helm-charts/postgres-operator/crds/operatorconfigurations.yaml

680 lines
24 KiB
YAML
Raw Normal View History

2021-01-17 01:09:41 +00:00
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: operatorconfigurations.acid.zalan.do
labels:
app.kubernetes.io/name: postgres-operator
spec:
group: acid.zalan.do
names:
kind: OperatorConfiguration
listKind: OperatorConfigurationList
plural: operatorconfigurations
singular: operatorconfiguration
shortNames:
- opconfig
categories:
- all
2021-01-17 01:09:41 +00:00
scope: Namespaced
versions:
- name: v1
served: true
storage: true
subresources:
status: {}
additionalPrinterColumns:
- name: Image
type: string
description: Spilo image to be used for Pods
jsonPath: .configuration.docker_image
- name: Cluster-Label
type: string
description: Label for K8s resources created by operator
jsonPath: .configuration.kubernetes.cluster_name_label
- name: Service-Account
type: string
description: Name of service account to be used
jsonPath: .configuration.kubernetes.pod_service_account_name
- name: Min-Instances
type: integer
description: Minimum number of instances per Postgres cluster
jsonPath: .configuration.min_instances
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
schema:
openAPIV3Schema:
type: object
required:
- kind
- apiVersion
- configuration
properties:
kind:
type: string
enum:
- OperatorConfiguration
apiVersion:
type: string
enum:
- acid.zalan.do/v1
configuration:
type: object
properties:
crd_categories:
type: array
nullable: true
items:
type: string
2021-01-17 01:09:41 +00:00
docker_image:
type: string
default: "ghcr.io/zalando/spilo-15:2.1-p9"
enable_crd_registration:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
enable_crd_validation:
type: boolean
description: deprecated
default: true
2021-01-17 01:09:41 +00:00
enable_lazy_spilo_upgrade:
type: boolean
default: false
enable_pgversion_env_var:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
enable_shm_volume:
type: boolean
default: true
enable_spilo_wal_path_compat:
type: boolean
default: false
enable_team_id_clustername_prefix:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
etcd_host:
type: string
default: ""
ignore_instance_limits_annotation_key:
type: string
2021-01-17 01:09:41 +00:00
kubernetes_use_configmaps:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
max_instances:
type: integer
description: "-1 = disabled"
minimum: -1
default: -1
2021-01-17 01:09:41 +00:00
min_instances:
type: integer
description: "-1 = disabled"
minimum: -1
default: -1
2021-01-17 01:09:41 +00:00
resync_period:
type: string
default: "30m"
2021-01-17 01:09:41 +00:00
repair_period:
type: string
default: "5m"
2021-01-17 01:09:41 +00:00
set_memory_request_to_limit:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
sidecar_docker_images:
type: object
additionalProperties:
type: string
sidecars:
type: array
nullable: true
items:
type: object
x-kubernetes-preserve-unknown-fields: true
2021-01-17 01:09:41 +00:00
workers:
type: integer
minimum: 1
default: 8
2021-01-17 01:09:41 +00:00
users:
type: object
properties:
additional_owner_roles:
type: array
nullable: true
items:
type: string
enable_password_rotation:
type: boolean
default: false
password_rotation_interval:
type: integer
default: 90
password_rotation_user_retention:
type: integer
default: 180
2021-01-17 01:09:41 +00:00
replication_username:
type: string
default: standby
2021-01-17 01:09:41 +00:00
super_username:
type: string
default: postgres
major_version_upgrade:
type: object
properties:
major_version_upgrade_mode:
type: string
default: "off"
major_version_upgrade_team_allow_list:
type: array
items:
type: string
minimal_major_version:
type: string
default: "11"
target_major_version:
type: string
default: "15"
2021-01-17 01:09:41 +00:00
kubernetes:
type: object
properties:
additional_pod_capabilities:
type: array
items:
