SGShardedCluster.yaml 306 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704
  1. apiVersion: apiextensions.k8s.io/v1
  2. kind: CustomResourceDefinition
  3. metadata:
  4. name: sgshardedclusters.stackgres.io
  5. spec:
  6. group: stackgres.io
  7. scope: Namespaced
  8. names:
  9. kind: SGShardedCluster
  10. listKind: SGShardedClusterList
  11. plural: sgshardedclusters
  12. singular: sgshardedcluster
  13. shortNames:
  14. - sgscl
  15. versions:
  16. - name: v1alpha1
  17. served: true
  18. storage: true
  19. additionalPrinterColumns:
  20. - name: version
  21. type: string
  22. jsonPath: .spec.postgres.version
  23. - name: instances
  24. type: integer
  25. jsonPath: .spec.coordinator.instances + (.spec.shards.clusters * .spec.shards.instancesPerCluster)
  26. - name: Profile
  27. type: string
  28. jsonPath: .spec.coordinator.sgInstanceProfile + ", " + .spec.shards.sgInstanceProfile
  29. - name: Disk
  30. type: string
  31. jsonPath: .spec.coordinator.pods.persistentVolume.size + ", " + .spec.shards.pods.persistentVolume.size
  32. - name: prometheus-autobind
  33. type: string
  34. jsonPath: .spec.configurations.observability.prometheusAutobind
  35. priority: 1
  36. - name: pool-config
  37. type: string
  38. jsonPath: .spec.coordinator.configurations.sgPoolingConfig + ", " + .spec.shards.configurations.sgPoolingConfig
  39. priority: 1
  40. - name: postgres-config
  41. type: string
  42. jsonPath: .spec.coordinator.configurations.sgPostgresConfig + ", " + .spec.shards.configurations.sgPostgresConfig
  43. priority: 1
  44. schema:
  45. openAPIV3Schema:
  46. type: object
  47. required: ["metadata", "spec"]
  48. properties:
  49. metadata:
  50. type: object
  51. properties:
  52. name:
  53. type: string
  54. maxLength: 37
  55. pattern: "^[a-z]([-a-z0-9]*[a-z0-9])?$"
  56. description: |
  57. Name of the StackGres sharded cluster. Following [Kubernetes naming conventions](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/identifiers.md), it must be an rfc1035/rfc1123 subdomain, that is, up to 253 characters consisting of one or more lowercase labels separated by `.`. Where each label is an alphanumeric (a-z, and 0-9) string, with the `-` character allowed anywhere except the first or last character.
  58. The name must be unique across all SGCluster, SGShardedCluster and SGDistributedLogs in the same namespace.
  59. spec:
  60. type: object
  61. description: |
  62. Specification of the desired behavior of a StackGres sharded cluster.
  63. required: ["database", "postgres", "coordinator", "shards"]
  64. properties:
  65. profile:
  66. type: string
  67. description: |
  68. The profile allow to change in a convenient place a set of configuration defaults that affect how the cluster is generated.
  69. All those defaults can be overwritten by setting the correspoinding fields.
  70. Available profiles are:
  71. * `production`:
  72. Prevents two Pods from running in the same Node (set `.spec.nonProductionOptions.disableClusterPodAntiAffinity` to `false` by default).
  73. Sets both limits and requests using `SGInstanceProfile` for `patroni` container that runs both Patroni and Postgres (set `.spec.nonProductionOptions.disablePatroniResourceRequirements` to `false` by default).
  74. Sets requests using the referenced `SGInstanceProfile` for sidecar containers other than `patroni` (set `.spec.nonProductionOptions.disableClusterResourceRequirements` to `false` by default).
  75. * `testing`:
  76. Allows two Pods to running in the same Node (set `.spec.nonProductionOptions.disableClusterPodAntiAffinity` to `true` by default).
  77. Sets both limits and requests using `SGInstanceProfile` for `patroni` container that runs both Patroni and Postgres (set `.spec.nonProductionOptions.disablePatroniResourceRequirements` to `false` by default).
  78. Sets requests using the referenced `SGInstanceProfile` for sidecar containers other than `patroni` (set `.spec.nonProductionOptions.disableClusterResourceRequirements` to `false` by default).
  79. * `development`:
  80. Allows two Pods from running in the same Node (set `.spec.nonProductionOptions.disableClusterPodAntiAffinity` to `true` by default).
  81. Unset both limits and requests for `patroni` container that runs both Patroni and Postgres (set `.spec.nonProductionOptions.disablePatroniResourceRequirements` to `true` by default).
  82. Unsets requests for sidecar containers other than `patroni` (set `.spec.nonProductionOptions.disableClusterResourceRequirements` to `true` by default).
  83. **Changing this field may require a restart.**
  84. default: production
  85. type:
  86. type: string
  87. description: |
  88. The sharding technology that will be used for the sharded cluster.
  89. Available technologies are:
  90. * `citus`
  91. * `ddp`
  92. * `shardingsphere`
  93. **Citus**
  94. Citus is a PostgreSQL extension that transforms Postgres into a distributed database—so you can achieve high performance at any scale.
  95. See also https://github.com/citusdata/citus
  96. **DDP**
  97. DDP (Distributed Data Partitioning) allows you to distribute data across different physical nodes to improve the query performance of high data volumes, taking advantage of distinct nodes’ resources. Using the entry point named coordinator in charge of sending/distributing the queries to different nodes named shards.
  98. **ShardingSphere**
  99. Apache ShardingSphere is an ecosystem to transform any database into a distributed database system, and enhance it with sharding, elastic scaling, encryption features & more.
  100. StackGres implementation of ShardingSphere as a sharding technology uses the [ShardingSphere Proxy](https://shardingsphere.apache.org/document/current/en/quick-start/shardingsphere-proxy-quick-start/) as an entry point to distribute SQL traffic among the shards.
  101. This implementation requires the [ShardingSphere Operator](https://shardingsphere.apache.org/oncloud/current/en/user-manual/cn-sn-operator/) to be installed and will create a ComputeNode
  102. database:
  103. type: string
  104. description: |
  105. The database name that will be created and used across all node and where "partitioned" (distributed) tables will live in.
  106. postgres:
  107. type: object
  108. description: |
  109. This section allows to configure Postgres features
  110. required: [ "version" ]
  111. properties:
  112. version:
  113. type: string
  114. description: |
  115. Postgres version used on the cluster. It is either of:
  116. * The string 'latest', which automatically sets the latest major.minor Postgres version.
  117. * A major version, like '14' or '13', which sets that major version and the latest minor version.
  118. * A specific major.minor version, like '14.4'.
  119. flavor:
  120. type: string
  121. description: |
  122. Postgres flavor used on the cluster. It is either of:
  123. * `babelfish` will use the [Babelfish for Postgres](https://babelfish-for-postgresql.github.io/babelfish-for-postgresql/).
  124. If not specified then the vanilla Postgres will be used for the cluster.
  125. **This field can only be set on creation.**
  126. extensions:
  127. type: array
  128. description: |
  129. StackGres support deploy of extensions at runtime by simply adding an entry to this array. A deployed extension still
  130. requires the creation in a database using the [`CREATE EXTENSION`](https://www.postgresql.org/docs/current/sql-createextension.html)
  131. statement. After an extension is deployed correctly it will be present until removed and the cluster restarted.
  132. A cluster restart is required for:
  133. * Extensions that requires to add an entry to [`shared_preload_libraries`](https://postgresqlco.nf/en/doc/param/shared_preload_libraries/) configuration parameter.
  134. * Upgrading extensions that overwrite any file that is not the extension''s control file or extension''s script file.
  135. * Removing extensions. Until the cluster is not restarted a removed extension will still be available.
  136. * Install of extensions that require extra mount. After installed the cluster will require to be restarted.
  137. **Exmaple:**
  138. ``` yaml
  139. apiVersion: stackgres.io/v1alpha1
  140. kind: SGShardedCluster
  141. metadata:
  142. name: stackgres
  143. spec:
  144. postgres:
  145. extensions:
  146. - {name: 'timescaledb', version: '2.3.1'}
  147. ```
  148. items:
  149. type: object
  150. required: ["name"]
  151. properties:
  152. name:
  153. type: string
  154. description: The name of the extension to deploy.
  155. publisher:
  156. type: string
  157. description: The id of the publisher of the extension to deploy. If not specified `com.ongres` will be used by default.
  158. version:
  159. type: string
  160. description: The version of the extension to deploy. If not specified version of `stable` channel will be used by default.
  161. repository:
  162. type: string
  163. description: |
  164. The repository base URL from where to obtain the extension to deploy.
  165. **This section is filled by the operator.**
  166. ssl:
  167. type: object
  168. description: |
  169. This section allows to use SSL when connecting to Postgres
  170. **Example:**
  171. ```yaml
  172. apiVersion: stackgres.io/v1alpha1
  173. kind: SGShardedCluster
  174. metadata:
  175. name: stackgres
  176. spec:
  177. postgres:
  178. ssl:
  179. enabled: true
  180. certificateSecretKeySelector:
  181. name: stackgres-secrets
  182. key: cert
  183. privateKeySecretKeySelector:
  184. name: stackgres-secrets
  185. key: key
  186. ```
  187. properties:
  188. enabled:
  189. type: boolean
  190. description: |
  191. Allow to enable SSL for connections to Postgres. By default is `true`.
  192. If `true` certificate and private key will be auto-generated unless fields `certificateSecretKeySelector` and `privateKeySecretKeySelector` are specified.
  193. certificateSecretKeySelector:
  194. type: object
  195. description: |
  196. Secret key selector for the certificate or certificate chain used for SSL connections.
  197. required: [ "name", "key" ]
  198. properties:
  199. name:
  200. type: string
  201. description: |
  202. The name of Secret that contains the certificate or certificate chain for SSL connections
  203. key:
  204. type: string
  205. description: |
  206. The key of Secret that contains the certificate or certificate chain for SSL connections
  207. privateKeySecretKeySelector:
  208. type: object
  209. description: |
  210. Secret key selector for the private key used for SSL connections.
  211. required: [ "name", "key" ]
  212. properties:
  213. name:
  214. type: string
  215. description: |
  216. The name of Secret that contains the private key for SSL connections
  217. key:
  218. type: string
  219. description: |
  220. The key of Secret that contains the private key for SSL connections
  221. replication: &replication
  222. type: object
  223. description: |
  224. This section allows to configure the global Postgres replication mode.
  225. The main replication group is implicit and contains the total number of instances less the sum of all
  226. instances in other replication groups.
  227. The total number of instances is always specified by `.spec.instances`.
  228. properties:
  229. mode:
  230. type: string
  231. description: |
  232. The replication mode applied to the whole cluster.
  233. Possible values are:
  234. * `async` (default)
  235. * `sync`
  236. * `strict-sync`
  237. * `sync-all`
  238. * `strict-sync-all`
  239. **async**
  240. When in asynchronous mode the cluster is allowed to lose some committed transactions.
  241. When the primary server fails or becomes unavailable for any other reason a sufficiently healthy standby
  242. will automatically be promoted to primary. Any transactions that have not been replicated to that standby
  243. remain in a "forked timeline" on the primary, and are effectively unrecoverable (the data is still there,
  244. but recovering it requires a manual recovery effort by data recovery specialists).
  245. **sync**
  246. When in synchronous mode a standby will not be promoted unless it is certain that the standby contains all
  247. transactions that may have returned a successful commit status to client (clients can change the behavior
  248. per transaction using PostgreSQL’s `synchronous_commit` setting. Transactions with `synchronous_commit`
  249. values of `off` and `local` may be lost on fail over, but will not be blocked by replication delays). This
  250. means that the system may be unavailable for writes even though some servers are available. System
  251. administrators can still use manual failover commands to promote a standby even if it results in transaction
  252. loss.
  253. Synchronous mode does not guarantee multi node durability of commits under all circumstances. When no suitable
  254. standby is available, primary server will still accept writes, but does not guarantee their replication. When
  255. the primary fails in this mode no standby will be promoted. When the host that used to be the primary comes
  256. back it will get promoted automatically, unless system administrator performed a manual failover. This behavior
  257. makes synchronous mode usable with 2 node clusters.
  258. When synchronous mode is used and a standby crashes, commits will block until the primary is switched to standalone
  259. mode. Manually shutting down or restarting a standby will not cause a commit service interruption. Standby will
  260. signal the primary to release itself from synchronous standby duties before PostgreSQL shutdown is initiated.
  261. **strict-sync**
  262. When it is absolutely necessary to guarantee that each write is stored durably on at least two nodes, use the strict
  263. synchronous mode. This mode prevents synchronous replication to be switched off on the primary when no synchronous
  264. standby candidates are available. As a downside, the primary will not be available for writes (unless the Postgres
  265. transaction explicitly turns off `synchronous_mode` parameter), blocking all client write requests until at least one
  266. synchronous replica comes up.
  267. **Note**: Because of the way synchronous replication is implemented in PostgreSQL it is still possible to lose
  268. transactions even when using strict synchronous mode. If the PostgreSQL backend is cancelled while waiting to acknowledge
  269. replication (as a result of packet cancellation due to client timeout or backend failure) transaction changes become
  270. visible for other backends. Such changes are not yet replicated and may be lost in case of standby promotion.
  271. **sync-all**
  272. The same as `sync` but `syncInstances` is ignored and the number of synchronous instances is equals to the total number
  273. of instances less one.
  274. **strict-sync-all**
  275. The same as `strict-sync` but `syncInstances` is ignored and the number of synchronous instances is equals to the total number
  276. of instances less one.
  277. default: async
  278. syncInstances:
  279. type: integer
  280. minimum: 1
  281. description: |
  282. Number of synchronous standby instances. Must be less than the total number of instances. It is set to 1 by default.
  283. Only setteable if mode is `sync` or `strict-sync`.
  284. initialization:
  285. type: object
  286. description: |
  287. Allow to specify how the replicas are initialized.
  288. properties:
  289. mode:
  290. type: string
  291. description: |
  292. Allow to specify how the replicas are initialized.
  293. Possible values are:
  294. * `FromPrimary`: When this mode is used replicas will be always created from the primary using `pg_basebackup`.
  295. * `FromReplica`: When this mode is used replicas will be created from another existing replica using
  296. `pg_basebackup`. Fallsback to `FromPrimary` if there's no replica or it fails.
  297. * `FromExistingBackup`: When this mode is used replicas will be created from an existing SGBackup. If `backupNewerThan` is set
  298. the SGBackup must be newer than its value. When this mode fails to restore an SGBackup it will try with a previous one (if exists).
