX2cIm4v+IS/w5hPO1iaA4ylypsC8kfphXMAN/QQgLmehq1nmX6Lqp3zujq++dhcC4+W1TbFtuxC6DMeQaYOZSjvMhxAknZuoqrHs/DkJAWLIaUvNC4DVhi+WmEV2NyIIJOp2FwN5B5CN2jQALgF3jwt/uCgEf8R+38M2asB69GIM/iD/2YSb+XYFWgu/aiT8mkzOeoSefx/y/qfnGqg1e6bSNz7+1z/ut1O/+a9XNT02SbHOmqsWOzqfIZSFQatAx/S8WAsm/Qmgtz2rp+38564A2uhwLgdKDPtBLZAEw0Fu4FPXzEf+p8beHZNTwJUJI00D8h+ZN/ZTAh2f8pcDbK6OI+GlffuZXINpFW+YM2egd4idj7/u+ePdfe+zcnRMhTGARiBwLBzZYBJIsBErfELQ0AItAOG8RSP4NmnBFxMje9+P4fjvpciwESg/6QC2RBcBAbdlS1MtH/OO/9c5Q2wxdAuszEf+HLB1r/GaWib8UWBeX4fhNYPudbNuUATH1S9mWmzbNiT3pHeYnX+/7/nj338v4uckzLGHNlLWq44QnBMhrUOKlgRK2jysEFAgBjXwEkn/HYL5CKLn7Nn193x10HRYCJUR7gBbFAmCANmyvquUj/tr4u8OEpl2KMq/RIrEPWroO4s8Z6DwyRnVe4+8V2EUnFxE/vPp/gV18MPUP+b53lJ9sve+D8O6/t7r5O0/HLsKZ2DVwPAuB8rQQnkELz6AlK/AR0DRJzyT/gSuttHX93pb4Pu/RVVkIlAf7gVAqC4CB0IqlqoOP+I9f8N4+YVu9FCbGazDjP4SJv1RAdyqng/gpLLKRfhaE+e3NN8Z+6B5pi/o1ktxXa/yd7q6bX7hCwFmzplm/NG5+8suwZNyA7IMnCAp/S0sDbBHoJqp7PtwvBGAR+CeW6FZmhXHvL2YPe5fOZiGwZwwH468sAAZjq/vr7CP+Ly2w90nbyakw2l4N4v8AE78fsJJ9NvEACplM/Q7xZ57B7r6m5ptiP3KvUFnE70fFLwTq5iW/JCR7pqxGTiQhYEEIQCGQSOBdA37wevh5F0LgX3DSvT0qYqt+NFuwEOghrgP1NBYAA7Vlu1IvH/GfssTe10i1XW7L8lVIEXswE39XQOzRMQXEb8C5L9sCU3lT882xp9zSKpv4/Yh0EgK3JU/D0gaWBsK1QlZZCPgBK8HnTkIgm/y3sKw71Kqau386XbxDl2CLQAmArvAiWABUeAP26PZ9xF8b37m/rCmY8dtXq9HYQSbW+G1e4+8RtHs5ySX+MGb8puNAuQVm2qbNs6t/4pyHdqlfWzmm/r3UtdPPjhCox9JAPoLduAWJL2J5aaashMcKBUIgyxaBTqD18gtPCCBqlKrAR8BIJ/8L/G+3dHNVS3zIW1Q8C4FeglzBp7MAqODG6/at+4j/hPltB6i2dDkCi1zpEn8OxK+zc1+3gd3rCbTGD56LCYf4jexm2L1h6q/+qXPmACd+Pzp+IVA3L3EKBiIsDYTHkRBAilxaFiA/AV4a8IPXw88dQkCDEAg5QgCBu+7Ew373szfWvEnFshDoIbgVfBoLgApuvC7fuo/4TwXxZ23pSiw/X4E1/veZukf8Al79TvS+LhfNB+4RgQ7iN3TJNLKbZCG+vfmm6p85Zw0y4vcj5RcCSDp0kmXbNyhqeLxQNRYCfsBK8FkgqiCecUsoeSGQSf4Pbhh3hYV0549ZCJQA4coqggVAZbVX9+42HpdrpVtkhAylvfoSBtj3wcnsCqy/XoE1/gM94sdPNNPivkAgleZVRPyWlXtahql/0+zqTU7xg5z4/RD7hcD4BYnxYKmZshw6mYWAH62SfSYri9kuBLLJN+CHchecNO+CQIUoyFsEpFstKR4nawy/BiACPOgPwEaV4rZcC5OzR/y18cRBimZfCfK/HDP+A8wcZvwUxYeJv9St3078lpGjYP0/xchJpv7NzoWY+PeIt18IYGlgHIJMzJQU7RTEwmeLwB7R6/GPrhBANCElhKWBTPJNiIC7TV3c2RKv/i+V6iwN0JJMXLAQ6DHMwTyRBUAw26Vnd+Uj/hPmJd+vSdZVmNxPBfHvb+ayIH6k6GPi7xm+uz/LIX5YVYQJ4sc6/4+FZDVtvqmm2TkFlpj6I24RQdvHH0d/ofuLB2xgd4TAy7fa3sxz3Ly2OluSZ8I/4FQFQsBgH4Hd98Se/5IXAiqEQJiEABwE7VW6JN/x7E2x/1CxLAR6Dm5Qz2QBENSW6c59+Yj/pHjyYEOVroKzNRH/fkz83QGzW8d2EL8OcWUaTyF2b9Omm2tanFLQLvVHSIEk/iNukUSDEHT/0hrbVl6+VbKDKQQQJyAvUMbf1lZrCUFC4DRsIWQh4HSykv/jFwJvw3C1SjWkO34Wj/2brsZCoOSY91uBLAD6DfoSXNhH/GPnvvUBSYpcDe/eqVqkeh8m/hJgvOsiTHhMwCqNGT8Rv238ED7+TVu+Hv25c3hQiR+5e6WWFjleV+f4hGxstT9q2Vl78qjIa3Tf8WZblZ6RrKALgbHfSn8BsahnCqF+2RECOewasHnXwK67ao+/LRICeibxLnYLrZKkzO1b5uz/LyqVhUCPsQ3MiSwAAtMU3bgRh/hbsMbvDuS1C1OHyIZ1NUq4DDN+Jv5uQNnNQwuIP4PlFPMHQsDUf+OQZ51yAkz8R2AdyJvxb3zO/rCtGddAuVB+B7iG2PcgKsHKhpHRv1M94s3NqlRba8VROadeAfnHXRrosAiMm7/zBGiamYgq+BVkIJQMFgLlaKkiIYClAYomeI+lyre3zKr6J12wNt6stki17CNQDvTLXCYLgDIDXNLifcR/8tzUB01hXYMn9FIQ/zCe8ZcU7cLCyFSO3WkxSskLdyjrSRNpeVvmDPkFHURr6S8F0dQPdiwk/vXb7I8IoV8LCr0oVqNVp52Q/JIUjclSsk2nVLL3C8NcMfGY6F+pXs7SAARCEIXA8Jc7lixq5+48XkEaYkmWz3CEQDZJt++0Gf3Br5Ig4BcC74E87lVseeXTc6r+QVdgIVASnPu0EBYAfQp3Dy/mI/7x30p/yDLNaSjtEhD/UDPnzEbZua+H8O7htHbiN3JpUKH5hGTD1D+n6ld0jkP8L2GNf627lr6Hcvr0p7iP+J/cbn/MtPTrcBMXgviriPgtC6EIXWdQujdTVhQ1WkVCwGiDRWC1oWnLG44Ur9OPgRUC9bYyfHiHEBg7N3WsJMyZklAmqKEo+Qg4dcM/HFCIkCjNKy8EFDgLwuqSSVLq4fvQf1Zs+rprQWIhUBqg+6IUFgB9gXJPr+Ej/rFz04cK2ZyG8KlE/EOY+HsK7J7Oo/HNIXRnxu8Sv71BCLFo841Vz9GZQSV+G8S/tsDUv2Zb5hOqJBPxnw/ij6aTyDRoWR7x+599Z2CXZQgBWAQSbXpSFvJqSTKWTxwZ+QvVu1KEwLj5qWOARSNC3k4qFgI2hIC/2lQzfvUAAb8Q2Imw1vfZlrJiy5zo36g8FgI9QLWPT+GnoY8B79LlfMRfuyD9YQSPh+nWvliNVNcw8XcJxe4dhM3P+I/WvBWIK8weU4BbWg8HP5j6hz5PhQWa+Ndijb/BtURs2J79FIK6XI/6nAfiD6dA/Pbuid+PU5EQwNJACgP7g6ZhLZtydORVOrhShEDt3B1Hw1GwEfc/WQ1X0WyVbt/x4wA2PPYRGr1/+YRAAhYkcT9CDS5vme0uJbEQ6D3I5SqBH4JyIduDcv1rySc3pQ/TdeM6gTVbEH81E38PQN3bKQ7xE3HaqkP8mRTOsNblTf1b6fRKIf7v/yY73NDFdNzyObFqLeQQPwI/4DOZwLv7rOeFgAyLgEI+AlgDkR6SNG3ppM+JV/B3xQgBLA2MdpYGJHmKGvGEAKJjClgEWAhQU5bi5RcCCVtIqzVNXfb0zOjrdAFy4iz03SjFRbmM3iHQ3UGhd1fjs3eJgJ/4x9723kclWbsWpATij8XMLNb4KYtMzwbyXV5z0H/Zifid2eEaIcPUPzu2jfCpFOJf93z2s7IsTcfM6ywQv5ZKGugvdqn6S35gl9UqVwhg36P0sCZrS74yUvyRcFqDgb2+HjaHoO0a8PkIjFuQHGVbWBqQpAZX7FGbsxCgNizhy+0vCNaghB0fAYAsVkuWvnzLzcOcpSQWAiVEu5dFsQDoJYC9Od1P/LULdnxMWPJ1SNhxIQaoKjObxkDe4xlcb25t4J7rJ35ElcNDsMa0BEz9sVaqeH39GsyY66WgOfcR0dL9eab+jVtzn8PNzwAhnwlTv1Ji4qdLFb7yAzuEQLVjEcjhi0cUxV4y4ajwy3RgkIWAJK1FezaQU6dUOzc5UpHtRtx/A0VvdJcGWAgQNiV8tfcXJQyHzEwyhTW2B2zZWtYye+if6TosBEqIdg+LYgHQQ+B6c5qf+E+6bcfhlqxehweEiD/KxN8bdHdzrp/4MwgeI6TvYtq6uHl2bDud5RI/qCJPFLspqc+/9hPr+tbcUcJ1cvtqVUyT0/kZPx5mBaNuuZ/p/MAuYBFQpURC13HBR2GtWjJpVPgPBI7/fvscsN1c0N++dQuSI4AjCaiv4bljIbAb3Hr5tV8IpDHBeUC2jGU/u3mo41PCQqCXCPfi9HIPFr24tYF3qp/4Ecjk4wizeT3y9pyPtUkm/nI0eTvxS1jjd9Z/ydHvuzJM/Ztmx16kS9bDVFw4QyzHbfSkTD+Rrt+aG4WsgjMwojZUVWsildCJ7R1Tfx8Qv78KRUIgmUByKSE9Zhn2kilHh39HB/vv319Af332W3jGL0h+3nKXBkgIyIbjBwJc2UeglE3kEwIp+JRYDyFc+VIE0nJ8SlgIlBLurpXFAqBrOPXqKD/x1y3MfEI29OlIcHIeSCliwNRPWXowgLJTUq+QLjjZIX4KBiPaiR/r4o9jxr+o5abq39CRQSb+l7Gm7gXgeaI1N8a0RSOqNAXEL7UTP/oLdir09zPcLgSisAjg3sjM/jgcVxdPHB1ycCYhQAKrocE1wRe0Ur/+6RcCtfMSnyPLCnwZzuwQAvCl4OeydO3kPZdCVlVnaSCVQeKshy1VW9I8K/InuhALgdLBvbeS+nvw2Nv9VfTvfuL/wm1tn1KFdD2ctUD8sTATfxmat32AAfG7W7+wB076jm1Ji5u/Uf1buiIRf2EAmTLcRY+KJKIsIv6t+rEwVzTCMXEieeK7xO+uVQeA+IvqiIEEt4T88th3lxcCFkTAdy1TWjz5mNCv6WBXCHT4MBQV0I8fnOe0IKBT3TcTRwoZvhVCOgvPqUJbQlE7FgKlbKP259QTAklKqvGwYUtLf35zzf/RpVgIlBLwXZfFAmDXuPTqWz/xj5vfdoRlienYj3wuBpQQE3+v4N31ye0DSjvxG3CQe0y2pSWbb6p2TNJBHVAc4i8Ibbv2hfQJiiw3yrJ6eiQqS6mkDgKi/es0kw72I4s+TvEUTIgBOAs61gqyEHzPggCbMibkOFk6AYsK4hbsukH7/ttOz+28xGctIU2HkDkbz63KQqAMbdL+3LYLgRyU5COybC/ZfGON41wa1Oe2DGj0eZHBHk36HI7eXdA/gNR9s224rAiY+h3i13gA6R2+uzy7fQBpJ36wJdaiJXtxy001jlNaUAcQl/hvRRreOPklSBu26ifawpqpKtqXQhEhZVI6NoEgOBGZoCvstQshgBrYa+EAtmjiqJATX6FShEDtvLZPy5KYgQqQEODnuBx9cRfPMcjpEcu0lzR/o+YlumRQn+NywNFXZbIAKAHSfuI/GQMG7IU8YJQA290WsYsBAzPPR7HPG6b+YA8YFEmvHh5QMJfT7FjasF0fKyyrEfmFTw2FJSmd1N2ohBVI/P72coWAgEXAdi0Czo4FaT1sBIsmHx1yIyxS7oIKsAiQoMdyDC0NnMNCwN/SJfq8q+cagl6FoH864IK+RAj0aTEsAHoBt5/4x7HJsBdodvHU9gGi8kyGnYh/W+Yk7NxrVDX1ZC00sIjf35okBDxrBi0NUF4CiIKNsiUtmjBac5MrVYgQ4CU9f+uW4XP7c95u2auYJb0yoFG2IlkA9ABah/jZaagHyPXilPYBoZ34s3CmfFg2raWbAu405Cf+ddv1U2TTnqmFtHGqBuKHqR9sWJGm/u63KIweNkIvw7qBGAZSJk2ZCa0n8XnRpJGam165QoTAeDj1WoqMnAs2O/V2vyN07Yz2575dCFSMU2/XKti/R7EA6Ab+vG2oG2CV6tD2AcAjfto2JD1sCnNpy41DnFC0QV0bJOJvgKkfQsUx9T+xzTgNdEfEX6uqRPwUTE84CYhKBVdFlQNnQXjby9EqTWQz+GDoP8TW2KbJo7WfUz1IaB9xREeSo6DUzW/5q52/85OKrVyPxuRtveVqJG8cqMBtveWCpBTlsgDoAop+4ufAIV0ArfeHEGliW5mMmOJOKNEMyPJBIRQEDokEOnCIQ/zCzcxHMKzbmvmKLJTGUFj9ggx3vkxah48i/nNzO9Ahg/vl7HCAEIhpIgchYJj6U9AFTRNHaS0EDJwkIQRuac92GBSw/EJg3PwMAnuZCOxlXwAfgQhH9CxDSzlCwHm22uN74CoVEdirDGj0ukgWAHuA0CX+jtCwHDp0D2CV7ic/8SNKknhQsZSlP7vZTUcbzBm/LdZg+tpQSPyt2QkyAviEwtpxSNbjEj9t6GPi33VvKRACehYhDo3cTyRZbpo0QttCJ2DXgFi7Fhjn0x7vupC+/9YvBE66LXO4KbcLAY7wWY4maRcCXhbPygntXQ44elomC4BdIOcPFHMSkodYTvIQgeQhVRwzfBeYleArP/GnKGa4KStIHhIJcPIQW8SbW5R4XR2F5HVeG7Yak2DZbwxHtGPg/MbE7wHT1fdCIZCDENCNp2EMWjRpVORnVIQjBBA/u1BsdbXoch7nFwK1CzIfUyzTy/HByb3KAb5fCGRTCP9hr5GR3Otn+eReTrsU+GyV4zYqtUwWAAUt5yf+sXN3jMYMpBFOS/Uw6VFGKxzNWcMKICvFn3ni99KHppJwCHtAMpVlW26OBDh9KBG/BOJHf8i/NrQaCODrEP9oIv40TP144xm/B1D33ymssOMjoCO6g5HTN1u21TRlTOSnVFSlCIGxt2U+KinmdegJSPZVxem9u98P9n6GXwjQWC3stfAwXbRlzlAn7gQLgc4wsgAAJn7ir/vmjjFIZ015w6fkE8jgTyb+zt2nV9/4iT9hC3u1ItTlm2ZHXqOSA2nqhxk63tJB/ERCG180vyqZVmMkqo2geLiZDBN/r3pG55PbhYABuZXL6c2uj4D6Yzq0UoTA+AWZj5i2ca2wxUUYV6rNbAb3bpKApEBPPBZTY/b21UkIIIwz3HAA86Lmbwx9gT6wECAU3Neg7nR+4h8/N3W0JcyZkpAn5ePIE0q0ZUmGeh/UWOX7SyneXOKXMeMPRSQjnUgA2fsNS13+85ujr9MFKoH4KYqf+uHc1xDMZ0a4Svs89rhL2YyTCIeqUHGR++imK+BFz6KA0JKJNvWc/owi5KYzRqo/cu+9sx9GEOrkXxr4wm3pw1TZuBZjysVqtLrazEEIWCwEStpWjhDADhw8i4711snnYG2QbaVp05wqNwAVdpm8NMiXBgYlqfmJf+zcncdiqxaygCkTlRA8zrNk6qdMcjyQExAlehUTfybRhknPfZasrGiZHf0rXaM23qy2SLWWFHe2xpXosr0rhmaXLS2SUpc39Tc32+q71fpZIKLpIKIjPeJH5cjqD1c/fvUBAu1CAMmGyCLwrAwhMGGE+gPv2v6dGN73/foOwqmVWuSWuOsvUrsg/WHZMqfBhnGJGqmuYSFQttZxxnI1HJPMXJqsLhvxD5YGhrgBqAaxEBhUAsBP/HXzdx6H9f2ZslDPcGajTPzleAL9xL8TJtD7bElZsWVO9G90wUog/tZWW/u7pZ9DxI996582MbfIYcbPxF+OLtPlMmlgdywCSDYk5bL6L5GCcNGUkeEnvBIqQQiMnZs+VEjmNCyBkRAYwkLAa72SvxcIgYxk2QYCUNlNzTcO+SVdaTAuDQwKAeA3KY+fmz7eQtIVIcunKxrM0NkEmt/ZW8qm29I9cz7iT+4Aed6rWvKKp+dU/YMuUwnE/9RTdji9n34upvfXR6u1I8hQC6Jh4i9dPylFSe1CgHwwsBTzHM3wJo0Ob/AKd4UAmYTdoEze9/367rMInDw39UFDtqZhaeBSmK2HshAoW+ugv2AJL1wtmTotv1jfl20ZSwNRNxIlWQQQgGptwLablgONAS0AiPjXIs2qZ1IeO7ftCxgAZsLB78uKFoZXMfaOUghWNvWXsm/liV/FGj8wziTfQye711TlFS2zqv5JF6oE4m9+3Y6885Z+Pu79OgSo+aRD/DTjxxo0vmNTfyl7TOnKcoRZFD4CeWdMOH0h6dCo8DrvEvHmZjVeVwsCCK4QqF2YOkQxrWtQh8sgBIaZuSxIitwf2VnQa8cSvTv+XWooJkwEnoCj4A/RX5q2zKn5uVM+hED9ABcCA1IA+Im/bn7biQjIMlOS1S8x8Zfo0elcjJ/438Uh91hq9vaWWfvlid/GGj8EV4DX+Fe1/rtqf2v/C4j4kbTmcMfrnIm/c2sH+xtHCJCzIN1mNq1vg7Vv0cQR6hrvtuPw5YjXkZ9P0ISABB8Bd2tp7cK3D5GN8NW4ZxIC+7AQ8Fqv5O9FQkCyjB9ZQsHSQPQZ50oDWAgMKAHgJ/5x89rq4LwPU792qox0a2YWM34iIJ7xl/IJ8hP/O7Cq3IPNcLdvmbP/v+hCtfHgE/9Pf2vHEnr2IvgnXFtVHfqojgA0Okz9WLagZ4Rn/KXsMX1XFi0NSAjIpJDZBtsztwvbXjxhZOi7XipmRwjU0k6f4AqBkxYmDzZ1+xr0RBIC+7IQKFsHov4iw1kQFoEcrC76j7GZoGnzTTXNzhUHoBAYEALAIf56EHv+IR57W9tYodCMX/sicqwz8ZfnefET/9sYXFfJhnzHz+Kxf9MlK4H4n/yFXWOEsxdjJjgtVh06jIm/PJ2ln0vtEAKQctmU/iJ2dyyeOCr0OIQATQikihAC8eTBlmpdZQsxFUJgPxYCZetVjhBQIAQsAzMBS/+JbWJp4OaaLc4VsTOoHiGpB4KPwIAQAF43GH9bYjxCr80UauhkGXlWecbvIVPSdz/xv4V1s1WWJm5vuaH6v3SlSiD+Na32UMXKXgICuAYz/kOJ+BFpzkDlaLbPM/6SdplgFIa2dSIzOhYBtHAmqf8WyaYW6yOV73hhhWmbZy0sAp6FIBB3jplnLfpk+9LAtxMHybqNpQFHCOzPQqBsrVQgBHTJNnJPy7bUtOnm6k1lu2IfF1zxAuDUa14NGwcdcrxhm42KGvqiYOIvVxfKE78G574QOfe9CfPY3aYu7myJVw7xb3zRHgZVfxks+1fHqrUPwr8KseZB/G6wJyb+cvWeAJVbKAQoSVM6pf8eDndL3pK1x6aOFAg6LEkVIQTiiYMUzb4Sy5yXwyJwgJlzzNbsLFj6vlYkBCwr9xPFlBZrQ2PP/niawAhSua/KFQBIEYqNm1bd/MR0LRxbLGvYntWWpIai/0OV2ySBu3OX+BUQP/woECTpDcROuAvkf9fmm6r/R3frzvhvhXNf3DGnBqEG/gA+a35l76uoualwBrsqVq1+AFFYHeLHuipFeWTiD0Kj9fE9eEIA2RoVRZWkVEJ/Cb4CS4zXtUeRcRA2oaAKgbhcK93SbhEYNy/xPoiAK+DPeAXWrw901q9NnYUANWDJXjQMOn1CCdfEFBMyUU8nrm2eU7NCgoUmSI7N3aly5QqAfC1PXWGHM23JWjy4N8hqZCyi+SHaUxL+ABjWEW2mO2DwsR0IYIZsAUA4w+aJP514A5jeqerSXU/Ha96gIx3ivyVYDlR+4v9Bq72/YeUuxwz/ylhN6P1M/B1tzH+5CPiFQCalvwwluzT6hvbIaae5M7xAWgSwFl17q6R4SwMnx9sONDTpCox7VyLEcLsQwLMMyzVIil89QwBRmoCpUEIxGdsxsRSQ/alt2d/ecWD1s9unuhajnhXc/2dVvAAohBAhfb+CZpqlaNHjQFYI8pByGg7HcOcvBGoPfwM2ED/WSj3izyT+hwnyHYaw7n72xpo36dQgEn8cKvzEEyXZC9m74bf2gSJnXIG6XBGrUd/HxL+HRuefHAScfg+mDGHXAFkEsDTwRywNLNs3oT2EfgWbUUAtAj4hcML8tgNUW75cSNZViCz4Ps8igGcbQoDHwi5390Lit0ElRqYFvLJw8+zqn3S5jIAfOCAEQKddAHN3ToTonQXFNgYRwVwhAPsN2oKFwG46pJ/4zUzqPxgs7rB0c1VLfAgc/SqD+NdstQ9SpNyVcOK6PFajHZBJQwgioTxan039u2l7/roYgUIhoNLSQFJ/BZsEl+mG9mDDsQI9qjKEQG185/6ypkzFs32VEql6PwuB4nbe7SdBUWFhPtaqFLyBP5K/hLPotzbfGEOgILx4F8BuoevXHxwh0ED7/N09vWPnpuphySYhgDStFnZzpMk/gIVAQSt1EH8Ia/yapGeS/0HQpNsl2Vy1+cYhb9OhlTDjf/LX2Ctthq7C0zkVxL9fO/Fz9LSC1uY/u4mABQKwNfgIwP1FSib0P+N5WZZ4550HzzvlICdjWCUsDYybv3M/yVKmIk/C1VokBiEAj3YzZ6AubBEo7hDkw2Q7xI81ZSuXet6Z8d8Yc3NLDCDi96pNZDjgXq4QcGL7O3Wrm5c4C5LgBiUSQ/Y2FgIEikf8shJSZRA/vPr/jS9Xajnznp/Gh75DxwSV+CWY+uP57Hzrn08dIhSFtkRdBuLfJ5OCxcfksKnUfvwqGQI+IZB7DTEvlhvJnasb6g6kRCLB3DXgWxo4Jb5jXz2kXAZRcw12DRxsQQhYLASo+fLEH1VgOSYfsu3ujL9qHf0ITSDq1wyMff9ufTr+HZACwKteoRCgNeJntOQ5qPBMBHj4tG2aiPiYGXQWgV0QP6L1WStzsnXPL2YPo/C9wSR+G05MLS0gfjeV6prW9IdUSUa8dHFpdY02lInf6/X8XkYEKI6ApYY0lSwC6YT+OphjhZrV7j/jeIH01pUhBI5f8N4+IUu+DMaxq9VI1SGDWAg4xC9rUQW7gyQrm/wNVoy/vWVO9eNeHyrkEO+7gfQ+oAWA21DwlI23wFM2n4MbYWmFljoPmwRmYsvMJy1kecG+cGyZcbxkB6yPgJ/4scb/D0xrVtq6fm9LfJ/3CKtAzvhB/Edgeu8Fatn4XPrDtqogh7p0MWb8Q9IpWHQw5cdn2vExCPozalmalyd+4d+M/3grZHdQLRIC2D74N0QhXWFIbfc3jNx3BxVUCUsDtfF3hwlNuxSD3jWwjn5wEAkBl/jViALrIQWM+wPshk0n6kMejefzlAx04vc6+yAaMIuFAAUQyr3/oAtg3ZmBzn84JduyjOyAWxfzEz/28f8dBq+Vspq7d9PX3cGqEoh//Tb7I0Lo14KoLgLxVzPxe49wt98d4qdEOZjtSBQIB5ZgjonQbRhxApaJ0R8tTdNUJL6Ej0AOaa7llUJV7534eeGI6koQAuO/9c5Qywpdihpdg0nRhwawEADxCwvB/lUZxI+x8P+gfhfZetXD3lZKJ1NpvBbPSIByQ/Skb3bxnEEkADxESAh07J09Zsk/otHUsIvREaZr0dhhA6jzk8p1OztcmY1M6m+2sFdEctn7fhzfbyehUQnE/+R2+2OmpV+H270QxF+VRogHi8w2POOnJuzOqyNVLs7KZvTnQVZLEDfhcEz/rwO2B2Th327wjonuYOoemxcCKoRAGEIg0Zb7F0zKK0Mh9Z4vf1Y4y2qVIAROjb89JBMKX4KEWNOwNHCoNylCJckyWrHW0fZJEBG/MxYmXoXBa9H+etWDa+NuwKfBRvxeJx+EAsCrerEQOLnJjkERXgpVfz0cZApUcMUF0cirXDj3OZ09+Vc4tiyvVqL3f3+Wu04ZROIHEclrIbs9U/+abZlPYI2fiP98kFM0jSCPloUoHEz8Xgfu6nv7jJ8CPID4f4VID4smjwlv9ApwgiVJxuWWbV1VXRM6iGMmeMh0871QCERgEWgz/g0DwR3Cyq6aNMbdUVMJQuD0hXZNwkxfjDhg12Is/LArBCpvmbSd+NsdnROvYTfwklT0ndXPTf+gs53TGQvjFD12cMz4/T16EAsAD4piITAGKjgWCpOn7HXo/B/w9s7i6KCvMRcRP7bzvQ7JvtzUY/fDvOV4KgeW+NeC+BvcXRsbtmc/hWWZ64H/eSD+cArEj50bTPxed+36u5PKmEz9Foa3XFb/BWY9TZNHqd/3iiAyekZqkTzHyg0v7NzPlsPYN45wyTXqwSwEPKS6+e4TArAI/FcW0h2qFLr7KyOFE1OjEoQAxotqRUtejIHlWmwfPKxShEBn4k/9DXv3l2F5496nZwpn++ZgJ36vR7MA8JDwbZmpXWoPE8m2KzEYXqNGYwcFONEGmfptrGspefPWa1jbXW4b6dUtcXeLUiUQ//d/kx1u6GI66nIOkvSEHOKnuJvBF15eDwrKexHxY8b/c2FbTZPGRNwgJrjLNbateJYWuml/+OQf/s7eJ5czSAQjYZJ6SDafMAnWMQ6m1J1W9oSAiqWBqGMRQFRN6y6Ry9016Tg3nLYjwp6RLM/5rDvFl+1Y/1gYf6NaqNGLsDUeFoHqj+SXBhzLEu4hSEsDsHEhk6MXxTSb+iesXcuTRvaeFwqXPQfxjN/fZ1gA+BHxdX4KooHEAldhXQxbZijjVhYz0kDsM/cT/18wYEPlJh94eqYbpKQSiH/d89nPwhFtOryozwLxa6kkYm3bNhO/v1/u/TMGZFuOVoUE9U49ZzRbkrloyqjIU3QqkTyWWORC4vcX6RcCG5vhJV5TfQmWBqbFqkOcOdEPWFc/54WAAiEQgRBItOlvCmHfpYRDd57xGeEk1KoEIXBy03+xTBq7EEIQ1tHqjwZICLjEL+czlaaT/0XujxXY4XRXkHc4dbX7lPM4FgC7Q9cnBE5uQqKNrHQNDqdEG/uauQyEQL84o/mJ/8+2LC/dma16cHtcpKg6QST+NWtsJzGTZ+rfuDX3OQwk02GtOAumfoWJf3cdca/f00wMxK8JgzKU5fTNliKapozQfkpndoX4/VfwC4GnnreHZFTjEnT4aVXVoUN15Mkzckih7M7+gjQD9FclaJ8dovKEQKrNeAsWgVW2MO6YPDL2H7rZShACI+J21ZBw6gJhWfCXqv5YPwqBPPGrSFEepiimb0qyWCnb5p1BjmIapE7JAmBvreETAqfMS75fF2IaYmlegc4/tA+FQJ74IzD1YwtLJvEqCHRpOlL94HPT3fjkDvEHzLxFxF9fj1V9Iej+pfWtuaPAGDPw5H6tKqbJ6fyMHx1RwXfcH/fWH73fsXEZaMnRmCYcQtaNp2H9XDRpVORndEhPiN8r2nv3C4Enf/FmjRUaehFCyl4Li8BhdF09qztLDjiHhYAH3N7f80JAhUVASMmd+jtwNV4ly6HbzzhK/JtOD6QQwGNcvIPKjkYziQtgeSQhgK3UfRZcLU/8Cog/QlFM30YoizsV3bo9yJlK994t+v4IHnC7irlPCNQuTB0iGxa81O3L0PlrTOyhQr4BSjpDCSRKiWsH8bt7V/8EMl1q5qoegnOfk6GsIoh/a24UHKGI+BuqqjWB4CkEkmPqZ+LvaifEcQXEj9UoJDrK/cS0rUX1o6ObqZRSEL//bvxC4Ke/tWMJPXsRlsWuhUXgoywE/Ih1+bMrBBQIgSoh4Zl4F8PMPbap3z756Kp/UilxOGpKQfMR8AkBjD8RJZQ6H/3kejjafQKBucoVZdVP/O/hebgbE7IVz97kWlCcsfAWEseD06u/yz0vf2Apiaq7167M4xFSuBazHS9wxNi56UNt2ZgubPliPMVYI8PuktIIAT/x/xG6Yqmtv/FwS/ywQBP/y5jxx/Mz/idac2NMWzRir/kUED8Nci7xQyjB/M/9r6tPQSHxZ/DBMn+EIW7RxFFaCxURj8flI464pX03RVeL7c5xfiGA7YNVOUu/AOHTr4M153BagshldDQ3hl+2CHQLWhxsIgexIwTgI7AD/HUvQpOtbBgZ/TsVFG9uhhCoDZazYCch8HpEaPsjyqogIYAoqyUSAhSnEl0e8flVBd6UsH62oYetshR5ecssVygx8Xenu3UcywNwBxbd+8snBMYvyHwEg/IM9NWL4CwYMbJYjidntu5bBFzi12Dql50wlRStakn4v/9+5McrD8ecL7/GH0BTfxHxb9WPRcieRgREmRiNqXniF8DDZuLvTk9ziV8BwUqZDNz6TOsHSEy+aPLo6M+pmDj64RFHdGyj7E7RPT3WLwSaX7cjO96xzkeAputxn58gJ0QWAj1C15nhIkqdGq2SEUdAp4Bd9yE93YrJR4m/UYmOEKiFEMgL7B5dpeQnFS8NUJTV7EEHn4uxcDryrnwK/QKZWHuQdyVP/IhjotI2CgQzwxY++z7k61u6ZU7UwcMhfulWCw+Cs8RY8qoN8AJZAPS2gR0h0CJ7uQawa+DjtiUaoVDPhxAIodPSFRzig4rdE9554ncTU5jZxMtQvEv2zVU90hGtylZbgkj8L2PGn4+hvfaF9AlQLo2yrJ4eicqUSx3PLJnkyAlwT9XvbUMMpPPBAzbiIkA8OsSPLNYYRJ909/Frv6SaxilHQkH8hP6ovV8IPPWqHc68q5+H+74evgmfIhdZxB9wIhCi5dlHoOuN5BcCbXiGVqu2ufz0MdHXqRjayvkyekmQhUB93A69E0qdi6VRCIHqI7qcibWd+BFUOVxFa/wZ9LXViqIt3jQ78hrV3yV+hGLOjzv0Hb+6jwCPyN3HbJdn0EzsJczE1uYD2oyb34YOT0JAOhdCQEUnxnnuDNgnBIqJP5N4CSF7l+zcv+aR7VMF2DPAM/6XbwXxu8p7w1b9RFtYM1VF+1IoIqRMSsdzjweULCD86hICsJvD1ClAmLZKyyWug6S0AQgumnSU9hwVEgTi91fGLwTWvGSH1JR+Do6bDiEwnIWAH7Euf3aFgAyLQAwWgYSRQBriBxDOfvnEkZG/UCmVIARGrLK1IW+1nQufkelKpHr4boWAR/wSiD/iEH8OywkPSsJcDK/+V6i+TsheqZaJn8AowWsACACsOAYojKNfCIz/ZuIzlirPRDCWs5F0SHaFAIWeBDVCwXupKDHj/wO+Wrzjb398bPs9I4NL/Jh51CPHABwRaXCSNryQHgszf6Oshk6lhCjppE7rdUz8BE4XXy7xSzRTdoif/CRgQVqLqDuLJ4wMvUDFgGTltf08499bdfxCYFWrre1v6WejftOxTfEzFqQuAhOxRWBvQHb+vVgItOkp+M88CLG99IwR4s90eEUIgctataGHfvJsjHzTlVDsMz4hQHVUMFmiGT+CgUiPyJrdtGlWzf9R/Sg73/ACSyN91/+vYHFPT/AYAAIgrwoDlsHJLwROmpf4HFh/Fhrpa1gXg58gOBIRcJCK8ncItLJEMmoe8xwLa5GyOHCmfj/xb8uchOe1UVXVkzUm/p48e+B4mvEXET+NKGsQs3/x5NGhbVRoJRC/v/IkBG5tkZR4HSxeeBE5aa36WSCtGbAIHOkJgfx5bCHyA7j7z3khIMMioJCPADyOpYeQj3DppDHCmSET1hDo7dtud19UX/5S7CNA45vQkmehr8/AWPhZbyy0skkLfeQxw5Kafv6N6t/THQaS+J0dYR0p5vsSyVJfq6IFAHWkNuk/oe3xgzsC4ARsjdwvBOoWJEfIlpob6rYAAEAASURBVHUz3AEOA/hN+/4m9vjatW4c/Eog/nXb9VNk056phbRxqoYZP0z9POPv3mOJdsc4R17NCLBKDpJJHWll7e9h1F40eWTo11TamjVrQIz1khc4qXtXCMjRGCjjBUKAxMzGbbkzoXJmIGLh57FE5FgE8nfLQqDrzeYIAUwg1CpXCGTQpx42hb10ysjwH6kYf/yNrhddziOLhUB9va28fWTyLEmWZkCyvAr34LnNX6/+Ld1BIIkfN1kb78gki/G6Grea8SZu5USuXGVXqABwTS/HL3hvn5Ctbka859X7GdX3BNlZzhECL8FHIE/29fVrlLVrG2gpwF3XCpgFg2YSDTD1Y5pKg430xDbjNASAaUTG0zpVJeLP4XsnuA8P3ARQ117uwO0RfwJBdCTpcSC8eOLo0G+oCH/ExK4VG/CjOgsBsfFF86vYy9iIZEUjSA1lMrpFwgg14f7U9ebM96e8EEDQe0D4iGzYSyccHYaPYJCFQMcMmsZGz4m4EoifUshH0vtcjv56QU42an8xexhSPlfmckBFC4DjFr5ZEzaib2lVsVAulfwjQm4v3rF/zUMdznPNMKXXYpB1Sazrz1X5jiTVu3aNS6yOQ0vA7s8hfuFaJAiFdVszX5GF3BgKa1/ArkQpk6bZKg/U3ewh7cRfhRl/MqHDNG5/x5KlxVNGhH9HZQVzxtbNWu71cFgEmjuWBujwdVuzDbIQM8IRbTR5xVD/YiGwVyD9BxT1r0RC14Hho+hjSyaNCsO3KKj9i2bUeSEAkVjfIMHPpWPs8Vey7z8Xz/hPXWGHsztTF4JOpoNzDtdTyWxWTR/wy1kHtLEA6NPWcdXWqUjdm9XCf8OlhyEbngRnWcQoT76Ezt+074uxR73O5BJtnbMe2ae3uceLBUkx2mIN9pgVJopZ15qdICOAD4j/OLgquMSPXo4q8Qxtj+1a9GOFDsxFdSjDBxICLfAR6HgmN24zJmMXSWM4rB0N3wgpzUKgJ7gX9TdHaGJN3bLsJVOODrLQDNJYSLAXCBN8ol0MQ99KnY9lukas2X3C0nXJMhEHW5LeC+vZQ3/sZBoMWh3o9vb+wqNWia8iAfAPxIkYguB7jjldRgAd4QbQ+R0ilH178+zYdzwLAJmXvG16lVjr0t9z54F4w1ZjEiz7jZiRHUMDsTPjZ+LvLvT5gRim2Wo4ayWMLNa/H1UUe8mEo4Jsmu1uNXt7fGfhubHVmACn2Jnof8cidDT3v55B3C4EHB+TNic643ew/WJJQ9FS01r4mLjLkD27zMA7q3CySHzx9qvJczH8zVQRx6AgsiHFJlLAOTshAD7IAqDP+8EuBQB1ehI0xfvqs8lfY3K7sPmmqjXebbIQ6GyK3dBqIICvQ/yjeQbm9ZRuv7sDb4FzFr54GHEdAu6c1e16lvwE/9LT+m2Z05HraCYsUMfz0lPP4MZg6PRH+PG4zqYJnbzsv6sKadEZo0IvUqkD0uekB3AVc4Itxi1IngUn1RvcXQqdIhnaEADY2c0CoAdQl+KUPQoA7wKOEFC0KoX2W5m51FZ4WS9svrFqg3sA1pzWYM0pH7jHO2lAv+/NGQuV5zXYHvUAZ6CVQfze9ix0uQdt01o2aUykfXtW8CK39aiuZT3JFQIk4r04E5kvS4gzASFwIguBnkHvCQHsPIJFygnLjf5qf0/IYtHEEaHtVGolbjftGRrFZxUTPxyy57Z9FT4pNyBOwVFOJDMdYTjdiWVhJEsWAMUw9vWnLgkA76YoKI2tqBACeJl6+lc4G0Ig9n3nAHI+WTvAhUBn4s9vxxLYjqXxdiyvp3T/PU/8+UhtCNCCIh5QZGvZGSMiAQ7Q4gz4ogVb9N6slewGeM96hNt9CMpzBgmBwoBT8BE4FfGlaPtpfhcKtp+61j72SeliE0CU+uNOELWtUS1p0ekVHHeii9UvOswl/o5+Xzc/NQlRFmcpoarRtEnX1FO7In6vDBYAHhL9894tAeDeIowA6P4Cyk7OK7uf25a5sPnmoU85ByCbWj2yqQ0kiwAFZKFBvi4fkIVyjL9brZ+Fh346tl8dyfuwe9x7XeLvSNqSAKarbVtbPnmUeI1KJQIL4oyftlxJJ0qyF6THQ8A/8/a+7+93vxBY94J+iiJLjYqmjte8OBQsBLrVTJ2FAPyjhbTONvTFSEP8PBUWD0CuiW5VqosHO8RfD+LPb2+um588Hbb8ryta7Bhg4BI/eALFFc74/aWzAPAj0refeyAAvBssFAKUpcrMbIGx8Vubb6r+mXMIBsj6gv363mmV9O4n/laEZP27hdjsbkjWT5uY7znZ2vDYo6fvqaNXUrX74l6LiX+nTmlJ70Pk8hUTPy/+SjcQZOI/EcTvicEnn7ffZynG5bZs/XnSiPBjHniUbS5eF6ytsx6uhRaBJ7bp49GNZ6oaIlGGOAS1137deSch4OXrcHNPYI5kmRtNSV5UP1r7FZU1UISAQ/zIXeJlDQTxn4YZ/9cRiv0EJF3DEnHSsRRjktgVixILgO50tNIf2wsB0HEzJshPyGQRsLCtQ889DVEIIVDTTIfQTOmlChcCTz1lh9P76efiQb8+Wq0dwUlZOhq/m385xO/la0cI1h3ogfdJWXPl5OPctKTBTNPq9uNC4l/far9f2Lmr0PMvq65RD9CxmymbMbbC837xlNHhdkfZShECG7brYxFQaKaihb7IuSi62avbD0f3Lso+iSxelvGkIslNZ4xys0+2H1phfzhxV4aD1vNZA8feljhZkkH8arTO2S3WPeL3as8CwEOif95LIgC8W4cQgAYMV8mWkUOqdf0pIVvfQvapZ+mAShQCa1rtoZqtT8GCH2Kvh9y0rJSEhSrKM36v3bvyXkT8qYTxLqZI9wrbvH3C6Kp/OP0DyyrSM5LlRTLrSqF9cQz120JT//rnU4cIVbsKQ+FlsRp13wyiyJuGbqCCciSiwe8JQiCttyK87KIJRylr0FOo7lIc9YvXUfIq93Nf3HtXrkHe6y8XZKNc+1y6VlHVRkVR3GyUSEqFpVya1XVlRteVSw6OY/KpuxFbDdEZLWgr6wl0jcX7tKnPe9ajSgCCiH84iN97Lsfe1jZWkgWIP3wSPPglC8SPDk59vCf9gwVA/3aCkgoAryrk9CFj24ewdETURP51DIILN99Y5aRh9Xco76SgvJPZnzL0IRVrtZbKfe+Ag0OnJXZKEjLLoTJOJ0cAX351EQEaGEwQihqJCkq68g6MpfcYhnl7w7FV/6IyiBgDSfxYu5VaWrDG7wbZ+UGr/SFdyl2Drn1JrFodlklhhDcNCopFAx/GdudFfV/C3nuFhAB2gvwa1uFFyET4XS/royMEaiEE8sLAPa3//3WFQMdA/8R2/QSQ1kxYa74SiciUZ4GGedy3jfp61e3/+w7yHaAPkHiijKTKvgdoSgaurcmUPg15KlaSsPRINYh18I/T4+anT8Cyxtchfk9DxlLJSTjUc+L3qswCwEOif97LIgC8qmCwkNBXYsLMpWEKM9fLirwQAYWc7Gy0lhS8tJTeraNnQwh8/4XkgaYaPhsfrovVaB/MYrZnYLaHowoH/Y6T+C8PgTzxayB+DHptxltQgqtsEbpj8kjxHzqIHCmfCeKMn5y2wHBeNMc1L6QPU2RlmiyJi6pq1CHpFMy6YH5UYU99oEMIwDMkm9JftGV78cSjQo9DCGDJPW8RCKoQQCSLeP4+12/Tj0MgoUbc94QINgA5KZYhBLDcCydgVgLUlrt5Oemao1ENOcvQB7J6syxZTcP2DzfXHSYyuzmn37/2W2rHzt15LMTqLCFrpytIV2pkk/RsUx+m/t/bFwuA3iLYu/PLKgC8W6PBUFGRutfIprBEZn8P06OFm2bHnAAaQRcCVImNL9rDJN24AmhdA7Pv+z2zL9UL//N0iECiF22Dg7lYgUcZEX+iTX8TxHGXElbvPOMz4n90SMUQ/68yH9NC6jQs/1yIGX91Gr5NELF7I36qYvsLI6UTj9+xCEAIZJL6b9GHFpsjte94AoPwqKsAIbDhBR3e3VYjljYmOVHxEjp1fAP/KCwE2puc/nDFX1RTyDCezei/hHPUwgmjIz8oOipgHxziPwJJ1vLxXMbO3YGcEvIsIZRJSihKoeFp62OpiN+rPQsAD4n+ee8TAeBVzRUCEQiBjKMiH8MA0oRdA04SlyAKAbICFG7/2/DCzv1sEb4SLgBXx4ZoB2bSmAoZnczAXn0Hz3ue+FUQf9iZ8ev/w6zhTox+d086ruYNAiKoxI82ltcWzPg3vGB/3Fb067BSfwGsPtGeEL+/4QuFAOWDQHz+34EmluyT0h7z1oMJn1oIAW+pwF9Gf332J1dCGuLRmPg3wkZWTx7vZBFgIeDYwtvFHgECq8/zEEsLJ45Un6C2o7EE/awoT0h/tWnhdTsR/7zkUVidugG3+1U1XEUzfjrcGbsLzyvR3ywASgRkD4vpUwGAeyTrkYxZlI1FYUcIUMd6RAitafONbmz3ShACa35tH6CYxlVY4rsKJLH/btaDe9gmFXSaR/zIbRyOOKb+/2Av8J2qHLr7KyMFzP4u8QeR2BziXwtTf37Gs+G57KeEKq5DDz0PbRpJJ7G1FS7cqELJrDyeEEA0PvjYUSpo/Q94JJa8KWuPTh0paK3YEUpBxMsvBJ78dW4kdv82ok4NEAJisAoBr00L/D622ab97clHh9dRe2Ks65QgzP2+f//1E/+4eYnPwpvvBvgtnIWxWWCSRjdYLuL3Ks8CwEOif977WgDkawnmdLbLSBKEAFQmbKN4UB6yLXtR881D/kRHOckkpFrL23bSP/gUX9VvEaA94KbiOIZdQR7haTiGwUpcUtIovoOAfOpE/Ll/C1u+HabhVV8cLt6huwzqjLYT8W/LfhoGgOtxy+eA+EOpBPZwIzg5PpeM+AmPwpdHGo4QgEtpOqm/hH3kS81q7ZGG4cJJjxZU/EgIUF084bS+NXcUjBozsAzwNQgBOZ00aLZrYBKsoJ54G5gvrw3bl3dS+q9R729PHh3+nldjNyhUkNLy5ndjFZj6677ZNhxe/TNB/OeA+BWX+AX6v4WeWfbmYwHgdZb+ee8nAeBV1hECUJlIsuGYmzIpOMdYD4BFF2+5edhf6LBKEALOnnDJmIbbvZw8xLvoKOahUDnvhcQfxow/kfsn/DxXpjLJe88+Ydi7VJFKIa4nt9ufNa3cDAxyZ8WqNTWVJy5UoWzE729oh0QghUPYNYAM3CQE/g/SeGlkH+3h0w4XtOukYvDcuDX3OYwmwFM6E0JA8YQAPvcZnoRXuV8e8bdbceDXIcv2tyeMCD2OcQw/u0GsPB+Pct9Pl8vHroNaqUVuibu7WuoWZj4hDB1LOeJ8EL9m0BYFx6cDAq/vnDtZAHS5ActyYD8LAK9O7UJAhhCAw0kmmcKd3WcLZWnL7Ohf6bDauK223OKIBech807tz3e/RcDdI65cK2xxWVWNNqQU68f9Wb+Ca9P6pqXC1A9HYCmdyP0dS+crDVm9t2Gk2EHHBZv4O9K1Pvmb3OeRgnwGJjc0Yw0EUTmkkhcCKoRAKpn7E8bgpTsT2kMX1rke40HF129RWfd89rOyLKYD37P7S1gV9NtS/kkOrgViLfcHkGfTxJHaox07O5oR66GOzOaBGaNgjhG1t0pKS5xm9RhHF+z4mGzK6P/iQhB/mByzcYzjzNmHxO+1CwsAD4n+eQ+IAPAqnxcCCCekKiQE0okEMm3do1jysqfnuAFjqEN7Sts7rb/faT2tMEoc7RnPWfr1MKtdArMyPMhLv57cR3V2iT8E4keYWOwF/ysGiRURs+3+047eD9ERgk389djO5g3OtGZtms4M9avOmjVm/Ahh6pj6MVqX3dbZlfbqLAT0V5B1Y6mRkx9qOFZgE2pw8fYLgQ3u0sp01Omc6mpNS+EZKPfSSlcw7sExRcSfSekvY7lm0T5J7RHPgdOJ7RDAIE+FY2XtgvSHsR9xOtj+EhB/1KA9zbTURQGe+m7G74efBYAfkb79HDAB0FF5UtDwiFYgBCJkEdiBNcZVGK6XtsSr/1vYsTtO6f+//EIgv4f8erDLxRACVc4gWGLHsjLV2hn0NDirOcSf0F+Dc9+KYbHw/XXDRYKuGdQZqRPQpmAf+xOtuTGmbTdCNU4B8VeK13ox/kn9VayzL1Mk7UE4Vzq22qDi7xcCTzyfPcKS4WMhS+fCIhCu4GfgTxgtFx0qaQ+NzDtsBpb46QHNT5TGzk19ANs3aanrUvhbVZsgfkeI9S/x0x3SiwWAi0N//RtYAeAB4ggBfFAjw2JS+r3UHc03xa6mnQLeflXvwCC9kxAoDB+7sTXzUcsis5t0IWZDkf5Yb+4iPkXEgzXpP2N2sLwtpD1w3pHCcQsOKvE4xP9yRyS79dtSx2F3yQwQ/8RozA1gAyFWafvWi9ojlcj9BfVZVgnt4RcC61qznxSW42x5XvUQegYoYU55nS272OeLD8v7uSBdsmP1gp/Ln2FFWhwZqj1Q6JdRhy2bQbNEFlbEGyPHzUveER5WdWXmPdLtzjJAkHwyBowAwModv8qAAJlmCVvdSEsank3qvIF/5UN8Iq49CYEWeeLICDk0XrnhhcwybJeaAVVzAWZDIU8IoJL96jGN+7HgvuSsb7pr0Porhi4t09+nPdjwwU6mZ2ctMSiN4BF/u1f6Vv0LFLBGkRHCNuqGsE21YcMaQtjC0qlC0FTSCwEI0flzOqXXsLRQ6KOwyKy0E/r1G1pzy42otjqoFhlv6SWej6w4RYg/AvipeAYWJ3YizoLw4iwEZHnMI37EsoCfiwyx9ZqeE0tMPbR6F8svgXoG9tShsS9JxtiJl7PNFImf+VUOBFgAlAPVjjLhbO58qKjhu10I5AfBSUK8glpMXddqL03u1GeSWRRmaY08pp316D6OquYRP21lcrzQU/ofs1lp2b5wPsP6phOutGDGH6hBryC/PTldSetb03UIL9GoKsppoYgqYa3WxpY+N4kNmTuDsczvdOIe/COjreQOIaB9BEJgeTqhX7d+W26FmtXurztetFG5Be0ViGcl7oU+Ln4Grnxye2ZJqs28FtrzQiyPxfrNYdbb2UJBrED8Sfi5ZHPWslQ4fN8urF6Bega62I/s/NhJkyl+lQkBFgBlAtYr1u29rgrwvquUd/8gmJ8NXbxuaxaDYG4myOkc7BpQ+yqYikP8WH8LU0Aa9FxybMrmpKXRN7RHTjut0/azQA16fuKnfPZYyEL2OvUUZ4cCstelEwhZSqTvEH+l9JIu3WeREFBD2mEQAktTUu66Da36ioih3ld3tAikc6b/GThDiD+jxtes35YhMXwt2uoix2G2a7kWugTWHg/yE39C/4dhiGVKZse9k44/wC+mAvUM7LFenX50jEidvuUvSosAC4DS4jkgS/MPghACL6GiF6zbDiGQgEUAUbiiMVcIwFTtmK1LOXP1Ez/W+P8g6/ISPfrqYw3Dh/sD0ARq0PMT/4atmS8iVnmjrKnjNBg2EVUPGagHLPH7nwdXCOi6pdPSgBY6FOJnMSwC127YqjvbM+sCuj3T/wxMFuI1VO7ajc+llybbpGnwcSCH2a4mXfLj0pXPZBkxVcUJWy0nE8a/dF1aYYrEqoaR+/q3tAbqGehK5fiY/kGABUD/4F6RV/UGQc9RasoIQfkQzl23LQchkLsBpP81WAQUsgi4QoBM2D1/ecSPfPVKeyz6HGLRJ3YZiz5Qg54XTc0LrLK+NfMlLOc3IlFPLfkrtBM/BZwZeDP+PTe6a9yVdQNCAOIHcRo+BDN2U7Itd+3GbfpKxNm8p+7z4j0qJMhLA5R2eeIxTryP6dhCuww+AtPyW2iHljDMtkP8+URVaqIt918zIa9Ip9W7zz5B+INYBeoZ2HMn4F+DgAALgCC0QoXdg+co1S4ERgnKkHjmuheSi1MJgbjcoh7hdZWOXOzdFgLO+jgRP9K3kqn/N0hQstgYoT3uESptZboFHs24VoAGvY746d59rt9mnC7DuQ/e2SfIkEOZtDP7pUGdxFGvBFKFdZvOt5sXAkhVbZEVRA2FDsHu2YWY3U6DReB2w0jdU3dsMEM058Vw3mFWkrHN8e+oYOP630IItOWukYV8KSwC+/RCCOSJH1HHo0LFcsMbCdO+XVjZOyeOGfI2gVkgjgL0DHRuZv4muAiwAAhu2wT+zjoJgTGiFTfdsK41NSaVlG6QkYI1ElVICMBXP2/m3nOtHOIvSFDya6RhXvz7H4W+m3dMlJw9zCB+DMBGfM9l9eGvtog3tyjxOmE0CCyB4LVhaxa+k2KGFlGOlYXiED++9oi/D++tAi5VKATaHIvAByAEFiTbqrDWnr0DpLeqbozwkx5h2e+vdofZ/BbayUeKf+KmZq35VWpFKmFdZVtiKjJw7tuNDJwu8SuUbgTE32a8ldxp3WmoodsbjhJvUoWZ+Pu92QfMDbAAqNCmjMfjcjx+CwYLN453f1bDEwJr1qzBjLZemjJSvID7mbx2a+pYK6ndAEe3M0IRgfC1uxUCJlUkglzk5DQJ83irosiLEK50Dcp2BvpC4u/PuhZdG0FL4i2SQ/zxOuzVx2tDq1GPwJAzQmF1DMzBlELXSbeKnwb3bL8IuN186CwEDoYQmJdok67Z2Jq9Q5VCd8NHIJDZGguFgBNd81jxL9TyxvWtyZXJNhsZOOWpsAjsn8HWNtPQqa9Qfyj0cHeIXwbxR13ifwe+BXcpEXXlGZ8R/yPEAkn8eAboxr3nlO6TX5WDQGW6p1cOvmW7UwgAi8ifAmeU7SLdLLihocGkfe20x52WB+pHV/1q0ihtgmmZJ2DL4I+wjingLEj36wx2eCfit4j4Ye6Xs2l9ayaTa5g8OjRqwgj1ezSoxJubIVJBtJhdY5Sh8/r/RcSPJQi6H7ovEmMbt2XP3LAt1xqJKGuwnW9MJqNbMPebGOHpGQtMG/U/eF24A1cIqLQ0kGzTDU0NHVRVHbpNt/U/YGngG5TWmsLZUv8gUkRfKyTSLlygfIeQEKB7o1gadG+TR8b+M2lUeI4cUT+N4DzfNE3jDQgBlZ4F3AUJARKIhiwrgr63LPM9+EIszGZzn8GzM4fI36ujV+fy3X23Shaoo/MMOOQfoDboVi0G+cFsAajEDoCHbeqDOz+26sKhr1JkQRpsXipIldnfVfKC23jhbWEL/wXu6csbt6Vr04Y6C05fX4QjHESCe6cgyuckW140aXRog3fvRPzxulrTIX7vy35+J6JpwYy/TjjLDwY5+mnbzDOx8WFGuCr0OcRaJ1O/swSAQZ1Jv7ft5VkETPgIYGkApPm+SFS6FT4CV2Fp4C4RCt1Zd6R4gy5DJPnMMxLW5AVaof9f+ftwfAQci4A7i79lwy/b7khakcuh3a9EUK335bCHBVsi5VSb3pZMWAgbri+ffHTVP6kGbp1udQRF/9eo4w68aH2oo3Huw3YsLGUOvE+I170wvh1H8l9BR4AFQNBbyHd/REKkuO37Uwsuuz91KOKVz4xfKFrosKALgYnCuc+WDS/oYw3dvhn8H4W5fAFmSE961cx7z1vIThYYxyaP+IE73ZOxqtXW9rf0s0WrPh0ZST9jIdAjHBUd4sfvTPxeY5bqPS8EYDq3YRY3IQQOhBC4BULgyvVbs3ebkn5n3WjxX7pcUIWA14fqjnMEyzc3vGDfgVgaV+JpPt/Q5adkSWuaMFL8o7AONOMvFYSlKMcjfi+c+aX3pyYLPb0cZT+C/2c7y2GuVaMUl+My+gABFgB9AHIpL3Hrrc66IeXBsmLDoiNTO3LNl96f/Kltyd+KX1oBQgBx7yeNEVuACf3f/vJvm2v/oR//8AZtj/hXPPVq+IMHHHqObevXR6u14SaGZ/grOP4LPOPvk4Yis7laIAQOiFRLNyd3iis3bNPvtoV6B3wE/kN3EjQhQKIdt2V4fSrv1HjbmpfshQ3DRXssC7JiBJP4JauD+LMIg2DOUtTwqGiNLCXeyWDfryT9+5Xt1D78qiAEWABUUGO5t3pr+x3nKCW2hajfkapTTN04Zer9qR/akrEwfrFjcpconvlLa9eKtVibbz+pH/9oXxqA6dzbJlcJxN/8uh155y39fIxu12HG/0mH+JMdxM+jXp93KoK8Qwho6n7YKncTtspdAWfBVbIcur3uKPFvuqsgC4G18A/Bc5CDKJDpqa5zLUx024F4OTP+ehA/2J5uaOrq5BlYqpulhEPHkBcPUvNm9Ww0bCNbEv1+8MdHkMjhVwUhwAKgghrLf6u0Rx4voWfS9IDKWiT6ZSOX+zKWBp6wLGlhXIjn6QB6kIcXpJql7/rz5ZE/Ofd1/N2fd+Re25udeTN+BHepgnn5gnff1q+LxbTDDZrxJ0D8CPuGEc/ZsdD/dz2o7yAvBIz80oC6L7bOzYbj4OUbtmXvsU3zdoQY/ich5DhtBshHIG8RQGpBZ0kvEH4LXk+i8WINiB/36BD/Zfclv4Qe/3VFix5P9kcjm3EnFNjaQA+C92ILgIdE5byzAKicttrdndIj6Kw7O0IAD2UoGp2gZ7ITsEa3TpbUhasaRCtmG64QKEg9u7sC++77YHj1+4kfZtlqNalfpEv6tKqY9lGErZUQ3RAhjp3/mPj7roN09UquEDDzQkBR94EQmAUhMBVC4F7ZNldOGO2urwdNCIBYAzNrdiYKND7AsZgAvXR14hQk5fu6EorUyrKQ9GyahArdr+fnkhcuvJmsqx01aMexAAhai/TufhR6PHNpxyKghKPRKfh7CiwC37VldeG9DeI3wRQCvat0T8/2E/9Tz9tDMop+sZTOTauqCX2YiD+dMAxEMaLMJN6g19PL8XnlR6BICGBP/TDsqZ8JIXDZ+q25+0KytiIfsQ8WAWwvfaY2MLsGyg/N7q9QSPw0Pky9Lz0Om1dnyWroJFmRJUwskJe6iPh3Xxj/UlEIsACoqObq8s06ZOUJAVgEvoa/GyAEHpNkq+meBvH7wSwE/MS/8UV7mG0Yl2ak3DWx6tAHc1nH1A/id/bw8zPS5W4XmAMdIWDlLQKyogyNVskzsNXuUsRquF8Y5op8DH9XCNRCCOTT/wamBn1wI37iv3R124kCM34Z23RlVXGJX2fi74Om6LdL8ODWb9D3yYUp0Yytp501OxVC4Fw9nT7zsvuTj2C8W4SlgZcHkxDwE/9PXrL3TSZzU23TuCpWo34gm3FM/QbW+Mmmyc9Gn3TRsl4kLwRM+AiYJoTAkKoq+fpkm7hkw9bcatU2l58+Jvo63QE5o76MWe5gEAL1TsROSSKvfnr+L78vdZxFM35Z+4oSVqUc4hZjAyKZ99nqRZ1jAL94kBvAjetUDRsGYcJGxC5XCMDliITAhblU+mxsH3wIu6oXYWngFRoIauPNaq008MyiFB+BgrF4zn0USU4xcpenUsYV1UNC7yfip4hzwMglflrl5NdAQqBYCMhKTTQmX4sQw5dsaNXvt211eT6974AWAv44IZetTo3B4DDLlpWJWihEM37aVEQu/UT8TP4D6QnYTV1YAOwGmAH3tScEMMvRU2nKoheCELgUQuBcbB9cbRu5JfdMHfaXFlS8FiE+axGiNChR1XraFh7x5/dVW08+b7/PUIwrhKFfERsSOjCLuOxM/D1FtyLPc4WA5VoEFFmJQQhMQx+4ZOM2Y7WuG8uxK+XPVLOBZBHwiJ+c+6hulzyYGyEbxixsIKrXohFnxk/r/PiJiZ8AGkQvFgCDqLGdqjpCgMzbtg3yhxCQI1o0fGUuLc6Hj8D9ck4svfsK8dcWHIyBg/pHxQkBP/E//ovkweFw6Eps6ZtanU/IwsTv9IbB+k+REEDWyqpoTLk62WZdvLE194BpWMumCPEqgVPJQsBP/FPvzx1pScYsYRpnhqqi5Czc7jCMqvKMfxA+DSwABmGjO1WmWIJY57ZtyxUCshzDbGBaTspcCCFwjxWWlsXPye+hhhC45RaJrAaBNo7TgCfB1J/PH2Ctfz51iFCUqzHTuQxr/PtQSlaH+N3BTnXcmwZr+3O9CYG8ELDgI2CZQpajVTHlysTO3EVwFnxQ0rSlyGPxCh1YSULAT/yX39f2aVRuJoKEnYOdQTITP7UovwgBFgDcD1whYHlCQKnRIqEZuVTmkkvvS90tTHt5fKr4TzzuWgSCKAQo4uERGMzzQYUsBPD5kA6PfjjxXxKrVodlUj7i5zZnBIoRaH8GSAjAWTACIXB5ss24AEsDD5tCWQqLwB/pFBIC9TCfQQzn98AXF9Sfn/zEf8m9bZ/CVshGPNrngfjVXDojwSGYfF1ouzDP+PuzsQJybRYAAWmIANxGfhA08xYBZWgoEpqFZYJLL12dvFNRq1bGzxNveEIgDotAfwcx8RG/9P0X0odh9J5m2MZFsZrQkHTKKp7xBwBkvoVAI1AkBGh5rKpauQxJh87f0Jp7RDbspROEwGYBCAFEy6tHdM0gCAEi/hapRabsfHRvUx/IHA5vvkYY+S4IRSMhl/jTDvEjAydbvggkfjkIsADgjuBHoEgIYAaxrxrW5kAITJ26On27ret3wiLwlhR3LQL9IQT8xL9me+ZjiiVfiwTxF2DGX51OMvH7G5U/dwsB9xnA8pizNCBEGBEhL0kmjfOwNPCoZdtLpowWL1GJ/SkEXOLHkpdL/NZFq9/7iGqHptuWdfH/t3ceAJJU9davW1WdZ5ckZjGHB/r0STSgM7uAYibsPhPIZnLYIPmjkd0lbCIKmwEBfbuCWVR22VHMoD4DPNMziz6VtDMdq6vud/7VXRNqZsNMV890OKVs93RX3br1u9V1zk3/G0+nk6jtG/jdVoVfWnubugNvTOXDnSMiQAMQEcg2TMZ/CLoIpuLlK6hYxw60E/aVZe2dOX9j4UarVLo1e6Z6aqKNgMzlD2pdWFL1VcpyzteecVpmSixF4W/Du3ByL6lmBLTOIRQ07rt4uis2G+9PwWDBu52yXj3zzernksWaEZD4+Q2XWRF+nHJA+OdsKLwY6n4BavdzMbgv4xRKA8KP/Sj8UkDcRiVAAzAqFn4YEMATsGYEHBgBB0Yg/hwYgWVlwzsLgwWvTyRSazFYcOdEGIGa+OvPPlJ6DWLzLsSExlPwQE7mcy6b+oMC42sjCISNQCyVsU/DstAfRYvAPZhVuOrko9TP5MTBPdqITEjaWA7cCmr8c9fnX2hZxnn4fEEsnZqC9T+qws9Bro3A35Zp0gC0ZbFGf1EjjICdeL4dt64rFQpnI6DI9Xahf332LNUvRqAbswZ6Ix4jIDUs1K7czz5cfJep1Zch/KpA4Y++oJni7gj4RkBUXhaHwv1owwicivenwAhstkqx8/FZX9QmIBB+pC19/JX5a3PPM2x1Lt6fHkul9nWK5eHCv7sr4HckMIQADcAQGHy7ZwKBEfAqZa+McKGWHT/Iilury9o4Z/6m4upMV2LjmpmqIEZAYo1LuNE9p7rnPQ480G+JwD/mi0T88dDFUj1GDP/xHt4zPu4RIQG08Q8agT5pFbNsO2bOhgyvwWl+cWX1+0i6AuQ3JMYX6VZOv7Pv2Z5jno2/z4TwH0Dhj7BQOzQpPjw7tOAjuGy/H9KFEfB8I5B4qRUzb+rvK5yHEMOrkrnHN980U2FZHUTWl2jEEW2WaZbdqqWQaUzyIOZGApNCwDcCmFKHWBpGueQWjApmxsgGBxDVJgZ6zga9v2nmz3Yd4+xEOn1gpYRJrjK4L2jqj+pkTKfjCMhDnBsJ1EPAxIPQdislT+YY27HEKxKp9K2lzAt+vmBT/mRf/NF3Wc8Jhh7reZh8OPQDvieBSSeAO1Ipy0A8/ag3jLM531KFx/CbutKy4geK8MvAXJxHKm/8KUQNvMPSowHosAJv4OXCCGjbdUoeIo2Vk1NSr8So5IX++aojo/mwaiB8Jj25BKSfPrIc1NK6YItOIc0rYsnUcyD8jus6vvCL3YjsXEyoownQAHR08Tfk4uWesipo/McChDuHnEEeXtxIgAT2RGC4vD/tOo5M4bcp/HsCx+/HSoAGYKzEuP9eEZB2ejy0GG50r2hxJxLYJQHLUHxM75IOv6iLAO+suvDxYBIgARIgARJoTQI0AK1Zbsw1CZAACZAACdRFgAagLnw8mARIgARIgARakwANQGuWG3NNAiRAAiRAAnURoAGoCx8PJgESIAESIIHWJEAD0JrlxlyTAAmQAAmQQF0EaADqwseDSYAESIAESKA1CdAAtGa5MdckQAIkQAIkUBcBGoC68PFgEiABEiABEmhNAjQArVluzDUJkAAJkAAJ1EWABqAufDyYBEiABEiABFqTAA1Aa5Ybc00CJEACJEACdRGgAagLHw8mARIgARIggdYkQAPQmuXGXJMACZAACZBAXQRoAOrCx4NJgARIgARIoDUJ0AC0Zrkx1yRAAiRAAiRQFwEagLrw8WASIAESIAESaE0CNACtWW7MNQmQAAmQAAnURYAGoC58PJgESIAESIAEWpMADUBrlhtzTQIkQAIkQAJ1EaABqAsfDyYBEiABEiCB1iRAA9Ca5cZckwAJkAAJkEBdBGgA6sLHg0mABEiABEigNQnQALRmuTHXJEACJEACJFAXARqAuvDxYBIgARIgARJoTQI0AK1Zbsw1CZAACZAACdRFgAagLnw8mARIgARIgARakwANQGuWG3NNAiRAAiRAAnURoAGoCx8PnngC3sSfkmckgT0QUIahDaO8h734NQk0FwEagOYqD+ZmDwTwoLUV/sHmVh+6eziAX5NAIwkoQ2vteVB/2/AMyz/VFY08IdMmgegI0ABEx5IpNZDAP7ulhoVN6X9UKoaRysTi/gfacBt4WiZNArsiILdfRRmm2bVPzDQN9WRMxXf6O1955a6O4eck0FQE7KbKDTNDArsgMFMpF3UtdYJSn7/3+/k3OWXrYsuKvS+eVFYh58jDWPoGqjWwXaTBj0mgXgLS6oSbzVVK2eku2871OYW+Z7yNph1b9d7/UH9CcwC+Uuynqhc0j58QAjQAE4KZJ4mEgFJ+pf+ko9LfR3rv3/oD5+iK610Us+PvisUNq1BwPLQTyD40ApEAZyIBAXQ7QdvR2gThz2Qg/P1OGeK/2TJjK99/qPqt7FcTf/8eDY7jKwk0MwEagGYuHeZtVAJbtmjrsRmGnqHUQ9jhoXsfKfRU8uZFsVj8OCtmGEUagVG58cOxExDhx/9ciD9q/DE73+9UIP53eiq24uTD1C8lxeyOHbbxzW6PNf+x8+URk0uABmBy+fPs4yAwcya6A7D5RuAxQ590mNqBP3fc97BzrFPWF8UTsWkm2gB8I+CPzmaLwDgw8xARfrQm+cKfc7xCv3N3xdErZr458XOBs0XDiOL+yiqFUSncSKD1CNAAtF6ZMcc1AmEjcOLh6gF89cDnHq4crw1PjMDbMDrLkK6B2owBdg3w7tkzAb+p3xd+K59zDNT6P4NO/etOPjz+Ezk4EH5/XMqeU+MeJNC0BGgAmrZomLG9JTDUCMyYYUhT7P049v7P/6jyXtfzLkomY2824ABKBUdqdDKLkLNf9hZuJ+1XFX4TNX6rWHCNQq5yL5r+rz3piPjDgkFanHB/ySg/zjzppPuija+VBqCNC7fTLm3ACKBpdgZmBeBB/SUw+NJ9PyydCNm/MJmKHSFDuEtFGoFOuzf2cL0i6GYKwl8uaiOfK3/RsMxrTjw89j05jsK/B3r8umUJsCbUskXHjO+KgDTNQvy1NNXKPicekbjvxMPjR5by5f8slSo/SqZjViIZk3tfWgQ4ZWtXINv/c4zqN7wU7gc7FlOFXPn+SsV9+4mHJ95/4htj38OoflPEX4wl7ifeJ+1/P3TcFbIFoOOKvHMuOOijFSMg7084IrEFV7/l84+UPuwZ6uN48L/eRd2vjBYBCAF6Btg10CF3h9T4lRhBF8P30M+/zTTca048IrVdrj8L4T94K9qM2NTfIbdD514mWwA6t+w75soDI+BP18JVf+CwxD2V38UOxaju0yD+j0rTLwYMmjLdC1+zpte+d4bf4oOuIL+8i/lKr1upvBN9/MeeAPHPZqs1fozq94LupPZFwSsjAYlfzY0EOoRAtqcH9T2tsjsMa2aPP3XrjrWP6HuenXNORVfAYgz+eo3jIL5r2aloxHiFIaBBboN7Q7p5ZBZIAsKPMpXpod9BBF/p4/+yXJ4E8Nm61TAp+m1Q2LyEMRGgARgTLu7c+gSUzvYYFTz1VbbXsBYcpiD5xsavflXflfecWdrUizJd8Vc4WNjNgRFAxwCNQIsWeiD8mAViydQPzAL5AZbtufakIxOfk0vyhR/dPrWmfmn94UYCHUWABqCjipsXO0AAgwSzqOyLEdgBI9DTo0r47rYt39V3oGtgDmIKL4QReGkZn1YcGoEBbi3wJhD+RCJmWRgGWsg7P1ZaX1sbA4Ir0GoLWnco/C1QmMxiQwnQADQULxNvegIwAj3QeKkN9ooReLMqIM83b9nxj9tzxr5z0QdwQaYrdlCJRqDpixIZ9NeCwAwPy8KTDYtE/QwG7zrMALkHQ/rgC6pBfGRMyEzFVSRboUCZx8YSYB9nY/ky9RYhgNqgRiuAbwR27ND2zJ5n9590ePz6hBt7Xa6/8vFKpfLXzJSYbVv+9EEJ/eoLSotcXrtnU4TfjcVjfhCfctl5DP38syq/j70RU0DvFvEPBoAGA0LbHQivjwT2hgBbAPaGEvfpGAJiBHCxgy0CRylZ433F3Q89vUHr1BkYEnAOjMBzi2gncCvoGkCsePwnUwi5TTQBzOGH8HsQfhurQUrI3l87JWPlQWbs9sMO9cd2YKEebWPMh5utDvqc6BzyfCTQ1ARoAJq6eJi5ySIwwggcrZ5CXpbf9wO9Fi0CZ6Fp+WwYgQOLeVQ9MZcM39EITFRh1YTftrEQdMIw8/3l37mOWvVMf2zTrB5VlGxIK05PN4SfC/VMVKnwPC1IgAagBQuNWZ44AiOMwJHqCZz9E/f9VN/Wv7N8Dr4/E0Zg/0LeMzw4AXxHI9Cw4pFAzsoV4U9A+Pv7y39yHL0m9+TT6099x3NzcloR/m4IP8pFyoIbCZDAbgjQAOwGDr8igYDACCPwevUPfHf5vY/oT+b6yudpQ53eNSW2TyEHI+DRCATcInqVbhnXsuN2MmXYaIH5a8Vxbyi4ubUfPeoA6aKh8EcEmsl0FgEagM4qb15tnQRGGIHD1N+Q5EX3/lTf3L/TOR+DAeZnpsamFHIujIDHFoH6eNeE34bwKzu30/m//oq+sVgs3PqRo/eVLhkKf318eXSHE6AB6PAbgJc/PgKBEZDwsW9/u2H2vF79BSktvvfH+iYI1UJlqjnoGsjkYQQ0jcBYIVeF34LwpyH8fc6/8n3q5pgZu+W9h6l/SWJs6h8rUu5PAiMJ0ACMZMJPSGCvCWSz/ipx3oAReKP6Iw4+78s/0zdgVPoiTxuz0TWQzPdLzCFdQQuBJR3Ze32CztrRF34Ts/hTadMGs6f6+7xbbTd+4/uPUv8nKJpR+CWGxEyEEt6KVQM7q7h4ta1OgAag1UuwI/Ov1YwtzfXAHWoEjLf3mu/5d/U7FM1Z9/2geANaBBZD8j+GgELxfA7RhWEE8LeFIW00AtX7tyr8JoQ/Y0qNf2eur7JW+vlnvjn9V9mlGYVfokhmrzQQZtgfcEjxr5Yl/20hAjQALVRYzCo62Nfq2LoFytk6E1O8slnz0YOvUM1U8xowArKkLGr6Jyr1a5Tb/C3fL12f64cRMIxTsOgQareOqH+nGwFf+JVp2umMZff3Obl8n7s+ptw17z0s9Se535tZ+GWKYRZleNpmvW9c5+Z7rrV1w7zU78UYBJEH5Rq4kUCzEqABaNaSYb6GEZAmdhFXHc+/Yf7G3CdMZa7Izk49iNXbDfnu0YON5jICWFJWLiBbMwKIQPcY/py95ZHSGqw1sATq/5FUpmoEJIqdtAgMu+A2/gPGR+bzyVQ9CL9t9/c7xVyftxGRfFefcHhSWk584f/mNw1PojM2DYpajT8Q/o/c+MTUTCY1z/AKC+145vme1/9VyStaBVSWkSKbptiYkV0ToAHYNRt+04wEsHafnU6/U7vuO+dvyH3N096K7DwFI4AHbxMbAfQTm1hyVs08TP0cWT31cz/RqxHA5kI0EnwwPSVmSYtAuxsBrMinq9eo7AyEHy0i5Xy/e7vjeas+eGRSWkr8yH1Gkwv/mbf8o6uS7JqLa7kgnkod5FY0lpAuFOBO2Q0ghcitZQjQALRMUTGjPoEY2lyxrivex2Kp9DtdB0ZgY+Fr+Pu67By1Q/ZpRiOA2q7fIhAYgRP+Q/03svqhL/y4vAqD3S5Uyjw5lbGsfM4RkfTaq0UA9X2tXPxr+d0ffY7b31f+lOsZK2YeZUvLiLFFawtvdHNF7kMff9awgho/up8wJ6EwB00SIvwvxb1nlPMF6caR56iNaMTcSKClCNAAtFRxMbM1An5zuVMsoO5lWPFkCkag0pJG4P1vVI/gmmbc+6PyUbmcvhDr134gkTQtrGTXHkbA795QVq2VQyNo0j3aM647+ajEz6QsA+FvrkV6tOqG8Pdm0cefNaSPPxlz87OxvuDCWCr1ctfxDKfg33umYWIQIP7RuChuJNBqBGgAWq3EmN8aAfQkK21h6R4FIyC1S3PACGxAi4BqjRaBLVu0NWMG6sdKfR8XdsJ9jzhvRVjhCxHu9j1Y4MbCWva4NLQIwOjULrw1XiD8CvKIcQ64hoqR7ytv0aa69qTDEz+WCxhy3U3UbD4o/L0Q/uwWHf9bf+k07RUWxdPpV7kVEf4iTKc2cQnBs1PKhxsJtCSB4CZuycwz0yRQI4BamGEMGIFU0CKQQ9eA2dRdAzNrc8eHCOK3cSnf/tzDTjdqmhfZ8fg7YjEYgQKqndIm0OxGoDqg0Ux1xaxSwTMw7fE+dP1fi2V5fyhlNeQ6m0z4e/0avwi/zDRRdv7Ux/sKi9HU/xrp40cXv+RXbjM+M6UgubUFAd7MbVGMvIgageFGICljBPyugfvx/YpmHiMw1Ag8hhaBE5TqRZ57733YOabi6Iuw5O10C7/WYh5GoDrCvNlaBEQg/Rp/uYx85ipfUrZxzYmHxr6Lz1tC+GegNWbfvuIphiouthPpQzy0Kw0R/mbjLVi5kUBdBGgA6sLHg5uUwIARQP7MWDJ1PIzA8RgseL9pomtgli+uTTlYcJgReMzQJx2utuEatt33I+edTllfFE/E3o5rMKRFQKbT4bvJFiaZwqhSqZjlYGhmPlf+OvrErz7xiNg35d4IBj0G1yWfNcPWnd1hSx9/rzT1Y/bIX1+Y+4jqyy+JJdOvk+58aU1CPqXGP9l8mwEX89CmBGgA2rRgeVk+Af/hXXuYDzcCGIiG6YO9slczzhoIBLPWZO5hjIDMdPjaZ39YfC9iIFyYTMbeIvKECRFBU/pEC5WMu/CF30UOMFZhO4ZjXHPSEQkxLIYf/wDTHrEF+ZOPJ32TWr4EjurN9vjxBRZsyn/oca/w8Xgq8wYK/6QXDzMwwQRoACYYOE83KQRa3whgmtwMDAaEoH4JBL907w9KJximujCZih0p7QClouMLMjyBDFBr5DYg/B5qyuiS+BZmOF5z4uFJ6WbxzdTBCMrUXKP6Mc2iJvxB1Mh5G/MzTWV83I6nDpWoRKzxN/KWYdrNSoAGoFlLhvlqBIFdGgGIWXO3CNRq0jJtbqYyvJOOVJ8DoM/d90hJ5hBcmEzHDpUabKOMADTS73JIJGM+Qwj/9zSE/6Qjkl+UgpIFcRDoyAxaLhpReONJsyr8hjdE+E+CQ/q4nUgd4Qt/iU394+HKY9qDAA1Ae5Qjr2JsBEY1AvM25u7XHmYNNHPXwDAjoNwTD0tsxaVv/dzDpQ+hCf7jqXTsDdIkX5YWAYlIX2eLQCD86HLAojeo8Rechw3TvObEI+L3CXJf+HGOWlN/0zT3+8I/A8Jf44WokR8wlIkaf/JN0nXiiPDLYkwdFIJ5bD8R7t0JBGgAOqGUeY27IjDMCMST6dpgwdz9nue1lBE44fDEpyHG//W5R5yP4mKXYBrea130cosR8GVujEbAF35MO5QavwVKqPH/BIv2XHvi4fH/CmBKa0SzC/+CDbn3ot/kQjT1+2MmKkXMTZSQxDK4D0aAGwl0MgEagE4ufV57QGCYEcBIcN8ILNhU+KrrVmStgV7ZsSkHC/o1XISs3TGwLO2dWEHvnqcM51QI3GKE3v03GZ1fKVeCADZ7GiPgxxvwhR9PB0Qk/DmE/7oPHBa7G2IvwulH75M+/mbq55ca/xbU+GuGxJi3sXi80t5FViL1Nrta469On2SNX4qQGwn4BGgAeCOQwCCBkBFIvUs5lXeJEYBqXpedrb4puzafEVA624OlhTEYQIxAbQW9TVse1XdhuuBp2tWL01Pir3QwP98pOxK7HrFrRwwWlD5+z47HbAQewnQ+53+MkrFyv/7YnbX0sFDPDjvb09N0wn8IpktmMbJfKvTzNxaPw2VcZMXiPSZG+aGpvyr8nM43eJfzHQnUCNAA8FYggZEERhgBxBF417wNua+i/7v5jQAG5O3ohRE4REHyjXU7fq/vfOpfzhy8X4gWgZeVS2gRcGAEqs3g/poDCDRkI/SwCeH/DQL5rHLTsc0zq8f7K/TBYLjZJlqaV2r8gfDLIIgFGwrTYWkuNK3YsaZtyqh+DwMSqk39+J4bCZDASAI0ACOZ8BMSCAgMMwLxVPpdLWEE0FTfA42XAXq9YgReqoq4oFvu/Km+XeWcuZ7WC7u64geV5FPM5U8kDbO/3/l9pWysrjj/t3Hmm19UkC/QlWD3dEP4lRKz0BRbWPhP31zodj3vImXH3mHZVlX4KxT+pigsZqLpCdAANH0RMYNNQGA3RgCDBZu0a6DWZz9oBF6vcmB5wxd+qTf176zMx6j+RegO8Jx+vdLtf3rDST3P7hfWIvzdEH4c37TCP3d94WjEH7jIUPa74kkbgx0L2qu04KJJTXBzMwudS4AGoHPLnlc+dgKjGgGEGP6KVhgs2CpG4DWqD5e+6kuP6DswR0AjpsATgqI5hX+LdciMGRqtEK409c/blH8zhiJeaJrW+7AOtNT4tYdVk9D/L2Xjl49cCzcSIIE9E6AB2DMj7kECYQLDjADWGng3ugbeLUZAWRgseJr6lhzQbIMFR7QIHKb+JflsRuGXUMKPIpSwBPAR4Z+/KX+kCL+hrBNiybgs0qO9ItbnpfBLEXIjgXERoAEYFzYeRAI+gVGMgFM1AhpGYG7zGwG5imZq6g9Mk9T4JW/z1uUOxwTHjyNiz8mxVNJv6of4U/gFDjcSqJMADUCdAHk4CYBAKxuBpijAAeFHjV8yNH9T7o2Y1f9xjFH4z3gqJTX+YGleYe3zboqMMxMk0MIEaABauPCY9aYjMLoR2JD7CqbeN22LwGRSDAv/go39r0fQwiWI0//heDqlKPyTWTo8d7sToAFo9xLm9U0GgeFGIJXGGAF0DdAIDJRFWPhP31B6rasqSxCe/6Oo8Zsi/E6hKEGLLEzqY41/gBzfkEB0BGgAomPJlEggTGA3RgDTB5t0jED4IqL8Oyz8Czb1HYzxfos97Z6SSKXtcqE4IPyIY2D7M/qjzADTIgESGCBAAzCAgm9IoGEERjUCCzblv4xl9K7LzlIPyZkDcQyWrm1YbiYhYbm2XqPXzGarsQXO2Fh8tavdxYhIfGo8nYxXhb/g1/jR/E/hn4Qy4ik7jwANQOeVOa948ggMNwLJ1HvQNfCeBRthBMz2NAIh4ffO3FB8hav0ItfwZsUz6QSa+Y1yvib8BoV/8m5NnrkTCdAAdGKp85onm0DbG4Gw8J+xqfgy1PgXIljfbAzuSzmF0oDwozBY45/sO5Ln70gCNAAdWey86CYhsAsjkPuy62HWwLzW6xqoCr8RNPV7iNX/Es9zL3C1nhNPpzMU/iaiNfFmAABAAElEQVS585gNEgABGgDeBiQw+QSGG4FU+j2q5LwH0e++5LkIMdwCRkCEHxgHhP/MTfkXOdo43/OMefF0ZopTrNX4q3P4WeOf/HuOOSABGgDeAyTQRASqRqBQkGA4JqbDvbdSct7bzEZAVhy88krDqg3u806/I/8CLMpzXkWr+Yl0ch+nWK429QfC30SwmRUS6HQCbAHo9DuA19+MBHwjgLnwTWsEAuGvhRGuzF+be56Kmee4Fe+MRDq9L4W/GW8r5okEhhOgARjOg3+RQDMRGGEEHL9FIPclQ2OMwBz1bcmsNL8/enB14ZxGZz4s/HPX9z9HWepszNc/M55K7l8uOqzxN7oQmD4JRESABiAikEyGBBpIYNAIIKZwPJl+74QbATT1Z9HUP1Djv0c/yyjkRfjPiqfSz0JXhVGS6Xxs6m/gbcCkSSBaAjQA0fJkaiTQSAISFre6KM5EGYGa8GN1vkrWMCpzNuj9baN4pi4Uzsao/ueI8Ms8fmTLUhxU3MiyZ9okEDkBGoDIkTJBEmg4gdGNwMb8F7G474pIugZCwn/a5qf2jbmxM5QqnBNLp55XKVWGCT/EnxsJkECLEaABaLECY3ZJYAiB4UYglXofugbeN983Apg+OJ4xAiHhP+cuPbVUKiwwPOO8eCb1Agr/EPp8SwItToAGoMULkNknARAYxQiUfSNgWsZ12dPUd4TSbgcLhoR/9sZ/TokZmXmlcvE8RO47qFJ2g8F9Mt/fZo1fiHIjgdYmQAPQ2uXH3JPAUALjMAJadWcNq7fWx3/KnX/PpCr7zjG0dwGa+l/ihoR/6Mn4ngRIoLUJ0AC0dvkx9yQwGoFdGIHcF02NRYfmDrYIIICP15s1KjNW/zm13z77zzYctTCeSrzMdbxhNf7RTsLPSIAEWpsADUBrlx9zTwK7IxAyAmmMEZCugUEjcM5XdaL8t/wsLMsL4U++EoF8DKfgj+r3m/p3lzi/IwESaG0CNACtXX7MPQnsDYFRjcCCTfkvlP6Wfwki972+gsD9WJoX0/n8mP58LuwNVe5DAi1OgD/0Fi9AZp8ExkBg0Ahg4GAsmXq/52oJ4CMhh2VcH58HY4DJXUmg1QnwB9/qJcj8k8DYCVQXHSoOCL//99iT4REkQAKtTED6+biRQOsQcPysIvActwgIiPDzGRABSCThlaNJh6mQwIQR4I9/wlDzRFEQULYyof64b7WraQOiQMo06iGAQRNaex6SSCA4AltS6mHJYyecAA3AhCPnCeshYHpWDp3VlUQ6JbHnlTJUBb3XtAL1QOWx4yEgol8xrZiZyKTkOfpHI+Y+JQldcQXvR+HArfkJ0AA0fxkxhyAg89VR61e3zU38wlD6KAxc+wxUX8dSSRsf0wjwLpkoAp4YUNOOm4iQaHuV8t9KueKlRqVy2G0fS/8V7QG4GRUN6USVBs9TFwEOAqwLHw+eWALyYNVq3Wz1Y5z3Q6dvyF1XKhQW4YH8oVgqZZeLRWkMqGhpitX+qPaJzR7P1s4EpMbvWXbctuKWiRUQ/1KueLe4hrtu45x9nqxeOO48in873wNtd21sAWi7Im33C1I6q7U5Y4u2bpub+cn6OemPKsN7I+aw34naVwXha2FqpUXAYNdAu98KE3N9fo3fshN+jd91nT9B/D9eNkuvWzen65qNc/d5Emss2BgIID1SrPlPTJnwLBERoAGICCSTmTgCWaW8rTOVGxiBtXO6frp2TupjhgkjkMvfDiPgiBGQ6hhyRSMwcUXTTmeC8KuKCL+0LlUqpT86+cKiRDwJ4U+vuH3Wfk+L8ONeU+ieqrDZv52KvnOuhV0AnVPWbXelYgTkovAgNh892FDrZqqf489Z89b1rSzlixegu+AUDBaMO4USegS8Cr6TUdpiCriRwK4IyD2lrVjCsmxTmvp/X3GMG1yV27R+zoF9cpAIf/YKw8X9VzGy8gk3EmhNAjQArVluzPUQAtUBgoNGYP1M9Si+njt/c2lluWoETsWAraRvBDSNwBB0fDtIoCb8SQi/MsqF4m/dirphajy1eeWpKie7UfgHYfFdexCgAWiPcuRVgEDYCKBF4Jf4eMG8O4qr8EA/H821p8EIpJwiWgQ8GgHeND6BkPAXfuNWzDVG5ak71i14fl726EaNv5c1ft4ubUiABqANC7XTLylsBNAi8GswOXPOhuLqcj5/PnoBZsEIpJ1iGUbAZddAZ94wYeH/lVvRa8pm+o7bZ6miIAmEv5dN/Z15h3TAVdMAdEAhd+olho3Axpnqt2Bx9hmbxAgUzsP72TACXTQCHXWH+MJvxxFICkOgnWLxMVjANYlc6lM3natKQoLC31H3Q0dfLA1ARxd/Z1x82AjcOlP9Dld+3umbC2vKhcK5GO09B0ZgKo1AW98PYeH/BeaIrH7qz7+7e2v2ED+MP4W/rcufFzcKARqAUaDwo/YkMNQI9Bq95m2zUn/AlS6cf2fheqdQOAczuubBCOzjFB10DVQqmNTthxtuTxodclWY/iHRoQZr/IWfIZbU6ue/PHl3tgej+LH5wp813F5M5zOyHcKFl0kCIEADwNug4wjUjICXxfRBMQLrTk39CRCWzF2fv6GcK5xjmIYYgf0qJcfAEAEagZa8Q5SL2XyGnag19RcK/61MteqpKalPSwwJuaRhwt+S18hMk0B9BGgA6uPHo1uYwHAjYJgb5qm/4HIuPHtj7oZSLn+2aar5MAIH0Ai0VCFD3JVhx5OWhIFySoUf43Xl8/+S+q+gBag7u8PuzXZXa/wtdWnMLAlES4AGIFqeE5eaZ3hcDjca3GEjcPMc9ThSvmT+2txNJSN/JsINnR7PpJ9VKVXQIuCwRSAa7FGnIrV6JTV+SbhSKjyMclu1bl5qCz72Q/RS+KNGjjYWIYtnkaT8/Fcd6nOO/ixMsVEEaAAaRbbB6WIZ8immlJ72Q91KSGdGuKuT+VAjgKTM7AL1N7xePnd9/80IKHQGdOQMtAg8OzACsk/tP7xwmyQCg8IP+YHw/0Bq/AjX+9kgPxT+gESkrx7CH1fsuBHD+kcZSfnxX/MZFCnhCUiMBmACIEd7iiuQXBZyr75W6i9OhyAlHPRVc9BadJQHjUAWAn+FmZ2n/k+gz9rUd4uRL56OMWVngvtzK2UXAYbLMpCMRiA6/Hubki/8MdT4pRYK4f8eavwr181L3xckQOEPSET6KmskeKYds62Ylco9VXgSlZFvyRme2q/aEhDp2ZhYQwnIg4tbCxEI+jGxCt5NqPu/CguUrMQieE9BkGzLilUXv8EPtIUuqWmzms1mMVBQVWSlNwwYtDfPnvLPdXNSV9l26rXlQv4yiP/jwl3Whgd4MQLk3vjSFOH3RPgxst9EH/+3y07+A6jxv3ltTfxlpUjJRm+2B2XCFfoiKhK5t12skYDFkZK265b/VCkWLkybqZevn5P5In4rZjC4MqLzMZkJIMAWgAmA3IhTyAh2NFH/CWkvOf3W/PVlL48man/Q2oFSKfUqDmumEYGvrfTmG4ErrzSs7MfUE0h62ZwNz9xaznvz0QBwFozAC120CLhsEYiI+ohkqjX+ZMryXC2D+75lKr1i3ZzMl4M9RfhFhChEAZFIXkX4sThSbY2EYvF/K2V9UzJf2HzTuQfslDP4z6IsKx2R0J7gRGgAJhh4VKeTlgD54fVCfW47Q/0V6V52+p19N6KvegFG5pwRz6SeJ4IkRgBNdGyijgD8CCMwVz2JZK85bfNTtxl5Yx4M2NkwAge5ZYyKwkABtEyTe/3cIfeGGfeF35PIfTuU6aGPP/PVatJazdhi+LVPCn/9sAdSCMdPKBV/6Za8Gw0vfcf6BcpfI0FaxWqrIrLlawBca72hAWit8hqW28G+6qrAZ09V/8AOV6Fmeku5YMzF+7PiKQhSxTNcp+TXoPAZu32GURz7H4ER8NeClxaBWepppLLinLv0WoQYnoun4bmJVOrFriNGoEwDNnbEcsSg8FdcCH9hu1bmivVzUl/3k0O3zIytgfAbcm9zi4aAz3IgfkKx+HOtveuT+cfvvuncV/qhkocIPwMnRcN80lKhAZg09NGdODAC0lftN1FXa6bXQZBuKxUKs/2aaSr1cix2AiNQpBGICj2GP2el71/GCIgR+KiSJtHVszf+c30pb8zGuIDz0CLwUhqwMQGX+9OMocbv+sJf/IbnuSs3zOt6wE8lEH6Fpn6YhDGlzJ13R8B/LgyZRvljbajVL/hzUuInSHdiNXASV0XcHcOW+44GoOWKbNcZHlEzrQrS9fPX6nVlI/8xhEA9Dw/WV2tUUSvlgosphBjQyxaBXRPdy2/CRmCO6sORNyy+U2/YWSzNgkE4Dy0xr6AB2y3PQeHH8BWnkP+aaZro4089KEeJuZ0pNX4K/24hjuNLX/iD2RRuufB9PB9Wr5ubwjTKIH4ClkNmqORxoG3+Q2gAmr+Mxp7DsCBV++xuPedGvamoix/BKmjnwwi8bsAIVM/gj5we+8l4xACBIdy70SKw8lSVw3c3z1/7+KZycX8YMO8CGIFX0ggMEJM3rphQ6eOvlB3p4/+K6VUwnW9Kr3wpo8sfPfgKeFs/fC9r/AIlmm2wiwXvysXCQ6apV62dnflCkDynUQYk2veVBqB9y1ZiBQw0UYsg1ZY73dSd1Xe++qDiB1GrugDO/40YZCXzqGUgj7ylEaj3ngD33lrXgHBfVzNgp23Wm42i3xIjRuDVHW4ERMwtcLCcUtnAqoxftEyFwX2phwS/DHB99GBDZf24/Vn5iFs0BHzDJTV+v4ulVNyGPv7V6+dm7g+Sr86mMLzeWtN/8Dlf248ADUD7lenIKwoECX0A3VnDkh92r2HchXbVu+dt6p+hDGsh5lQfWYudTiMwkuD4Pgm4o/lajMDts1QRCa1FS8ztJVU8BXbrArTEHDykJUbiOLTvIE1EUML/5P6qCn+xJML/eVRAV26cm/6OQB4u/PIJt7oJgLvSCphlUUS0tCBwWKVU/CriWqOpv2u7n34wtoLTKOvG3UoJ0AA0uLSkSo1NHuxNsKFmmpWANWIEeq1ehPJcbxiIlW5sWbAp937PU4uwiMrRJhbBRZOgRqb9h3UTZLy1sxAyArWWmA0zso/euf9BL/sIItkthBF4bdsagUCAdFWAysWiCP+9lmmvvHV28vtSuBT+BtziPnfMpsCiiBK8B90rvuHyvMrqDfOm+i0tTTy2ghGcGnBLhJOkAQgTifjvmvI7kmz/3w3wlsf8ZN/bg0YgmENd6/v7wryNxeOV4y1CmLXpFmILYvqVeBgagSjui8AI1FpitmZVGcluzu7Qn3r8f4sfwW0hRuDfB4xAqw/SHCL8IkAQfTGWW02E7L1tbvqHgpTCH8WNFUojEH6sjSTcMRNI4z+Mn8TgvjnpHwzl3lxjK7SqPiP92R1Ok9SaQnDb608agMaWp5KHObYXyD/3n6v8ebTB4JpmMAJbZ1anUvn9fjMMb71S0hd4/4INhelOpbTItGLH2/GYJQ9vbH7/IZpx+dsUGuPeBg1YN7pksj3+NKs7UAZ37d9f/JD29KJYKvWGASPg466Gtx33KSfywECAdFWAcO9o/Pdf+FgGmT0iWaHwN6RAxKy7GFNpx9IJu5wrYLJP8dOWttfcNjf+k+blXmuRRNfk/eca/jMSeX1B7dnJZ01DbpVqojQADYSLpNHfltNKmSdOX9b/E881VuzwMp8JBtc0jxEwjCCKmhiBLTACqBlI3+D2uZsLR7t5ZxGmZL0/lkz6RgC/yAr6BywagXpvnqFGoFfC2Mp867sgjvf87aDCf6LpdrE/SBOP9UpZ4jf4HUrNO0gzEP5azROi7zmFwqdNrVfdNjfjC9CMLVuQ/xlGdXBfvfx4fI1AVfhNCH/SF/5SKV+8yzLc62+bM+UXso/8ruW1ubgPCn+vdE1i4GePmfugaRlLMID5DfLsRJab934XoC2+0QA0vgDR3u9prKDxBqwZc/f0cm6JcXVh5dGl5KcHA2zswDzbbjzgJ7troGoExHLLA+OQxwyNKHcP4c+H5m/KH4mH+UL5CrVTW/px8bynEYjk/hluBGr3xach+J9ZsL4wE3EeFyFAy+FyqqacrTFU+NNo6s+j5pkvfFopb9XaOV0/lXxXBWgrjOZM3OfcoiAAdZRxOq4yLQh/HNyLOSwOdkdFVW7cNGfqr+Qc/u94Bn7H1WmUUZw2gjSGC7+0Bj2UKH7I8HKLzXjmDZiVgAiaftcja/8R0N5dEi0KWO57pY/PPjG1FEv8WZn2VCyHK26xma9HOgPECFjKNA23nPspetZXHfCqzD1B7buZWgSCm2bACNQW+5i/KfdGtA9cgO8/iPUGbKdQwmQCT2qu4tQD/q5MM3JK+W2I2X5skBZf95ZA8ICU1eyq24JN+ZOlRUBmawjlpjACNeFHbU36mg2IPvpt9d3a1KvXzer6ueR8iABVO8Nq18OX3RGoPt8u2KJTub7Cr7Da5Iuwpgf4+SG/pR3IF37ovm0nYuBefAYfba4o86ZNs5O/k5TDv9vdnW3ivht+X0sen/h17sOY97LIimderz0Iv4MAZdXnSDPPhkFUahvdu5WdWIv9RfdnZVGkaplNHMtozhQ8sKNJbcJSaUkDENAZbgRKuZ/hB71KO5l7mrFrIMi0/FjlfWBWTt9Qeq2rvPPxwP8owt0mQkbAX66VBiCgN97X4Q9MSWXB+vyJkAExAm+axGmbYrZddG1B+BNGKV8om4b6lOdW1qyfP+VRyWdzCpDkrBW2kQYAq0zKh8Ldw7gcCL8N4c8/if7F9THDuOWTs9N/litrTu7D7+NuLCKkYrkP43oWWYkMBr22jPAHNw8NQEBicl5b2gAEyIYbgXLu5/h5r/aczF2DRkD7ITiltSM4aLJfsxoBWrYaKjACszcWX20j1C2y+DEYgbRTLGOeg1eyE8lEhS0AkRWXPNgD5pLoXEzbNLUSI/DWCTQCw4QfNc8iurc+hfJes2HelP+RfDWnAEnOWmkLGQDLfhHMlYOWgJgdt0T4/wHzdZt2vNvWLcj8Ta5MWg+7jW6sENpMy/KK8FfjjlTzqG0zlvsoWrAWosaPSKQtJ/zBTUQDEJCYnNe2MAABuuFGoNj/qGGqVc8ckLnrRwuUP31QHDMGyTTFGIEg09JvJ5HaAlE6Y1PxZa72zkElZXYsmZ6KcMOGk89/fe2czDuDY/haP4GwETh9U+49nlZLsF772yR+A6Zt+vcTzuS32NR/Rj+FqvBXB5lJUz86aNUdhq3WrP9Y8teyB4U/ItJV3KgcK13rAngMU0NfIiYPgyr/is8/6SB8x+bZU/4pu8qzoRutAs0s/Ieu1bF9noDwY3aLlew6pIWF3y8d/EMDEJCYnNe2MgABwuFGoNT/GKaNr96/POVTtfni/o+92Y3AmZvyL8LIwNPxG1mCICM/QojRN1UvsFpmwcXytT4CVSMg8RmqrUMLNufepT1zsRWL95iWGVUgp5rw+4PMRPhlHfjNtjav/+Tc5G/lCij89ZXjqEcjKh/GVWgs4pU27LyIfgH6vzJlpjZdX116uib8V0L4s/LcaJJteI1/RlbHn4z3nYLLWWgluhDxsmVr/GG+NABhIhP7d1sagABhzQgkLRPzYSrF3P/gYbA68ff0p+6/KYgj0JwtAr1Gr9mbrQ5cm7u+8FJTVQ57/l+67m2u2kmAuT1efSOAaZsiGHJF8zYV34HRSUskkJNpo7l4fBEdw8Lfj6Q3YfTqDYjc9zs5D4VfKDR2kxaA/p25kx3L+dLts/Z7Ws6Gljf7CizJi2m6fnk3Ngd7m/pw4T/+HJ0oPTePUNd6oZ3M/BuWc8bgvrZahpwGYG9vjcbs19YGIEBWNQI2jIAFI1DK/RKxvNdo51939mZfKjHlm7ZFoBfx7INxDMHF8LWxBMJGYO76/mNhIBdjmN5xiOgoXQMiGHJP7a5rYJjwO4XiTrTibDJNdcNts1J/kCug8AuFid9E+LMQ/sDoTXwORjvjcOHvzv4+qWLPOhXNFxfYicxrPBfCX2kr4Q8g0AAEJCbntSMMQIA2bAR+Bfe/xi2n74DINrURGDpGILgYvjaWgAh0LZCTX0M8fVNhmud5SzCA7J0YPD6qEcCO8oPCfHIb88llWlke08rUBlermzbOTf1Rctycg8way7IZUg8bu2bIk9wuocF9SSue/xjMogj/q9tY+AP8NAABicl57SgDECAeNAKo0VWK/b/BaNo1hWTX7d9bqPw4vTIgqNnGCASZ5+vEEqjW1K/U2Vof8enr+7o9016M1qR3YzB5tWtA+wNLDWVhQrnMJy8UnkLjzXrHyN28efYB/rQyCv/Elltzn2248L9ptU6liv2nYfbSBXay65VepW1r/OFioQEIE5nYvzvSAASIhxkBt5j7jWeq63eW0rf/KKtkkFa1a6DpmguD7PN1IgmEm+wltLPp6cWIHve+WCLuZ6VcyD+JUeZrVUndctsZaQw6a9bR5RNJjucaIFBbzjro1js0q9NTE/nTcB+dbyUznST8ARIagIDE5Lx2tAEIkNeMQAKrqtrSIvC/cOLX24nc5m8seW5OdvJbBGgEAl4d/Ro2AnM25N+CyQILMSrgt572sDxs1/8F90x3000r6+iim7yLDwn/cSv+nqmUMrPQ8ng+avwv9yoV9PGXWiFyX9QMaQCiJjq29GgAhvAKG4HfYZzX9Z7Tv7k3+2wZvU0jMARWp78NG4GAh5jFbgp/gKOzX0PC3539R5cZ65qFYSIi/C/rYOEP7gsagIDE5LzSAIzCHUZAoZs3bkuLgFPM/R6xeG5wncxGNN3RCIwCrJM/CoyADNT0F31qqghynVwyk3jtI4Rfd1mx3Bw8WM6LJTMvrQp/GetTaInT38yx+hsNkQag0YR3nz4NwG74DDMCiCPwBwPzt7us1MYvXqj65Dh2DeyGHr8igU4jEBL+912rp/S7hTmI6X0e5vG/hMI/4oZoGwNgj7g0ftDqBODMtYm+OU/+M+3ES9AisKa/mD+/Z3n/jclyacP9WbXTyNIItHpBM/8kUBeBQPiVqvRigUlZXbUYT8ztr+TPtZPpF4vwowIhK1JKbZ9aURfs5jyYhdqc5RJFrvxmOg0TUBEjYMVfbMZiq0pozpu2tP8m0y6v33aReoZGIArUTIMEWohASPiPuebJfbxKfF7JNM6JJTIHeY7jCz9iQ1D4W6hYx5NVGoDxUGuhYxDkpWoE3DKm6ZbFCBxkJmIr3KJxbs+y/pu046zHGIGnaQRaqFCZVRIYD4GQ8Hdnn9pXxWLztGucY6cyLwoLvx9Jajzn4TEtQ4AGoGWKqr6MjmIEXhSLxa6rGPlzpy3beXPZ9Nb1XqyeohGojzOPJoGmIxAS/rde/fR+cc+cj9lCZ6Op/4UU/qYrsQnLEA3AhKFujhONYgReaMbS1xjF3DnTlvffHCu7676eVU/SCDRHeTEXJDBuAiHhf0f2mf2duDUfsR8g/JkXUPjHTbZtDqQBaJuiHNuFjGIEXoAxAleXde7c6UtzNxumu3b7JeoJGoGxceXeJDDpBELCP335zgMMz1pQVvps9PE/j8I/6SXUNBmgAWiaopicjIw0ArHnYU35ZW4xf/a0ZblbPMddizEC/6IRmJzy4VlJYK8JhIS/O7vzWWbMWoAIoWdZqfTzDKc8bHAffvvcOpxASxuAJ1F4GYSnwrS3Di/G+i8/MAKG62CwoOMpK/Y8OxZfWjH6z+mBEdCJ9K29i2kE6ifNFEggYgJh4V+pn6VK+TOU4Z2FPv7nuBT+iIFLcr7muKJBrbxhpkcLbrjhZV3sY67R+3he7gllWJbWrsxXbWlD00wlAcCeRiQQGAEbLQJSc0CseH1rQhmfvP+SKf+UvDKgUDOVGPPScQQC4c8qefYZxy/vO7CkjTMREfQM9PH7wq9dp4LfsonfsswG4hYNgYpSlo3FNF3TzBzgT6euaVI0yU9cKq1pAPzly5UWATJj+XvNWPJ9SpmGW86JLUMkPMOaOIRtfyZh6g4YgVLuH8B/q4IZ2H7p4AIyvcaVnlFberbtifACSWAyCWSzZrdxhRmszjd9Wf9zNETfUPoMO5F5ttT4RfiRRXkOtugzHjlvvk0WPsJM6ozS2jM8p/hFz0mfVC2HanTa5svy7nPUwjfHIHD8AI6FSi1ByRyr7JjhlmgEdl/s4/q2agRMtAjE/RaBf8IE3OY66pO92a6/S4p+i4AYMMaVHxdgHkQCuyWQ1WY3BCgQ/u5s/3OtmD4T4n86avwHumUIv0fh3y3D8X1ZFf4EhL/iGJ5bfgDCuQIVoAeqyQ1q0fiSn7yjWtgA1KANaXo55qr+YzxlLFF2/DiTRqBRd1XNCNgwAgnpGvgXWgRu8+L6lt6P0wg0CjrT7WACYeG/rv+5ZlmdhRq/CP+z3HIJwo+4vazxR32TDAi/B+HXlfI30JeyYtvlXdv8Ew3RnqhPPFHptb4BAClZ2WzrDNQ8MS5AwE27qm+astQSw4y9E6vjsUWgMXdT2Ag8gXaxtbYyb/76pZm/ySnZItAY8Ey1QwiEhP8dy3LPq2jvbK3UAgj/ART+ht0HQ4S/jDZN52va1SsevHzKg/4ZIfwzthrm1plK9mvprS0MQFACvhF4DMMza03Q05f19aB5bIkyY8ebGMjGroGAVKSvYSPwJEpgnRVTNz1wYeZxORONQKS8mVi7EwgJ/7HX5p7vOvoc9ObPh/DvT+Fv2A0wKPwyjsJz7kc3J5r6p+zwz4hymYHls9tB+AOCbWUAgosKG4Ge5X1vN7W0CNjvtmJotpbBgpqDBQNeEb2GjcBTSHedZ5du7r3wgL/IOWgEIiLNZNqTQEj4u6994oVmJXE2LlaEfz8Kf8OK3YW5QmNxRrkOlkvzKl/xlF6x45Ip3/TP2IbCH5BsSwMQXFzYCExb2vc2DIpdghkc76ERCChF/ho2Ak8rZaxzLfOm3gvTNSOww+41ujlYMHL0TLAlCfjC34vBfT3+dL7ua/MvtFzvHK194d+Xwt+wUh0m/JhJ/mVMdV7x4GVTvuWfsY2FPyDa1gYguEgxAoegayBb6xo4ZmnhrZ7y0DVgvs+KJY1KqR+7+v05nD4YQKv/tWYELAwWBONi7hm47PW2Z974jcvSf5bku7M0AvVjZgotSyAk/Mctzb+oYnrnonVyHmr8+7jlIpqh/fgmnM4XbSGjqV9bdqILcc+EsfdFU5srtl2W+racJotyebTNmvp3ha8jDEBw8TNmwAgcMmgEepbvfAtGsC8xlf1+X6RKOdlV+oFoBAJo9b+GjED/TqXVBm04Nz542X5/lORpBOqHzBRaiEBI+KctferFyoidq5Weaye7plL4G1aW/rMdsRIQM6ZoeLryBcykQFP/1O/IGX3hfxR9/Ftbf3Df3hLsKAMQQAkbgWlLd74ZMwgWI7rTCVY8hRYBGoGAVYSvw4yAU+zvQ4SyDZ5p3dh7ceoPch4agQhpM6nmIxAS/u6rCy8xPfdcDEiaG0t2TaHwN6zIhgh/wUDU2M/hn5UPXjb1u3LGThT+gHRHGoDg4sNG4Jil+aM85S5B5MwT7URamq1lV7+fCM1yHc0qYBbB6zAjUCn094Psxopn3/Cty1O/l/TDXTYRnJNJkMCkEQg3Kb/tqsJLbbNyHp4pc+xUVxeFvwFFg+H7+J8fFRbdKajU5dHq791nagtN/envyxk7WfgD4hQ1kAgbgZ5PPHMkBgouxlcnYzGNmhFAvG2lLRqB4Nap+7VqBADaSsgYgXw/mkA3Wcq+YdvFyd9J6jQCdTNmApNIICz8x1xdfJmrK+ehC2w2nitdbgn9z9U1TNjHH1U5+cIvTfja9oW/COE3jM8C88od/2+fH8gfFH6hUN1oAAISeA0bgWlLnznCMM3FGCcwo3ozSYsAjcAQZFG8DRuBHFoENhuudf2Dlyf/V05AIxAFZqYxUQTCwj/tquLLDcs9H5WHWRD+DIW/ASUxQvjxrFZ6q+F5aOrf54dyRgr/SO40ACOZjDACxy7NHeaZejF6AWaia0BVuwZoBEZBV89HNSNgokUA4zCKuTzGCGx2Tev63ouTv5WEaQTqwctjG00gLPzdVxdfYXnu+WiLhvBn0m5J+p89huyNsiDCwl/KIzC/3mJ6auUDl2UekVNR+HcNnAZg12xgBLb4swG2bp0pg0iMnqtzhyLc7SI4+Q/iB00jsBt2dXwVNgIFWPnbLc9a88Dlyd9IujQCddDloZETCAv/sVcVX+ma7gVohj4Nz4kUhT9y5Hgk4Cmshzb1I7ibMj6DMMmrdlyc+ZGcMfz8bkAuWj5JGoC9KMLqjTTDCKaHHHN17j88T8sYATECJvqvJRWOEdgLlmPYJWwEimIEMFNjzfZLkr+WdGgExkCTu0ZOICz805cXX4U+/UD4kxT+yJEPEX4Dffz++CwZ6PcZ01Qrt12c+YmcUbpyDWMrntfVilsDctE2SdIAjKEow0age1n/G9AigOmD6kODRkDDCCCOAGcNjIHsbnb1nb7MxDBt2+8ayBeV4d3pKr2m95Kpv5QjaQR2w49fRU4gLPzdy3e+xtLqAm2Yp0KUkhU09WPEOZ8DUZIPngOGGhB+rfWnUeNf2Xtp13/LqSj8YwdOAzB2ZiP6lHo+0f96ZRqLIPwfhhGwqlNOaATGgXbXhwQPgAEjkCshdsOdpuut2Xb5lP+RA2kEdo2P39RPICz8x1zV92+eZV6Ajn0IfyZB4a+f8YgUBn73EP7q1GwXlat7tGes2vH/un4q+4cHb49Igx/skgANwC7R7PmL8ANh+rL+f/eUsRCLEn8EDwSbRmDPDMe8x8ADIWgRyJURM/1TpqlXb79kymOSHo3AmKnygN0QGPE7X953sOephVjj4hT8zuMU/t3AG+9XA7/zAeGvYHTf3aY2Vm+/tOtnkix/5+OFO3gcDcAgi3G/Cz8gjlvW91q0/y1CgmIEYjQC40a76wNHPiAc1Azu0p5GzWDKo3IgHxC7xsdv9kwg/Lvu+UTfIcrE71oZH+Xves/8xrXHaL9rw7jbNvSqb1w65ReSJn/X4yI76kE0AKNiGd+Hoz0wTEstxGg2qSnQCIwP6+6P2sUDw8MDo5cPjN2z47ejEgj/jrth6E0a+lFZRfbhKL9jiNOnPFevpqGPjPKIhGgARiCp/4PwA2Q6mwzrh7qnFEY+QNhkuCdm/H4YgRG/W3bpDePTkD8Gfrfs0msI3z0kSgOwB0D1fB1+oLwNg4ZsZVyAwWscNFQP2N0dO/BAGeg75KCh3fHidxzUOxn3wMDvdED4SxhMeWdFG2u+xUG9E1YiNAATgDpsBHquLb7arDjoGuC0oYbhDx4wwbShUh5GQH8ak4bRNTA4bWjo8tANywsTbkoC/u9yyPKvMq3XNGQ2D6b1JtJWNb4HZ/NEWnjB73JgNk91Wq9nx1bvuDD5KzkX+/gjJb7bxGgAdosn2i/DRmD68p0IHKIQOMT8GOYPM2JYtLirqfkPHH9974H5w/iCgUMawbpF0gzH82BgrwkpuFBgrzyCJXh3KMTz2H7JVAb2mpAiGHkSGoCRTBr+SdgIHHvVM6/0TDuIGU4j0IgSGDACwSph1dChCCe68sFLMz+WUzJ0aCPAN0+a4fKdtiz3RiwYg8W+GNq7gaUUEv5cQdb4ML3K9Q9cvg9DezcQ/N4kTQOwN5QatE/YCHRf/cwrlGeejx8IFw9pEHNM4RoeQ7yUw/RiY4uLxUN6a4uHhGuIjcoK050YAuEIcd1Y3MvyF/cysLgX1/RoUCmEhT+PH95mbXpY3GsfLu7VIOhjTZYGYKzEGrB/2AhMu+rplxtm7DzEE8W64RkuH9oA5iOMQFGWeja2YJ73yu0XZx6WP/xyGdJHLJ9xax0C4Qhx06/OHY44EbKGx0z8rmTFSbzlqp4Rl2hN+C2s6pkUxrIu7ybDc2548PJ9ubx3xLDrTY4GoF6CER4fNgLHrSi81HEq5yOyIIxAV5dbLiLEuMvlRCNkPtIIyMJO3mcNba148LI01xGPkvUEpRUW/mlL80cYyl2CsTYn1xaQQU4o/BEXR1X4TQh/XIS/vx9Na5tiMfv6byxJ/V7OxcF9EROPIDkagAggRp5EVpvdRq/Zm+0RsTe6ry68xNTueRjFPgdGYAqNQOTEa6uMGbKymOXXDkt54Dbu1bqCroF9vi9nZItAA7hHmGRY+LuXPnOUUjYW6zJOqsWRl7NhYSnDREcQn33RsA8Lfx9mUWz0lHVD78WpP8gpurM77F6j2zOySn5f3JqIAH8ETVQYI7ISMgLTlhZerEz3XAjTXIjUVBqBEcQi+ECeZ/6sAQv9w0alLCu76fuw4uPK7ZekvycnoBGIAHOESYSFf/ry/JuwUtxiCNGJdjxlVEp+946LgsQysXzkRYQ+JPy5nTBaG7Rn3fjgZak/yjko/BGRbmAy/DU0EG5kSYeMwDHXFA7yXPdcpC9GYB8agchIhxOCaKBFYMAIuJ+vdQ18V3akEQjjmti/w8KPpv43+039yvrAcOHH8tzcoiIQFv5nkPAG07Ju3HZR6k9yEgp/VKgbnw4NQOMZR3eGkBE4bmn+Ra7yzsEvch6MwL5uGcG0vArHCERHPEhpwAi4ThFDBLwvuNpF18DUb8sO4bEbwUF8bQyBcF9y99Kdb7WUtdgwzfdbMfQ/D9T4KfwRlkBN+G308SdkcN/TEI/1ljZv+sZl6T/LeSj8EdKeoKRoACYIdKSnCRmB7mvzLzQr3tk4x3wYgf1oBCKlPTQxv//YjmeUGAEMyPySUt4KBDJ5yN8J5TLjYENtnel3IQw9ju8jICDCv/Ux9N7X+pIRSOtorc0lyrTe6wt/GbEddHUcRwSnYxJVAmHhfwofr/Ns8+beC9N/kV0o/FVQrfgvDUArllqQZ98IGGZvFiOasU1b+q8XGEbybK30gliyi0Yg4BT96xAjICHMK182TMwauCj1Lf9UNAKREg8L/7RrCm8zPHcJBvi9x4qhNkrhj5R3LbFhwu8U+59SWq01jOLND172rL/KPt1ZjcF9MFwc3FdD1novNACtV2YjcxwyAsdmc8+v2MZZCLO5AC0CB7BFYCSyiD6RrgFTgsm4DoyAW/mqqfWKbZdP6fXTpxGoC3NY+I+5qq/bU2qJsux3+cKPIE44gT9zo64T8eChBIYJP5r6n0C48rV2xbjlgWzmcdmRwj8UV2u/pwFo7fIbnvuQETh6We55McM7CyOfxQg8i0ZgOK4I/xo0ApUyjIBzPwIOrth+6ZQd/jmyWXQNXMGugb0EXhX+K9HUn/WnjU1f1teDWXsQ/tjxlh2XPn4K/16yHMNuYeH/F2ZNrHUM85aHLs38TdKh8I+BZovsSgPQIgU1pmyGjEB3tv+5VkyfiYfo6TACB7pliJTncLDgmKDu1c6+EbDQIuDBCBiu83Uo2Iodl3Zt949GVWrGVsPkGIHRWfrCPwM1ejRdyR49y/qnm4axxLBi7zAh/C6Ff3Rw9X1aE/4YBvfBXBVz/4R5vc111Cd7s11/l6Qp/PUBbuajaQCauXTqzRtqnt3GFQNjBKYv638OTMAZWADlDDRbP9t1/NoqjUC9nEceP2AEdMXBpIHyN0xlrNh2cdc2f1cagWHEwsJ/zNX9x3jaWGKa8eOUHaPwD6MV2R9V4bcg/DG/VeUfWBjrVoj/rdsv7fo/OUtV+K9EH3+1JSayMzOhpiFAA9A0RdHAjEBwuq80rGCw4PHL+w4saeNMdA2cgRaB5wRGADeDiacCKl3cIiIw3Ai45QfAGF0DXQ/46Xe4EQgLPwzqsbj/lphW/FgKf0R3YCgZ3H/wVgYC9dWEv5iD2OtbE8r45P2XTPmn7O4L/xUSMbHaEhNKgn+2EQEagDYqzD1eSsgIHA0jYGvjdIzuPdNOZZ5LI7BHguPdYdAIYCkHr1LajoewdA183U+ww4xAWPjR1P8OPIiWYDTldAzwY41/vHfZbo4bIfyF3N8xW+iTFWXc9hCFfzfk2vsrGoD2Lt/Rry5kBLqzO59lxqwFaP47y0pmnuc6DgaylfFsYIvA6ADH/akLpspMZLC0A4yAW3oQ4VNXbL+462t+im1uBMLCP/3q/ncirDVq/IlpIvxeKSe1U/yfAXzGfYeFDhwU/jia+tGdUsz9Dd2At3iOu7Y3OxUD/VjjDyHrqD9pADqquEMXGzIC71it96/k+07XpnkWxgg834MR8GgEQtAi+bNqBOIwAl4FYwVLveh/XbHj8sxXq6ljsOCW9hks6Av/TJmuVxvcd1XuXXi7BFP5upUJ4S9T+CO5q4YkEgg/ulNsE8KPmROPK8+7xU5Pue3rC9WTsiub+ocA69C3NAAdWvDDLjtkBN59td6voHMLUBc7G2MEXkAjMIxWlH8MMQIuugaK30TtDF0Dma9UT9LaRmCE8C/LvRutTGjqT74d0fso/FHeSbW0Rgh/MfdXrH90c0pl1n7lYiVR/Cj8DeDeqknSALRqyTUi3yEj8Narn94voe15aKY9B0bghTQCjYDupyljBJTltwiIESg8pJR53fZLMl+unrG1jEBY+Kcvz71Ha+/jpp06WoTfRY0f18Wm/mrhRvLvKML/F3Qv3VRSlfXfvnhfCn8klNsvERqA9ivT+q8oZAS6s0/tq2KxeUj4nFgy8yIagfoR7yKFQSOgPXQN5L+NpvIVOy6Z+sVg/6q4NudaA+G89Szf+T50baCpP/1WGBoKf1CIEb6Ghd8p5mRhnpu046zvze73tJyKTf0RAm+zpGgA2qxAI72ckBE45pon99FufC6qbueiReAgiSWEgWwSR0CmDnL6YHTwhxkBz8l/x9Tmim2XZb4QnCIstsHnk/EazssxS3Pv95S3xIyl30Lhb1iJSCuKhwGU6OO3JYDPn/Awv1FZ5Q3bLtpfluil8DcMffskTAPQPmXZuCsJGYHjs09MLdqJuWhiFCPwYlmBGFPbaASiLgGFudgYFCBdAwjdiBaB4ncxPWPlg5dN/VxwqrD4Bp9PxGv43NOW7jwBuV2MlfnejLkO1Ro/Ov3xP2si8tMh56gKvw3ht33h/yO66G5MVkob7s8esFMYsMbfIXdCBJdJAxABxI5JImQE3nLtP6cknNQcDDI6D0bgJVUjUIYR0GwRiPKmGGYEtFFxct+H0KJrIH1fcJqwGAefN+I1fK6e5fkTYUyW2LHMUQgeQ+FvBHR/0SPlISRyIPx/gLG6oRQrbPzOhQf2ySkp/I0B386p0gC0c+k26tpCRgAPni7LLsxGYBEYgfTLaAQaBH7ACKTRIiBLDRR+oJS3cvslUz4bnNFfmz3bjS6EqKO4IZpkthfRJHukpcffpi/vO1lrEzX+1JEwgRD+POL4s8Yf8InoVaZPDhH+/O8QuOsGt5LahMie/XIOCn9EpDswGRqADiz0yC45ZASOW/H3TKWcmY3hAGIEXl7rGvD7s3FOjhGICvxQI4A03XLhhxhsh66B9NbgFNEZgZHCP21pfgb8xWIrnjpCzkfhD6hH+urPlEB0RKva1J//XzQC3GDHc5u+seS5OTkThT9S3h2ZGA1ARxZ7xBcdMgLvzep0PpafhUrq+TACr/Aq/hx3GoGIsaO2LTV9LJaXQh87/nDyD3uet6r3sin/FZxq/EZgpPB3L+37T9M0F2FU/+Eyiw8tEDg/Spl9/AHuKF5rwp+E8FsY3Jf/LR7S16ed9OYvZVVeTkDhjwIz0xACNAC8DyIkIKIxuOjQm1brVKqYPw0D2C6wk12vpBGIEPXQpHwjgPi5dtqq9cH/CC3xK7HoEIxAtStg741AWPi1wiI9/4mxiKjxZw41MOLMreTFzFH4h5ZB/e9Dwt//GwykXFNIpm//3kJVkOR94c/6pg+uixsJ1E+ABqB+hkxhBIHhRqB7s06af+0/DXbzAjvR9SrPZYvACGRRfKAkPgCq44NG4MfoeFn54EWZzwQru+3aCISEH606067JfRABfEX43zgo/HhkaM1R/VGUVzWNQeG3UOMv9f8aRbjGe0HX7b2zVFF2ofBHB5spDSdAAzCcB/+KlEDICGR/n1SxZ5+qtLcQLQKvphGIFPbQxPzBeANGoJT/ibL0qqNLmU9ns0oEB6Kyw+71BwvK+8HBfdmsNh9K5D6kXbXISqT/Y0D40QSAwziOYyjl+t4PF/5i/6+0Mldr5x939mZfSuGvjy2P3ksCNAB7CYq71UNguBE4/hydKD0vDyOgL7ASmX/zPLQIOEVpVqbI1IN55LG+yPhjBEx/Xv5PlbZW7v/K5Ke3zhweTVCm9j35m+KHtHKlxv96w5O4A9LHzzIZibWuT6rCH0Mfv4RFLuX+Ryu1JvG39J3336RKkjJr/HXx5cFjIEADMAZY3LVeAsONwIysjj8Zz5+itV4II3Cwhuh4FJ16IY92fE10UpYSI1DK/QydyKu08/A9srOKHf5hPAhQ48/8O8tgNHyRfBYug8eUUqv3L6c/tTWrynIGCn8knJnIGAjQAIwBFneNisBwI3DoWh3b54ncR9HfvMhKZg6hCEXFeUQ6AyKE0fyyROyPZA8s/XwoZg/QfI3AFckHA8x981XMPYqOlFXPHJC560cLlCNnoPBHwpmJjIMADcA4oPGQqAiEjMD8R2L7vPg1H0Gj80I0Q7+ORiAqziPS8ccIYHU+fzAfVh/0Qw5jL/bxj0A17g+GC38593MM7lv9zB9/efeP1h1G4R83Vh4YJQEagChpMq1xEhhuBKRGpGI5NkuPk+YYDhORko3CX+UQxb/DhX+guyVzDyL3+VEUWeOPAjPTiIIADUAUFJlGRASGGwEZmPbEr3MfhjwtkoFpbBGICDOTaQSB4cJfzv0UXVqrDnhV5p5gwCWFvxHYmWY9BGgA6qHHYxtEQIzAyKlpMifdjGfewKlpDcLOZMdDYNiUS6+c+28Y1pWjT7mMen2G8WSXx5DAIAEagEEWfNd0BIYbAQNz1HtiuQ+aGkYgkRmcoy4z1RicpulKr60zFAq65JVyP/GUsXKHg6BLI2ItUPjb+l5o4YujAWjhwuucrIeMAKLUTV/O8LSdU/5NdKW7Crt8CcIuq7GGXW6i62JWOpIADUBHFnurXnTICOAyZIEazKdebMczh0kYXC5Q06pl2+T5Di28VCnnHkH8ipXRLLzU5NfO7LUtARqAti3adr6wkUaAS9S2c3lP4rWJ8CMMshVP+zMlGrv08iReJ0/dkQRoADqy2NvlokcagenL+05GD8FiLFl7pAwN4Fr17VLWE3wdQ4UfYROx1PIP0MK/cvslUz4b5GRwPQX28QdM+NpaBGgAWqu8mNvRCShMGTSD6VayS8/yvhOVYS627NSbakvk+qO1UZvjSnajM+SnQmBA+DNmdbZJ4Xva8FbuuGTKfQEgmZ6Ke82f9hd8xlcSaEUCNACtWGrM8y4J1B7O1fXqsde0pTtPQAMuWgSSb8b66mgRyAUPbhqBXVLsyC/8hY8QbwLCLwshFb9raHflg5dN/VxAI3xvBZ/zlQRalQANQKuWHPO9WwLhh/UxS3Pv95S3xIyl36JoBHbLrsO+HBB+DeH3nPx3TG2u2HZZ5gsBh/C9FHzOVxJodQI0AK1egsz/bgmEH949y3e+T2lzsRlLHU0jsFt07f5lSPgLD2klTf1TvxhcePjeCT7nKwm0CwEagHYpSV7HbglUH+aIJWhUB2xNvyr3Hm3qJaadfJuSddnZNbBbfm305aDwe67hVYrfUp5asf3yzJer16gxnsQYNp6kja6dl0ICwwjQAAzDwT/anUDYCPQsy71bGb4ReLsYAYRy9TDoG//nYME2uxdcPOwUQkmbuir838TsvhU7Ls18pXqdFP42K29ezl4QoAHYC0jcpf0IhI3AtGW546H7aBFI9CjTphFonyIfIvwV1PhLO+ADVjx4aeb+6iVS+NunqHklYyVAAzBWYty/rQj4RmAGugaCMK5XPfNO07KWmFZimrJswy3lpDVAZg5w1kBrlbw09aMYM0q7EH639KDnuit6L9/na/5lIFjEjK1s6m+tImVuoyZAAxA1UabXkgTCRmDaVf3HactYYlnxY5QVoxFonVIdIvyO4brlbco1Vjx4edc3/Eug8LdOSTKnDSdAA9BwxDxBKxEIG4Hpy/qPRRMAWgTixyqbRqCJy3JQ+CsOavzlB/BwW7H90q4H/DxT+Ju46Ji1ySJAAzBZ5HnepiYQNgI9y/qnIxj8EsOKvcO042wRaJ7SGxB+r1KWmL1fR38NBvd1bfezSOFvnpJiTpqOAA1A0xUJM9RMBMJGYNpVfdO0UhgsGHsnjcCkltQw4fcqzteU1mjqn/KgnysK/6QWDk/eGgRoAFqjnJjLSSbgG4HHMD0w68eAN465qtDtKXcJxge8y4rFjQoHC05UCfnCb2Nwn+uUEa3X+aqprRXbLk/1+hnIanPGwYYaui7ERGWM5yGBViNAA9BqJcb8TiqBsBHAokNvN7VaYpj2u61YwsA68Ro2gbMGoi8lFwv1oNFFhL+EeRmVr3hKr8AiPd/0T0Xhj544U2x7AjQAbV/EvMBGEAgbgenLC0cjlvwSBBN6L41ApMSHCT+C+HwJIZxXbL8k9ZB/Fgp/pLCZWGcRoAHorPLm1UZMIGwEjllaeKunKjAC9vuwAqF0DcgZpdmacQTGxt5nhqZ+WZkPC/RVvmhqG4v0pL7tJ0PhHxtN7k0CoxCgARgFCj8igbESmDFDW4ccYuhsbYwAFh16izKsxcpQH7DiKRqBvQc6KPzlAnpT9Oe14coiPd+RJLIQ/kcfRR//Vszu50YCJFAXARqAuvDxYBIYTiBsBKYvz78JzdbSNXCClYARKAYtAggzhE5tbkJAgi36gm7ZSdT4SxB+z/0cmKGpP/092YPCLxS4kUC0BPgEipYnUyMBn0DYCByz9JmjtLIXa2WcZCfSg0YAA9ugf535O8QqTPifP2BShL9SystajfcqXVm57bJ9vi8gKfz8QZFA4wh05oOncTyZMgkMIxA2AtOW5o+Ayi1BrfdkX/T8FgFVwWdWxxgBX/ilxq/tIQw+a2gs0nNZ+ocCkMI/7DbiHyTQEAI0AA3BykRJYDiBsBGYfnXucO3pxdhr5hARbG8jMKrwG1uUqVZuvzjzsBCj8A+/b/gXCTSSAA1AI+kybRIIEQgbge6lucOUqTFYEEYAwW2qYwTarEUgLPwImoRe/y3aUyt7L8s8Iogo/KEbhX+SwAQQoAGYAMg8BQmECcyYscWfFrh160x/NPu0Zbk3ohtgMboBPogWARiBvBzS2i0CA8JvoKnfH/cgox0+g6b+lQ9emvmxXGCYg3zGjQRIYGII0ABMDGeehQRGJVAVwBlGMK3tmKtz/+FVuwbECJhVI6BhBBBHoFUGC/rCL7EPVCD8MtDvMyaa+rddnPmJgJCWEMPYiuuuGqBR4fBDEiCBhhKgAWgoXiZOAntHINwE3r2s/w1YfXARjv4QjIDVEkZgpPBL68anof6rei/t+m8hEe4Ckc+4kQAJTA4BGoDJ4c6zksCoBMJGYPqy0r+jJ2AR5st9xDcCmCpn6CZrEQiEX6HGX53i6CIA0t2GYa/afmniZ3KhFP5Ri5sfksCkEqABmFT8PDkJjE7ANwJDVrU75pr+10H2FyGOgBgBW+bMT7oRGCn8Fczjv1vZxqptF3X9XK5MQiUfglUUgwiJo18tPyUBEpgMAjQAk0Gd5ySBvSQQNgLHLet7bUWphRgP8FEYgdikGIGRwu9gjMJdttarv3HplF/IpVH497KAuRsJTCIBGoBJhM9Tk8DeEggbgZ5P9B1iWGohfsBiBOITYgRGCn8Z0/nuMly9esf/m/KoXAuFf29LlPuRwOQToAGY/DJgDkhgrwmEjcD05X0Ha21egBr4Keh/T1QQR1+Wzot01sCA8Jvo45eFjfIltEB8SilvzfZLpjwmmafw73URT7pIIwAAA2JJREFUckcSaBoCNABNUxTMCAnsPYGwEehevvM1poeuAaVORYtANEYgLPzFHIRf3+mZenXvJVN/Kbml8O99mXFPEmg2AjQAzVYizA8JjIFA2Aj0XFt8tVlxL8CsgY/BCCT9lfWkRcBAHIG9X35QludzlTLt2gqGRYzqv8OzrTU7Lkz+SrJH4RcK3EigtQnQALR2+TH3JOATCBuB6ct3vkpr63x8eRqi8KX20giEhD+P/gTjdqXc67dfMvXXciIKv1DgRgLtQYAGoD3KkVdBAj6BsBF421XPvDJmmjAC5mlWMp3ehREYJvxuMY85ht7tjudd/63L9/mNJEzh5w1GAu1HgAag/cqUV0QC1cV1hsQR6L76mVeY2j4Pg/dmoUUgM8QIYNhA0NSfz2Hw4GZPVW7ovXif3wpGCj9vJhJoXwI0AO1btrwyEhhhBI65uvgyz3PRIqBnY4xARhBhBcIchgdsMk3r+m0XJ38nn1H4hQI3EmhvAjQA7V2+vDoS8AmEuwa6ry68RHneYvlSm+bK3otTf5D3FH6hwI0ESIAESIAE2oyAGAER+fBlyWfyXfhz/k0CJNC+BNgC0L5lyysjgV0S8FsEHt3q//4POWQGY/XvkhS/IAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIAESIIEOI/D/AZLPZfJWXvHuAAAAAElFTkSuQmCC + + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - backupplans + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - backupplans/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - backupplans/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - backups + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - backups/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - backups/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - dbclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - dbclusters/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - dbclusters/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - dbinstances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - dbinstances/status + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - failovers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - failovers/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - replications + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - replications/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - replications/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - restores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - restores/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - restores/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - sidecars + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - sidecars/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - sidecars/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - switchovers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - switchovers/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.dbadmin.goog + resources: + - switchovers/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - backuprepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - backuprepositories/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - createstandbyjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - deletestandbyjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - failovers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - failovers/status + verbs: + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackupplans + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackupplans/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackups/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancerestores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancerestores/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instances/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instanceswitchovers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instanceswitchovers/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instanceswitchovers/status + verbs: + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - replicationconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - replicationconfigs/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - sidecars + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - sidecars/status + verbs: + - delete + - get + - patch + - update + - watch + - apiGroups: + - baremetal.cluster.gke.io + resources: + - clusters + verbs: + - get + - list + - watch + - apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - cert-manager.io + resources: + - issuers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - network.private.gdc.goog + resources: + - dnsregistrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - create + - delete + - get + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: fleet-controller-manager + - rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - backuprepositories + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - backuprepositories/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - backuprepositories/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - failovers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - failovers/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - failovers/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackupplans + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackupplans/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackupplans/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackups + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackups/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancebackups/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancerestores + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancerestores/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instancerestores/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instances/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instances/status + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instanceswitchovers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instanceswitchovers/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - instanceswitchovers/status + verbs: + - get + - patch + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - lrojobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - lrojobs/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - replicationconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - replicationconfigs/finalizers + verbs: + - update + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - replicationconfigs/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - sidecars + verbs: + - get + - list + - watch + - apiGroups: + - alloydbomni.internal.dbadmin.goog + resources: + - sidecars/finalizers + verbs: + - update + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments/status + verbs: + - get + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - statefulsets/status + verbs: + - get + - apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - cert-manager.io + resources: + - issuers + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods/exec + verbs: + - create + - apiGroups: + - "" + resources: + - pods/status + verbs: + - get + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: local-controller-manager + deployments: + - label: + fleet-control-plane: controller-manager + name: fleet-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + fleet-control-plane: controller-manager + strategy: {} + template: + metadata: + labels: + fleet-control-plane: controller-manager + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --image-registry=gcr.io + - --data-plane-image-repository= + - --control-plane-agents-image-repository=alloydb-omni + - --control-plane-agents-tag=1.1.1 + - --additional-db-versions-for-test-only=latest + command: + - /manager + image: gcr.io/alloydb-omni/operator/fleet-operator@sha256:d572daf1b1ff96be43c5c5621595c905064669ce1b5babf957dc21f81a806801 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 8080 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy@sha256:928e64203edad8f1bba23593c7be04f0f8410c6e4feb98d9e9c2d00a8ff59048 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + serviceAccountName: fleet-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: fleet-webhook-server-cert + - label: + app.kubernetes.io/component: controller + local-control-plane: controller-manager + name: local-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + local-control-plane: controller-manager + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/component: controller + local-control-plane: controller-manager + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --deployment-platform=generic-k8s + image: gcr.io/alloydb-omni/operator/local-operator@sha256:6ef95ae595664e502e1555c569f3b2a308ecd4c01c251b8e19996a2538d73781 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 8080 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 500m + memory: 1Gi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy@sha256:928e64203edad8f1bba23593c7be04f0f8410c6e4feb98d9e9c2d00a8ff59048 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + securityContext: + runAsNonRoot: true + serviceAccountName: local-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: local-webhook-server-cert + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: fleet-controller-manager + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: local-controller-manager + strategy: deployment + installModes: + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + relatedImages: + - name: fleet-controller-manager-image + image: gcr.io/alloydb-omni/operator/fleet-operator@sha256:d572daf1b1ff96be43c5c5621595c905064669ce1b5babf957dc21f81a806801 + - name: local-controller-manager-image + image: gcr.io/alloydb-omni/operator/local-operator@sha256:6ef95ae595664e502e1555c569f3b2a308ecd4c01c251b8e19996a2538d73781 + - name: kube-rbac-proxy-image + image: gcr.io/kubebuilder/kube-rbac-proxy@sha256:928e64203edad8f1bba23593c7be04f0f8410c6e4feb98d9e9c2d00a8ff59048 + keywords: + - alloydb-omni-operator + links: + - name: Alloydb Omni Operator + url: https://alloydb-omni-operator.domain + maintainers: + - email: your@email.com + name: Maintainer Name + maturity: alpha + provider: + name: Provider Name + url: https://your.domain + version: 1.1.1 + webhookdefinitions: + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: mdbcluster.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - dbclusters + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-dbadmin-goog-v1-dbcluster + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: mfailover.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - failovers + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-dbadmin-goog-v1-failover + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: mreplication.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - replications + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-dbadmin-goog-v1-replication + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: local-controller-manager + failurePolicy: Fail + generateName: mreplicationconfig.alloydbomni.internal.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.internal.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - replicationconfigs + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-internal-dbadmin-goog-v1-replicationconfig + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: mswitchover.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - switchovers + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-dbadmin-goog-v1-switchover + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vbackup.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - backups + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-dbadmin-goog-v1-backup + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vbackupplan.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - backupplans + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-dbadmin-goog-v1-backupplan + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vbackupplan.fleet.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - backupplans + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-dbadmin-goog-v1-backupplan + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: local-controller-manager + failurePolicy: Fail + generateName: vbackuprepository.alloydbomni.internal.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.internal.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - backuprepositories + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-internal-dbadmin-goog-v1-backuprepository + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vdbcluster.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - dbclusters + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-dbadmin-goog-v1-dbcluster + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: local-controller-manager + failurePolicy: Fail + generateName: vinstance.alloydbomni.internal.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.internal.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - instances + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-internal-dbadmin-goog-v1-instance + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: local-controller-manager + failurePolicy: Fail + generateName: vinstance.local.alloydbomni.internal.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.internal.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - instances + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-alloydbomni-internal-dbadmin-goog-v1-instance + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: local-controller-manager + failurePolicy: Fail + generateName: vinstancerestore.alloydbomni.internal.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.internal.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - instancerestores + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-internal-dbadmin-goog-v1-instancerestore + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vreplication.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - replications + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-dbadmin-goog-v1-replication + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: local-controller-manager + failurePolicy: Fail + generateName: vreplicationconfig.alloydbomni.internal.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.internal.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - replicationconfigs + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-internal-dbadmin-goog-v1-replicationconfig + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vrestore.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - restores + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-dbadmin-goog-v1-restore + - admissionReviewVersions: + - v1 + - v1beta1 + containerPort: 443 + deploymentName: fleet-controller-manager + failurePolicy: Fail + generateName: vsidecar.alloydbomni.dbadmin.goog + rules: + - apiGroups: + - alloydbomni.dbadmin.goog + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - sidecars + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-alloydbomni-dbadmin-goog-v1-sidecar diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_backupplans.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_backupplans.yaml new file mode 100644 index 00000000000..433ad1c4f5d --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_backupplans.yaml @@ -0,0 +1,347 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: backupplans.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: BackupPlan + listKind: BackupPlanList + plural: backupplans + shortNames: + - aoobp + singular: backupplan + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.lastBackupTime + name: LastBackupTime + type: string + - jsonPath: .status.nextBackupTime + name: NextBackupTime + type: string + name: v1 + schema: + openAPIV3Schema: + description: BackupPlan is the Schema for the backupplans API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupPlanSpec defines the desired state of BackupPlan. + properties: + backupLocation: + description: BackupLocation specifies the remote object storage location + to store backups. For example, specs to a GCS buckets. This field + is optional. By default, backups are stored in the backup disk. + properties: + gcsOptions: + description: GCSOptions is a reference to GCS dependent options. + properties: + bucket: + description: 'Bucket is a required field, (ex: dbs-dump-bucket) + A user is to ensure proper write access to the storage bucket + from within the Operator.' + type: string + key: + description: 'Object key for the dump files. (ex: ods-dump/scottschema.dmp).' + type: string + secretRef: + description: SecretRef is a reference to the secret that stores + GCS access information. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - bucket + - key + type: object + type: + description: 'Type of Repository (ex: S3, GCS), which tells the + agent which storage system/API to use.' + enum: + - GCS + - S3 + type: string + required: + - type + type: object + backupRetainDays: + default: 14 + description: Number of days after which the service will delete a + Backup. If specified, a Backup created under this BackupPlan will + be automatically deleted after its age reaches create_time + backup_retain_days. + The valid values are from 1 to 90 days. Default to 14 retain days + if not specified. + maximum: 90 + minimum: 1 + type: integer + backupSchedules: + description: 'Defines the schedules for different types of backups. + Full, Differential and Incremental backup types are supported: https://pgbackrest.org/user-guide.html#concept/backup + This field is optional. By default, take one full backup every day + at midnight.' + properties: + differential: + description: 'Defines the Cron schedule for a differential pgBackRest + backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax' + minLength: 6 + type: string + full: + description: 'Defines the Cron schedule for a full pgBackRest + backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax' + minLength: 6 + type: string + incremental: + description: 'Defines the Cron schedule for an incremental pgBackRest + backup. Follows the standard Cron schedule syntax: https://k8s.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax' + minLength: 6 + type: string + type: object + dbclusterRef: + description: The DBCluster name this backupplan configures. This field + is required and immutable. + type: string + paused: + default: false + description: A flag to indicate if the backup creation under this + BackupPlan is paused. If set to true, the service will pause the + scheduling of new Backups under this BackupPlan. Default to False. + type: boolean + type: object + status: + description: BackupPlanStatus defines the observed state of BackupPlan. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + lastBackupTime: + description: LastBackupTime is the timestamp for the most recently + executed backup. + format: date-time + type: string + nextBackupTime: + description: NextBackupTime is the timestamp for the next scheduled + backup. + format: date-time + type: string + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: BackupPlanPhase is the phase of a BackupPlan. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + recoveryWindow: + description: RecoveryWindow is the currently available recovery window. + properties: + begin: + description: Begin time. + format: date-time + type: string + end: + description: End time. + format: date-time + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_backups.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_backups.yaml new file mode 100644 index 00000000000..388e4640756 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_backups.yaml @@ -0,0 +1,296 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: backups.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: Backup + listKind: BackupList + plural: backups + shortNames: + - aoob + singular: backup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.completeTime + name: CompleteTime + type: string + - jsonPath: .spec.physicalBackupSpec.backupType + name: Type + type: string + name: v1 + schema: + openAPIV3Schema: + description: Backup is the Schema for the backups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupSpec defines the desired state of Backup. + properties: + backupPlanRef: + description: Name of the BackupPlan from which this backup was created. + This field is required. + type: string + dbclusterRef: + description: The DBCluster name this backup belongs to. This field + is required. + type: string + manual: + default: false + description: Indicate whether this backup is a scheduled or manual + backup. This field is optional. Default to false (scheduled backup) + if not specified. + type: boolean + physicalBackupSpec: + description: PhysicalBackupSpec contains spec for physical backups, + allowing to specify backup type as an enum in {"full","diff","incr"}. + This field is optional. Default to full if not specified. + properties: + backupType: + default: full + description: BackupType is the type of backup to be created. It's + an enum in {"full","diff","incr"}. Default to full if not specified. + enum: + - full + - diff + - incr + type: string + type: object + type: object + status: + description: BackupStatus defines the observed state of Backup. + properties: + completeTime: + description: Completion time of the Backup + format: date-time + type: string + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: Creation time of the Backup + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: BackupPhase is the phase of a backup. + type: string + physicalBackupStatus: + description: PhysicalBackupStatus contains status info that are specific + for physical backups. + properties: + backupID: + description: BackupID is the unique id of the physical backup + tracked by pgbackrest + type: string + priorBackup: + description: PriorBackup is the prior backup this backup depends + on. + type: string + type: object + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + retainExpireTime: + description: RetainExpireTime defines the time when the Backup will + be automatically deleted. It's an output only field calculated from + `create_time` + `retain_days`, and will be updated accordingly when + the `retain_days` field of a Backup has been updated. + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_dbclusters.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_dbclusters.yaml new file mode 100644 index 00000000000..fa963d583d9 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_dbclusters.yaml @@ -0,0 +1,2927 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: dbclusters.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: DBCluster + listKind: DBClusterList + plural: dbclusters + shortNames: + - aood + singular: dbcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.primary.endpoint + name: PrimaryEndpoint + type: string + - jsonPath: .status.primary.phase + name: PrimaryPhase + type: string + - jsonPath: .status.phase + name: DBClusterPhase + type: string + - jsonPath: .status.conditions[?(@.type=="HAReady")].status + name: HAReadyStatus + type: string + - jsonPath: .status.conditions[?