type: string
2021-01-17 01:09:41 +00:00
cluster_domain:
type: string
default: "cluster.local"
2021-01-17 01:09:41 +00:00
cluster_labels:
type: object
additionalProperties:
type: string
default:
application: spilo
2021-01-17 01:09:41 +00:00
cluster_name_label:
type: string
default: "cluster-name"
2021-01-17 01:09:41 +00:00
custom_pod_annotations:
type: object
additionalProperties:
type: string
delete_annotation_date_key:
type: string
delete_annotation_name_key:
type: string
downscaler_annotations:
type: array
items:
type: string
2021-11-14 22:17:20 +00:00
enable_cross_namespace_secret:
type: boolean
default: false
enable_init_containers:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
enable_pod_antiaffinity:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
enable_pod_disruption_budget:
type: boolean
default: true
enable_readiness_probe:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
enable_sidecars:
type: boolean
default: true
ignored_annotations:
type: array
items:
type: string
2021-01-17 01:09:41 +00:00
infrastructure_roles_secret_name:
type: string
infrastructure_roles_secrets:
type: array
nullable: true
items:
type: object
required:
- secretname
- userkey
- passwordkey
properties:
secretname:
type: string
userkey:
type: string
passwordkey:
type: string
rolekey:
type: string
defaultuservalue:
type: string
defaultrolevalue:
type: string
details:
type: string
template:
type: boolean
inherited_annotations:
type: array
items:
type: string
2021-01-17 01:09:41 +00:00
inherited_labels:
type: array
items:
type: string
master_pod_move_timeout:
type: string
default: "20m"
2021-01-17 01:09:41 +00:00
node_readiness_label:
type: object
additionalProperties:
type: string
node_readiness_label_merge:
type: string
enum:
- "AND"
- "OR"
2021-01-17 01:09:41 +00:00
oauth_token_secret_name:
type: string
default: "postgresql-operator"
2021-01-17 01:09:41 +00:00
pdb_name_format:
type: string
default: "postgres-{cluster}-pdb"
pod_antiaffinity_preferred_during_scheduling:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
pod_antiaffinity_topology_key:
type: string
default: "kubernetes.io/hostname"
2021-01-17 01:09:41 +00:00
pod_environment_configmap:
type: string
pod_environment_secret:
type: string
pod_management_policy:
type: string
enum:
- "ordered_ready"
- "parallel"
default: "ordered_ready"
2021-01-17 01:09:41 +00:00
pod_priority_class_name:
type: string
pod_role_label:
type: string
default: "spilo-role"
2021-01-17 01:09:41 +00:00
pod_service_account_definition:
type: string
default: ""
2021-01-17 01:09:41 +00:00
pod_service_account_name:
type: string
default: "postgres-pod"
2021-01-17 01:09:41 +00:00
pod_service_account_role_binding_definition:
type: string
default: ""
2021-01-17 01:09:41 +00:00
pod_terminate_grace_period:
type: string
default: "5m"
2021-01-17 01:09:41 +00:00
secret_name_template:
type: string
default: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
share_pgsocket_with_sidecars:
type: boolean
default: false
spilo_allow_privilege_escalation:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
spilo_runasuser:
type: integer
spilo_runasgroup:
type: integer
spilo_fsgroup:
type: integer
spilo_privileged:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
storage_resize_mode:
type: string
enum:
- "ebs"
- "mixed"
2021-01-17 01:09:41 +00:00
- "pvc"
- "off"
default: "pvc"
2021-01-17 01:09:41 +00:00
toleration:
type: object
additionalProperties:
type: string
watched_namespace:
type: string
postgres_pod_resources:
type: object
properties:
default_cpu_limit:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "1"
2021-01-17 01:09:41 +00:00
default_cpu_request:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "100m"
2021-01-17 01:09:41 +00:00
default_memory_limit:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "500Mi"
2021-01-17 01:09:41 +00:00