  299. Fallsback to `FromReplica` if there's no backup left or it fails.
  300. * `FromNewlyCreatedBackup`: When this mode is used replicas will be created from a newly created SGBackup.
  301. Fallsback to `FromExistingBackup` if `backupNewerThan` is set and exists a recent backup newer than its value or it fails.
  302. default: FromExistingBackup
  303. backupNewerThan:
  304. type: string
  305. description: |
  306. An ISO 8601 duration in the format `PnDTnHnMn.nS`, that specifies how old an SGBackup have to be in order to be seleceted
  307. to initialize a replica.
  308. When `FromExistingBackup` mode is set this field restrict the selection of SGBackup to be used for recovery newer than the
  309. specified value.
  310. When `FromNewlyCreatedBackup` mode is set this field skip the creation SGBackup to be used for recovery if one newer than
  311. the specified value exists.
  312. backupRestorePerformance:
  313. type: object
  314. description: |
  315. Configuration that affects the backup network and disk usage performance during recovery.
  316. properties:
  317. maxNetworkBandwidth:
  318. type: integer
  319. description: |
  320. Maximum storage upload bandwidth used when storing a backup. In bytes (per second).
  321. maxDiskBandwidth:
  322. type: integer
  323. description: |
  324. Maximum disk read I/O when performing a backup. In bytes (per second).
  325. downloadConcurrency:
  326. type: integer
  327. minimum: 1
  328. description: |
  329. Backup storage may use several concurrent streams to read the data. This parameter configures the number of parallel streams to use. By default, it's set to the minimum between the number of file to read and 10.
  330. postgresServices:
  331. type: object
  332. description: Kubernetes [services](https://kubernetes.io/docs/concepts/services-networking/service/) created or managed by StackGres.
  333. properties:
  334. coordinator:
  335. type: object
  336. description: |
  337. Configuration for the coordinator services
  338. properties:
  339. any:
  340. type: object
  341. description: |
  342. Configure the coordinator service to any instance of the coordinator with the same name as the SGShardedCluster plus the `-reads` suffix.
  343. If the sharding type is `shardingsphere` then the name of the service will be the same name as the SGShardedCluster.
  344. It provides a stable connection (regardless of node failures) to any Postgres server of the coordinator cluster. Servers are load-balanced via this service.
  345. See also https://kubernetes.io/docs/concepts/services-networking/service/
  346. properties: &service-properties
  347. enabled:
  348. type: boolean
  349. description: Specify if the service should be created or not.
  350. type:
  351. type: string
  352. enum: ["ClusterIP", "LoadBalancer", "NodePort"]
  353. description: |
  354. type determines how the Service is exposed. Defaults to ClusterIP. Valid
  355. options are ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates
  356. a cluster-internal IP address for load-balancing to endpoints.
  357. "NodePort" builds on ClusterIP and allocates a port on every node.
  358. "LoadBalancer" builds on NodePort and creates
  359. an external load-balancer (if supported in the current cloud).
  360. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
  361. allocateLoadBalancerNodePorts: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.allocateLoadBalancerNodePorts
  362. {"description":"allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.","type":"boolean"}
  363. externalIPs: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.externalIPs #allocateloadbalancernodeports-v1-core
  364. {"description":"externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#allocateloadbalancernodeports-v1-core","items":{"type":"string"},"type":"array"}
  365. externalTrafficPolicy: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.externalTrafficPolicy
  366. {"description":"externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.","type":"string"}
  367. healthCheckNodePort: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.healthCheckNodePort
  368. {"description":"healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.","format":"int32","type":"integer"}
  369. internalTrafficPolicy: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.internalTrafficPolicy
  370. {"description":"InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).","type":"string"}
  371. ipFamilies: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.ipFamilies
  372. {"description":"IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName.\n\nThis field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.","items":{"type":"string"},"type":"array"}
  373. ipFamilyPolicy: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.ipFamilyPolicy
  374. {"description":"IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.","type":"string"}
  375. loadBalancerClass: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.loadBalancerClass
  376. {"description":"loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.","type":"string"}
  377. loadBalancerIP: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.loadBalancerIP
  378. {"description":"Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available.","type":"string"}
  379. loadBalancerSourceRanges: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.loadBalancerSourceRanges
  380. {"description":"If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/","items":{"type":"string"},"type":"array"}
  381. publishNotReadyAddresses: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.publishNotReadyAddresses
  382. {"description":"publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior.","type":"boolean"}
  383. sessionAffinity: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.sessionAffinity
  384. {"description":"Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies","type":"string"}
  385. sessionAffinityConfig: #!jq_placeholder .definitions["io.k8s.api.core.v1.ServiceSpec"].properties.sessionAffinityConfig #sessionaffinityconfig-v1-core
  386. {"description":"SessionAffinityConfig represents the configurations of session affinity.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#sessionaffinityconfig-v1-core","properties":{"clientIP":{"description":"ClientIPConfig represents the configurations of Client IP based session affinity.","properties":{"timeoutSeconds":{"description":"timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours).","format":"int32","type":"integer"}},"type":"object"}},"type":"object"}
  387. nodePorts:
  388. type: object
  389. description: nodePorts is a list of ports for exposing a cluster services to the
  390. outside world
  391. properties:
  392. pgport:
  393. type: integer
  394. description: the node port that will be exposed to connect to Postgres instance
  395. replicationport:
  396. type: integer
  397. description: the node port that will be exposed to connect to Postgres instance
  398. for replication purpose
  399. primary:
  400. type: object
  401. description: |
  402. Configure the coordinator service to the primary of the coordinator with the name as the SGShardedCluster.
  403. If the sharding type is `shardingsphere` then this service will be disabled.
  404. It provides a stable connection (regardless of primary failures or switchovers) to the read-write Postgres server of the coordinator cluster.
  405. See also https://kubernetes.io/docs/concepts/services-networking/service/
  406. properties: *service-properties
  407. customPorts:
  408. type: array
  409. description: |
  410. The list of custom ports that will be exposed by the coordinator services.
  411. The names of custom ports will be prefixed with the string `custom-` so they do not
  412. conflict with ports defined for the coordinator services.
  413. The names of target ports will be prefixed with the string `custom-` so that the ports
  414. that can be referenced in this section will be only those defined under
  415. .spec.pods.customContainers[].ports sections were names are also prepended with the same
  416. prefix.
  417. **Changing this field may require a restart.**
  418. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#serviceport-v1-core
  419. items:
  420. description: |
  421. A custom port that will be exposed by the Postgres coordinator services.
  422. The name of the custom port will be prefixed with the string `custom-` so it does not
  423. conflict with ports defined for the coordinator services.
  424. The name of target port will be prefixed with the string `custom-` so that the port
  425. that can be referenced in this section will be only those defined under
  426. .spec.pods.customContainers[].ports sections were names are also prepended with the same
  427. prefix.
  428. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#serviceport-v1-core
  429. properties: &ports-items-properties #!jq_placeholder .definitions["io.k8s.api.core.v1.ServicePort"].properties
  430. {"appProtocol":{"description":"The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.","type":"string"},"name":{"description":"The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service.","type":"string"},"nodePort":{"description":"The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport","format":"int32","type":"integer"},"port":{"description":"The port that will be exposed by this service.","format":"int32","type":"integer"},"protocol":{"description":"The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.","type":"string"},"targetPort":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"}}
  431. required:
  432. - port
  433. type: object
  434. shards:
  435. type: object
  436. description: |
  437. Configuration for the shards services
  438. properties:
  439. primaries:
  440. type: object
  441. description: |
  442. Configure the shards service to any primary in the shards with the name as the SGShardedCluster plus the `-shards` suffix.
  443. It provides a stable connection (regardless of primary failures or switchovers) to read-write Postgres servers of any shard cluster. Read-write servers are load-balanced via this service.
  444. See also https://kubernetes.io/docs/concepts/services-networking/service/
  445. properties: *service-properties
  446. customPorts:
  447. type: array
  448. description: |
  449. The list of custom ports that will be exposed by the shards services.
  450. The names of custom ports will be prefixed with the string `custom-` so they do not
  451. conflict with ports defined for the shards services.
  452. The names of target ports will be prefixed with the string `custom-` so that the ports
  453. that can be referenced in this section will be only those defined under
  454. .spec.pods.customContainers[].ports sections were names are also prepended with the same
  455. prefix.
  456. **Changing this field may require a restart.**
  457. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#serviceport-v1-core
  458. items:
  459. description: |
  460. A custom port that will be exposed by the Postgres shards services.
  461. The name of the custom port will be prefixed with the string `custom-` so it does not
  462. conflict with ports defined for the shards services.
  463. The name of target port will be prefixed with the string `custom-` so that the port
  464. that can be referenced in this section will be only those defined under
  465. .spec.pods.customContainers[].ports sections were names are also prepended with the same
  466. prefix.
  467. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#serviceport-v1-core
  468. properties: *ports-items-properties
  469. required:
  470. - port
  471. type: object
  472. configurations:
  473. type: object
  474. description: |
  475. Sharded cluster custom configurations.
  476. **Example:**
  477. ``` yaml
  478. apiVersion: stackgres.io/v1alpha1
  479. kind: SGShardedCluster
  480. metadata:
  481. name: stackgres
  482. spec:
  483. configurations:
  484. backups:
  485. - sgObjectStorage: 'backupconf'
  486. ```
  487. properties:
  488. observability:
  489. type: object
  490. description: Allow to specify Observability configuration (related to logs, metrics and traces)
  491. properties:
  492. disableMetrics:
  493. type: boolean
  494. description: |
  495. If set to `true`, avoids creating the Prometheus exporter sidecar. Recommended when there's no intention to use internal monitoring.
  496. **Changing this field may require a restart.**
  497. default: false
  498. receiver:
  499. type: string
  500. description: Indicate the receiver in the configuration for the collector scraper (if not specified, will default to prometheus).
  501. default: prometheus
  502. prometheusAutobind:
  503. type: boolean
  504. description: If set to `true`, a PodMonitor is created for each Prometheus instance as specified in the SGConfig.spec.collector.prometheusOperator.monitors section.
  505. default: false
  506. backups:
  507. type: array
  508. description: |
  509. List of sharded backups configurations for this SGShardedCluster
  510. items:
  511. type: object
  512. description: |
  513. Sharded backup configuration for this SGShardedCluster
  514. required: ["sgObjectStorage"]
  515. properties:
  516. compression:
  517. type: string
  518. description: |
  519. Specifies the backup compression algorithm. Possible options are: lz4, lzma, brotli. The default method is `lz4`. LZ4 is the fastest method, but compression ratio is the worst. LZMA is way slower, but it compresses backups about 6 times better than LZ4. Brotli is a good trade-off between speed and compression ratio, being about 3 times better than LZ4.
  520. enum: [ "lz4", "lzma", "brotli" ]
  521. cronSchedule:
  522. type: string
  523. description: |
  524. Continuous Archiving backups are composed of periodic *base backups* and all the WAL segments produced in between those base backups for the coordinator and each shard. This parameter specifies at what time and with what frequency to start performing a new base backup.
  525. Use cron syntax (`m h dom mon dow`) for this parameter, i.e., 5 values separated by spaces:
  526. * `m`: minute, 0 to 59.
  527. * `h`: hour, 0 to 23.
  528. * `dom`: day of month, 1 to 31 (recommended not to set it higher than 28).
  529. * `mon`: month, 1 to 12.
  530. * `dow`: day of week, 0 to 7 (0 and 7 both represent Sunday).
  531. Also ranges of values (`start-end`), the symbol `*` (meaning `first-last`) or even `*/N`, where `N` is a number, meaning ""every `N`, may be used. All times are UTC. It is recommended to avoid 00:00 as base backup time, to avoid overlapping with any other external operations happening at this time.
  532. If not set, full backups are never performed automatically.
  533. performance:
  534. type: object
  535. description: |
  536. Configuration that affects the backup network and disk usage performance.
  537. properties:
  538. maxNetworkBandwidth:
  539. type: integer
  540. description: |
  541. Maximum storage upload bandwidth used when storing a backup. In bytes (per second).
  542. maxDiskBandwidth:
  543. type: integer
  544. description: |
  545. Maximum disk read I/O when performing a backup. In bytes (per second).
  546. uploadDiskConcurrency:
  547. type: integer
  548. minimum: 1
  549. description: |
  550. Backup storage may use several concurrent streams to store the data. This parameter configures the number of parallel streams to use to reading from disk. By default, it's set to 1.
  551. uploadConcurrency:
  552. type: integer
  553. minimum: 1
  554. description: |
  555. Backup storage may use several concurrent streams to store the data. This parameter configures the number of parallel streams to use. By default, it's set to 16.
  556. downloadConcurrency:
  557. type: integer
  558. minimum: 1
  559. description: |
  560. Backup storage may use several concurrent streams to read the data. This parameter configures the number of parallel streams to use. By default, it's set to the minimum between the number of file to read and 10.
  561. retention:
  562. type: integer
  563. minimum: 1
  564. description: |
  565. When an automatic retention policy is defined to delete old base backups, this parameter specifies the number of base backups to keep, in a sliding window.
  566. Consequently, the time range covered by backups is `periodicity*retention`, where `periodicity` is the separation between backups as specified by the `cronSchedule` property.
  567. Default is 5.
  568. sgObjectStorage:
  569. type: string
  570. description: |
  571. Name of the [SGObjectStorage](https://stackgres.io/doc/latest/reference/crd/sgobjectstorage) to use for the cluster. It defines the location in which the the backups will be stored.
  572. paths:
  573. type: array
  574. items:
  575. type: string
  576. description: |
  577. The paths were the backups are stored. If not set this field is filled up by the operator.
  578. When provided will indicate were the backups and WAL files will be stored.
  579. The first path indicate the coordinator path and the other paths indicate the shards paths
  580. > **WARNING**: Most users should leave this field empty since having it manually set could be dangerous. If the value is repeated due to re-creating an SGShardedCluster or
  581. re-using the same value in another SGShardedCluster and you may get a mixed WAL history with unrecoverable backups.
  582. useVolumeSnapshot:
  583. type: boolean
  584. description: |
  585. If specified SGBackup will use VolumeSnapshot to create backups.
  586. This functionality still require to store WAL files in an SGObjectStorage but could result in much faster backups and restore of those backups.