(@.type=="HAReady")].reason + name: HAReadyReason + type: string + name: v1 + schema: + openAPIV3Schema: + description: DBCluster is the Schema for the dbclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DBClusterSpec defines the desired state of DBCluster + properties: + allowExternalIncomingTraffic: + default: false + type: boolean + availability: + description: Availability contains adjustable settings for DBCluster + HA features + properties: + autoFailoverTriggerThreshold: + default: 3 + description: AutoFailoverTriggerThreshold is the number of consecutive + healthcheck failures on the primary instance that will trigger + an automatic failover. If set to 0, then it will use the system + default value. Use the EnableAutoFailover flag to completely + disable automatic failover. + minimum: 0 + type: integer + autoHealTriggerThreshold: + default: 3 + description: AutoHealTriggerThreshold is the number of consecutive + healthcheck failures on the standby instance that will trigger + automatic healing. If set to 0, then it will use the system + default value. Use the EnableAutoHeal flag to completely disable + automatic healing. + minimum: 0 + type: integer + enableAutoFailover: + default: true + description: EnableAutoFailover means this DBCluster will trigger + a failover if it detects the primary instance is unhealthy and + standby instance is healthy. If set to `true`, then automatic + failover is enabled. If set to `false`, then autofailover will + not be triggered even if the system detects that the primary + instance is unhealthy. The default value is `true`. When it + is enabled, if the system detects that the primary instance + is unhealthy for the given threshold (90 seconds), it will trigger + a failover. This feature is only applicable if this is a HA + DBCluster and if the standby is healthy. + type: boolean + enableAutoHeal: + default: true + description: EnableAutoHeal means this DBCluster will trigger + an autoheal if it detects the standby instance is unhealthy. + If set to `true`, then autoheal is enabled. If set to `false`, + then autoheal will not be triggered even if the system detects + that the standby instance is unhealthy. The default value is + `true`. When it is enabled, if the system detects that the standby + instance is unhealthy for the given threshold (90 seconds), + it will trigger an autoheal. This feature is only applicable + if this is a HA DBCluster. + type: boolean + enableStandbyAsReadReplica: + description: EnableStandbyAsReadReplica determine whether the + standbys can accept user queries or not. If set to true, a new + endpoint will be created to enable read-only access to the standby(s). + type: boolean + numberOfStandbys: + default: 0 + description: "NumberOfStandbys is the number of standbys that + should be created for this DBCluster. If set to any value greater + than `0`, then HA is enabled on the cluster and the system will + create the indicated number of standby instances. The maximum + allowed standby instances is 5. To check the current status + of HA on this DBCluster, look at the HAReady condition under + the DBCluster status. If HAReady is `true`, then setup has been + complete and ready. If set to `0`, then HA is disabled on the + cluster, and deletes any existing standby instances. Any number + between `0` and `5` inclusive is supported. The default value + is `0`. \n Additional Documentation: https://cloud.google.com/alloydb/docs/omni/kubernetes-ha" + maximum: 5 + minimum: 0 + type: integer + required: + - enableStandbyAsReadReplica + type: object + connectedModeSpec: + properties: + apiKeySecret: + type: string + clusterId: + type: string + displayLocation: + type: string + gcpProjectId: + type: string + gcpZone: + type: string + type: object + controlPlaneAgentsVersion: + description: "ControlPlaneAgentsVersion is the desired control plane + agents version for the cluster for example, \"0.5.2\". This field + is required. \n The `controlPlaneAgentsVersion` must be compatible + with the chosen `databaseVersion`. To know what versions are compatible, + check the list of available versions in {link}. \n This version + is applied to all instances of the database cluster. In the case + of a new database cluster, the instance is be created using the + specified version. In the case of an existing database cluster, + the operator will aptempt to upgrade or downgrade to the specified + `controlPlaneAgentsVersion`. The field `status.currentControlPlaneAgentsVersion` + indicates the current version for control plane agents. \n TODO(b/320311538): + replace link with the list of available versions." + type: string + databaseImage: + description: "DatabaseImage is the URI of a customized database image + within the container registry, for example, \"{{ .Values.image.registry}}/foo/bar/alloydbomni:15-7-2-customized\". + This field is optional. \n If `databaseImage` is specified, then + the operator uses this container image for the database instead + of the default database container image of the specified `databaseVersion`. + We recommend that the `databaseImage` container will be based on + the default database image used of the chosen `databaseVersion`. + \n For more information about using a customized database image + visit {link}. \n TODO(b/320311538): replace link with the guide + for customizing database image." + type: string + databaseVersion: + description: "DatabaseVersion is the desired database version for + the cluster for example, \"15.4.5\". This field is required. \n + This version is applied to all instances of the database cluster. + In the case of a new database cluster, the instance is created using + the specified version. In the case of an existing database cluster, + the operator aptempts to upgrade or downgrade to the specified `databaseVersion`. + The field `status.currentDatabaseVersion` indicates the current + database version. \n See the list of available versions in {link}. + \n TODO(b/320311538): replace link with the list of available versions." + type: string + isDeleted: + default: false + description: "IsDeleted indicates a request to delete the DBCluster. + This field is optional, and by default it is false. \n This fields + applies to all instances of the database cluster. When set this + to true, the control plane will attempt to release the related resources, + including network endpoints. See the status fields for indication + of success or failures, if any." + type: boolean + mode: + description: Indicate the mode of this DBCluster. + enum: + - "" + - disasterRecovery + type: string + primarySpec: + description: PrimarySpec contains the specifications of the Primary + instance of the database cluster. The primary instance contains + the compute and storage resources serving the read-write endpoint(s) + of the database cluster. This field is required. + properties: + adminUser: + description: "AdminUser represents the admin user specification. + This field is required. \n This is the initial database user + that the control plane creates. Additional database users are + managed by the end-user directly. This field can also be used + to reset the password of the initial user." + properties: + passwordRef: + description: PasswordRef is the name of the secret containing + the admin user's password. This value will be used during + initial provisioning or password reset to set the admin + user to that password. The secret must be under the same + project as the Database cluster. The name of the secret + must follow this pattern `db-pw-`. Additionally, + the key of the password (inside the secret) must be the + same as the database cluster name. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + allowExternalIncomingTrafficToInstance: + default: false + description: AllowExternalIncomingTrafficToInstance will be used + to configure the external LB creation. + type: boolean + auditLogTarget: + description: AuditLogTarget configures the sink for the database + audit logs + properties: + syslog: + properties: + certsSecretRef: + description: CertsSecretRef contains the certificates + to be used for the TLS connection to syslog server + properties: + name: + description: name is unique within a namespace to + reference a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + host: + description: Host is the syslog server FQDN or IP address + type: string + required: + - certsSecretRef + - host + type: object + type: object + availabilityOptions: + description: AvailabilityOptions contains adjustable settings + for HA features + properties: + livenessProbe: + default: Enabled + description: LivenessProbe enables or disables the liveness + probe which is used to trigger a container restart. When + set to `Enabled`, the liveness probe runs periodic health + checks on the database. It restarts the container if it + fails three consecutive health checks. LivenessProbe is + automatically disabled for HA instances. When set to `Disabled`, + the liveness probe is not running health checks on the database. + The default value is Enabled. + enum: + - Enabled + - Disabled + - OpDisabled + type: string + type: object + dbLoadBalancerOptions: + description: DBNetworkServiceOptions allows to override some details + of kubernetes Service created to expose a connection to database. + properties: + annotations: + additionalProperties: + type: string + description: Annotation provided by the customer will be added + to the service object of type loadbalancer. + type: object + gcp: + description: GCP contains Google Cloud specific attributes + for the Kubernetes LoadBalancer. + properties: + loadBalancerIP: + description: LoadBalancerIP is a static IP address, see + https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address + type: string + loadBalancerType: + description: A LoadBalancer can be internal or external. + See https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + enum: + - "" + - Internal + - External + type: string + type: object + type: object + features: + description: Feature Spec + properties: + googleMLExtension: + description: Google ML Extension Spec + properties: + config: + description: Google ML Extension Config + properties: + vertexAIKeyRef: + type: string + vertexAIRegion: + type: string + type: object + type: object + memoryAgent: + properties: + enabled: + default: true + description: Indicate interest to enable/disable memory + agent for database. The default is true. + type: boolean + required: + - enabled + type: object + type: object + isStopped: + description: "IsStopped stops the instance when set to true. This + field is optional and default to false. \n When stopped, the + compute resources (CPU, memory) of the instance are released. + However, the instance still keeps the storage resource and network + endpoints so that restarting is transparent to the downstream + services. See the status field for success or failures, if any." + type: boolean + mode: + description: Mode specifies how this instance will be managed + by the operator. + enum: + - ManuallySetUpStandby + - Pause + - Recovery + type: string + parameters: + additionalProperties: + type: string + description: "Parameters allows to set database parameters for + the database cluster. This field is optional. \n Parameters + will take a key/value pair corresponding to the parameter name/value + as defined by the database engine." + type: object + resources: + description: "Resource specification for the database container. + \n When any of the fields inside the resource changes, the operator + restarts the database instance with the new resource specification." + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to + the database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access + modes for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows + to integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" + , \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider + for binding. This field is optional. \n If this field + is set, then the volume with matching labels is used + as the backing volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" + for 10 Gibibytes. This field is required. \n The allowed + size unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, + \"Pi\" and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", + \"T, \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI + storage class. This field is optional. \n If the field + is not set, then the default CSI storage class for + the Kubernetes cluster is used. If there is no default + for the Kubernetes cluster, then the Persistence + Volume Claim will fail and the database cluster will + fail to provision. \n You can read more about storage + classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to + the Persistent Volume tied to this disk. This field + is optional. \n This allows to reuse an existing volume. + \n Note that if this field is specified, the value + \"storageClass\" will not take effect. You can learn + more about this in https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database + container. This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + schedulingconfig: + description: "SchedulingConfig specifies how the instance should + be scheduled on Kubernetes nodes. \n When any field inside the + scheduling config changes, it can lead to rescheduling of the + k8s pod onto a different node based on the config." + properties: + nodeaffinity: + description: NodeAffinity describes node affinity scheduling + rules for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: PodAffinity describes pod affinity scheduling + rules for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: PodAntiAffinity describes pod anti-affinity scheduling + rules for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + tolerations: + description: Tolerations to enable the management of whether + to allow or disallow scheduling an instance on a Kubernetes + node that has a specific taint applied. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + services: + additionalProperties: + type: boolean + description: Services list the optional semi-managed services + that the customers can choose from. + type: object + sidecarRef: + description: SidecarRef is a reference to a sidecar Custom Resource. + If set, sidecar containers included in the sidecar Custom Resource + will be injected into the database pod. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sourceCidrRanges: + description: Source IP CIDR ranges allowed for a client. + items: + type: string + type: array + tls: + description: TLS is the desired server certificate configuration + for the instance. This field is optional. When this field is + changed, the instance pods will restart to load the specified + certificate + properties: + certSecret: + description: CertSecret contains the name of a certificate + secret within the same namespace. The secret must contain + entries ca.crt (CA certificate), tls.key (server private + key), and tls.crt (server leaf certificate). This secret + is used to set the TLS config for the database instance. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + walArchiveSetting: + description: WalArchiveSetting specifies wal archive settings. + If set, archive_mode is enabled to archive wal logs to specified + location. Ref to https://www.postgresql.org/docs/15/continuous-archiving.html + for more information. + properties: + archiveMode: + default: "on" + description: ArchiveMode specifies archive_mode, see https://www.postgresql.org/docs/current/runtime-config-wal.html#GUC-ARCHIVE-MODE + for details. + enum: + - "on" + - always + type: string + location: + description: Location is the location where archived wal logs + are stored. + type: string + type: object + required: + - resources + type: object + tls: + description: TLS is the desired server certificate configuration for + the cluster. This field is optional. By default, this field is empty + and a new self-signed CA and leaf certificate are generated for + the cluster. When this field is changed, the database cluster pods + will restart to load the specified certificate. The field `status.certificateReference` + indicates the current CA certificate secret and key. + properties: + certSecret: + description: CertSecret references the certificate secret within + the same namespace. The secret must contain entries ca.crt (CA + certificate), tls.key (server private key), and tls.crt (server + leaf certificate). This secret is used to set the TLS config + for the database instances that a part of the database cluster. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + type: object + status: + description: DBClusterStatus defines the observed state of DBCluster + properties: + HealthCheck: + description: HealthStatus represents the health check. + properties: + IsRegistered: + type: boolean + LastHealthCheckTime: + type: string + type: object + certificateReference: + description: "CertificateReference refers to a secret and a key of + the server CA certificate that can be used to connect to the database. + \n If `spec.TLS` is provided, this value should refer to the same + secret after the database has been configured to use the provided + server certificate." + properties: + certificateKey: + description: CertificateKey is the key used to search the secret + for the Certificate + type: string + secretRef: + description: SecretRef is a reference to the secret that contains + the Certificate + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + type: object + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + latestFailoverStatus: + description: LatestFailoverStatus is the status of the most recently + updated failover for the database cluster This status is a copy + of the status of the current or most recently updated failover operation + for the database cluster. This can be used to conveniently monitor + the status of a currently running failover operation. + properties: + failoverName: + description: FailoverName is the Name of the latest failover + type: string + status: + description: Status represents status of the latest failover for + the database cluster + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect + of the current state of this API Resource. --- This struct + is intended for direct use as an array at the field path + .status.conditions. For example, \n type FooStatus struct{ + // Represents the observations of a foo's current state. + // Known .status.conditions.type are: \"Available\", \"Progressing\", + and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the + condition transitioned from one status to another. + This should be when the underlying condition changed. If + that is not known, then using the time when the API + field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty + string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to + the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last transition. + Producers of specific condition types may define expected + values and meanings for this field, and whether the + values are considered a guaranteed API. The value + should be a CamelCase string. This field may not be + empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across + resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability + to deconflict is important. The regex it matches is + (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: CreateTime is the time that the internal failover + workflow mechanism was created. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active + Critical Incidents. + items: + description: CriticalIncident contains all information about + an ongoing critical incident. + properties: + code: + description: Code is the error code of this particular + error. Error codes are DBSE+numeric strings, like + "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that + occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value + pairs necessary for generating a user-friendly data-driven + version of Message in the UI. + type: object + resource: + description: Resource contains information about the + Database Service component that reported the incident + as well as about the K8s resource. + properties: + component: + description: Component is an internal identifier + of the Database Service subsystem that reported + the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster + of the affected K8S resource. + type: string + group: + description: Group is the Group name of the + k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected + K8S resource. + type: string + namespace: + description: Namespace is the namespace of the + affected K8S resource. + type: string + version: + description: Group is the Version of the k8s + resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list + of messages from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains + stack trace information available for the incident. + properties: + component: + description: Component is the name of a Database + Service component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that + the issue should be considered transient until the + specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + endTime: + description: EndTime is the time failover reached its final + state. + format: date-time + type: string + internal: + description: Internal is used by the system controllers. You + should not directly depend on the information in this section. + properties: + newPrimary: + description: NewPrimary is the instance that we are attempting + to failover to. + type: string + oldPrimary: + description: OldPrimary is the instance that was the primary + at the start of the failover. + type: string + phase: + description: Phase is used to keep track of the current + state of the failover + enum: + - StopPrimary + - PromoteStandby + - ValidateNewPrimary + - UpdateOldPrimaryResources + - UpdateNewPrimaryResources + - Cleanup + - Complete + - UpdateStandbys + - Recreate + type: string + required: + - newPrimary + - oldPrimary + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled + by the controller.' + type: boolean + startTime: + description: StartTime is the time that the failover operation + started. + format: date-time + type: string + state: + description: State is the current state of the failover operation. + The values are `InProgress`, `Success`, `Failed_RollbackInProgress`, + `Failed_RollbackSuccess`, `Failed_RollbackFailed` `InProgress` + means the failover is still in progress. `Success` means + that the failover has completed. It is complete when the + new primary instance is successfully promoted. `Failed_RollbackInProgress` + means that the operator was unable to promote the new primary + instance, and is attempting to restart the old primary instance. + `Failed_RollbackSuccess` means that the operator was unable + to promote the new primary instance, and successfully restarted + the old primary instance. `Failed_RollbackFailed` means + that the operator was unable to promote the new primary + instance, and were not able to restart the old primary instance. + The DBCluster might need to be manually repaired. + enum: + - InProgress + - Success + - Failed_RollbackInProgress + - Failed_RollbackSuccess + - Failed_RollbackFailed + type: string + type: object + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + type: string + primary: + description: Primary contains the status of the primary Instance. + properties: + allocatedResources: + description: AllocatedResources represents the current configuration + of memory/CPU/disks + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to + the database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access + modes for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows + to integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" + , \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider + for binding. This field is optional. \n If this field + is set, then the volume with matching labels is used + as the backing volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" + for 10 Gibibytes. This field is required. \n The allowed + size unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, + \"Pi\" and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", + \"T, \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI + storage class. This field is optional. \n If the field + is not set, then the default CSI storage class for + the Kubernetes cluster is used. If there is no default + for the Kubernetes cluster, then the Persistence + Volume Claim will fail and the database cluster will + fail to provision. \n You can read more about storage + classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to + the Persistent Volume tied to this disk. This field + is optional. \n This allows to reuse an existing volume. + \n Note that if this field is specified, the value + \"storageClass\" will not take effect. You can learn + more about this in https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database + container. This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + description: Conditions represents the latest available observations + of the Instance's current state. + items: + description: "Condition contains details for one aspect of the + current state of this API Resource. --- This struct is intended + for direct use as an array at the field path .status.conditions. + \ For example, \n type FooStatus struct{ // Represents the + observations of a foo's current state. // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + // +patchStrategy=merge // +listType=map // +listMapKey=type + Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be + when the underlying condition changed. If that is not + known, then using the time when the API field changed + is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the + current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values + and meanings for this field, and whether the values are + considered a guaranteed API. The value should be a CamelCase + string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across + resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability + to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentControlPlaneAgentsVersion: + description: "CurrentControlPlaneAgentsVersion is the control + plane agents version that the primary instance is running. \n + This value should match the value of `spec.controlPlaneAgentsVersion` + after the primary instance is provisioned or the upgrade or + downgrade has concluded successfully." + type: string + currentDatabaseImage: + description: "CurrentDatabaseImage is the customized database + image that the primary instance is using. \n This value should + match the value of `spec.databaseImage` after the primary instance + is provisioned or the upgrade or downgrade has concluded successfully." + type: string + currentDatabaseVersion: + description: "CurrentDatabaseVersion is the current database version + that the primary instance is running. \n This value should match + the value of `spec.databaseVersion` after the primary instance + is provisioned or the upgrade or downgrade has concluded successfully." + type: string + currentParameters: + additionalProperties: + type: string + description: "CurrentParameters indicates the current values of + the parameters. \n CurrentParameters allows to verify that the + `spec.primarySpec.parameters` field has been applied to the + database. Only the parameters names in `spec.primarySpec.parameters` + will be included in this field." + type: object + endpoint: + description: 'Endpoint is the address that can be used to establish + database connections. Deprecated: use the Endpoints field instead.' + type: string + endpoints: + description: Endpoints contains all the endpoint through which + the users can access this instance. + items: + description: Endpoint represents a access point through which + user can access the database. + properties: + name: + description: Name contains the name of the endpoint + type: string + value: + description: Value contains the endpoint information. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + latestExport: + description: LatestExport represents the latest export for the + database instance + properties: + creationTimeStamp: + description: CreationTimeStamp represents the creation time + of the export for the database instance + format: date-time + type: string + exportName: + description: ExportName is the Name of the latest export + type: string + spec: + description: Spec represents the spec of the export for the + database instance + properties: + dbclusterRef: + description: DBClusterRef is the dbcluster name within + the same namespace to export from. + type: string + exportLocation: + description: ExportLocation specifies a storage location + for the export files. A user is to ensure proper write + access to the storage bucket from within the Operator. + properties: + gcsOptions: + description: GCSOptions is a reference to GCS dependent + options. + properties: + bucket: + description: 'Bucket is a required field, (ex: + dbs-dump-bucket) A user is to ensure proper + write access to the storage bucket from within + the Operator.' + type: string + key: + description: 'Object key for the dump files. (ex: + ods-dump/scottschema.dmp).' + type: string + secretRef: + description: SecretRef is a reference to the secret + that stores GCS access information. + properties: + name: + description: name is unique within a namespace + to reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - bucket + - key + type: object + type: + description: 'Type of Repository (ex: S3, GCS), which + tells the agent which storage system/API to use.' + enum: + - GCS + - S3 + type: string + required: + - type + type: object + required: + - exportLocation + type: object + status: + description: Status represents the of the latest import for + the database instance + properties: + completeTime: + description: CompleteTime is the time export completed. + format: date-time + type: string + conditions: + description: Conditions represents the latest available + observations of the Entity's current state. + items: + description: "Condition contains details for one aspect + of the current state of this API Resource. --- This + struct is intended for direct use as an array at the + field path .status.conditions. For example, \n type + FooStatus struct{ // Represents the observations of + a foo's current state. // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" + // +patchMergeKey=type // +patchStrategy=merge // + +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time + the condition transitioned from one status to + another. This should be when the underlying condition + changed. If that is not known, then using the + time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message + indicating details about the transition. This + may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the + .status.conditions[x].observedGeneration is 9, + the condition is out of date with respect to the + current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last + transition. Producers of specific condition types + may define expected values and meanings for this + field, and whether the values are considered a + guaranteed API. The value should be a CamelCase + string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, + False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in + foo.example.com/CamelCase. --- Many .condition.type + values are consistent across resources like Available, + but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to + deconflict is important. The regex it matches + is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active + Critical Incidents. + items: + description: CriticalIncident contains all information + about an ongoing critical incident. + properties: + code: + description: Code is the error code of this particular + error. Error codes are DBSE+numeric strings, like + "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this + Incident was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error + that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value + pairs necessary for generating a user-friendly + data-driven version of Message in the UI. + type: object + resource: + description: Resource contains information about + the Database Service component that reported the + incident as well as about the K8s resource. + properties: + component: + description: Component is an internal identifier + of the Database Service subsystem that reported + the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the + cluster of the affected K8S resource. + type: string + group: + description: Group is the Group name of + the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s + resource. + type: string + name: + description: Name is the name of the affected + K8S resource. + type: string + namespace: + description: Namespace is the namespace + of the affected K8S resource. + type: string + version: + description: Group is the Version of the + k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured + list of messages from the stack trace. + items: + description: CriticalIncidentStackTraceMessage + contains stack trace information available for + the incident. + properties: + component: + description: Component is the name of a Database + Service component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates + that the issue should be considered transient + until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + exportSubDirectory: + description: ExportSubDirectory is the subdirectory appended + to ExportLocation to store exported files. + type: string + observedGeneration: + description: 'Internal: The generation observed by the + controller.' + format: int64 + type: integer + phase: + description: Phase is a summary of current state of the + export. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled + by the controller.' + type: boolean + startTime: + description: StartTime is the time export started. + format: date-time + type: string + type: object + type: object + latestImport: + description: LatestImport represents the latest import for the + database instance + properties: + creationTimeStamp: + description: CreationTimeStamp represents the creation time + of the import for the database instance + format: date-time + type: string + importName: + description: ImportName is the Name of the latest import + type: string + spec: + description: Spec represents the spec of the import for the + database instance + properties: + databaseName: + description: DatabaseName is the database resource name + within Instance to import into. + type: string + dbclusterRef: + description: DBClusterRef is the dbcluster name within + the same namespace to import into. + type: string + downloadOnly: + default: false + description: DownloadOnly when set to true means dump + file will be downloaded but not imported into DB. Default + is false. + type: boolean + dumpStorage: + description: DumpStorage specifies a storage location + for the import dump files. A user is to ensure proper + read access to the storage bucket from within the Operator. + properties: + gcsOptions: + description: GCSOptions is a reference to GCS dependent + options. + properties: + bucket: + description: 'Bucket is a required field, (ex: + dbs-dump-bucket) A user is to ensure proper + write access to the storage bucket from within + the Operator.' + type: string + key: + description: 'Object key for the dump files. (ex: + ods-dump/scottschema.dmp).' + type: string + secretRef: + description: SecretRef is a reference to the secret + that stores GCS access information. + properties: + name: + description: name is unique within a namespace + to reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - bucket + - key + type: object + type: + description: 'Type of Repository (ex: S3, GCS), which + tells the agent which storage system/API to use.' + enum: + - GCS + - S3 + type: string + required: + - type + type: object + logStorage: + description: LogStorage optionally specifies a storage + location to copy import log to. A user is to ensure + proper write access to the storage bucket from within + the Operator. + properties: + gcsOptions: + description: GCSOptions is a reference to GCS dependent + options. + properties: + bucket: + description: 'Bucket is a required field, (ex: + dbs-dump-bucket) A user is to ensure proper + write access to the storage bucket from within + the Operator.' + type: string + key: + description: 'Object key for the dump files. (ex: + ods-dump/scottschema.dmp).' + type: string + secretRef: + description: SecretRef is a reference to the secret + that stores GCS access information. + properties: + name: + description: name is unique within a namespace + to reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - bucket + - key + type: object + type: + description: 'Type of Repository (ex: S3, GCS), which + tells the agent which storage system/API to use.' + enum: + - GCS + - S3 + type: string + required: + - type + type: object + required: + - dumpStorage + type: object + status: + description: Status represents the of the latest import for + the database instance + properties: + completeTime: + description: CompleteTime is the time import completed. + format: date-time + type: string + conditions: + description: Conditions represents the latest available + observations of the Entity's current state. + items: + description: "Condition contains details for one aspect + of the current state of this API Resource. --- This + struct is intended for direct use as an array at the + field path .status.conditions. For example, \n type + FooStatus struct{ // Represents the observations of + a foo's current state. // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" + // +patchMergeKey=type // +patchStrategy=merge // + +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time + the condition transitioned from one status to + another. This should be when the underlying condition + changed. If that is not known, then using the + time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message + indicating details about the transition. This + may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the + .status.conditions[x].observedGeneration is 9, + the condition is out of date with respect to the + current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last + transition. Producers of specific condition types + may define expected values and meanings for this + field, and whether the values are considered a + guaranteed API. The value should be a CamelCase + string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, + False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in + foo.example.com/CamelCase. --- Many .condition.type + values are consistent across resources like Available, + but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to + deconflict is important. The regex it matches + is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active + Critical Incidents. + items: + description: CriticalIncident contains all information + about an ongoing critical incident. + properties: + code: + description: Code is the error code of this particular + error. Error codes are DBSE+numeric strings, like + "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this + Incident was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error + that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value + pairs necessary for generating a user-friendly + data-driven version of Message in the UI. + type: object + resource: + description: Resource contains information about + the Database Service component that reported the + incident as well as about the K8s resource. + properties: + component: + description: Component is an internal identifier + of the Database Service subsystem that reported + the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the + cluster of the affected K8S resource. + type: string + group: + description: Group is the Group name of + the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s + resource. + type: string + name: + description: Name is the name of the affected + K8S resource. + type: string + namespace: + description: Namespace is the namespace + of the affected K8S resource. + type: string + version: + description: Group is the Version of the + k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured + list of messages from the stack trace. + items: + description: CriticalIncidentStackTraceMessage + contains stack trace information available for + the incident. + properties: + component: + description: Component is the name of a Database + Service component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates + that the issue should be considered transient + until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + dumpPath: + description: DumpPath is the path of the downloaded dump + file for download only import. + type: string + observedGeneration: + description: 'Internal: The generation observed by the + controller.' + format: int64 + type: integer + phase: + description: Phase is a summary of current state of the + import. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled + by the controller.' + type: boolean + startTime: + description: StartTime is the time import started. + format: date-time + type: string + type: object + type: object + phase: + description: Phase is a summary of current state of the Instance. + type: string + url: + description: "URL consists of the address and port number that + can be used to establish a client connection to the database. + \n This value is expressed in the following format:
:. + Deprecated: use the Endpoints field instead." + type: string + walArchiveSetting: + description: WalArchiveSetting represents the current wal archive + settings. + properties: + location: + type: string + type: object + type: object + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + registrationStatus: + description: RegistrationStatus represents the status of migration + for the database cluster. + properties: + IsHA: + type: boolean + IsRegistered: + type: boolean + RegistrationTime: + description: RegistrationTime represents the time the on-prem + dbcluster was registered with the Cloud + type: string + type: object + restoredFrom: + description: RestoredFrom is the status showing the most recent restore + source for current DBCluster. + properties: + restoredTime: + description: Time point of the source DBCluster this DBCluster + restores from. + format: date-time + type: string + sourceDBCluster: + description: Source DBCluster this DBCluster restores from. + type: string + type: object + serviceAccounts: + additionalProperties: + properties: + name: + type: string + namespace: + type: string + required: + - name + - namespace + type: object + description: ServiceAccounts contains the service accounts created + by the control plane to be used by different operations. By granting + permissions to these service accounts, the database can interact + with other services within the kubernetes ecosystem. For further + information, including what permissions is required, refer to the + documentation of each operation. + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_dbinstances.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_dbinstances.yaml new file mode 100644 index 00000000000..e3e98335139 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_dbinstances.yaml @@ -0,0 +1,1311 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: dbinstances.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: DBInstance + listKind: DBInstanceList + plural: dbinstances + singular: dbinstance + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.instanceType + name: Type + type: string + - jsonPath: .spec.dbcParent.name + name: Parent + type: string + - jsonPath: .status.endpoints[?(@.name=="Read-Only")].value + name: Endpoint + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].status + name: Available + type: string + - jsonPath: .status.conditions[?(@.type=="Streaming")].status + name: Streaming + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].message + name: Message + type: string + name: v1 + schema: + openAPIV3Schema: + description: DBInstance is the Schema for the DBInstances API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DBInstanceSpec defines the desired state of DBInstance + properties: + dbcParent: + description: DBClusterParent is the DBCluster this DBInstance replicates + from. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + instanceType: + description: InstanceType indicates the type of the DBInstance. Currently + only supports "ReadPool" type. + enum: + - ReadPool + type: string + isStopped: + description: "IsStopped stops the DBNodes in this DBInstance when + true. This field is optional and defaults to false. Stopping the + DBCluster's Primary DBNode does not automatically stop the DBNodes + of ReadPool DBInstances. \n When stopped, the compute resources + (CPU, memory) of the instance are released. However, the DBNode + still keeps the storage resource." + type: boolean + nodeCount: + default: 1 + description: NodeCount determines the number of DBNodes that should + be created for this DBInstance. + maximum: 20 + minimum: 0 + type: integer + progressTimeout: + default: 30m + description: "ProgressTimeout determines the number of seconds the + controller will attempt to provision a DBNode, or which a DBNode + could be not-ready for, before it considers the DBNode to have failed. + \n A value of 0 means that no timeout will be used." + type: string + resources: + description: Resource specifices the resources used for the Instances + (i.e, DBNodes) belonging to this DBInstance. If omitted, the instance + will use the same resources as the DBCluster's Primary Instance. + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to the + database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access modes + for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows to + integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" , + \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider for + binding. This field is optional. \n If this field is set, + then the volume with matching labels is used as the backing + volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" for + 10 Gibibytes. This field is required. \n The allowed size + unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, \"Pi\" + and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", \"T, + \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI storage + class. This field is optional. \n If the field is not + set, then the default CSI storage class for the Kubernetes + cluster is used. If there is no default for the Kubernetes + cluster, then the Persistence Volume Claim will fail + and the database cluster will fail to provision. \n You + can read more about storage classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to the + Persistent Volume tied to this disk. This field is optional. + \n This allows to reuse an existing volume. \n Note that + if this field is specified, the value \"storageClass\" + will not take effect. You can learn more about this in + https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + schedulingconfig: + description: "SchedulingConfig specifies how the instance should be + scheduled on Kubernetes nodes. If omitted, the instance will use + the same scheduling config as the DBCluster's Primary Instance. + \n When any field inside the scheduling config changes, it can lead + to rescheduling of the k8s pod onto a different node based on the + config." + properties: + nodeaffinity: + description: NodeAffinity describes node affinity scheduling rules + for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: PodAffinity describes pod affinity scheduling rules + for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: PodAntiAffinity describes pod anti-affinity scheduling + rules for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + tolerations: + description: Tolerations to enable the management of whether to + allow or disallow scheduling an instance on a Kubernetes node + that has a specific taint applied. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + required: + - nodeCount + type: object + status: + description: DBInstanceStatus defines the observed state of DBInstance + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + endpoints: + description: Endpoints are the endpoints from which the DBNodes in + the DBInstance can be accessed. + items: + description: Endpoint represents a access point through which user + can access the database. + properties: + name: + description: Name contains the name of the endpoint + type: string + value: + description: Value contains the endpoint information. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_failovers.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_failovers.yaml new file mode 100644 index 00000000000..060993e47c9 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_failovers.yaml @@ -0,0 +1,307 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: failovers.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: Failover + listKind: FailoverList + plural: failovers + singular: failover + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: state + type: string + - jsonPath: .status.internal.phase + name: phase + type: string + name: v1 + schema: + openAPIV3Schema: + description: Failover represents the parameters and status of a single failover + operation. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FailoverSpec represents the parameters of a single failover + operation. + properties: + dbclusterRef: + description: DBClusterRef is the DBCluster name to initiate a failover. + The `Failover` object must be created in the same namespace as the + DBCluster that it references. This field is required for Failover. + type: string + newPrimary: + description: NewPrimary is the standby instance to promote as the + new primary. If left empty, the system will automatically pick the + best one to failover to. + type: string + type: object + status: + description: FailoverStatus represents the current state of a failover. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: CreateTime is the time that the internal failover workflow + mechanism was created. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + endTime: + description: EndTime is the time failover reached its final state. + format: date-time + type: string + internal: + description: Internal is used by the system controllers. You should + not directly depend on the information in this section. + properties: + newPrimary: + description: NewPrimary is the instance that we are attempting + to failover to. + type: string + oldPrimary: + description: OldPrimary is the instance that was the primary at + the start of the failover. + type: string + phase: + description: Phase is used to keep track of the current state + of the failover + enum: + - StopPrimary + - PromoteStandby + - ValidateNewPrimary + - UpdateOldPrimaryResources + - UpdateNewPrimaryResources + - Cleanup + - Complete + - UpdateStandbys + - Recreate + type: string + required: + - newPrimary + - oldPrimary + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + startTime: + description: StartTime is the time that the failover operation started. + format: date-time + type: string + state: + description: State is the current state of the failover operation. + The values are `InProgress`, `Success`, `Failed_RollbackInProgress`, + `Failed_RollbackSuccess`, `Failed_RollbackFailed` `InProgress` means + the failover is still in progress. `Success` means that the failover + has completed. It is complete when the new primary instance is successfully + promoted. `Failed_RollbackInProgress` means that the operator was + unable to promote the new primary instance, and is attempting to + restart the old primary instance. `Failed_RollbackSuccess` means + that the operator was unable to promote the new primary instance, + and successfully restarted the old primary instance. `Failed_RollbackFailed` + means that the operator was unable to promote the new primary instance, + and were not able to restart the old primary instance. The DBCluster + might need to be manually repaired. + enum: + - InProgress + - Success + - Failed_RollbackInProgress + - Failed_RollbackSuccess + - Failed_RollbackFailed + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_replications.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_replications.yaml new file mode 100644 index 00000000000..5b9ac5e0a99 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_replications.yaml @@ -0,0 +1,370 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: replications.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: Replication + listKind: ReplicationList + plural: replications + singular: replication + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.dbcluster.name + name: DBCluster + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].reason + name: ReadyReason + type: string + - jsonPath: .status.conditions[?(@.type=="Healthy")].status + name: Healthy + type: string + - jsonPath: .status.conditions[?(@.type=="Healthy")].reason + name: HealthyReason + type: string + name: v1 + schema: + openAPIV3Schema: + description: Replication is the Schema for the Replications API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReplicationSpec defines the desired state of Replication + properties: + dbcluster: + description: DBCluster is the DBCluster this Replication belongs to. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + downstream: + properties: + control: + description: Control specifies the replication operation to be + taken on this database. This field is required, and the allowed + values are setup, promote, and rewind. + enum: + - setup + - promote + - rewind + type: string + host: + description: Host is the upstream database's connection endpoint + that this database can access for replication. + type: string + password: + description: Password is the reference to the secret storing upstream + database's replication user password. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + port: + description: Port is the upstream database's port that this database + can access for replication. Default is 5432. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + replicationSlotName: + description: ReplicationSlotName is the name of the replication + slot created on the upstream database, and will be used by this + database for replication. + type: string + username: + description: Username is the name of the replication user created + on the upstream database, and will be used by this database + to connect to upstream for replication. + type: string + required: + - control + - host + - password + - replicationSlotName + - username + type: object + upstream: + properties: + password: + description: Password is the reference to the secret storing replication + user password. If not provided, a password will be generated + and stored in a secret shown in status. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + replicationSlotName: + description: ReplicationSlotName is the name of the replication + slot to be used for replication. If not provided, a replication + slot name will be generated and shown in status. + type: string + username: + description: Username is the name of the replication user to be + used for replication. If not provided, a username will be generated + and shown in status. + type: string + type: object + type: object + status: + description: ReplicationStatus defines the observed state of Replication + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + downstream: + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + upstream: + properties: + host: + description: Host is this database's connection endpoint that + downstream databases can access for replication. + type: string + password: + description: Password is the reference to the secret storing this + database's replication user password. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + port: + description: Port is this database's port that downstream databases + can access for replication. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + replicationSlotName: + description: ReplicationSlotName is the name of the replication + slot created on this database. Downstream databases can use + this replication slot for replication. + type: string + username: + description: Username is the name of the replication user on this + database. Downstream databases can use this user to connect + to this database for replication. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_restores.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_restores.yaml new file mode 100644 index 00000000000..369019d6ec8 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_restores.yaml @@ -0,0 +1,275 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: restores.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: Restore + listKind: RestoreList + plural: restores + shortNames: + - aoor + singular: restore + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.completeTime + name: CompleteTime + type: string + - jsonPath: .status.restoredPointInTime + name: RestoredPointInTime + type: string + name: v1 + schema: + openAPIV3Schema: + description: Restore is the Schema for the restores API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RestoreSpec defines the desired state of Restore. + properties: + backup: + description: The Backup to restore from. This field is optional. You + must specify either Backup or PointInTime. If you specify Backup, + then you must leave the ClonedDBClusterConfig field unspecified. + If you specify PointInTime, then you must provide a new DBCluster + name in the ClonedDBClusterConfig field. Otherwise, the Restore + request will be rejected. + type: string + clonedDBClusterConfig: + description: Settings for the cloned DBCluster. This lets you specify + the name for the cloned DBCluster. This field is optional. Default + to restore the source DBCluster if not specified. + properties: + dbclusterName: + description: The name of cloned DBCluster. + type: string + type: object + pointInTime: + description: Previous point in time to restore to. This field is optional. + Default to restore the latest available time point if not specified. + format: date-time + type: string + sourceDBCluster: + description: The name of the source DBCluster to restore from. This + field is required. + type: string + required: + - sourceDBCluster + type: object + status: + description: RestoreStatus defines the observed state of Restore. + properties: + completeTime: + description: Completion time of the Restore + format: date-time + type: string + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: Creation time of the Restore + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: RestorePhase is the phase of a restore. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_sidecars.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_sidecars.yaml new file mode 100644 index 00000000000..447ba35cfb2 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_sidecars.yaml @@ -0,0 +1,3073 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: sidecars.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: Sidecar + listKind: SidecarList + plural: sidecars + shortNames: + - aoosc + singular: sidecar + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Sidecar is the Schema for the sidecar API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SidecarSpec specifies the desired state of Sidecar. + properties: + additionalVolumes: + description: AdditionalVolumes specifies a list of existing volumes + to mount into the sidecar containers. Refer to https://kubernetes.io/docs/concepts/storage/volumes/ + for more information. + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the ''..'' path. Must be utf-8 encoded. + The first item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory that + shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified through + a storage class, and d) the storage driver supports dynamic + volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this volume + type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n Use + CSI for light-weight local ephemeral volumes if the CSI driver + is meant to be used that way - see the documentation of the + driver for more information. \n A pod can use both types of + ephemeral volumes and persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. When the AnyVolumeDataSource feature + gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will + be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + object from a non-empty API group (non core object) + or a PersistentVolumeClaim object. When this field + is specified, volume binding will only succeed + if the type of the specified object matches some + installed volume populator or dynamic provisioner. + This field will replace the functionality of the + dataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. When namespace is specified + in dataSourceRef, dataSource isn''t set to the + same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types + of objects, dataSourceRef allows any non-core + object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + * While dataSource only allows local objects, + dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the + namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to + be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires the + CrossNamespaceVolumeDataSource feature gate + to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use for + this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds extra + command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret data + to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is no + group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in the + pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + sidecars: + description: Sidecar specifies a list of sidecar containers to inject + into the database pod. Refer to https://kubernetes.io/docs/concepts/containers/ + for more information. + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :{{ .Chart.Version }} tag is specified, + or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource resize + policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this resource + resize policy applies. Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified resource + is resized. If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + type: object + status: + description: SidecarStatus specifies the observed state of Sidecar. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_switchovers.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_switchovers.yaml new file mode 100644 index 00000000000..c34895f3132 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.dbadmin.goog_switchovers.yaml @@ -0,0 +1,323 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: switchovers.alloydbomni.dbadmin.goog +spec: + group: alloydbomni.dbadmin.goog + names: + kind: Switchover + listKind: SwitchoverList + plural: switchovers + singular: switchover + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: state + type: string + - jsonPath: .status.internal.phase + name: phase + type: string + - jsonPath: .status.internal.newPrimary + name: newPrimary + type: string + - jsonPath: .status.internal.oldPrimary + name: oldPrimary + type: string + name: v1 + schema: + openAPIV3Schema: + description: Switchover represents the parameters and status of a single switchover + operation. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SwitchoverSpec defines the desired state of Switchover. + properties: + dbclusterRef: + description: DBClusterRef is the DBCluster name to initiate a switchover. + The `Switchover` object must be created in the same namespace as + the DBCluster that it references. This field is required for Switchover. + type: string + newPrimary: + description: // NewPrimary is the standby instance to switch with + the current primary. + type: string + newPrimaryInstance: + description: 'NewPrimaryInstance is the standby instance to switch + with the current primary. Deprecated: Please use NewPrimary field + instead' + type: string + primaryHost: + description: PrimaryHost is the IP always point to the primary instance. + type: string + type: object + status: + description: SwitchoverStatus defines the observed state of Switchover. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: CreateTime is the time that the internal switchover workflow + mechanism was created. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + endTime: + description: EndTime is the time switchover reached its final state. + format: date-time + type: string + internal: + description: Internal is used by the system controllers. You should + not directly depend on the information in this section. + properties: + newPrimary: + description: NewPrimary is the instance that we are attempting + to switchover to. + type: string + oldPrimary: + description: OldPrimary is the instance that was the primary at + the start of the switchover. + type: string + phase: + description: Phase is used to keep track of the current state + of the switchover + enum: + - UpdateDbcluster + - StopPrimary + - PromoteStandby + - ValidateNewPrimary + - UpdateOldPrimaryResources + - UpdateNewPrimaryResources + - UpdateOldPrimaryConfigs + - Complete + - SyncOldPrimary + - StartOldPrimary + - PreSuccess + - RepointStandbys + - RollbackPrimary + - RollbackStandbys + type: string + required: + - newPrimary + - oldPrimary + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + startTime: + description: StartTime is the time that the switchover operation started. + format: date-time + type: string + state: + description: State is the current state of the switchover operation. + The values are `InProgress`, `Success`, `Failed_RollbackInProgress`, + `Failed_RollbackSuccess`, `Failed_RollbackFailed` `InProgress` means + the switchover is still in progress. `Success` means that the switchover + has completed. `Failed_RollbackInProgress` means that the operator + was unable to promote the new primary instance, and is attempting + to restart the old primary instance. `Failed_RollbackSuccess` means + that the operator was unable to promote the new primary instance, + and successfully restarted the old primary instance. `Failed_RollbackFailed` + means that the operator was unable to promote the new primary instance, + and were not able to restart the old primary instance. The DBCluster + might need to be manually repaired. + enum: + - InProgress + - Success + - Failed_RollbackInProgress + - Failed_RollbackSuccess + - Failed_RollbackFailed + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_backuprepositories.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_backuprepositories.yaml new file mode 100644 index 00000000000..15a2dbf5c2f --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_backuprepositories.yaml @@ -0,0 +1,1422 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: backuprepositories.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: BackupRepository + listKind: BackupRepositoryList + plural: backuprepositories + shortNames: + - br + singular: backuprepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + name: v1 + schema: + openAPIV3Schema: + description: BackupRepository is the Schema for the backuprepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BackupRepositorySpec defines the desired state of BackupRepository. + properties: + component: + additionalProperties: + properties: + images: + additionalProperties: + type: string + description: The list of container images in the components + type: object + name: + description: Name of a component + type: string + upgradeScheduledAt: + description: Start time of the upgrade + format: date-time + type: string + version: + description: Version of a component + type: string + required: + - images + - name + type: object + description: The list of backup repository components The backup repository + is composed of dataplane and controlPlaneAgent components + type: object + resources: + description: Resources specifies resources used by the backup repository + server. This field is optional. By default, recommended resource + settings will be used. + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to the + database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access modes + for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows to + integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" , + \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider for + binding. This field is optional. \n If this field is set, + then the volume with matching labels is used as the backing + volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" for + 10 Gibibytes. This field is required. \n The allowed size + unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, \"Pi\" + and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", \"T, + \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI storage + class. This field is optional. \n If the field is not + set, then the default CSI storage class for the Kubernetes + cluster is used. If there is no default for the Kubernetes + cluster, then the Persistence Volume Claim will fail + and the database cluster will fail to provision. \n You + can read more about storage classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to the + Persistent Volume tied to this disk. This field is optional. + \n This allows to reuse an existing volume. \n Note that + if this field is specified, the value \"storageClass\" + will not take effect. You can learn more about this in + https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + schedulingconfig: + description: "SchedulingConfig specifies how the backup repository + pod should be scheduled on Kubernetes nodes. \n When any field inside + the scheduling config changes, it can lead to rescheduling of the + k8s pod onto a different node based on the config." + properties: + nodeaffinity: + description: NodeAffinity describes node affinity scheduling rules + for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: PodAffinity describes pod affinity scheduling rules + for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: PodAntiAffinity describes pod anti-affinity scheduling + rules for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + tolerations: + description: Tolerations to enable the management of whether to + allow or disallow scheduling an instance on a Kubernetes node + that has a specific taint applied. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + type: object + status: + description: BackupRepositoryStatus defines the observed state of BackupRepository. + properties: + ActiveComponents: + additionalProperties: + properties: + images: + additionalProperties: + type: string + description: The list of container images in the components + type: object + name: + description: Name of a component + type: string + upgradeScheduledAt: + description: Start time of the upgrade + format: date-time + type: string + version: + description: Version of a component + type: string + required: + - images + - name + - version + type: object + description: ActiveComponents stores the information of current components + in the backup repository + type: object + allocatedResources: + description: AllocatedResources represents the current configuration + of memory/CPU/disks + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to the + database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access modes + for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows to + integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" , + \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider for + binding. This field is optional. \n If this field is set, + then the volume with matching labels is used as the backing + volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" for + 10 Gibibytes. This field is required. \n The allowed size + unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, \"Pi\" + and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", \"T, + \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI storage + class. This field is optional. \n If the field is not + set, then the default CSI storage class for the Kubernetes + cluster is used. If there is no default for the Kubernetes + cluster, then the Persistence Volume Claim will fail + and the database cluster will fail to provision. \n You + can read more about storage classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to the + Persistent Volume tied to this disk. This field is optional. + \n This allows to reuse an existing volume. \n Note that + if this field is specified, the value \"storageClass\" + will not take effect. You can learn more about this in + https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: Phase is a summary of current state of the Instance. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_createstandbyjobs.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_createstandbyjobs.yaml new file mode 100644 index 00000000000..b0265ec4603 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_createstandbyjobs.yaml @@ -0,0 +1,281 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: createstandbyjobs.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: CreateStandbyJob + listKind: CreateStandbyJobList + plural: createstandbyjobs + singular: createstandbyjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.currentStep + name: CurrentStep + type: string + - jsonPath: .spec.attempt + name: Attempt + type: integer + - jsonPath: .spec.endTime + name: EndTime + type: string + - jsonPath: .spec.cleanup + name: Cleanup + type: boolean + - jsonPath: .spec.metadata.primaryInstance + name: Primary + type: string + - jsonPath: .spec.metadata.standbyInstance + name: Standby + type: string + name: v1 + schema: + openAPIV3Schema: + description: CreateStandbyJob is an internal workflow tracking object. Users + should not directly interact with this. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + attempt: + default: 0 + description: Attempt allows the workflow to smartly retry and choose + to fail if too many retries have occurred + type: integer + cleanup: + default: false + description: Cleanup is used to mark this object as safe for deletion. + type: boolean + currentStep: + description: CurrentStep is the current step of the workflow + type: string + currentStepTime: + description: CurrentStepTime allows us to see when the current step + was initiated which allows us to time out at the step level. + format: date-time + type: string + endTime: + description: EndTime is when the workflow has reached a terminal state + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata is intended to allow different workflows to + attach data needed to execute this workflow, e.g. which DBC/instance/ + other resource this is attached to + type: object + requeueTime: + description: RequeueTime if set, then tells the reconciler to requeue + this job to run at the specified time + format: date-time + type: string + startTime: + description: StartTime is when the workflow began + format: date-time + type: string + required: + - attempt + - cleanup + type: object + status: + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_deletestandbyjobs.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_deletestandbyjobs.yaml new file mode 100644 index 00000000000..282860ca724 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_deletestandbyjobs.yaml @@ -0,0 +1,275 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: deletestandbyjobs.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: DeleteStandbyJob + listKind: DeleteStandbyJobList + plural: deletestandbyjobs + singular: deletestandbyjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.currentStep + name: CurrentStep + type: string + - jsonPath: .spec.attempt + name: Attempt + type: integer + - jsonPath: .spec.endTime + name: EndTime + type: string + - jsonPath: .spec.cleanup + name: Cleanup + type: boolean + name: v1 + schema: + openAPIV3Schema: + description: DeleteStandbyJob is an internal workflow tracking object. Users + should not directly interact with this. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + attempt: + default: 0 + description: Attempt allows the workflow to smartly retry and choose + to fail if too many retries have occurred + type: integer + cleanup: + default: false + description: Cleanup is used to mark this object as safe for deletion. + type: boolean + currentStep: + description: CurrentStep is the current step of the workflow + type: string + currentStepTime: + description: CurrentStepTime allows us to see when the current step + was initiated which allows us to time out at the step level. + format: date-time + type: string + endTime: + description: EndTime is when the workflow has reached a terminal state + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata is intended to allow different workflows to + attach data needed to execute this workflow, e.g. which DBC/instance/ + other resource this is attached to + type: object + requeueTime: + description: RequeueTime if set, then tells the reconciler to requeue + this job to run at the specified time + format: date-time + type: string + startTime: + description: StartTime is when the workflow began + format: date-time + type: string + required: + - attempt + - cleanup + type: object + status: + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_failovers.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_failovers.yaml new file mode 100644 index 00000000000..3cf3ffa9a6b --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_failovers.yaml @@ -0,0 +1,305 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: failovers.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: Failover + listKind: FailoverList + plural: failovers + singular: failover + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: state + type: string + - jsonPath: .status.internal.phase + name: phase + type: string + name: v1 + schema: + openAPIV3Schema: + description: Failover is the Schema for the failover API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FailoverSpec defines the desired state of postgresql Failover. + properties: + dbclusterRef: + description: DBClusterRef is the DBCluster name to initiate a failover. + The `Failover` object must be created in the same namespace as the + DBCluster that it references. This field is required for Failover. + type: string + newPrimary: + description: NewPrimary is the standby instance to promote as the + new primary. If left empty, the system will automatically pick the + best one to failover to. + type: string + type: object + status: + description: FailoverStatus defines the observed state of postgresql Failover. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: CreateTime is the time that the internal failover workflow + mechanism was created. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + endTime: + description: EndTime is the time failover reached its final state. + format: date-time + type: string + internal: + description: Internal is used by the system controllers. You should + not directly depend on the information in this section. + properties: + newPrimary: + description: NewPrimary is the instance that we are attempting + to failover to. + type: string + oldPrimary: + description: OldPrimary is the instance that was the primary at + the start of the failover. + type: string + phase: + description: Phase is used to keep track of the current state + of the failover + enum: + - StopPrimary + - PromoteStandby + - ValidateNewPrimary + - UpdateOldPrimaryResources + - UpdateNewPrimaryResources + - Cleanup + - Complete + - UpdateStandbys + - Recreate + type: string + required: + - newPrimary + - oldPrimary + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + startTime: + description: StartTime is the time that the failover operation started. + format: date-time + type: string + state: + description: State is the current state of the failover operation. + The values are `InProgress`, `Success`, `Failed_RollbackInProgress`, + `Failed_RollbackSuccess`, `Failed_RollbackFailed` `InProgress` means + the failover is still in progress. `Success` means that the failover + has completed. It is complete when the new primary instance is successfully + promoted. `Failed_RollbackInProgress` means that the operator was + unable to promote the new primary instance, and is attempting to + restart the old primary instance. `Failed_RollbackSuccess` means + that the operator was unable to promote the new primary instance, + and successfully restarted the old primary instance. `Failed_RollbackFailed` + means that the operator was unable to promote the new primary instance, + and were not able to restart the old primary instance. The DBCluster + might need to be manually repaired. + enum: + - InProgress + - Success + - Failed_RollbackInProgress + - Failed_RollbackSuccess + - Failed_RollbackFailed + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancebackupplans.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancebackupplans.yaml new file mode 100644 index 00000000000..b47936be431 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancebackupplans.yaml @@ -0,0 +1,381 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: instancebackupplans.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: InstanceBackupPlan + listKind: InstanceBackupPlanList + plural: instancebackupplans + shortNames: + - aooibp + singular: instancebackupplan + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.lastBackupTime + name: LastBackupTime + type: string + - jsonPath: .status.nextBackupTime + name: NextBackupTime + type: string + name: v1 + schema: + openAPIV3Schema: + description: InstanceBackupPlan is the Schema for the InstanceBackupPlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InstanceBackupPlanSpec defines the desired state of an AlloyDB + Omni InstanceBackupPlan. + properties: + PITREnabled: + default: false + description: A flag to indicate whether logs replication is enabled + to support point-in-time recovery. Default to False. + type: boolean + backupLocation: + description: BackupLocation specifies the remote object storage location + to store backups. For example, specs to a GCS buckets. Without specifying + this, backups are stored in the backup disk by default. + properties: + gcsOptions: + description: GCSOptions is a reference to GCS dependent options. + properties: + bucket: + description: 'Bucket is a required field, (ex: dbs-dump-bucket) + A user is to ensure proper write access to the storage bucket + from within the Operator.' + type: string + key: + description: 'Object key for the dump files. (ex: ods-dump/scottschema.dmp).' + type: string + secretRef: + description: SecretRef is a reference to the secret that stores + GCS access information. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - bucket + - key + type: object + s3Options: + description: 'S3Options is a reference to S3 dependent options + (Ex: S3 Access Secret, End Point, Region).' + properties: + bucket: + description: 'Bucket is a required field, (ex: dbs-dump-bucket) + A user is to ensure proper write access to the storage bucket + from within the Operator.' + type: string + caBundle: + description: CABundle is a pool of PEM encoded CA certs which + will be used to validate the storageGrid's server certificate. + items: + type: string + type: array + endpoint: + description: Endpoint is S3 end point. + type: string + key: + description: 'Object key for the dump files. (ex: ods-dump/scottschema.dmp).' + type: string + region: + description: Region is S3 region the bucket resides in. + type: string + secretRef: + description: SecretRef is a reference to the secret that stores + bucket access information. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - bucket + - key + type: object + type: + description: 'Type of Repository (ex: S3, GCS), which tells the + agent which storage system/API to use.' + enum: + - GCS + - S3 + type: string + required: + - type + type: object + backupRepository: + description: BackupRepository is the name of the GDCH Backup BackupRepository + resource identifying the secondary storage for this `InstanceBackupPlan`. + If not provided, the default "dbs-backup-repository" will be used. + type: string + backupRetainDays: + default: 14 + description: Number of days after which the service will delete an + InstanceBackup. If specified, an InstanceBackup created under this + InstanceBackupPlan will be automatically deleted after its age reaches + create_time + backup_retain_days. The valid values are from 1 to + 90 days. Default to 14 retain days. + maximum: 90 + minimum: 1 + type: integer + dbclusterRef: + description: The DBCluster this backup plan configures. + type: string + paused: + default: false + description: A flag to indicate if the backup creation under this + plan is paused. If set to true, the service will pause the scheduling + of new InstanceBackups under this InstanceBackupPlan. Default to + False. + type: boolean + type: object + status: + description: InstanceBackupPlanStatus defines the observed state of an + AlloyDB Omni InstanceBackupPlan. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + lastBackupTime: + description: LastBackupTime is the timestamp for the most recently + executed backup. + format: date-time + nullable: true + type: string + nextBackupTime: + description: NextBackupTime is the timestamp for the next scheduled + backup. + format: date-time + nullable: true + type: string + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: InstanceBackupPlanPhase is the phase of an InstanceBackupPlan. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + recoveryWindow: + description: RecoveryWindow is the currently available recovery window. + properties: + begin: + description: Begin time. + format: date-time + type: string + end: + description: End time. + format: date-time + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancebackups.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancebackups.yaml new file mode 100644 index 00000000000..412bfdfc955 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancebackups.yaml @@ -0,0 +1,284 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: instancebackups.