default_memory_request:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "100Mi"
max_cpu_request:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
max_memory_request:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
2021-01-17 01:09:41 +00:00
min_cpu_limit:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "250m"
2021-01-17 01:09:41 +00:00
min_memory_limit:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "250Mi"
2021-01-17 01:09:41 +00:00
timeouts:
type: object
properties:
patroni_api_check_interval:
type: string
default: "1s"
patroni_api_check_timeout:
type: string
default: "5s"
2021-01-17 01:09:41 +00:00
pod_label_wait_timeout:
type: string
default: "10m"
2021-01-17 01:09:41 +00:00
pod_deletion_wait_timeout:
type: string
default: "10m"
2021-01-17 01:09:41 +00:00
ready_wait_interval:
type: string
default: "4s"
2021-01-17 01:09:41 +00:00
ready_wait_timeout:
type: string
default: "30s"
2021-01-17 01:09:41 +00:00
resource_check_interval:
type: string
default: "3s"
2021-01-17 01:09:41 +00:00
resource_check_timeout:
type: string
default: "10m"
2021-01-17 01:09:41 +00:00
load_balancer:
type: object
properties:
custom_service_annotations:
type: object
additionalProperties:
type: string
db_hosted_zone:
type: string
default: "db.example.com"
2021-01-17 01:09:41 +00:00
enable_master_load_balancer:
type: boolean
default: true
enable_master_pooler_load_balancer:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
enable_replica_load_balancer:
type: boolean
default: false
enable_replica_pooler_load_balancer:
type: boolean
default: false
external_traffic_policy:
type: string
enum:
- "Cluster"
- "Local"
default: "Cluster"
2021-01-17 01:09:41 +00:00
master_dns_name_format:
type: string
default: "{cluster}.{namespace}.{hostedzone}"
master_legacy_dns_name_format:
2021-01-17 01:09:41 +00:00
type: string
default: "{cluster}.{team}.{hostedzone}"
2021-01-17 01:09:41 +00:00
replica_dns_name_format:
type: string
default: "{cluster}-repl.{namespace}.{hostedzone}"
replica_legacy_dns_name_format:
2021-01-17 01:09:41 +00:00
type: string
default: "{cluster}-repl.{team}.{hostedzone}"
2021-01-17 01:09:41 +00:00
aws_or_gcp:
type: object
properties:
additional_secret_mount:
type: string
additional_secret_mount_path:
type: string
default: "/meta/credentials"
2021-01-17 01:09:41 +00:00
aws_region:
type: string
default: "eu-central-1"
enable_ebs_gp3_migration:
type: boolean
default: false
enable_ebs_gp3_migration_max_size:
type: integer
default: 1000
2021-01-17 01:09:41 +00:00
gcp_credentials:
type: string
kube_iam_role:
type: string
log_s3_bucket:
type: string
wal_az_storage_account:
type: string
2021-01-17 01:09:41 +00:00
wal_gs_bucket:
type: string
wal_s3_bucket:
type: string
logical_backup:
type: object
properties:
logical_backup_azure_storage_account_name:
type: string
logical_backup_azure_storage_container:
type: string
logical_backup_azure_storage_account_key:
type: string
logical_backup_cpu_limit:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
logical_backup_cpu_request:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
2021-01-17 01:09:41 +00:00
logical_backup_docker_image:
type: string
default: "registry.opensource.zalan.do/acid/logical-backup:v1.9.0"
logical_backup_google_application_credentials:
type: string
logical_backup_job_prefix:
type: string
default: "logical-backup-"
logical_backup_memory_limit:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
logical_backup_memory_request:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
logical_backup_provider:
type: string
enum:
- "az"
- "gcs"
- "s3"
default: "s3"
2021-01-17 01:09:41 +00:00
logical_backup_s3_access_key_id:
type: string
logical_backup_s3_bucket:
type: string
logical_backup_s3_endpoint:
type: string
logical_backup_s3_region:
type: string
logical_backup_s3_secret_access_key:
type: string
logical_backup_s3_sse:
type: string
logical_backup_s3_retention_time:
type: string
2021-01-17 01:09:41 +00:00
logical_backup_schedule:
type: string
pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$'
default: "30 00 * * *"
2021-01-17 01:09:41 +00:00
debug:
type: object
properties:
debug_logging:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
enable_database_access:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
teams_api:
type: object
properties:
enable_admin_role_for_users:
type: boolean
default: true
enable_postgres_team_crd:
type: boolean
default: true
enable_postgres_team_crd_superusers:
type: boolean
default: false
2021-06-15 00:30:37 +00:00
enable_team_member_deprecation:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
enable_team_superuser:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
enable_teams_api:
type: boolean
default: true
2021-01-17 01:09:41 +00:00
pam_configuration:
type: string
default: "https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees"
2021-01-17 01:09:41 +00:00
pam_role_name:
type: string
default: "zalandos"
2021-01-17 01:09:41 +00:00
postgres_superuser_teams:
type: array
items:
type: string
protected_role_names:
type: array
items:
2021-01-17 01:09:41 +00:00
type: string
default:
- admin
- cron_admin
2021-06-15 00:30:37 +00:00
role_deletion_suffix:
type: string
default: "_deleted"
team_admin_role:
type: string
default: "admin"
team_api_role_configuration:
type: object
additionalProperties:
2021-01-17 01:09:41 +00:00
type: string
default:
log_statement: all
2021-01-17 01:09:41 +00:00
teams_api_url:
type: string
default: "https://teams.example.com/api/"
2021-01-17 01:09:41 +00:00
logging_rest_api:
type: object
properties:
api_port:
type: integer
default: 8080
2021-01-17 01:09:41 +00:00
cluster_history_entries:
type: integer
default: 1000
2021-01-17 01:09:41 +00:00
ring_log_lines:
type: integer
default: 100
2021-01-17 01:09:41 +00:00
scalyr: # deprecated
type: object
properties:
scalyr_api_key:
type: string
scalyr_cpu_limit:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "1"
2021-01-17 01:09:41 +00:00
scalyr_cpu_request:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "100m"
2021-01-17 01:09:41 +00:00
scalyr_image:
type: string
scalyr_memory_limit:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "500Mi"
2021-01-17 01:09:41 +00:00
scalyr_memory_request:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "50Mi"
2021-01-17 01:09:41 +00:00
scalyr_server_url:
type: string
default: "https://upload.eu.scalyr.com"
2021-01-17 01:09:41 +00:00
connection_pooler:
type: object
properties:
connection_pooler_schema:
type: string
default: "pooler"
2021-01-17 01:09:41 +00:00
connection_pooler_user:
type: string
default: "pooler"
2021-01-17 01:09:41 +00:00
connection_pooler_image:
type: string
default: "registry.opensource.zalan.do/acid/pgbouncer:master-26"
2021-01-17 01:09:41 +00:00
connection_pooler_max_db_connections:
type: integer
default: 60
2021-01-17 01:09:41 +00:00
connection_pooler_mode:
type: string
enum:
- "session"
- "transaction"
default: "transaction"
2021-01-17 01:09:41 +00:00
connection_pooler_number_of_instances:
type: integer
minimum: 1
default: 2
2021-01-17 01:09:41 +00:00
connection_pooler_default_cpu_limit:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "1"
2021-01-17 01:09:41 +00:00
connection_pooler_default_cpu_request:
type: string
pattern: '^(\d+m|\d+(\.\d{1,3})?)$'
default: "500m"
2021-01-17 01:09:41 +00:00
connection_pooler_default_memory_limit:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "100Mi"
2021-01-17 01:09:41 +00:00
connection_pooler_default_memory_request:
type: string
pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$'
default: "100Mi"
patroni:
type: object
properties:
failsafe_mode:
type: boolean
default: false
2021-01-17 01:09:41 +00:00
status:
type: object
additionalProperties:
type: string