  587. See also https://kubernetes.io/docs/concepts/storage/volume-snapshots/
  588. volumeSnapshotClass:
  589. type: string
  590. description: |
  591. The name of the VolumeSnaphostClass to use to create the VolumeSnapshot for backups.
  592. See also https://kubernetes.io/docs/concepts/storage/volume-snapshots/
  593. fastVolumeSnapshot:
  594. type: boolean
  595. description: |
  596. If specified SGBackup will create a backup forcing a fast start (by setting parameter `fast` to `true` when calling `pg_backup_start`) that will reduce the time the backups may take at the expense of more IO usage.
  597. See also https://www.postgresql.org/docs/current/continuous-archiving.html#BACKUP-LOWLEVEL-BASE-BACKUP
  598. timeout:
  599. type: integer
  600. description: |
  601. Allow to set a timeout for the backup creation.
  602. If not set it will be disabled and the backup operation will continue until the backup completes or fail. If set to 0 is the same as not being set.
  603. Make sure to set a reasonable high value in order to allow for any unexpected delays during backup creation (network low bandwidth, disk low throughput and so forth).
  604. reconciliationTimeout:
  605. type: integer
  606. default: 300
  607. description: |
  608. Allow to set a timeout for the reconciliation process that take place after the backup.
  609. If not set defaults to 300 (5 minutes). If set to 0 it will disable timeout.
  610. Failure of reconciliation will not make the backup fail and will be re-tried the next time a SGBackup
  611. or shecduled backup Job take place.
  612. retainWalsForUnmanagedLifecycle:
  613. type: boolean
  614. description: |
  615. If specified, WAL created after any unmanaged lifecycle backups will be retained.
  616. credentials:
  617. type: object
  618. description: |
  619. Allow to specify custom credentials for Postgres users and Patroni REST API
  620. **Changing this field may require a restart.**
  621. properties:
  622. patroni:
  623. type: object
  624. description: |
  625. Kubernetes [SecretKeySelectors](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the credentials for patroni REST API.
  626. **Changing this field may require a restart.**
  627. properties:
  628. restApiPassword:
  629. type: object
  630. description: |
  631. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the password for the patroni REST API.
  632. required: ["name", "key"]
  633. properties:
  634. name:
  635. type: string
  636. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  637. key:
  638. type: string
  639. description: The key of the secret to select from. Must be a valid secret key.
  640. users:
  641. type: object
  642. description: |
  643. Kubernetes [SecretKeySelectors](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the credentials of the users.
  644. **Changing this field may require a manual modification of the database users to reflect the new values specified.**
  645. In particular you may have to create those users if username is changed or alter password if it is changed. Here are the SQL commands to perform such operation (replace
  646. default usernames with the new ones and `***` with their respective passwords):
  647. * Superuser username changed:
  648. ```
  649. CREATE ROLE postgres;
  650. ```
  651. * Superuser password changed:
  652. ```
  653. ALTER ROLE postgres WITH SUPERUSER INHERIT CREATEROLE CREATEDB LOGIN REPLICATION BYPASSRLS PASSWORD '***';
  654. ```
  655. * Replication username changed:
  656. ```
  657. CREATE ROLE replicator;
  658. ```
  659. * Replication password changed:
  660. ```
  661. ALTER ROLE replicator WITH NOSUPERUSER INHERIT NOCREATEROLE NOCREATEDB LOGIN REPLICATION NOBYPASSRLS PASSWORD '***';
  662. ```
  663. * Authenticator username changed:
  664. ```
  665. CREATE ROLE authenticator;
  666. ```
  667. * Authenticator password changed:
  668. ```
  669. ALTER ROLE authenticator WITH SUPERUSER INHERIT NOCREATEROLE NOCREATEDB LOGIN NOREPLICATION NOBYPASSRLS PASSWORD '***';
  670. ```
  671. **Changing this field may require a restart.**
  672. properties:
  673. superuser:
  674. type: object
  675. description: |
  676. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the credentials of the superuser (usually the postgres user).
  677. properties:
  678. username:
  679. type: object
  680. description: |
  681. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the username of the user.
  682. required: ["name", "key"]
  683. properties:
  684. name:
  685. type: string
  686. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  687. key:
  688. type: string
  689. description: The key of the secret to select from. Must be a valid secret key.
  690. password:
  691. type: object
  692. description: |
  693. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the password of the user.
  694. required: ["name", "key"]
  695. properties:
  696. name:
  697. type: string
  698. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  699. key:
  700. type: string
  701. description: The key of the secret to select from. Must be a valid secret key.
  702. replication:
  703. type: object
  704. description: |
  705. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the credentials of the replication user used to replicate from the primary cluster and from replicas of this cluster.
  706. properties:
  707. username:
  708. type: object
  709. description: |
  710. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the username of the user.
  711. required: ["name", "key"]
  712. properties:
  713. name:
  714. type: string
  715. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  716. key:
  717. type: string
  718. description: The key of the secret to select from. Must be a valid secret key.
  719. password:
  720. type: object
  721. description: |
  722. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the password of the user.
  723. required: ["name", "key"]
  724. properties:
  725. name:
  726. type: string
  727. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  728. key:
  729. type: string
  730. description: The key of the secret to select from. Must be a valid secret key.
  731. authenticator:
  732. type: object
  733. description: |
  734. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the credentials of the authenticator user used by pgbouncer to authenticate other users.
  735. properties:
  736. username:
  737. type: object
  738. description: |
  739. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the username of the user.
  740. required: ["name", "key"]
  741. properties:
  742. name:
  743. type: string
  744. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  745. key:
  746. type: string
  747. description: The key of the secret to select from. Must be a valid secret key.
  748. password:
  749. type: object
  750. description: |
  751. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the password of the user.
  752. required: ["name", "key"]
  753. properties:
  754. name:
  755. type: string
  756. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  757. key:
  758. type: string
  759. description: The key of the secret to select from. Must be a valid secret key.
  760. binding:
  761. type: object
  762. description: |
  763. This section allows to specify the properties of [Service Binding spec for provisioned service](https://servicebinding.io/spec/core/1.0.0/#provisioned-service).
  764. If not specified, then some default will be used.
  765. For more information see https://servicebinding.io/spec/core/1.0.0/
  766. properties:
  767. provider:
  768. type: string
  769. description: It's the reference of custom provider name. If not specified, then the default value will be `stackgres`
  770. database:
  771. type: string
  772. description: Allow to specify the database name. If not specified, then the default value is `postgres`
  773. username:
  774. type: string
  775. description: Allow to specify the username. If not specified, then the superuser username will be used.
  776. password:
  777. type: object
  778. description: Allow to reference Secret that contains the user's password. If not specified, then the superuser password will be used.
  779. properties:
  780. name:
  781. type: string
  782. description: The name of the Secret
  783. key:
  784. type: string
  785. description: The key of the Secret
  786. metadata:
  787. type: object
  788. description: Metadata information from any cluster created resources.
  789. properties:
  790. annotations:
  791. type: object
  792. description: |
  793. Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to be passed to resources created and managed by StackGres.
  794. **Example:**
  795. ```yaml
  796. apiVersion: stackgres.io/v1alpha1
  797. kind: SGShardedCluster
  798. metadata:
  799. name: stackgres
  800. spec:
  801. metadata:
  802. annotations:
  803. clusterPods:
  804. customAnnotations: customAnnotationValue
  805. primaryService:
  806. customAnnotations: customAnnotationValue
  807. replicasService:
  808. customAnnotations: customAnnotationValue
  809. ```
  810. properties:
  811. allResources:
  812. type: object
  813. description: Annotations to attach to any resource created or managed by StackGres.
  814. additionalProperties:
  815. type: string
  816. clusterPods:
  817. type: object
  818. description: Annotations to attach to pods created or managed by StackGres.
  819. additionalProperties:
  820. type: string
  821. services:
  822. type: object
  823. description: Annotations to attach to all services created or managed by StackGres.
  824. additionalProperties:
  825. type: string
  826. primaryService:
  827. type: object
  828. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-primary` service.
  829. additionalProperties:
  830. type: string
  831. replicasService:
  832. type: object
  833. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-replicas` service.
  834. additionalProperties:
  835. type: string
  836. labels:
  837. type: object
  838. description: |
  839. Custom Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) to be passed to resources created and managed by StackGres.
  840. **Example:**
  841. ```yaml
  842. apiVersion: stackgres.io/v1alpha1
  843. kind: SGShardedCluster
  844. metadata:
  845. name: stackgres
  846. spec:
  847. metadata:
  848. labels:
  849. clusterPods:
  850. customLabel: customLabelValue
  851. services:
  852. customLabel: customLabelValue
  853. ```
  854. properties:
  855. clusterPods:
  856. type: object
  857. description: Labels to attach to Pods created or managed by StackGres.
  858. additionalProperties:
  859. type: string
  860. services:
  861. type: object
  862. description: Labels to attach to Services and Endpoints created or managed by StackGres.
  863. additionalProperties:
  864. type: string
  865. coordinator:
  866. type: object
  867. description: |
  868. The coordinator is a StackGres cluster responsible of coordinating data storage and access from the shards.
  869. required: ["instances", "pods"]
  870. properties:
  871. instances:
  872. type: integer
  873. minimum: 0
  874. description: |
  875. Number of StackGres instances for the cluster. Each instance contains one Postgres server.
  876. Out of all of the Postgres servers, one is elected as the primary, the rest remain as read-only replicas.
  877. If sharding type is `shardingsphere` then, instead of an SGCluster a ComputeNode will be created.
  878. See also https://shardingsphere.apache.org/oncloud/current/en/user-manual/cn-sn-operator/#computenode
  879. autoscaling: &autoscaling
  880. type: object
  881. description: |
  882. This section allows to configure vertical Pod autoscaling for the SGCluster's Pods.
  883. Vertical Pod Autoscaling will use cpu and memory usage as the metric to control the upscale or downscale of the Pod requests and limits resources.
  884. Vertical Pod Autoscaling requires the [Vertical Pod Autoscaler operator](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler) to be installed in the Kuberentes cluster.
  885. properties:
  886. mode:
  887. type: string
  888. description: |
  889. Allow to enable or disable any of horizontal and vertical Pod autoscaling.
  890. Possible values are:
  891. * `vertical`: only vertical Pod autoscaling will be enabled (default)
  892. * `none`: all autoscaling will be disabled
  893. enum: [ "vertical", "none" ]
  894. default: vertical
  895. minAllowed:
  896. type: object
  897. description: |
  898. Allow to define the lower bound for Pod resources of patroni, pgbouncer and envoy containers
  899. properties:
  900. patroni:
  901. type: object
  902. description: |
  903. Allow to define the lower bound for Pod resources of patroni container
  904. properties:
  905. cpu:
  906. type: string
  907. description: The minimum allowed CPU for the patroni container
  908. memory:
  909. type: string
  910. description: The minimum allowed memory for the patroni container
  911. pgbouncer:
  912. type: object
  913. description: |
  914. Allow to define the lower bound for Pod resources of pgbouncer container
  915. properties:
  916. cpu:
  917. type: string
  918. description: The minimum allowed CPU for the pgbouncer container
  919. memory:
  920. type: string
  921. description: The minimum allowed memory for the pgbouncer container
  922. envoy:
  923. type: object
  924. description: |
  925. Allow to define the lower bound for Pod resources of envoy container
  926. properties:
  927. cpu:
  928. type: string
  929. description: The minimum allowed CPU for the envoy container
  930. memory:
  931. type: string
  932. description: The minimum allowed memory for the envoy container
  933. maxAllowed:
  934. type: object
  935. description: |
  936. Allow to define the higher bound for Pod resources of patroni, pgbouncer and envoy containers
  937. properties:
  938. patroni:
  939. type: object
  940. description: |
  941. Allow to define the higher bound for Pod resources of patroni container
  942. properties:
  943. cpu:
  944. type: string
  945. description: The maximum allowed CPU for the patroni container
  946. memory:
  947. type: string
  948. description: The maximum allowed memory for the patroni container
  949. pgbouncer:
  950. type: object
  951. description: |
  952. Allow to define the higher bound for Pod resources of pgbouncer container
  953. properties:
  954. cpu:
  955. type: string
  956. description: The maximum allowed CPU for the pgbouncer container
  957. memory:
  958. type: string
  959. description: The maximum allowed memory for the pgbouncer container
  960. envoy:
  961. type: object
  962. description: |
  963. Allow to define the higher bound for Pod resources of envoy container
  964. properties:
  965. cpu:
  966. type: string
  967. description: The maximum allowed CPU for the envoy container
  968. memory:
  969. type: string
  970. description: The maximum allowed memory for the envoy container
  971. horizontal:
  972. type: object
  973. description: |
  974. Section to configure horizontal Pod autoscaling aspects.
  975. properties:
  976. eplicasConnectionsUsageTarget:
  977. type: string
  978. description: |
  979. The target value for replicas connections used in order to trigger the upscale of replica instances.
  980. default: "0.8"
  981. replicasConnectionsUsageMetricType:
  982. type: string
  983. description: |
  984. The metric type for connections used metric. See https://keda.sh/docs/latest/concepts/scaling-deployments/#triggers
  985. default: AverageValue
  986. cooldownPeriod:
  987. type: integer
  988. description: |
  989. The period in seconds before the downscale of replica instances can be triggered.
  990. default: 300
  991. pollingInterval:
  992. type: integer
  993. description: |
  994. The interval in seconds to check if the scaleup or scaledown have to be triggered.
  995. default: 30
  996. vertical:
  997. type: object
  998. description: |
  999. Section to configure vertical Pod autoscaling aspects.
  1000. properties:
  1001. recommender:
  1002. type: string
  1003. description: |
  1004. Recommender responsible for generating recommendation for vertical Pod autoscaling. If not specified the default one will be used.