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: InstanceBackup + listKind: InstanceBackupList + plural: instancebackups + shortNames: + - aooib + singular: instancebackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.completeTime + name: CompleteTime + type: string + name: v1 + schema: + openAPIV3Schema: + description: InstanceBackup is the Schema for the InstanceBackup API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InstanceBackupSpec defines the desired state of an AlloyDB + Omni InstanceBackup. + properties: + dbclusterRef: + description: The DBCluster this backup belongs to + type: string + instanceBackupPlanRef: + description: Name of the InstanceBackupPlan from which this backup + was created. + type: string + manual: + default: false + description: Indicate whether this backup is a scheduled or manual + backup + type: boolean + physicalBackupSpec: + description: PhysicalBackupSpec contains spec for physical backups. + properties: + backupType: + default: full + description: BackupType is the type of backup to be created. It's + an enum in {"full","diff","incr"}. Default to full if not specified. + enum: + - full + - diff + - incr + type: string + type: object + type: object + status: + description: InstanceBackupStatus defines the observed state of an AlloyDB + Omni InstanceBackup. + properties: + completeTime: + description: Completion time of the Backup + format: date-time + type: string + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: Create time of the underlying Backup. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: InstanceBackupPhase is the phase of a backup. + type: string + physicalBackupStatus: + description: PhysicalBackupStatus contains status info that are specific + for physical backups. + properties: + backupID: + description: BackupID is the unique id of the physical backup + tracked by pgbackrest + type: string + priorBackup: + description: PriorBackup is the prior backup this backup depends + on. + type: string + type: object + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancerestores.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancerestores.yaml new file mode 100644 index 00000000000..0afd384a5c3 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instancerestores.yaml @@ -0,0 +1,286 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: instancerestores.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: InstanceRestore + listKind: InstanceRestoreList + plural: instancerestores + shortNames: + - aooir + singular: instancerestore + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.completeTime + name: CompleteTime + type: string + - jsonPath: .status.restoredPointInTime + name: RestoredPointInTime + type: string + name: v1 + schema: + openAPIV3Schema: + description: InstanceRestore is the Schema for the InstanceRestore API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InstanceRestoreSpec defines the desired state of an AlloyDB + Omni InstanceRestore. + properties: + clonedDBClusterConfig: + description: Settings for the cloned DBCluster. Omit this field will + restore to the DBCluster where backup was taken from. + properties: + dbclusterName: + description: The name of cloned DBCluster. + type: string + type: object + instanceBackupRef: + description: The InstanceBackup to restore from. InstanceRestore and + the source InstanceBackup should be in the same namespace. + type: string + pointInTime: + description: Previous point-in-time to restore to. + format: date-time + type: string + restoreStrategy: + default: Instance + description: RestoreStrategy specifies the strategy of InstanceRestore. + WorkloadOnly cannot be used together with PointInTime or ClonedDBClusterConfig. + enum: + - Instance + - WorkloadOnly + type: string + sourceDBCluster: + description: SourceDBCluster to restore from. + type: string + type: object + status: + description: InstanceRestoreStatus defines the observed state of an AlloyDB + Omni InstanceRestore. + properties: + completeTime: + description: Completion time of the restore + format: date-time + type: string + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: Create time of the underlying Restore. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: RestorePhase is the phase of a restore. + type: string + phaseReason: + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + restoredInstanceName: + description: Name of the instance that will be restored + type: string + restoredPointInTime: + description: Actual point-in-time this restore brings the target instance + into. Might be different from value specified in spec.PointInTime. + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instances.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instances.yaml new file mode 100644 index 00000000000..e17522bcfba --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instances.yaml @@ -0,0 +1,2327 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: instances.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: Instance + listKind: InstanceList + plural: instances + shortNames: + - aooi + singular: instance + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.endpoint + name: Endpoint + type: string + - jsonPath: .status.url + name: URL + type: string + - jsonPath: .metadata.labels['dbs\.internal\.dbadmin\.goog/ha-role'] + name: Role + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.description + name: Message + type: string + - jsonPath: .status.conditions[?(@.type=="HAReady")].status + name: HAReadyStatus + type: string + - jsonPath: .status.conditions[?(@.type=="HAReady")].reason + name: HAReadyReason + type: string + name: v1 + schema: + openAPIV3Schema: + description: Instance is the Schema for the instances API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InstanceSpec defines the desired state of AlloyDBOmniInstance + properties: + adminUser: + description: "AdminUser represents the admin user specification. This + field is required. \n This is the initial database user that the + control plane creates. Additional database users are managed by + the end-user directly. This field can also be used to reset the + password of the initial user." + properties: + passwordRef: + description: PasswordRef is the name of the secret containing + the admin user's password. This value will be used during initial + provisioning or password reset to set the admin user to that + password. The secret must be under the same project as the Database + cluster. The name of the secret must follow this pattern `db-pw-`. Additionally, the key of the password (inside the secret) + must be the same as the database cluster name. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + allowExternalIncomingTrafficToInstance: + default: false + description: AllowExternalIncomingTrafficToInstance will be used to + configure the external LB creation. + type: boolean + auditLogTarget: + description: AuditLogTarget configures the sink for the database audit + logs + properties: + syslog: + properties: + certsSecretRef: + description: CertsSecretRef contains the certificates to be + used for the TLS connection to syslog server + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + host: + description: Host is the syslog server FQDN or IP address + type: string + required: + - certsSecretRef + - host + type: object + type: object + availabilityOptions: + description: AvailabilityOptions contains adjustable settings for + HA features + properties: + livenessProbe: + default: Enabled + description: LivenessProbe enables or disables the liveness probe + which is used to trigger a container restart. When set to `Enabled`, + the liveness probe runs periodic health checks on the database. + It restarts the container if it fails three consecutive health + checks. LivenessProbe is automatically disabled for HA instances. + When set to `Disabled`, the liveness probe is not running health + checks on the database. The default value is Enabled. + enum: + - Enabled + - Disabled + - OpDisabled + type: string + type: object + component: + additionalProperties: + properties: + images: + additionalProperties: + type: string + description: The list of container images in the components + type: object + name: + description: Name of a component + type: string + upgradeScheduledAt: + description: Start time of the upgrade + format: date-time + type: string + version: + description: Version of a component + type: string + required: + - images + - name + type: object + description: The list of instance components An instance is composed + of dataplane and controlPlaneAgent components + type: object + databasePatchingTimeout: + description: Max threshold for database patching. This timeout is + used independently for sts patching and OPatch/datapatch execution. + type: string + dbLoadBalancerOptions: + description: DBNetworkServiceOptions allows to override some details + of kubernetes Service created to expose a connection to database. + properties: + annotations: + additionalProperties: + type: string + description: Annotation provided by the customer will be added + to the service object of type loadbalancer. + type: object + gcp: + description: GCP contains Google Cloud specific attributes for + the Kubernetes LoadBalancer. + properties: + loadBalancerIP: + description: LoadBalancerIP is a static IP address, see https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address + type: string + loadBalancerType: + description: A LoadBalancer can be internal or external. See + https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + enum: + - "" + - Internal + - External + type: string + type: object + type: object + features: + description: Feature Spec + properties: + googleMLExtension: + description: Google ML Extension Spec + properties: + config: + description: Google ML Extension Config + properties: + vertexAIKeyRef: + type: string + vertexAIRegion: + type: string + type: object + type: object + memoryAgent: + properties: + enabled: + default: true + description: Indicate interest to enable/disable memory agent + for database. The default is true. + type: boolean + required: + - enabled + type: object + type: object + isStopped: + description: "IsStopped stops the instance when set to true. This + field is optional and default to false. \n When stopped, the compute + resources (CPU, memory) of the instance are released. However, the + instance still keeps the storage resource and network endpoints + so that restarting is transparent to the downstream services. See + the status field for success or failures, if any." + type: boolean + mode: + description: Mode specifies how this instance will be managed by the + operator. + enum: + - ManuallySetUpStandby + - Pause + - Recovery + type: string + parameters: + additionalProperties: + type: string + description: "Parameters allows to set database parameters for the + database cluster. This field is optional. \n Parameters will take + a key/value pair corresponding to the parameter name/value as defined + by the database engine." + type: object + replication: + description: Replication configures replication connections to other + db instances + properties: + profiles: + description: Profiles contains the collection of replication profiles. + items: + description: ReplicationProfileSpec is one replication connection + to another database instance. + properties: + certificateReference: + description: CertificateReference refers to a secret to + be used for TLS + properties: + certificateKey: + description: CertificateKey is the key used to search + the secret for the Certificate + type: string + secretRef: + description: SecretRef is a reference to the secret + that contains the Certificate + properties: + name: + description: name is unique within a namespace to + reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + type: object + host: + description: Host on the other side of the connection + type: string + isActive: + description: IsActive is true for connections currently + enabled, false pauses the connection + type: boolean + isSynchronous: + default: false + description: IsSynchronous is true for synchronous replication + connections + type: boolean + name: + description: Name of the profile + type: string + password: + description: Password is a reference to the secret that + contains user password + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + passwordResourceVersion: + description: PasswordResourceVersion specifies the password + secret version + type: string + port: + description: Port on the other side of the connection + format: int32 + maximum: 65535 + minimum: 1 + type: integer + role: + description: Role is the replication role of this instance + to this replication connection. + enum: + - Upstream + - Downstream + type: string + type: + description: Type is physical or logical + enum: + - Logical + - Physical + type: string + username: + description: Username is the name of user to connect to + another database instance + type: string + required: + - name + - type + type: object + type: array + type: object + resources: + description: "Resource specification for the database container. \n + When any of the fields inside the resource changes, the operator + restarts the database instance with the new resource specification." + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to the + database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access modes + for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows to + integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" , + \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider for + binding. This field is optional. \n If this field is set, + then the volume with matching labels is used as the backing + volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" for + 10 Gibibytes. This field is required. \n The allowed size + unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, \"Pi\" + and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", \"T, + \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI storage + class. This field is optional. \n If the field is not + set, then the default CSI storage class for the Kubernetes + cluster is used. If there is no default for the Kubernetes + cluster, then the Persistence Volume Claim will fail + and the database cluster will fail to provision. \n You + can read more about storage classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to the + Persistent Volume tied to this disk. This field is optional. + \n This allows to reuse an existing volume. \n Note that + if this field is specified, the value \"storageClass\" + will not take effect. You can learn more about this in + https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + schedulingconfig: + description: "SchedulingConfig specifies how the instance should be + scheduled on Kubernetes nodes. \n When any field inside the scheduling + config changes, it can lead to rescheduling of the k8s pod onto + a different node based on the config." + properties: + nodeaffinity: + description: NodeAffinity describes node affinity scheduling rules + for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: PodAffinity describes pod affinity scheduling rules + for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: PodAntiAffinity describes pod anti-affinity scheduling + rules for the instance. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + tolerations: + description: Tolerations to enable the management of whether to + allow or disallow scheduling an instance on a Kubernetes node + that has a specific taint applied. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + services: + additionalProperties: + type: boolean + description: Services list the optional semi-managed services that + the customers can choose from. + type: object + sidecarRef: + description: SidecarRef is a reference to a sidecar Custom Resource. + If set, sidecar containers included in the sidecar Custom Resource + will be injected into the database pod. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sourceCidrRanges: + description: Source IP CIDR ranges allowed for a client. + items: + type: string + type: array + tls: + description: TLS is the desired server certificate configuration for + the instance. This field is optional. When this field is changed, + the instance pods will restart to load the specified certificate + properties: + certSecret: + description: CertSecret contains the name of a certificate secret + within the same namespace. The secret must contain entries ca.crt + (CA certificate), tls.key (server private key), and tls.crt + (server leaf certificate). This secret is used to set the TLS + config for the database instance. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + walArchiveSetting: + description: WalArchiveSetting specifies wal archive settings. If + set, archive_mode is enabled to archive wal logs to specified location. + Ref to https://www.postgresql.org/docs/15/continuous-archiving.html + for more information. + properties: + archiveMode: + default: "on" + description: ArchiveMode specifies archive_mode, see https://www.postgresql.org/docs/current/runtime-config-wal.html#GUC-ARCHIVE-MODE + for details. + enum: + - "on" + - always + type: string + location: + description: Location is the location where archived wal logs + are stored. + type: string + type: object + required: + - resources + type: object + status: + description: InstanceStatus defines the observed state of AlloyDBOmniInstance + properties: + ActiveComponents: + additionalProperties: + properties: + images: + additionalProperties: + type: string + description: The list of container images in the components + type: object + name: + description: Name of a component + type: string + upgradeScheduledAt: + description: Start time of the upgrade + format: date-time + type: string + version: + description: Version of a component + type: string + required: + - images + - name + - version + type: object + description: ActiveComponents stores the information of current components + in the database instance + type: object + ActiveImages: + additionalProperties: + type: string + description: ActiveImages stores the stable images used by the active + containers. + type: object + HealthCheck: + description: HealthStatus represents the health check. + properties: + IsRegistered: + type: boolean + LastHealthCheckTime: + type: string + type: object + LastFailedImages: + additionalProperties: + type: string + description: LastFailedImages stores the images which failed the last + patching workflow. + type: object + ReplicationStatus: + description: ReplicationStatus represents the current state of replication + connections. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the + current state of this API Resource. --- This struct is intended + for direct use as an array at the field path .status.conditions. + \ For example, \n type FooStatus struct{ // Represents the + observations of a foo's current state. // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + // +patchStrategy=merge // +listType=map // +listMapKey=type + Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be + when the underlying condition changed. If that is not + known, then using the time when the API field changed + is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if + .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the + current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values + and meanings for this field, and whether the values are + considered a guaranteed API. The value should be a CamelCase + string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across + resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability + to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about + an ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as + about the K8s resource. + properties: + component: + description: Component is an internal identifier of + the Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster + of the affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s + resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S + resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of + messages from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains + stack trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the + issue should be considered transient until the specified + time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + profiles: + items: + description: ReplicationProfileStatus is the status of one individual + replication connection + properties: + conditions: + description: Conditions represents the latest available + observations of the Entity's current state. + items: + description: "Condition contains details for one aspect + of the current state of this API Resource. --- This + struct is intended for direct use as an array at the + field path .status.conditions. For example, \n type + FooStatus struct{ // Represents the observations of + a foo's current state. // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" + // +patchMergeKey=type // +patchStrategy=merge // +listType=map + // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the + condition transitioned from one status to another. + This should be when the underlying condition changed. If + that is not known, then using the time when the + API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty + string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the + .status.conditions[x].observedGeneration is 9, the + condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last transition. + Producers of specific condition types may define + expected values and meanings for this field, and + whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field + may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, + False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in + foo.example.com/CamelCase. --- Many .condition.type + values are consistent across resources like Available, + but because arbitrary conditions can be useful (see + .node.status.conditions), the ability to deconflict + is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active + Critical Incidents. + items: + description: CriticalIncident contains all information + about an ongoing critical incident. + properties: + code: + description: Code is the error code of this particular + error. Error codes are DBSE+numeric strings, like + "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this + Incident was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error + that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value + pairs necessary for generating a user-friendly data-driven + version of Message in the UI. + type: object + resource: + description: Resource contains information about the + Database Service component that reported the incident + as well as about the K8s resource. + properties: + component: + description: Component is an internal identifier + of the Database Service subsystem that reported + the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster + of the affected K8S resource. + type: string + group: + description: Group is the Group name of the + k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected + K8S resource. + type: string + namespace: + description: Namespace is the namespace of + the affected K8S resource. + type: string + version: + description: Group is the Version of the k8s + resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list + of messages from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains + stack trace information available for the incident. + properties: + component: + description: Component is the name of a Database + Service component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that + the issue should be considered transient until the + specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + profile: + description: ReplicationProfileSpec is one replication connection + to another database instance. + properties: + certificateReference: + description: CertificateReference refers to a secret + to be used for TLS + properties: + certificateKey: + description: CertificateKey is the key used to search + the secret for the Certificate + type: string + secretRef: + description: SecretRef is a reference to the secret + that contains the Certificate + properties: + name: + description: name is unique within a namespace + to reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + type: object + host: + description: Host on the other side of the connection + type: string + isActive: + description: IsActive is true for connections currently + enabled, false pauses the connection + type: boolean + isSynchronous: + default: false + description: IsSynchronous is true for synchronous replication + connections + type: boolean + name: + description: Name of the profile + type: string + password: + description: Password is a reference to the secret that + contains user password + properties: + name: + description: name is unique within a namespace to + reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + passwordResourceVersion: + description: PasswordResourceVersion specifies the password + secret version + type: string + port: + description: Port on the other side of the connection + format: int32 + maximum: 65535 + minimum: 1 + type: integer + role: + description: Role is the replication role of this instance + to this replication connection. + enum: + - Upstream + - Downstream + type: string + type: + description: Type is physical or logical + enum: + - Logical + - Physical + type: string + username: + description: Username is the name of user to connect + to another database instance + type: string + required: + - name + - type + type: object + reconciled: + description: 'Internal: Whether the resource was reconciled + by the controller.' + type: boolean + type: object + type: array + reconciled: + description: 'Internal: Whether the resource was reconciled by + the controller.' + type: boolean + type: object + adminUser: + description: AdminUser represents the status of database admin user. + properties: + passwordResourceVersion: + description: PasswordResourceVersion is the Password Secret's + resourceVersion when the password was last updated on the database. + type: string + type: object + allocatedResources: + description: AllocatedResources represents the current configuration + of memory/CPU/disks + properties: + cpu: + anyOf: + - type: integer + - type: string + description: The amount of CPU allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + disks: + description: The specifications of the disks allocated to the + database container. This field is required. + items: + description: DiskSpec defines the desired state of a disk. + properties: + accessModes: + description: "AccessModes contains the desired access modes + for the volume. \n Refer to https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes + for more information." + items: + type: string + type: array + annotations: + additionalProperties: + type: string + description: "Additional annotations added to the Persistent + Volume Claim. This field is optional. \n This allows to + integrate with other tools." + type: object + name: + description: "Name of the disk. This field is required. + \n The allowed values are: \"DataDisk\", \"LogDisk\" , + \"BackupDisk\" and \"ObsDisk\"." + enum: + - DataDisk + - LogDisk + - BackupDisk + - ObsDisk + - BackupRepoDisk + type: string + selector: + description: "A label query over volumes to consider for + binding. This field is optional. \n If this field is set, + then the volume with matching labels is used as the backing + volume for the disk. \n Refer to https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#PersistentVolumeClaimSpec + for more information." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + size: + description: "Disk size in bytes for example, \"10Gi\" for + 10 Gibibytes. This field is required. \n The allowed size + unit prefixes are: \"Ki\", \"Mi\", \"Gi\", \"Ti, \"Pi\" + and \"Ei\" for 2-base. Also \"K\", \"M\", \"G\", \"T, + \"P\" and \"E\" for 10-base. See https://en.wikipedia.org/wiki/Unit_prefix." + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + type: string + storageClass: + description: "StorageClass points to a particular CSI storage + class. This field is optional. \n If the field is not + set, then the default CSI storage class for the Kubernetes + cluster is used. If there is no default for the Kubernetes + cluster, then the Persistence Volume Claim will fail + and the database cluster will fail to provision. \n You + can read more about storage classes in https://kubernetes.io/docs/concepts/storage/storage-classes." + type: string + volumeName: + description: "VolumeName is the binding reference to the + Persistent Volume tied to this disk. This field is optional. + \n This allows to reuse an existing volume. \n Note that + if this field is specified, the value \"storageClass\" + will not take effect. You can learn more about this in + https://kubernetes.io/docs/concepts/storage/persistent-volumes/#binding." + type: string + required: + - name + - size + type: object + type: array + memory: + anyOf: + - type: integer + - type: string + description: The amount of memory allocated to the database container. + This field is required. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + currentParameters: + additionalProperties: + type: string + description: CurrentParameters stores the last successfully set database + parameters. + type: object + description: + description: Description is for a human consumption. E.g. when an + Instance is restored from a backup this field is populated with + the human readable restore details. + type: string + endpoint: + description: Endpoint is presently expressed in the format of -svc.. + type: string + externalConnectivity: + description: ExternalConnectivity represents the external connectivity + details instance. + properties: + IP: + type: string + url: + type: string + type: object + instanceObservedGeneration: + description: InstanceObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + internalConnectivity: + description: InternalIP represents the internal connectivity details + of the instance. + properties: + IP: + type: string + url: + type: string + type: object + isChangeApplied: + description: IsChangeApplied indicates whether instance changes have + been applied + type: string + lastFailedParameterUpdate: + additionalProperties: + type: string + description: LastFailedParameterUpdate is used to avoid getting into + the failed parameter update loop. + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + phase: + description: Phase is a summary of current state of the Instance. + type: string + primaryPodIP: + description: PrimaryPodIP indicates the IP of AlloyDBOmni primary + pod. + type: string + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + registrationStatus: + description: RegistrationStatus represents the status of migration + for the database cluster. + properties: + IsRegistered: + type: boolean + RegistrationTime: + description: RegistrationTime represents the time the on-prem + dbcluster was registered with the Cloud + type: string + type: object + restoredFrom: + description: RestoredFrom shows the most recent restore source for + current Instance. + properties: + restoredTime: + description: Time point of the source Instance this Instance restores + from. + format: date-time + type: string + sourceInstance: + description: Source Instance this Instance restores from. + type: string + type: object + url: + description: URL represents an IP and a port number info needed in + order to establish a database connection from outside a cluster. + type: string + walArchiveSetting: + description: WalArchiveSetting represents the current wal archive + settings. + properties: + location: + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instanceswitchovers.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instanceswitchovers.yaml new file mode 100644 index 00000000000..59256ee6144 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_instanceswitchovers.yaml @@ -0,0 +1,298 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: instanceswitchovers.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: InstanceSwitchover + listKind: InstanceSwitchoverList + plural: instanceswitchovers + singular: instanceswitchover + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: state + type: string + - jsonPath: .status.internal.phase + name: phase + type: string + name: v1 + schema: + openAPIV3Schema: + description: InstanceSwitchover is the Schema for the switchover API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InstanceSwitchoverSpec defines the desired state of postgresql + Switchover. + properties: + dbclusterRef: + description: DBClusterRef is the dbcluster name within the same namespace + to initiate a switchover. + type: string + newPrimary: + description: NewPrimary is the standby instance to switch with the + current primary. + type: string + primaryHost: + description: PrimaryHost is the IP always point to the primary instance. + type: string + type: object + status: + description: InstanceSwitchoverStatus defines the observed state of postgresql + Switchover. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + createTime: + description: CreateTime is the time the underlying switchover was + created. + format: date-time + type: string + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + endTime: + description: EndTime is the time switchover reached its final state. + format: date-time + type: string + internal: + description: Internal is used by the DBS controllers. Users should + not directly depend on the information in this section. + properties: + newPrimary: + description: NewPrimary is the instance that we are attempting + to switchover to. + type: string + oldPrimary: + description: OldPrimary is the instance that was the primary at + the start of the switchover. + type: string + phase: + description: Phase is used to keep track of the current state + of the switchover + enum: + - UpdateDbcluster + - StopPrimary + - PromoteStandby + - ValidateNewPrimary + - UpdateOldPrimaryResources + - UpdateNewPrimaryResources + - UpdateOldPrimaryConfigs + - Complete + - SyncOldPrimary + - StartOldPrimary + - PreSuccess + - RepointStandbys + - RollbackPrimary + - RollbackStandbys + type: string + type: object + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + startTime: + description: StartTime is the time switchover started. + format: date-time + type: string + state: + description: State is the current state of the switchover operation. + enum: + - InProgress + - Success + - Failed_RollbackInProgress + - Failed_RollbackSuccess + - Failed_RollbackFailed + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_lrojobs.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_lrojobs.yaml new file mode 100644 index 00000000000..9c3eb354394 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_lrojobs.yaml @@ -0,0 +1,50 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: lrojobs.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: LROJob + listKind: LROJobList + plural: lrojobs + singular: lrojob + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: LROJob is an internal object that helps single-thread LRO jobs. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + lroName: + description: LROName is the name for the LRO + type: string + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_replicationconfigs.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_replicationconfigs.yaml new file mode 100644 index 00000000000..a9a3aaffa7d --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_replicationconfigs.yaml @@ -0,0 +1,514 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: replicationconfigs.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: ReplicationConfig + listKind: ReplicationConfigList + plural: replicationconfigs + shortNames: + - rcg + singular: replicationconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.parent.dbnode.name + name: Parent + type: string + - jsonPath: .spec.type + name: Type + type: string + - jsonPath: .spec.role + name: Role + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Healthy")].status + name: Healthy + type: string + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + parent: + description: Parent is a reference to the database this ReplicationConfig + belongs to. + properties: + dbnode: + description: DBNode is a reference to the DBNode the ReplicationConfig + belongs to. It should be non-nil if the ReplicationConfig belongs + to a DBS DBNode. The DBNode should be in the same namespace + as the ReplicationConfig. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + physicalDownstream: + properties: + host: + description: Host is the hostname or address of the upstream database + server to connect to. + type: string + password: + description: Password is a reference to a Secret holding the User's + password. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + port: + description: Port is the port number of the upstream database + server to connect to. kubebuilder:default:=5432 + type: integer + setupStrategies: + description: "SetupStrategies determine how the initial setup + will be done so that the downstream database can start streaming + from the upstream. \n Multiple strategies can be provided to + provide fallbacks in case a strategy fails. They will be attempted + in the same order they are provided in this list. If a strategy + succeeds then the rest of the strategies in the list will be + ignored. If all strategies fail then the ReplicationConfig will + be in a permanently failed state and the user must delete and + recreate the ReplicationConfig to retry. \n Note, not all failures + that occur in a setup strategy will make it fallback to the + next strategy. Depending on what type of error occurs, we might + retry the same strategy again or fallback to the next strategy. + \n Typically, errors such as connection errors will result in + the strategy being retried since the actual strategy wouldn't + have gotten the chance to actually be attempted. On the other + hand, if a strategy determines that it would not be able to + succeed no matter how many times it is retried then it would + fallback. Documentation on each strategy should specify in what + circumstances it would fallback to the next strategy." + items: + properties: + pgBaseBackup: + description: "PGBaseBackup is a replication setup strategy + that uses pg_basebackup to retrieve a backup of the upstream + database. \n This strategy will never fallback to next + strategy and will always be retried on errors. It should + typically be used as the last-resort strategy that is + expected to succeed as long as the upstream database is + available, but may be slow to complete." + properties: + checkpoint: + default: fast + description: "Checkpoint controls how the PostgreSQL + server performs a checkpoint over before initiating + the base backup. \n Accepted values are: - fast: This + option tells PostgreSQL to perform a \"fast\" checkpoint. + It is the quickest way to create a checkpoint, but + it may cause some additional load on the server during + the backup process. - spread: This option instructs + PostgreSQL to spread the checkpoint over a longer + period. It minimizes the impact on the server's performance + during the backup but might take longer to complete + the checkpoint." + enum: + - fast + - spread + type: string + maxRate: + description: "MaxRate sets the maximum transfer rate + at which data is collected from the source server. + \n This can be useful to limit the impact of pg_basebackup + on the server. Values are in kilobytes per second. + Use a suffix of M to indicate megabytes per second. + A suffix of k is also accepted, and has no effect. + Valid values are between 32 kilobytes per second and + 1024 megabytes per second." + pattern: ^[0-9]+[kKmM]?$ + type: string + walMethod: + default: stream + description: "WalMethod determines if and how WAL records + should be collected during backup. This will include + all write-ahead logs generated during the backup. + Unless the method none is specified, it is possible + to start a postmaster in the target directory without + the need to consult the WAL archive, thus making the + output a completely standalone backup. \n Accepted + values are: - none: Don't include write-ahead logs + in the backup. - fetch: The write-ahead log files + are collected at the end of the backup. - stream: + Stream write-ahead log data while the backup is being + taken." + enum: + - none + - fetch + - stream + type: string + type: object + pgRewind: + description: "PGRewind is a downstream replication setup + strategy that uses pg_rewind to put the upstream in-sync + with the upstream. It is useful for cases where the two + databases where previously replicating from each other + but have since diverged. \n This strategy will check connectivity + with the upstream before running pg_rewind. If it fails + due to the upstream being unreachable it will be retried, + however if the pg_rewind command is run and returns unsuccessfully + then it will fallback to the next strategy." + type: object + type: object + type: array + slotName: + description: SlotName is the replication slot that the database + will use on the upstream server. + type: string + username: + description: User is the database user which will be used to establish + the replication connection. + type: string + required: + - host + - password + - slotName + - username + type: object + physicalUpstream: + properties: + password: + description: Password is a reference to a Secret holding the User's + password. Any update made to the Secret will be captured and + reflected on the database user. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + slotName: + description: SlotName is the replication slot that will be configured + on the database. This must be unique among all PhysicalUpstream + specs on the same instance. + type: string + username: + description: "User is the name of a database user that will be + created on the Instance for this ReplicationConfig. Multiple + Upstream ReplicationConfigs can share the same user. \n Note, + the User specified here will be managed by the ReplicationConfig + controller and removed when there are no longer any ReplicationConfigs + with this username. Do not specify a user here if you wish it + to have a lifecycle outside of the ReplicationConfig's lifecycle." + type: string + required: + - slotName + type: object + role: + description: ReplicationRole determines the role of the ReplicationConfig's + parent in the replication. An Upstream role means the parent is + the source of replication and a Downstream role means the parent + is the destination of the replication. + type: string + type: + description: ReplicationType determines the type of replication which + will be used (i.e., Physical, Logical). + type: string + required: + - parent + - role + - type + type: object + status: + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + physicalDownstream: + properties: + setupStrategies: + description: SetupStrategies contains information on the execution + of each attempted setup strategy. They appear in this list in + the same order as the strategies were defined in the spec. + items: + properties: + endedAt: + description: EndedAt is the time at which the most recent + attempt of this strategy ended.. + format: date-time + type: string + message: + description: Message is a description of why the setup attempt + is in the state it is. + type: string + retries: + description: Retries is the number of times this strategy + has been retried. + format: int32 + type: integer + startedAt: + description: StartedAt is the time at which the most recent + attempt of this strategy was started. + format: date-time + type: string + state: + description: "State is the current state of this setup strategy. + It can take the following values: \n - InProgress: The + strategy is currently executing. - Success: The strategy + has successfully completed and no more setup strategies + will be attempted. - Error: The strategy has failed but + will be retried. The Retries field will show how many + times this strategy has been retried. - Fallback: The + strategy has failed and will not be reattempted. Instead + we will fallback to the next available strategy if it + exists." + enum: + - Unknown + - InProgress + - Success + - Error + - Fallback + type: string + strategy: + description: Strategy is the name of the strategy type this + status is for. + type: string + required: + - state + - strategy + type: object + type: array + state: + description: State is the state of replication as seen in the + pg_stat_wal_receiver table of the downstream database server. + type: string + type: object + physicalUpstream: + properties: + clientAddr: + description: ClientAddr is the address of the downstream client + connected to this replication slot. + type: string + clientHostname: + description: ClientHostname is the hostname of the downstream + client connected to this replication slot. + type: string + clientPort: + description: ClientPort is the source port of the downstream client + connected to this replication slot. + type: integer + passwordResourceVersion: + description: PasswordResourceVersion is the Password Secret's + resourceVersion when the password was last updated on the database. + type: string + startedAt: + description: StartedAt is the time at which the downstream client + connected to the server. + format: date-time + type: string + state: + description: 'State is the current state of replication. It can + take one of the following values: See document for the `state` + column of the `pg_stat_replication` table for more info: https://www.postgresql.org/docs/current/monitoring-stats.html#MONITORING-PG-STAT-REPLICATION-VIEW' + type: string + type: object + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_sidecars.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_sidecars.yaml new file mode 100644 index 00000000000..9b0ce4fbcab --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/alloydbomni.internal.dbadmin.goog_sidecars.yaml @@ -0,0 +1,3073 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + alloydb-omni: "true" + name: sidecars.alloydbomni.internal.dbadmin.goog +spec: + group: alloydbomni.internal.dbadmin.goog + names: + kind: Sidecar + listKind: SidecarList + plural: sidecars + shortNames: + - aooisc + singular: sidecar + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Sidecar is the Schema for the sidecar API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SidecarSpec specifies the desired state of Sidecar. + properties: + additionalVolumes: + description: AdditionalVolumes specifies a list of existing volumes + to mount into the sidecar containers. Refer to https://kubernetes.io/docs/concepts/storage/volumes/ + for more information. + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the ''..'' path. Must be utf-8 encoded. + The first item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory that + shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified through + a storage class, and d) the storage driver supports dynamic + volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this volume + type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n Use + CSI for light-weight local ephemeral volumes if the CSI driver + is meant to be used that way - see the documentation of the + driver for more information. \n A pod can use both types of + ephemeral volumes and persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. When the AnyVolumeDataSource feature + gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will + be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + object from a non-empty API group (non core object) + or a PersistentVolumeClaim object. When this field + is specified, volume binding will only succeed + if the type of the specified object matches some + installed volume populator or dynamic provisioner. + This field will replace the functionality of the + dataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. When namespace is specified + in dataSourceRef, dataSource isn''t set to the + same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types + of objects, dataSourceRef allows any non-core + object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + * While dataSource only allows local objects, + dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the + namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to + be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires the + CrossNamespaceVolumeDataSource feature gate + to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use for + this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds extra + command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret data + to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is no + group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in the + pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + sidecars: + description: Sidecar specifies a list of sidecar containers to inject + into the database pod. Refer to https://kubernetes.io/docs/concepts/containers/ + for more information. + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :{{ .Chart.Version }} tag is specified, + or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource resize + policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this resource + resize policy applies. Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified resource + is resized. If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + type: object + status: + description: SidecarStatus specifies the observed state of Sidecar. + properties: + conditions: + description: Conditions represents the latest available observations + of the Entity's current state. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + criticalIncidents: + description: CriticalIncidents is a flat list of all active Critical + Incidents. + items: + description: CriticalIncident contains all information about an + ongoing critical incident. + properties: + code: + description: Code is the error code of this particular error. + Error codes are DBSE+numeric strings, like "DBSE1012". + type: string + createTime: + description: CreateTime is the timestamp when this Incident + was created at the origin. + format: date-time + type: string + message: + description: Message describes the incident/error that occurred. + type: string + messageTemplateParams: + additionalProperties: + type: string + description: MessageTemplateParams contains key-value pairs + necessary for generating a user-friendly data-driven version + of Message in the UI. + type: object + resource: + description: Resource contains information about the Database + Service component that reported the incident as well as about + the K8s resource. + properties: + component: + description: Component is an internal identifier of the + Database Service subsystem that reported the incident. + type: string + location: + description: Location + properties: + cluster: + description: Cluster is the name of the cluster of the + affected K8S resource. + type: string + group: + description: Group is the Group name of the k8s resource. + type: string + kind: + description: Kind is the Kind of the k8s resource. + type: string + name: + description: Name is the name of the affected K8S resource. + type: string + namespace: + description: Namespace is the namespace of the affected + K8S resource. + type: string + version: + description: Group is the Version of the k8s resource. + type: string + type: object + required: + - component + type: object + stackTrace: + description: StackTrace contains an unstructured list of messages + from the stack trace. + items: + description: CriticalIncidentStackTraceMessage contains stack + trace information available for the incident. + properties: + component: + description: Component is the name of a Database Service + component that logged the message. + type: string + message: + description: Logged message. + type: string + type: object + type: array + transientUntil: + description: TransientUntil if present indicates that the issue + should be considered transient until the specified time. + format: date-time + type: string + required: + - code + - createTime + - resource + type: object + type: array + observedGeneration: + description: 'Internal: The generation observed by the controller.' + format: int64 + type: integer + reconciled: + description: 'Internal: Whether the resource was reconciled by the + controller.' + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/fleet-controller-manager-metrics-service_v1_service.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/fleet-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..91ae9ee0491 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/fleet-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + control-plane: controller-manager + name: fleet-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/fleet-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/fleet-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..89925a9b09a --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/fleet-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: fleet-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/fleet-webhook-service_v1_service.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/fleet-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..69a7fe4f18b --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/fleet-webhook-service_v1_service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: fleet-webhook-service +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + fleet-control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/local-controller-manager-metrics-service_v1_service.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/local-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..b250c3f3c1d --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/local-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + control-plane: controller-manager + name: local-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/local-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/local-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..ed0e78aeb5a --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/local-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: local-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/alloydb-omni-operator/1.1.1/manifests/local-webhook-service_v1_service.yaml b/operators/alloydb-omni-operator/1.1.1/manifests/local-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..4e01f8b1fda --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/manifests/local-webhook-service_v1_service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: local-webhook-service +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + local-control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/alloydb-omni-operator/1.1.1/metadata/annotations.yaml b/operators/alloydb-omni-operator/1.1.1/metadata/annotations.yaml new file mode 100644 index 00000000000..2169855ef93 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/metadata/annotations.yaml @@ -0,0 +1,12 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: alloydb-omni-operator + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.37.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 + + com.redhat.openshift.versions: "4.16" diff --git a/operators/alloydb-omni-operator/1.1.1/tests/scorecard/config.yaml b/operators/alloydb-omni-operator/1.1.1/tests/scorecard/config.yaml new file mode 100644 index 00000000000..aaf374d37d7 --- /dev/null +++ b/operators/alloydb-omni-operator/1.1.1/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.37.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.37.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.37.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.37.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.37.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.37.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {} diff --git a/operators/alloydb-omni-operator/ci.yaml b/operators/alloydb-omni-operator/ci.yaml new file mode 100644 index 00000000000..f64c4e002a9 --- /dev/null +++ b/operators/alloydb-omni-operator/ci.yaml @@ -0,0 +1,4 @@ +--- +# Use `replaces-mode` or `semver-mode`. Once you switch to `semver-mode`, there is no easy way back. +merge: false +cert_project_id: 671b74674a97c34aff63aa46