  1005. sgInstanceProfile:
  1006. type: string
  1007. description: |
  1008. Name of the [SGInstanceProfile](https://stackgres.io/doc/latest/reference/crd/sginstanceprofile/).
  1009. A SGInstanceProfile defines CPU and memory limits. Must exist before creating a cluster.
  1010. When no profile is set, a default (1 core, 2 GiB RAM) one is used.
  1011. **Changing this field may require a restart.**
  1012. managedSql:
  1013. type: object
  1014. description: |
  1015. This section allows to reference SQL scripts that will be applied to the cluster live.
  1016. If sharding type is `shardingsphere` then this section will be applied to the first cluster shard.
  1017. In this case the database postgres will also provide a foreign server called `shardingsphere` and
  1018. the superuser user mappings that will allow to run DistQL queries using command like the following:
  1019. ```
  1020. SELECT * FROM dblink('shardingsphere', 'SHOW STORAGE UNITS')
  1021. AS _(name text, type text, host text, port int, db text,
  1022. connection_timeout_milliseconds int, idle_timeout_milliseconds int,
  1023. max_lifetime_milliseconds int, max_pool_size int, min_pool_size int,
  1024. read_only boolean, other_attributes text);
  1025. ```
  1026. See https://shardingsphere.apache.org/document/current/en/user-manual/shardingsphere-proxy/distsql
  1027. properties:
  1028. continueOnSGScriptError:
  1029. type: boolean
  1030. description: If true, when any entry of any `SGScript` fail will not prevent subsequent `SGScript` from being executed. By default is `false`.
  1031. scripts:
  1032. type: array
  1033. description: |
  1034. A list of script references that will be executed in sequence.
  1035. items:
  1036. type: object
  1037. description: |
  1038. A script reference. Each version of each entry of the script referenced will be executed exactly once following the sequence defined
  1039. in the referenced script and skipping any script entry that have already been executed.
  1040. properties:
  1041. id:
  1042. type: integer
  1043. description: The id is immutable and must be unique across all the `SGScript` entries. It is replaced by the operator and is used to identify the `SGScript` entry.
  1044. sgScript:
  1045. type: string
  1046. description: A reference to an `SGScript`
  1047. pods:
  1048. type: object
  1049. description: |
  1050. Cluster pod's configuration.
  1051. If sharding type is `shardingsphere` then this section will apply to the ComputeNode.
  1052. required: ["persistentVolume"]
  1053. properties:
  1054. persistentVolume:
  1055. type: object
  1056. description: |
  1057. Pod's persistent volume configuration.
  1058. If sharding type is `shardingsphere` then this section is ignored.
  1059. required: ["size"]
  1060. properties:
  1061. size:
  1062. type: string
  1063. pattern: '^[0-9]+(\.[0-9]+)?(Mi|Gi|Ti)$'
  1064. description: |
  1065. Size of the PersistentVolume set for each instance of the cluster. This size is specified either in Mebibytes, Gibibytes or Tebibytes (multiples of 2^20, 2^30 or 2^40, respectively).
  1066. If sharding type is `shardingsphere` then this field is ignored.
  1067. storageClass:
  1068. type: string
  1069. description: |
  1070. Name of an existing StorageClass in the Kubernetes cluster, used to create the PersistentVolumes for the instances of the cluster.
  1071. If sharding type is `shardingsphere` then this field is ignored.
  1072. disableConnectionPooling:
  1073. type: boolean
  1074. description: |
  1075. If set to `true`, avoids creating a connection pooling (using [PgBouncer](https://www.pgbouncer.org/)) sidecar.
  1076. If sharding type is `shardingsphere` then this field is ignored.
  1077. **Changing this field may require a restart.**
  1078. disableMetricsExporter:
  1079. type: boolean
  1080. description: |
  1081. **Deprecated** use instead .spec.configurations.observability.disableMetrics.
  1082. disablePostgresUtil:
  1083. type: boolean
  1084. description: |
  1085. If set to `true`, avoids creating the `postgres-util` sidecar. This sidecar contains usual Postgres administration utilities *that are not present in the main (`patroni`) container*, like `psql`. Only disable if you know what you are doing.
  1086. If sharding type is `shardingsphere` then this field is ignored.
  1087. **Changing this field may require a restart.**
  1088. resources:
  1089. type: object
  1090. description: Pod custom resources configuration.
  1091. properties:
  1092. enableClusterLimitsRequirements:
  1093. type: boolean
  1094. description: |
  1095. When enabled resource limits for containers other than the patroni container wil be set just like for patroni contianer as specified in the SGInstanceProfile.
  1096. **Changing this field may require a restart.**
  1097. disableResourcesRequestsSplitFromTotal:
  1098. type: boolean
  1099. description: |
  1100. When set to `true` the resources requests values in fields `SGInstanceProfile.spec.requests.cpu` and `SGInstanceProfile.spec.requests.memory` will represent the resources
  1101. requests of the patroni container and the total resources requests calculated by adding the resources requests of all the containers (including the patroni container).
  1102. **Changing this field may require a restart.**
  1103. failWhenTotalIsHigher:
  1104. type: boolean
  1105. description: |
  1106. When set to `true` the reconciliation of the cluster will fail if `disableResourcesRequestsSplitFromTotal` is not set or set to `false` and the sum of the CPU or memory
  1107. of all the containers except patroni is equals or higher than the total specified in `SGInstanceProfile.spec.requests.cpu` or `SGInstanceProfile.spec.requests.memory`.
  1108. When `false` (the default) and `disableResourcesRequestsSplitFromTotal` is not set or set to `false` and the sum of the CPU or memory
  1109. of all the containers except patroni is equals or higher than the total specified in `SGInstanceProfile.spec.requests.cpu` or `SGInstanceProfile.spec.requests.memory`
  1110. then the patroni container resources will be set to 0.
  1111. scheduling: &scheduling
  1112. type: object
  1113. description: |
  1114. Pod custom scheduling, affinity and topology spread constratins configuration.
  1115. **Changing this field may require a restart.**
  1116. properties:
  1117. nodeSelector: &node-selector
  1118. type: object
  1119. additionalProperties:
  1120. type: string
  1121. description: |
  1122. NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
  1123. tolerations: &tolerations #!jq_placeholder .definitions["io.k8s.api.core.v1.PodSpec"].properties.tolerations #toleration-v1-core
  1124. {"description":"If specified, the pod's tolerations.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#toleration-v1-core","items":{"description":"The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.","properties":{"effect":{"description":"Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.","type":"string"},"key":{"description":"Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.","type":"string"},"operator":{"description":"Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.","type":"string"},"tolerationSeconds":{"description":"TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.","format":"int64","type":"integer"},"value":{"description":"Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.","type":"string"}},"type":"object"},"type":"array"}
  1125. nodeAffinity: &node-affinity #!jq_placeholder .definitions["io.k8s.api.core.v1.PodSpec"].properties.affinity.properties.nodeAffinity #nodeaffinity-v1-core
  1126. {"description":"Node affinity is a group of node affinity scheduling rules.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#nodeaffinity-v1-core","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.","items":{"description":"An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).","properties":{"preference":{"description":"A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.","properties":{"matchExpressions":{"description":"A list of node selector requirements by node's labels.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchFields":{"description":"A list of node selector requirements by node's fields.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"}},"type":"object"},"weight":{"description":"Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","preference"],"type":"object"},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.","properties":{"nodeSelectorTerms":{"description":"Required. A list of node selector terms. The terms are ORed.","items":{"description":"A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.","properties":{"matchExpressions":{"description":"A list of node selector requirements by node's labels.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchFields":{"description":"A list of node selector requirements by node's fields.","items":{"description":"A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"The label key that the selector applies to.","type":"string"},"operator":{"description":"Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.","type":"string"},"values":{"description":"An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"}},"type":"object"},"type":"array"}},"required":["nodeSelectorTerms"],"type":"object"}},"type":"object"}
  1127. priorityClassName: &priority-class-name #!jq_placeholder .definitions["io.k8s.api.core.v1.PodSpec"].properties.priorityClassName
  1128. {"description":"If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.","type":"string"}
  1129. podAffinity: &pod-affinity #!jq_placeholder .definitions["io.k8s.api.core.v1.PodSpec"].properties.affinity.properties.podAffinity #podaffinity-v1-core
  1130. {"description":"Pod affinity is a group of inter pod affinity scheduling rules.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#podaffinity-v1-core","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.","items":{"description":"The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)","properties":{"podAffinityTerm":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"matchLabelKeys":{"description":"MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"mismatchLabelKeys":{"description":"MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"namespaceSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"namespaces":{"description":"namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"],"type":"object"},"weight":{"description":"weight associated with matching the corresponding podAffinityTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","podAffinityTerm"],"type":"object"},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.","items":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"matchLabelKeys":{"description":"MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"mismatchLabelKeys":{"description":"MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"namespaceSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"namespaces":{"description":"namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"],"type":"object"},"type":"array"}},"type":"object"}
  1131. podAntiAffinity: &pod-anti-affinity #!jq_placeholder .definitions["io.k8s.api.core.v1.PodSpec"].properties.affinity.properties.podAntiAffinity #podantiaffinity-v1-core
  1132. {"description":"Pod anti affinity is a group of inter pod anti affinity scheduling rules.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#podantiaffinity-v1-core","properties":{"preferredDuringSchedulingIgnoredDuringExecution":{"description":"The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.","items":{"description":"The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)","properties":{"podAffinityTerm":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"matchLabelKeys":{"description":"MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"mismatchLabelKeys":{"description":"MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"namespaceSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"namespaces":{"description":"namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"],"type":"object"},"weight":{"description":"weight associated with matching the corresponding podAffinityTerm, in the range 1-100.","format":"int32","type":"integer"}},"required":["weight","podAffinityTerm"],"type":"object"},"type":"array"},"requiredDuringSchedulingIgnoredDuringExecution":{"description":"If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.","items":{"description":"Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"matchLabelKeys":{"description":"MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"mismatchLabelKeys":{"description":"MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.","items":{"type":"string"},"type":"array"},"namespaceSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"namespaces":{"description":"namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".","items":{"type":"string"},"type":"array"},"topologyKey":{"description":"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.","type":"string"}},"required":["topologyKey"],"type":"object"},"type":"array"}},"type":"object"}
  1133. topologySpreadConstraints: #!jq_placeholder .definitions["io.k8s.api.core.v1.PodSpec"].properties.topologySpreadConstraints #topologyspreadconstraint-v1-core
  1134. {"description":"TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#topologyspreadconstraint-v1-core","items":{"description":"TopologySpreadConstraint specifies how to spread matching pods among the given topology.","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"matchLabelKeys":{"description":"MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).","items":{"type":"string"},"type":"array"},"maxSkew":{"description":"MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.","format":"int32","type":"integer"},"minDomains":{"description":"MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).","format":"int32","type":"integer"},"nodeAffinityPolicy":{"description":"NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.","type":"string"},"nodeTaintsPolicy":{"description":"NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.","type":"string"},"topologyKey":{"description":"TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field.","type":"string"},"whenUnsatisfiable":{"description":"WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.","type":"string"}},"required":["maxSkew","topologyKey","whenUnsatisfiable"],"type":"object"},"type":"array"}
  1135. backup:
  1136. type: object
  1137. description: Backup Pod custom scheduling and affinity configuration.
  1138. properties:
  1139. nodeSelector: *node-affinity
  1140. tolerations: *node-affinity
  1141. nodeAffinity: *node-affinity
  1142. priorityClassName: *priority-class-name
  1143. podAffinity: *pod-affinity
  1144. podAntiAffinity: *pod-anti-affinity
  1145. managementPolicy:
  1146. type: string
  1147. description: |
  1148. managementPolicy controls how pods are created during initial scale up, when replacing pods
  1149. on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created
  1150. in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is
  1151. ready before continuing. When scaling down, the pods are removed in the opposite order.
  1152. The alternative policy is `Parallel` which will create pods in parallel to match the desired
  1153. scale without waiting, and on scale down will delete all pods at once.
  1154. If sharding type is `shardingsphere` then this field is ignored.
  1155. customVolumes:
  1156. type: array
  1157. description: |
  1158. A list of custom volumes that may be used along with any container defined in
  1159. customInitContainers or customContainers sections for the coordinator.
  1160. The name used in this section will be prefixed with the string `custom-` so that when
  1161. referencing them in the customInitContainers or customContainers sections the name used
  1162. have to be prepended with the same prefix.
  1163. Only the following volume types are allowed: configMap, downwardAPI, emptyDir,
  1164. gitRepo, glusterfs, hostPath, nfs, projected and secret
  1165. **Changing this field may require a restart.**
  1166. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core
  1167. items:
  1168. type: object
  1169. description: |
  1170. A custom volume that may be used along with any container defined in
  1171. customInitContainers or customContainers sections.
  1172. The name used in this section will be prefixed with the string `custom-` so that when
  1173. referencing them in the customInitContainers or customContainers sections the name used
  1174. have to be prepended with the same prefix.
  1175. Only the following volume types are allowed: configMap, downwardAPI, emptyDir,
  1176. gitRepo, glusterfs, hostPath, nfs, projected and secret
  1177. **Changing this field may require a restart.**
  1178. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core
  1179. properties: &volume-items-properties
  1180. name:
  1181. description: |
  1182. name of the custom volume. The name will be implicitly prefixed with `custom-` to avoid clashing with internal operator volume names. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
  1183. type: string
  1184. configMap: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.configMap #configmapvolumesource-v1-core
  1185. {"description":"Adapts a ConfigMap into a volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#configmapvolumesource-v1-core","properties":{"defaultMode":{"description":"defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"items":{"description":"items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.","items":{"description":"Maps a string key to a path within a volume.","properties":{"key":{"description":"key is the key to project.","type":"string"},"mode":{"description":"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"path":{"description":"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.","type":"string"}},"required":["key","path"],"type":"object"},"type":"array"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"optional specify whether the ConfigMap or its keys must be defined","type":"boolean"}},"type":"object"}
  1186. downwardAPI: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.downwardAPI #downwardapivolumesource-v1-core
  1187. {"description":"DownwardAPIVolumeSource represents a volume containing downward API info. Downward API volumes support ownership management and SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#downwardapivolumesource-v1-core","properties":{"defaultMode":{"description":"Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"items":{"description":"Items is a list of downward API volume file","items":{"description":"DownwardAPIVolumeFile represents information to create the file containing the pod field","properties":{"fieldRef":{"description":"ObjectFieldSelector selects an APIVersioned field of an object.","properties":{"apiVersion":{"description":"Version of the schema the FieldPath is written in terms of, defaults to \"v1\".","type":"string"},"fieldPath":{"description":"Path of the field to select in the specified API version.","type":"string"}},"required":["fieldPath"],"type":"object"},"mode":{"description":"Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"path":{"description":"Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'","type":"string"},"resourceFieldRef":{"description":"ResourceFieldSelector represents container resources (cpu, memory) and their output format","properties":{"containerName":{"description":"Container name: required for volumes, optional for env vars","type":"string"},"divisor":{"description":"Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` <quantity> ::= <signedNumber><suffix>\n\n\t(Note that <suffix> may be empty, from the \"\" case in <decimalSI>.)\n\n<digit> ::= 0 | 1 | ... | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= \"+\" | \"-\" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n<decimalSI> ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n<decimalExponent> ::= \"e\" <signedNumber> | \"E\" <signedNumber> ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.","type":"string"},"resource":{"description":"Required: resource to select","type":"string"}},"required":["resource"],"type":"object"}},"required":["path"],"type":"object"},"type":"array"}},"type":"object"}
  1188. emptyDir: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.emptyDir #emptydirvolumesource-v1-core
  1189. {"description":"Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#emptydirvolumesource-v1-core","properties":{"medium":{"description":"medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir","type":"string"},"sizeLimit":{"description":"Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` <quantity> ::= <signedNumber><suffix>\n\n\t(Note that <suffix> may be empty, from the \"\" case in <decimalSI>.)\n\n<digit> ::= 0 | 1 | ... | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= \"+\" | \"-\" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n<decimalSI> ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n<decimalExponent> ::= \"e\" <signedNumber> | \"E\" <signedNumber> ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.","type":"string"}},"type":"object"}
  1190. gitRepo: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.gitRepo #gitrepovolumesource-v1-core
  1191. {"description":"Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.\n\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#gitrepovolumesource-v1-core","properties":{"directory":{"description":"directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.","type":"string"},"repository":{"description":"repository is the URL","type":"string"},"revision":{"description":"revision is the commit hash for the specified revision.","type":"string"}},"required":["repository"],"type":"object"}
  1192. glusterfs: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.glusterfs #glusterfsvolumesource-v1-core
  1193. {"description":"Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#glusterfsvolumesource-v1-core","properties":{"endpoints":{"description":"endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod","type":"string"},"path":{"description":"path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod","type":"string"},"readOnly":{"description":"readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod","type":"boolean"}},"required":["endpoints","path"],"type":"object"}
  1194. hostPath: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.hostPath #hostpathvolumesource-v1-core
  1195. {"description":"Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#hostpathvolumesource-v1-core","properties":{"path":{"description":"path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath","type":"string"},"type":{"description":"type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath","type":"string"}},"required":["path"],"type":"object"}
  1196. nfs: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.nfs #nfsvolumesource-v1-core
  1197. {"description":"Represents an NFS mount that lasts the lifetime of a pod. NFS volumes do not support ownership management or SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#nfsvolumesource-v1-core","properties":{"path":{"description":"path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs","type":"string"},"readOnly":{"description":"readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs","type":"boolean"},"server":{"description":"server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs","type":"string"}},"required":["server","path"],"type":"object"}
  1198. projected: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.projected #projectedvolumesource-v1-core
  1199. {"description":"Represents a projected volume source\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#projectedvolumesource-v1-core","properties":{"defaultMode":{"description":"defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"sources":{"description":"sources is the list of volume projections","items":{"description":"Projection that may be projected along with other supported volume types","properties":{"clusterTrustBundle":{"description":"ClusterTrustBundleProjection describes how to select a set of ClusterTrustBundle objects and project their contents into the pod filesystem.","properties":{"labelSelector":{"description":"A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.","properties":{"matchExpressions":{"description":"matchExpressions is a list of label selector requirements. The requirements are ANDed.","items":{"description":"A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.","properties":{"key":{"description":"key is the label key that the selector applies to.","type":"string"},"operator":{"description":"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.","type":"string"},"values":{"description":"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.","items":{"type":"string"},"type":"array"}},"required":["key","operator"],"type":"object"},"type":"array"},"matchLabels":{"additionalProperties":{"type":"string"},"description":"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.","type":"object"}},"type":"object"},"name":{"description":"Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.","type":"string"},"optional":{"description":"If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.","type":"boolean"},"path":{"description":"Relative path from the volume root to write the bundle.","type":"string"},"signerName":{"description":"Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.","type":"string"}},"required":["path"],"type":"object"},"configMap":{"description":"Adapts a ConfigMap into a projected volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a projected volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. Note that this is identical to a configmap volume source without the default mode.","properties":{"items":{"description":"items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.","items":{"description":"Maps a string key to a path within a volume.","properties":{"key":{"description":"key is the key to project.","type":"string"},"mode":{"description":"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"path":{"description":"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.","type":"string"}},"required":["key","path"],"type":"object"},"type":"array"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"optional specify whether the ConfigMap or its keys must be defined","type":"boolean"}},"type":"object"},"downwardAPI":{"description":"Represents downward API info for projecting into a projected volume. Note that this is identical to a downwardAPI volume source without the default mode.","properties":{"items":{"description":"Items is a list of DownwardAPIVolume file","items":{"description":"DownwardAPIVolumeFile represents information to create the file containing the pod field","properties":{"fieldRef":{"description":"ObjectFieldSelector selects an APIVersioned field of an object.","properties":{"apiVersion":{"description":"Version of the schema the FieldPath is written in terms of, defaults to \"v1\".","type":"string"},"fieldPath":{"description":"Path of the field to select in the specified API version.","type":"string"}},"required":["fieldPath"],"type":"object"},"mode":{"description":"Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"path":{"description":"Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'","type":"string"},"resourceFieldRef":{"description":"ResourceFieldSelector represents container resources (cpu, memory) and their output format","properties":{"containerName":{"description":"Container name: required for volumes, optional for env vars","type":"string"},"divisor":{"description":"Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` <quantity> ::= <signedNumber><suffix>\n\n\t(Note that <suffix> may be empty, from the \"\" case in <decimalSI>.)\n\n<digit> ::= 0 | 1 | ... | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= \"+\" | \"-\" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n<decimalSI> ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n<decimalExponent> ::= \"e\" <signedNumber> | \"E\" <signedNumber> ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.","type":"string"},"resource":{"description":"Required: resource to select","type":"string"}},"required":["resource"],"type":"object"}},"required":["path"],"type":"object"},"type":"array"}},"type":"object"},"secret":{"description":"Adapts a secret into a projected volume.\n\nThe contents of the target Secret's Data field will be presented in a projected volume as files using the keys in the Data field as the file names. Note that this is identical to a secret volume source without the default mode.","properties":{"items":{"description":"items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.","items":{"description":"Maps a string key to a path within a volume.","properties":{"key":{"description":"key is the key to project.","type":"string"},"mode":{"description":"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"path":{"description":"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.","type":"string"}},"required":["key","path"],"type":"object"},"type":"array"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"optional field specify whether the Secret or its key must be defined","type":"boolean"}},"type":"object"},"serviceAccountToken":{"description":"ServiceAccountTokenProjection represents a projected service account token volume. This projection can be used to insert a service account token into the pods runtime filesystem for use against APIs (Kubernetes API Server or otherwise).","properties":{"audience":{"description":"audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.","type":"string"},"expirationSeconds":{"description":"expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.","format":"int64","type":"integer"},"path":{"description":"path is the path relative to the mount point of the file to project the token into.","type":"string"}},"required":["path"],"type":"object"}},"type":"object"},"type":"array"}},"type":"object"}
  1200. secret: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.secret #secretvolumesource-v1-core
  1201. {"description":"Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretvolumesource-v1-core","properties":{"defaultMode":{"description":"defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"items":{"description":"items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.","items":{"description":"Maps a string key to a path within a volume.","properties":{"key":{"description":"key is the key to project.","type":"string"},"mode":{"description":"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.","format":"int32","type":"integer"},"path":{"description":"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.","type":"string"}},"required":["key","path"],"type":"object"},"type":"array"},"optional":{"description":"optional field specify whether the Secret or its keys must be defined","type":"boolean"},"secretName":{"description":"secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret","type":"string"}},"type":"object"}
  1202. persistentVolumeClaim: #!jq_placeholder .definitions["io.k8s.api.core.v1.Volume"].properties.persistentVolumeClaim #persistentvolumeclaimvolumesource-v1-core
  1203. {"description":"PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#persistentvolumeclaimvolumesource-v1-core","properties":{"claimName":{"description":"claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims","type":"string"},"readOnly":{"description":"readOnly Will force the ReadOnly setting in VolumeMounts. Default false.","type":"boolean"}},"required":["claimName"],"type":"object"}
  1204. customInitContainers:
  1205. type: array
  1206. description: |
  1207. A list of custom application init containers that run within the shards cluster's Pods. The
  1208. custom init containers will run following the defined sequence as the end of
  1209. cluster's Pods init containers.
  1210. The name used in this section will be prefixed with the string `custom-` so that when
  1211. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1212. have to be prepended with the same prefix.
  1213. **Changing this field may require a restart.**
  1214. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core
  1215. items:
  1216. type: object
  1217. description: |
  1218. A custom application init container that run within the cluster's Pods. The custom init
  1219. containers will run following the defined sequence as the end of cluster's Pods init
  1220. containers.
  1221. The name used in this section will be prefixed with the string `custom-` so that when
  1222. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1223. have to be prepended with the same prefix.
  1224. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core\n
  1225. **Changing this field may require a restart.**
  1226. required: ["name"]
  1227. properties: &containers-items-properties #!jq_placeholder .definitions["io.k8s.api.core.v1.Container"].properties
  1228. {"args":{"description":"Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell","items":{"type":"string"},"type":"array"},"command":{"description":"Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell","items":{"type":"string"},"type":"array"},"env":{"description":"List of environment variables to set in the container. Cannot be updated.","items":{"description":"EnvVar represents an environment variable present in a Container.","properties":{"name":{"description":"Name of the environment variable. Must be a C_IDENTIFIER.","type":"string"},"value":{"description":"Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".","type":"string"},"valueFrom":{"description":"EnvVarSource represents a source for the value of an EnvVar.","properties":{"configMapKeyRef":{"description":"Selects a key from a ConfigMap.","properties":{"key":{"description":"The key to select.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the ConfigMap or its key must be defined","type":"boolean"}},"required":["key"],"type":"object"},"fieldRef":{"description":"ObjectFieldSelector selects an APIVersioned field of an object.","properties":{"apiVersion":{"description":"Version of the schema the FieldPath is written in terms of, defaults to \"v1\".","type":"string"},"fieldPath":{"description":"Path of the field to select in the specified API version.","type":"string"}},"required":["fieldPath"],"type":"object"},"resourceFieldRef":{"description":"ResourceFieldSelector represents container resources (cpu, memory) and their output format","properties":{"containerName":{"description":"Container name: required for volumes, optional for env vars","type":"string"},"divisor":{"description":"Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` <quantity> ::= <signedNumber><suffix>\n\n\t(Note that <suffix> may be empty, from the \"\" case in <decimalSI>.)\n\n<digit> ::= 0 | 1 | ... | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= \"+\" | \"-\" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n<decimalSI> ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n<decimalExponent> ::= \"e\" <signedNumber> | \"E\" <signedNumber> ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.","type":"string"},"resource":{"description":"Required: resource to select","type":"string"}},"required":["resource"],"type":"object"},"secretKeyRef":{"description":"SecretKeySelector selects a key of a Secret.","properties":{"key":{"description":"The key of the secret to select from. Must be a valid secret key.","type":"string"},"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret or its key must be defined","type":"boolean"}},"required":["key"],"type":"object"}},"type":"object"}},"required":["name"],"type":"object"},"type":"array"},"envFrom":{"description":"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.","items":{"description":"EnvFromSource represents the source of a set of ConfigMaps","properties":{"configMapRef":{"description":"ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the ConfigMap must be defined","type":"boolean"}},"type":"object"},"prefix":{"description":"An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.","type":"string"},"secretRef":{"description":"SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.","properties":{"name":{"description":"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names","type":"string"},"optional":{"description":"Specify whether the Secret must be defined","type":"boolean"}},"type":"object"}},"type":"object"},"type":"array"},"image":{"description":"Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.","type":"string"},"imagePullPolicy":{"description":"Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images","type":"string"},"lifecycle":{"description":"Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.","properties":{"postStart":{"description":"LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}},"type":"object"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"],"type":"object"},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"],"type":"object"},"sleep":{"description":"SleepAction describes a \"sleep\" action.","properties":{"seconds":{"description":"Seconds is the number of seconds to sleep.","format":"int64","type":"integer"}},"required":["seconds"],"type":"object"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"}},"required":["port"],"type":"object"}},"type":"object"},"preStop":{"description":"LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}},"type":"object"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"],"type":"object"},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"],"type":"object"},"sleep":{"description":"SleepAction describes a \"sleep\" action.","properties":{"seconds":{"description":"Seconds is the number of seconds to sleep.","format":"int64","type":"integer"}},"required":["seconds"],"type":"object"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"}},"required":["port"],"type":"object"}},"type":"object"}},"type":"object"},"livenessProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}},"type":"object"},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"grpc":{"properties":{"port":{"description":"Port number of the gRPC service. Number must be in the range 1 to 65535.","format":"int32","type":"integer"},"service":{"description":"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC.","type":"string"}},"required":["port"],"type":"object"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"],"type":"object"},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"],"type":"object"},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"}},"required":["port"],"type":"object"},"terminationGracePeriodSeconds":{"description":"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.","format":"int64","type":"integer"},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}},"type":"object"},"name":{"description":"Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.","type":"string"},"ports":{"description":"List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.","items":{"description":"ContainerPort represents a network port in a single container.","properties":{"containerPort":{"description":"Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.","format":"int32","type":"integer"},"hostIP":{"description":"What host IP to bind the external port to.","type":"string"},"hostPort":{"description":"Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.","format":"int32","type":"integer"},"name":{"description":"If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.","type":"string"},"protocol":{"description":"Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".","type":"string"}},"required":["containerPort"],"type":"object"},"type":"array"},"readinessProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}},"type":"object"},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"grpc":{"properties":{"port":{"description":"Port number of the gRPC service. Number must be in the range 1 to 65535.","format":"int32","type":"integer"},"service":{"description":"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC.","type":"string"}},"required":["port"],"type":"object"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"],"type":"object"},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"],"type":"object"},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"}},"required":["port"],"type":"object"},"terminationGracePeriodSeconds":{"description":"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.","format":"int64","type":"integer"},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}},"type":"object"},"resizePolicy":{"description":"Resources resize policy for the container.","items":{"description":"ContainerResizePolicy represents resource resize policy for the container.","properties":{"resourceName":{"description":"Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.","type":"string"},"restartPolicy":{"description":"Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.","type":"string"}},"required":["resourceName","restartPolicy"],"type":"object"},"type":"array"},"resources":{"description":"ResourceRequirements describes the compute resource requirements.","properties":{"claims":{"description":"Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.","items":{"description":"ResourceClaim references one entry in PodSpec.ResourceClaims.","properties":{"name":{"description":"Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.","type":"string"}},"required":["name"],"type":"object"},"type":"array"},"limits":{"additionalProperties":{"description":"Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` <quantity> ::= <signedNumber><suffix>\n\n\t(Note that <suffix> may be empty, from the \"\" case in <decimalSI>.)\n\n<digit> ::= 0 | 1 | ... | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= \"+\" | \"-\" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n<decimalSI> ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n<decimalExponent> ::= \"e\" <signedNumber> | \"E\" <signedNumber> ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.","type":"string"},"description":"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/","type":"object"},"requests":{"additionalProperties":{"description":"Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` <quantity> ::= <signedNumber><suffix>\n\n\t(Note that <suffix> may be empty, from the \"\" case in <decimalSI>.)\n\n<digit> ::= 0 | 1 | ... | 9 <digits> ::= <digit> | <digit><digits> <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign> ::= \"+\" | \"-\" <signedNumber> ::= <number> | <sign><number> <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n<decimalSI> ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n<decimalExponent> ::= \"e\" <signedNumber> | \"E\" <signedNumber> ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.","type":"string"},"description":"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/","type":"object"}},"type":"object"},"restartPolicy":{"description":"RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.","type":"string"},"securityContext":{"description":"SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.","properties":{"allowPrivilegeEscalation":{"description":"AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.","type":"boolean"},"capabilities":{"description":"Adds and removes POSIX capabilities from running containers.","properties":{"add":{"description":"Added capabilities","items":{"type":"string"},"type":"array"},"drop":{"description":"Removed capabilities","items":{"type":"string"},"type":"array"}},"type":"object"},"privileged":{"description":"Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.","type":"boolean"},"procMount":{"description":"procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.","type":"string"},"readOnlyRootFilesystem":{"description":"Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.","type":"boolean"},"runAsGroup":{"description":"The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.","format":"int64","type":"integer"},"runAsNonRoot":{"description":"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","type":"boolean"},"runAsUser":{"description":"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.","format":"int64","type":"integer"},"seLinuxOptions":{"description":"SELinuxOptions are the labels to be applied to the container","properties":{"level":{"description":"Level is SELinux level label that applies to the container.","type":"string"},"role":{"description":"Role is a SELinux role label that applies to the container.","type":"string"},"type":{"description":"Type is a SELinux type label that applies to the container.","type":"string"},"user":{"description":"User is a SELinux user label that applies to the container.","type":"string"}},"type":"object"},"seccompProfile":{"description":"SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.","properties":{"localhostProfile":{"description":"localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.","type":"string"},"type":{"description":"type indicates which kind of seccomp profile will be applied. Valid options are:\n\nLocalhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.","type":"string"}},"required":["type"],"type":"object"},"windowsOptions":{"description":"WindowsSecurityContextOptions contain Windows-specific options and credentials.","properties":{"gmsaCredentialSpec":{"description":"GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.","type":"string"},"gmsaCredentialSpecName":{"description":"GMSACredentialSpecName is the name of the GMSA credential spec to use.","type":"string"},"hostProcess":{"description":"HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.","type":"boolean"},"runAsUserName":{"description":"The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.","type":"string"}},"type":"object"}},"type":"object"},"startupProbe":{"description":"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.","properties":{"exec":{"description":"ExecAction describes a \"run in container\" action.","properties":{"command":{"description":"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.","items":{"type":"string"},"type":"array"}},"type":"object"},"failureThreshold":{"description":"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.","format":"int32","type":"integer"},"grpc":{"properties":{"port":{"description":"Port number of the gRPC service. Number must be in the range 1 to 65535.","format":"int32","type":"integer"},"service":{"description":"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC.","type":"string"}},"required":["port"],"type":"object"},"httpGet":{"description":"HTTPGetAction describes an action based on HTTP Get requests.","properties":{"host":{"description":"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.","type":"string"},"httpHeaders":{"description":"Custom headers to set in the request. HTTP allows repeated headers.","items":{"description":"HTTPHeader describes a custom header to be used in HTTP probes","properties":{"name":{"description":"The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.","type":"string"},"value":{"description":"The header field value","type":"string"}},"required":["name","value"],"type":"object"},"type":"array"},"path":{"description":"Path to access on the HTTP server.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"},"scheme":{"description":"Scheme to use for connecting to the host. Defaults to HTTP.","type":"string"}},"required":["port"],"type":"object"},"initialDelaySeconds":{"description":"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"},"periodSeconds":{"description":"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.","format":"int32","type":"integer"},"successThreshold":{"description":"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.","format":"int32","type":"integer"},"tcpSocket":{"description":"TCPSocketAction describes an action based on opening a socket","properties":{"host":{"description":"Optional: Host name to connect to, defaults to the pod IP.","type":"string"},"port":{"description":"IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.","format":"int-or-string","type":"string"}},"required":["port"],"type":"object"},"terminationGracePeriodSeconds":{"description":"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.","format":"int64","type":"integer"},"timeoutSeconds":{"description":"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes","format":"int32","type":"integer"}},"type":"object"},"stdin":{"description":"Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.","type":"boolean"},"stdinOnce":{"description":"Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false","type":"boolean"},"terminationMessagePath":{"description":"Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.","type":"string"},"terminationMessagePolicy":{"description":"Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.","type":"string"},"tty":{"description":"Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.","type":"boolean"},"volumeDevices":{"description":"volumeDevices is the list of block devices to be used by the container.","items":{"description":"volumeDevice describes a mapping of a raw block device within a container.","properties":{"devicePath":{"description":"devicePath is the path inside of the container that the device will be mapped to.","type":"string"},"name":{"description":"name must match the name of a persistentVolumeClaim in the pod","type":"string"}},"required":["name","devicePath"],"type":"object"},"type":"array"},"volumeMounts":{"description":"Pod volumes to mount into the container's filesystem. Cannot be updated.","items":{"description":"VolumeMount describes a mounting of a Volume within a container.","properties":{"mountPath":{"description":"Path within the container at which the volume should be mounted. Must not contain ':'.","type":"string"},"mountPropagation":{"description":"mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.","type":"string"},"name":{"description":"This must match the Name of a Volume.","type":"string"},"readOnly":{"description":"Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.","type":"boolean"},"subPath":{"description":"Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).","type":"string"},"subPathExpr":{"description":"Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.","type":"string"}},"required":["name","mountPath"],"type":"object"},"type":"array"},"workingDir":{"description":"Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.","type":"string"}}
  1229. customContainers:
  1230. type: array
  1231. description: |
  1232. A list of custom application containers that run within the coordinator cluster's Pods.
  1233. The name used in this section will be prefixed with the string `custom-` so that when
  1234. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1235. have to be prepended with the same prefix.
  1236. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core
  1237. items:
  1238. type: object
  1239. description: |
  1240. A custom application container that run within the cluster's Pods. The custom
  1241. containers will run following the defined sequence as the end of cluster's Pods
  1242. containers.
  1243. The name used in this section will be prefixed with the string `custom-` so that when
  1244. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1245. have to be prepended with the same prefix.
  1246. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core\n
  1247. **Changing this field may require a restart.**
  1248. required: ["name"]
  1249. properties: *containers-items-properties
  1250. customVolumeMounts:
  1251. type: object
  1252. description: Custom Pod volumes to mount into the specified container's filesystem.
  1253. additionalProperties:
  1254. type: array
  1255. description: Custom Pod volumes to mount into the specified container's filesystem.
  1256. items: &volume-mounts-items #!jq_placeholder .definitions["io.k8s.api.core.v1.VolumeMount"] #volumemount-v1-core
  1257. {"description":"VolumeMount describes a mounting of a Volume within a container.\n\nSee https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volumemount-v1-core","properties":{"mountPath":{"description":"Path within the container at which the volume should be mounted. Must not contain ':'.","type":"string"},"mountPropagation":{"description":"mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.","type":"string"},"name":{"description":"This must match the Name of a Volume.","type":"string"},"readOnly":{"description":"Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.","type":"boolean"},"subPath":{"description":"Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).","type":"string"},"subPathExpr":{"description":"Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.","type":"string"}},"required":["name","mountPath"],"type":"object"}
  1258. customInitVolumeMounts:
  1259. type: object
  1260. description: Custom Pod volumes to mount into the specified init container's filesystem.
  1261. additionalProperties:
  1262. type: array
  1263. description: Custom Pod volumes to mount into the specified init container's filesystem.
  1264. items: *volume-mounts-items
  1265. configurations:
  1266. type: object
  1267. description: |
  1268. Coordinator custom configurations.
  1269. properties:
  1270. sgPostgresConfig:
  1271. type: string
  1272. description: |
  1273. Name of the [SGPostgresConfig](https://stackgres.io/doc/latest/reference/crd/sgpgconfig) used for the cluster. It must exist. When not set, a default Postgres config, for the major version selected, is used.
  1274. If sharding type is `shardingsphere` then this field is ignored.
  1275. **Changing this field may require a restart.**
  1276. sgPoolingConfig:
  1277. type: string
  1278. description: |
  1279. Name of the [SGPoolingConfig](https://stackgres.io/doc/latest/reference/crd/sgpoolconfig) used for this cluster. Each pod contains a sidecar with a connection pooler (currently: [PgBouncer](https://www.pgbouncer.org/)). The connection pooler is implemented as a sidecar.
  1280. If not set, a default configuration will be used. Disabling connection pooling altogether is possible if the disableConnectionPooling property of the pods object is set to true.
  1281. If sharding type is `shardingsphere` then this field is ignored.
  1282. **Changing this field may require a restart.**
  1283. patroni: &patroni
  1284. type: object
  1285. description: |
  1286. Allow to specify Patroni configuration that will extend the generated one
  1287. If sharding type is `shardingsphere` then this section is ignored.
  1288. properties:
  1289. dynamicConfig:
  1290. type: object
  1291. description: |
  1292. Allow to specify Patroni dynamic configuration that will overwrite the generated one. See https://patroni.readthedocs.io/en/latest/dynamic_configuration.html
  1293. The following configuration fields will be ignored:
  1294. * synchronous_mode
  1295. * synchronous_mode_strict
  1296. * failsafe_mode
  1297. * postgresql
  1298. * standby_cluster
  1299. If sharding type is `shardingsphere` then this section is ignored.
  1300. "x-kubernetes-preserve-unknown-fields": true
  1301. initialConfig:
  1302. type: object
  1303. description: |
  1304. Allow to specify Patroni configuration that will overwrite the generated one. See https://patroni.readthedocs.io/en/latest/yaml_configuration.html
  1305. The following configuration fields will be ignored:
  1306. * name
  1307. * namespace
  1308. * log
  1309. * bootstrap
  1310. * citus
  1311. * postgresql # with the exception of postgresql.callbacks, postgresql.pre_promote, postgresql.before_stop and postgresql.pg_ctl_timeout
  1312. * restapi
  1313. * ctl
  1314. * watchdog
  1315. * tags
  1316. If sharding type is `shardingsphere` then this section is ignored.
  1317. **This field can only be set on creation.**
  1318. "x-kubernetes-preserve-unknown-fields": true
  1319. shardingSphere:
  1320. type: object
  1321. description: |
  1322. Allow to specify Sharding Sphere Proxy configuration that will extend the generated one.
  1323. This section is required when sharding type is `shardingsphere` otherwise is ignored.
  1324. required: [ mode ]
  1325. properties:
  1326. version:
  1327. type: string
  1328. description: The version of the ShardingSphere Proxy. If not specified latest version available will be used.
  1329. mode:
  1330. type: object
  1331. description: Allow to configure the Sharding Shpere Proxy mode.
  1332. required: [ type, repository ]
  1333. properties:
  1334. type:
  1335. type: string
  1336. description: |
  1337. Allow to configure the Sharding Shpere Proxy mode type. Options available are:
  1338. * `Standalone`
  1339. * `Cluster`
  1340. When `Standalone` only 1 coordinator instance may be set.
  1341. properties:
  1342. type: object
  1343. description: |
  1344. Properties that will be set in the ShardingSphere Proxy configuration.
  1345. Some properties will be overwritten with the configuration generated by the operator. In particular:
  1346. * `proxy-frontend-database-protocol-type`
  1347. * `proxy-default-port`
  1348. "x-kubernetes-preserve-unknown-fields": true
  1349. repository:
  1350. type: object
  1351. required: [ type ]
  1352. properties:
  1353. type:
  1354. type: string
  1355. description: |
  1356. Allow to configure the Sharding Shpere Proxy repository type. Options available are:
  1357. * `Memory`
  1358. * `ZooKeeper`
  1359. * `Etcd`
  1360. When `mode.type` is `standalone` then `repository.type` must be memory.
  1361. When `mode.type` is `cluster` then `repository.type` could be any of zooKeeper or etcd.
  1362. properties:
  1363. type: object
  1364. description: |
  1365. Properties that will be set in the ShardingSphere Proxy configuration for the Repository.
  1366. Some properties will be overwritten with the configuration generated by the operator. In particular:
  1367. * `server-lists`
  1368. "x-kubernetes-preserve-unknown-fields": true
  1369. zooKeeper:
  1370. type: object
  1371. description: Allow to configure ZooKeeper repository for Sharding Shpere Proxy.
  1372. required: [ serverList ]
  1373. properties:
  1374. serverList:
  1375. type: array
  1376. description: List of ZooKeeper servers to connect to.
  1377. items:
  1378. type: string
  1379. description: ZooKeeper server to connect to.
  1380. etcd:
  1381. type: object
  1382. description: Allow to configure Etcd repository for Sharding Shpere Proxy.
  1383. required: [ serverList ]
  1384. properties:
  1385. serverList:
  1386. type: array
  1387. description: List of Etcd servers to connect to.
  1388. items:
  1389. type: string
  1390. description: Etcd server to connect to.
  1391. properties:
  1392. type: object
  1393. description: |
  1394. Properties that will be set in the ShardingSphere Proxy configuration.
  1395. Some properties will be overwritten with the configuration generated by the operator. In particular:
  1396. * `server-lists`
  1397. "x-kubernetes-preserve-unknown-fields": true
  1398. authority:
  1399. type: object
  1400. description: Allow to configure the Sharding Shpere Proxy authority.
  1401. properties:
  1402. users:
  1403. type: array
  1404. description: |
  1405. Allow to configure extra users other than the superuser (by default superuser username is postgres).
  1406. See also https://shardingsphere.apache.org/document/current/en/user-manual/shardingsphere-proxy/yaml-config/authority/#authentication-configuration
  1407. items:
  1408. type: object
  1409. description: |
  1410. Allow to configure extra user other than the superuser (by default superuser username is postgres).
  1411. required: [ user, password ]
  1412. properties:
  1413. user:
  1414. type: object
  1415. description: |
  1416. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the username of the user.
  1417. required: ["name", "key"]
  1418. properties:
  1419. name:
  1420. type: string
  1421. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  1422. key:
  1423. type: string
  1424. description: The key of the secret to select from. Must be a valid secret key.
  1425. password:
  1426. type: object
  1427. description: |
  1428. A Kubernetes [SecretKeySelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#secretkeyselector-v1-core) that contains the password of the user.
  1429. required: ["name", "key"]
  1430. properties:
  1431. name:
  1432. type: string
  1433. description: Name of the referent. [More information](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
  1434. key:
  1435. type: string
  1436. description: The key of the secret to select from. Must be a valid secret key.
  1437. privilege:
  1438. type: object
  1439. description: Allow to configure the Sharding Shpere Proxy authority privilege.
  1440. properties:
  1441. type:
  1442. type: string
  1443. description: |
  1444. Allow to configure the Sharding Shpere Proxy authority privilege type.
  1445. See also https://shardingsphere.apache.org/document/current/en/user-manual/shardingsphere-proxy/yaml-config/authority/#authorization-configuration
  1446. userDatabaseMappings:
  1447. type: string
  1448. description: |
  1449. Allow to configure the mappings between users and databases.
  1450. See also https://shardingsphere.apache.org/document/current/en/user-manual/shardingsphere-proxy/yaml-config/authority/#database_permitted
  1451. serviceAccount:
  1452. type: object
  1453. description: |
  1454. Section to configure ServiceAccount used by ShardingSphere operator.
  1455. You may configure a global value under operator configuration section
  1456. `SGConfig.spec.shardingSphere.serviceAccount`.
  1457. required: [namespace,name]
  1458. properties:
  1459. namespace:
  1460. type: string
  1461. description: The namespace of the ServiceAccount used by ShardingSphere operator
  1462. name:
  1463. type: string
  1464. description: The name of the ServiceAccount used by ShardingSphere operator
  1465. replication:
  1466. type: object
  1467. description: |
  1468. This section allows to configure the global Postgres replication mode.
  1469. The main replication group is implicit and contains the total number of instances less the sum of all
  1470. instances in other replication groups.
  1471. The total number of instances is always specified by `.spec.instances`.
  1472. If sharding type is `shardingsphere` then this section is ignored.
  1473. properties:
  1474. mode:
  1475. type: string
  1476. description: |
  1477. The replication mode applied to the whole cluster.
  1478. Possible values are:
  1479. * `async` (default)
  1480. * `sync`
  1481. * `strict-sync`
  1482. * `sync-all`
  1483. * `strict-sync-all`
  1484. **async**
  1485. When in asynchronous mode the cluster is allowed to lose some committed transactions.
  1486. When the primary server fails or becomes unavailable for any other reason a sufficiently healthy standby
  1487. will automatically be promoted to primary. Any transactions that have not been replicated to that standby
  1488. remain in a "forked timeline" on the primary, and are effectively unrecoverable (the data is still there,
  1489. but recovering it requires a manual recovery effort by data recovery specialists).
  1490. **sync**
  1491. When in synchronous mode a standby will not be promoted unless it is certain that the standby contains all
  1492. transactions that may have returned a successful commit status to client (clients can change the behavior
  1493. per transaction using PostgreSQL’s `synchronous_commit` setting. Transactions with `synchronous_commit`
  1494. values of `off` and `local` may be lost on fail over, but will not be blocked by replication delays). This
  1495. means that the system may be unavailable for writes even though some servers are available. System
  1496. administrators can still use manual failover commands to promote a standby even if it results in transaction
  1497. loss.
  1498. Synchronous mode does not guarantee multi node durability of commits under all circumstances. When no suitable
  1499. standby is available, primary server will still accept writes, but does not guarantee their replication. When
  1500. the primary fails in this mode no standby will be promoted. When the host that used to be the primary comes
  1501. back it will get promoted automatically, unless system administrator performed a manual failover. This behavior
  1502. makes synchronous mode usable with 2 node clusters.
  1503. When synchronous mode is used and a standby crashes, commits will block until the primary is switched to standalone
  1504. mode. Manually shutting down or restarting a standby will not cause a commit service interruption. Standby will
  1505. signal the primary to release itself from synchronous standby duties before PostgreSQL shutdown is initiated.
  1506. **strict-sync**
  1507. When it is absolutely necessary to guarantee that each write is stored durably on at least two nodes, use the strict
  1508. synchronous mode. This mode prevents synchronous replication to be switched off on the primary when no synchronous
  1509. standby candidates are available. As a downside, the primary will not be available for writes (unless the Postgres
  1510. transaction explicitly turns off `synchronous_mode` parameter), blocking all client write requests until at least one
  1511. synchronous replica comes up.
  1512. **Note**: Because of the way synchronous replication is implemented in PostgreSQL it is still possible to lose
  1513. transactions even when using strict synchronous mode. If the PostgreSQL backend is cancelled while waiting to acknowledge
  1514. replication (as a result of packet cancellation due to client timeout or backend failure) transaction changes become
  1515. visible for other backends. Such changes are not yet replicated and may be lost in case of standby promotion.
  1516. **sync-all**
  1517. The same as `sync` but `syncInstances` is ignored and the number of synchronous instances is equals to the total number
  1518. of instances less one.
  1519. **strict-sync-all**
  1520. The same as `strict-sync` but `syncInstances` is ignored and the number of synchronous instances is equals to the total number
  1521. of instances less one.
  1522. default: sync-all
  1523. syncInstances:
  1524. type: integer
  1525. minimum: 1
  1526. description: |
  1527. Number of synchronous standby instances. Must be less than the total number of instances. It is set to 1 by default.
  1528. Only setteable if mode is `sync` or `strict-sync`.
  1529. initialization:
  1530. type: object
  1531. description: |
  1532. Allow to specify how the replicas are initialized.
  1533. properties:
  1534. mode:
  1535. type: string
  1536. description: |
  1537. Allow to specify how the replicas are initialized.
  1538. Possible values are:
  1539. * `FromPrimary`: When this mode is used replicas will be always created from the primary using `pg_basebackup`.
  1540. * `FromReplica`: When this mode is used replicas will be created from another existing replica using
  1541. `pg_basebackup`. Fallsback to `FromPrimary` if there's no replica or it fails.
  1542. * `FromExistingBackup`: When this mode is used replicas will be created from an existing SGBackup. If `backupNewerThan` is set
  1543. the SGBackup must be newer than its value. When this mode fails to restore an SGBackup it will try with a previous one (if exists).
  1544. Fallsback to `FromReplica` if there's no backup left or it fails.
  1545. * `FromNewlyCreatedBackup`: When this mode is used replicas will be created from a newly created SGBackup.
  1546. Fallsback to `FromExistingBackup` if `backupNewerThan` is set and exists a recent backup newer than its value or it fails.
  1547. default: FromExistingBackup
  1548. backupNewerThan:
  1549. type: string
  1550. description: |
  1551. An ISO 8601 duration in the format `PnDTnHnMn.nS`, that specifies how old an SGBackup have to be in order to be seleceted
  1552. to initialize a replica.
  1553. When `FromExistingBackup` mode is set this field restrict the selection of SGBackup to be used for recovery newer than the
  1554. specified value.
  1555. When `FromNewlyCreatedBackup` mode is set this field skip the creation SGBackup to be used for recovery if one newer than
  1556. the specified value exists.
  1557. backupRestorePerformance:
  1558. type: object
  1559. description: |
  1560. Configuration that affects the backup network and disk usage performance during recovery.
  1561. properties:
  1562. maxNetworkBandwidth:
  1563. type: integer
  1564. description: |
  1565. Maximum storage upload bandwidth used when storing a backup. In bytes (per second).
  1566. maxDiskBandwidth:
  1567. type: integer
  1568. description: |
  1569. Maximum disk read I/O when performing a backup. In bytes (per second).
  1570. downloadConcurrency:
  1571. type: integer
  1572. minimum: 1
  1573. description: |
  1574. Backup storage may use several concurrent streams to read the data. This parameter configures the number of parallel streams to use. By default, it's set to the minimum between the number of file to read and 10.
  1575. metadata:
  1576. type: object
  1577. description: |
  1578. Metadata information from coordinator cluster created resources.
  1579. If sharding type is `shardingsphere` then this section is applied to the ComputeNode.
  1580. properties:
  1581. annotations:
  1582. type: object
  1583. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to be passed to resources created and managed by StackGres.
  1584. properties:
  1585. allResources:
  1586. type: object
  1587. description: Annotations to attach to any resource created or managed by StackGres.
  1588. additionalProperties:
  1589. type: string
  1590. clusterPods:
  1591. type: object
  1592. description: Annotations to attach to pods created or managed by StackGres.
  1593. additionalProperties:
  1594. type: string
  1595. services:
  1596. type: object
  1597. description: Annotations to attach to all services created or managed by StackGres.
  1598. additionalProperties:
  1599. type: string
  1600. primaryService:
  1601. type: object
  1602. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-primary` service.
  1603. additionalProperties:
  1604. type: string
  1605. replicasService:
  1606. type: object
  1607. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-replicas` service.
  1608. additionalProperties:
  1609. type: string
  1610. labels:
  1611. type: object
  1612. description: Custom Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) to be passed to resources created and managed by StackGres.
  1613. properties:
  1614. clusterPods:
  1615. type: object
  1616. description: Labels to attach to Pods created or managed by StackGres.
  1617. additionalProperties:
  1618. type: string
  1619. services:
  1620. type: object
  1621. description: Labels to attach to Services and Endpoints created or managed by StackGres.
  1622. additionalProperties:
  1623. type: string
  1624. shards:
  1625. type: object
  1626. description: |
  1627. The shards are a group of StackGres clusters where the partitioned data chunks are stored.
  1628. When referring to the cluster in the descriptions belove it apply to any shard's StackGres cluster.
  1629. required: ["clusters", "instancesPerCluster", "pods"]
  1630. properties:
  1631. clusters:
  1632. type: integer
  1633. minimum: 0
  1634. description: |
  1635. Number of shard's StackGres clusters
  1636. instancesPerCluster:
  1637. type: integer
  1638. minimum: 0
  1639. description: |
  1640. Number of StackGres instances per shard's StackGres cluster. Each instance contains one Postgres server.
  1641. Out of all of the Postgres servers, one is elected as the primary, the rest remain as read-only replicas.
  1642. autoscaling: *autoscaling
  1643. sgInstanceProfile:
  1644. type: string
  1645. description: |
  1646. Name of the [SGInstanceProfile](https://stackgres.io/doc/latest/reference/crd/sginstanceprofile/).
  1647. A SGInstanceProfile defines CPU and memory limits. Must exist before creating a cluster.
  1648. When no profile is set, a default (1 core, 2 GiB RAM) one is used.
  1649. **Changing this field may require a restart.**
  1650. managedSql:
  1651. type: object
  1652. description: |
  1653. This section allows to reference SQL scripts that will be applied to the cluster live.
  1654. properties:
  1655. continueOnSGScriptError:
  1656. type: boolean
  1657. description: If true, when any entry of any `SGScript` fail will not prevent subsequent `SGScript` from being executed. By default is `false`.
  1658. scripts:
  1659. type: array
  1660. description: |
  1661. A list of script references that will be executed in sequence.
  1662. items:
  1663. type: object
  1664. description: |
  1665. A script reference. Each version of each entry of the script referenced will be executed exactly once following the sequence defined
  1666. in the referenced script and skipping any script entry that have already been executed.
  1667. properties:
  1668. id:
  1669. type: integer
  1670. description: The id is immutable and must be unique across all the `SGScript` entries. It is replaced by the operator and is used to identify the `SGScript` entry.
  1671. sgScript:
  1672. type: string
  1673. description: A reference to an `SGScript`
  1674. pods:
  1675. type: object
  1676. description: Cluster pod's configuration.
  1677. required: ["persistentVolume"]
  1678. properties:
  1679. persistentVolume:
  1680. type: object
  1681. description: Pod's persistent volume configuration.
  1682. required: ["size"]
  1683. properties:
  1684. size:
  1685. type: string
  1686. pattern: '^[0-9]+(\.[0-9]+)?(Mi|Gi|Ti)$'
  1687. description: |
  1688. Size of the PersistentVolume set for each instance of the cluster. This size is specified either in Mebibytes, Gibibytes or Tebibytes (multiples of 2^20, 2^30 or 2^40, respectively).
  1689. storageClass:
  1690. type: string
  1691. description: |
  1692. Name of an existing StorageClass in the Kubernetes cluster, used to create the PersistentVolumes for the instances of the cluster.
  1693. disableConnectionPooling:
  1694. type: boolean
  1695. description: |
  1696. If set to `true`, avoids creating a connection pooling (using [PgBouncer](https://www.pgbouncer.org/)) sidecar.
  1697. **Changing this field may require a restart.**
  1698. disableMetricsExporter:
  1699. type: boolean
  1700. description: |
  1701. **Deprecated** use instead .spec.configurations.observability.disableMetrics.
  1702. disablePostgresUtil:
  1703. type: boolean
  1704. description: |
  1705. If set to `true`, avoids creating the `postgres-util` sidecar. This sidecar contains usual Postgres administration utilities *that are not present in the main (`patroni`) container*, like `psql`. Only disable if you know what you are doing.
  1706. **Changing this field may require a restart.**
  1707. resources:
  1708. type: object
  1709. description: Pod custom resources configuration.
  1710. properties:
  1711. enableClusterLimitsRequirements:
  1712. type: boolean
  1713. description: |
  1714. When enabled resource limits for containers other than the patroni container wil be set just like for patroni contianer as specified in the SGInstanceProfile.
  1715. **Changing this field may require a restart.**
  1716. disableResourcesRequestsSplitFromTotal:
  1717. type: boolean
  1718. description: |
  1719. When set to `true` the resources requests values in fields `SGInstanceProfile.spec.requests.cpu` and `SGInstanceProfile.spec.requests.memory` will represent the resources
  1720. requests of the patroni container and the total resources requests calculated by adding the resources requests of all the containers (including the patroni container).
  1721. **Changing this field may require a restart.**
  1722. failWhenTotalIsHigher:
  1723. type: boolean
  1724. description: |
  1725. When set to `true` the reconciliation of the cluster will fail if `disableResourcesRequestsSplitFromTotal` is not set or set to `false` and the sum of the CPU or memory
  1726. of all the containers except patroni is equals or higher than the total specified in `SGInstanceProfile.spec.requests.cpu` or `SGInstanceProfile.spec.requests.memory`.
  1727. When `false` (the default) and `disableResourcesRequestsSplitFromTotal` is not set or set to `false` and the sum of the CPU or memory
  1728. of all the containers except patroni is equals or higher than the total specified in `SGInstanceProfile.spec.requests.cpu` or `SGInstanceProfile.spec.requests.memory`
  1729. then the patroni container resources will be set to 0.
  1730. scheduling: *scheduling
  1731. managementPolicy:
  1732. type: string
  1733. description: |
  1734. managementPolicy controls how pods are created during initial scale up, when replacing pods
  1735. on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created
  1736. in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is
  1737. ready before continuing. When scaling down, the pods are removed in the opposite order.
  1738. The alternative policy is `Parallel` which will create pods in parallel to match the desired
  1739. scale without waiting, and on scale down will delete all pods at once.
  1740. customVolumes:
  1741. type: array
  1742. description: |
  1743. A list of custom volumes that may be used along with any container defined in
  1744. customInitContainers or customContainers sections for the shards.
  1745. The name used in this section will be prefixed with the string `custom-` so that when
  1746. referencing them in the customInitContainers or customContainers sections the name used
  1747. have to be prepended with the same prefix.
  1748. Only the following volume types are allowed: configMap, downwardAPI, emptyDir,
  1749. gitRepo, glusterfs, hostPath, nfs, projected and secret
  1750. **Changing this field may require a restart.**
  1751. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core
  1752. items:
  1753. type: object
  1754. description: |
  1755. A custom volume that may be used along with any container defined in
  1756. customInitContainers or customContainers sections.
  1757. The name used in this section will be prefixed with the string `custom-` so that when
  1758. referencing them in the customInitContainers or customContainers sections the name used
  1759. have to be prepended with the same prefix.
  1760. Only the following volume types are allowed: configMap, downwardAPI, emptyDir,
  1761. gitRepo, glusterfs, hostPath, nfs, projected and secret
  1762. **Changing this field may require a restart.**
  1763. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core
  1764. properties: *volume-items-properties
  1765. customInitContainers:
  1766. type: array
  1767. description: |
  1768. A list of custom application init containers that run within the coordinator cluster's Pods. The
  1769. custom init containers will run following the defined sequence as the end of
  1770. cluster's Pods init containers.
  1771. The name used in this section will be prefixed with the string `custom-` so that when
  1772. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1773. have to be prepended with the same prefix.
  1774. **Changing this field may require a restart.**
  1775. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core
  1776. items:
  1777. type: object
  1778. description: |
  1779. A custom application init container that run within the cluster's Pods. The custom init
  1780. containers will run following the defined sequence as the end of cluster's Pods init
  1781. containers.
  1782. The name used in this section will be prefixed with the string `custom-` so that when
  1783. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1784. have to be prepended with the same prefix.
  1785. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core\n
  1786. **Changing this field may require a restart.**
  1787. required: ["name"]
  1788. properties: *containers-items-properties
  1789. customContainers:
  1790. type: array
  1791. description: |
  1792. A list of custom application containers that run within the shards cluster's Pods.
  1793. The name used in this section will be prefixed with the string `custom-` so that when
  1794. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1795. have to be prepended with the same prefix.
  1796. **Changing this field may require a restart.**
  1797. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core
  1798. items:
  1799. type: object
  1800. description: |
  1801. A custom application container that run within the cluster's Pods. The custom
  1802. containers will run following the defined sequence as the end of cluster's Pods
  1803. containers.
  1804. The name used in this section will be prefixed with the string `custom-` so that when
  1805. referencing them in the .spec.containers section of SGInstanceProfile the name used
  1806. have to be prepended with the same prefix.
  1807. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core\n
  1808. **Changing this field may require a restart.**
  1809. required: ["name"]
  1810. properties: *containers-items-properties
  1811. customVolumeMounts:
  1812. type: object
  1813. description: Custom Pod volumes to mount into the specified container's filesystem.
  1814. additionalProperties:
  1815. type: array
  1816. description: Custom Pod volumes to mount into the specified container's filesystem.
  1817. items: *volume-mounts-items
  1818. customInitVolumeMounts:
  1819. type: object
  1820. description: Custom Pod volumes to mount into the specified init container's filesystem.
  1821. additionalProperties:
  1822. type: array
  1823. description: Custom Pod volumes to mount into the specified init container's filesystem.
  1824. items: *volume-mounts-items
  1825. configurations:
  1826. type: object
  1827. description: |
  1828. Shards custom configurations.
  1829. properties:
  1830. sgPostgresConfig:
  1831. type: string
  1832. description: |
  1833. Name of the [SGPostgresConfig](https://stackgres.io/doc/latest/reference/crd/sgpgconfig) used for the cluster. It must exist. When not set, a default Postgres config, for the major version selected, is used.
  1834. **Changing this field may require a restart.**
  1835. sgPoolingConfig:
  1836. type: string
  1837. description: |
  1838. Name of the [SGPoolingConfig](https://stackgres.io/doc/latest/reference/crd/sgpoolconfig) used for this cluster. Each pod contains a sidecar with a connection pooler (currently: [PgBouncer](https://www.pgbouncer.org/)). The connection pooler is implemented as a sidecar.
  1839. If not set, a default configuration will be used. Disabling connection pooling altogether is possible if the disableConnectionPooling property of the pods object is set to true.
  1840. **Changing this field may require a restart.**
  1841. patroni: *patroni
  1842. replication: *replication
  1843. metadata:
  1844. type: object
  1845. description: Metadata information from shards cluster created resources.
  1846. properties:
  1847. annotations:
  1848. type: object
  1849. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to be passed to resources created and managed by StackGres.
  1850. properties:
  1851. allResources:
  1852. type: object
  1853. description: Annotations to attach to any resource created or managed by StackGres.
  1854. additionalProperties:
  1855. type: string
  1856. clusterPods:
  1857. type: object
  1858. description: Annotations to attach to pods created or managed by StackGres.
  1859. additionalProperties:
  1860. type: string
  1861. services:
  1862. type: object
  1863. description: Annotations to attach to all services created or managed by StackGres.
  1864. additionalProperties:
  1865. type: string
  1866. primaryService:
  1867. type: object
  1868. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-primary` service.
  1869. additionalProperties:
  1870. type: string
  1871. replicasService:
  1872. type: object
  1873. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-replicas` service.
  1874. additionalProperties:
  1875. type: string
  1876. labels:
  1877. type: object
  1878. description: Custom Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) to be passed to resources created and managed by StackGres.
  1879. properties:
  1880. clusterPods:
  1881. type: object
  1882. description: Labels to attach to Pods created or managed by StackGres.
  1883. additionalProperties:
  1884. type: string
  1885. services:
  1886. type: object
  1887. description: Labels to attach to Services and Endpoints created or managed by StackGres.
  1888. additionalProperties:
  1889. type: string
  1890. overrides:
  1891. type: array
  1892. description: |
  1893. Any shard can be overriden by this section.
  1894. items:
  1895. type: object
  1896. description: |
  1897. Any shard can be overriden by this section.
  1898. required: ["index"]
  1899. properties:
  1900. index:
  1901. type: integer
  1902. minimum: 0
  1903. description: |
  1904. Identifier of the shard StackGres cluster to override (starting from 0)
  1905. instancesPerCluster:
  1906. type: integer
  1907. minimum: 0
  1908. description: |
  1909. Number of StackGres instances per shard's StackGres cluster. Each instance contains one Postgres server.
  1910. Out of all of the Postgres servers, one is elected as the primary, the rest remain as read-only replicas.
  1911. autoscaling: *autoscaling
  1912. sgInstanceProfile:
  1913. type: string
  1914. description: |
  1915. Name of the [SGInstanceProfile](https://stackgres.io/doc/latest/04-postgres-cluster-management/03-resource-profiles/). A SGInstanceProfile defines CPU and memory limits. Must exist before creating a cluster. When no profile is set, a default (currently: 1 core, 2 GiB RAM) one is used.
  1916. managedSql:
  1917. type: object
  1918. description: |
  1919. This section allows to reference SQL scripts that will be applied to the cluster live.
  1920. properties:
  1921. continueOnSGScriptError:
  1922. type: boolean
  1923. description: If true, when any entry of any `SGScript` fail will not prevent subsequent `SGScript` from being executed. By default is `false`.
  1924. scripts:
  1925. type: array
  1926. description: |
  1927. A list of script references that will be executed in sequence.
  1928. items:
  1929. type: object
  1930. description: |
  1931. A script reference. Each version of each entry of the script referenced will be executed exactly once following the sequence defined
  1932. in the referenced script and skipping any script entry that have already been executed.
  1933. properties:
  1934. id:
  1935. type: integer
  1936. description: The id is immutable and must be unique across all the `SGScript` entries. It is replaced by the operator and is used to identify the `SGScript` entry.
  1937. sgScript:
  1938. type: string
  1939. description: A reference to an `SGScript`
  1940. pods:
  1941. type: object
  1942. description: Cluster pod's configuration.
  1943. properties:
  1944. persistentVolume:
  1945. type: object
  1946. description: Pod's persistent volume configuration.
  1947. required: ["size"]
  1948. properties:
  1949. size:
  1950. type: string
  1951. pattern: '^[0-9]+(\.[0-9]+)?(Mi|Gi|Ti)$'
  1952. description: |
  1953. Size of the PersistentVolume set for each instance of the cluster. This size is specified either in Mebibytes, Gibibytes or Tebibytes (multiples of 2^20, 2^30 or 2^40, respectively).
  1954. storageClass:
  1955. type: string
  1956. description: |
  1957. Name of an existing StorageClass in the Kubernetes cluster, used to create the PersistentVolumes for the instances of the cluster.
  1958. disableConnectionPooling:
  1959. type: boolean
  1960. description: |
  1961. If set to `true`, avoids creating a connection pooling (using [PgBouncer](https://www.pgbouncer.org/)) sidecar.
  1962. **Changing this field may require a restart.**
  1963. disableMetricsExporter:
  1964. type: boolean
  1965. description: |
  1966. **Deprecated** use instead .spec.configurations.observability.disableMetrics.
  1967. disablePostgresUtil:
  1968. type: boolean
  1969. description: |
  1970. If set to `true`, avoids creating the `postgres-util` sidecar. This sidecar contains usual Postgres administration utilities *that are not present in the main (`patroni`) container*, like `psql`. Only disable if you know what you are doing.
  1971. **Changing this field may require a restart.**
  1972. resources:
  1973. type: object
  1974. description: Pod custom resources configuration.
  1975. properties:
  1976. enableClusterLimitsRequirements:
  1977. type: boolean
  1978. description: |
  1979. When enabled resource limits for containers other than the patroni container wil be set just like for patroni contianer as specified in the SGInstanceProfile.
  1980. **Changing this field may require a restart.**
  1981. disableResourcesRequestsSplitFromTotal:
  1982. type: boolean
  1983. description: |
  1984. When set to `true` the resources requests values in fields `SGInstanceProfile.spec.requests.cpu` and `SGInstanceProfile.spec.requests.memory` will represent the resources
  1985. requests of the patroni container and the total resources requests calculated by adding the resources requests of all the containers (including the patroni container).
  1986. **Changing this field may require a restart.**
  1987. failWhenTotalIsHigher:
  1988. type: boolean
  1989. description: |
  1990. When set to `true` the reconciliation of the cluster will fail if `disableResourcesRequestsSplitFromTotal` is not set or set to `false` and the sum of the CPU or memory
  1991. of all the containers except patroni is equals or higher than the total specified in `SGInstanceProfile.spec.requests.cpu` or `SGInstanceProfile.spec.requests.memory`.
  1992. When `false` (the default) and `disableResourcesRequestsSplitFromTotal` is not set or set to `false` and the sum of the CPU or memory
  1993. of all the containers except patroni is equals or higher than the total specified in `SGInstanceProfile.spec.requests.cpu` or `SGInstanceProfile.spec.requests.memory`
  1994. then the patroni container resources will be set to 0.
  1995. scheduling: *scheduling
  1996. managementPolicy:
  1997. type: string
  1998. description: |
  1999. managementPolicy controls how pods are created during initial scale up, when replacing pods
  2000. on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created
  2001. in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is
  2002. ready before continuing. When scaling down, the pods are removed in the opposite order.
  2003. The alternative policy is `Parallel` which will create pods in parallel to match the desired
  2004. scale without waiting, and on scale down will delete all pods at once.
  2005. customVolumes:
  2006. type: array
  2007. description: |
  2008. A list of custom volumes that may be used along with any container defined in
  2009. customInitContainers or customContainers sections for the shards.
  2010. The name used in this section will be prefixed with the string `custom-` so that when
  2011. referencing them in the customInitContainers or customContainers sections the name used
  2012. have to be prepended with the same prefix.
  2013. Only the following volume types are allowed: configMap, downwardAPI, emptyDir,
  2014. gitRepo, glusterfs, hostPath, nfs, projected and secret
  2015. **Changing this field may require a restart.**
  2016. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core
  2017. items:
  2018. type: object
  2019. description: |
  2020. A custom volume that may be used along with any container defined in
  2021. customInitContainers or customContainers sections.
  2022. The name used in this section will be prefixed with the string `custom-` so that when
  2023. referencing them in the customInitContainers or customContainers sections the name used
  2024. have to be prepended with the same prefix.
  2025. Only the following volume types are allowed: configMap, downwardAPI, emptyDir,
  2026. gitRepo, glusterfs, hostPath, nfs, projected and secret
  2027. **Changing this field may require a restart.**
  2028. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#volume-v1-core
  2029. properties: *volume-items-properties
  2030. customInitContainers:
  2031. type: array
  2032. description: |
  2033. A list of custom application init containers that run within the coordinator cluster's Pods. The
  2034. custom init containers will run following the defined sequence as the end of
  2035. cluster's Pods init containers.
  2036. The name used in this section will be prefixed with the string `custom-` so that when
  2037. referencing them in the .spec.containers section of SGInstanceProfile the name used
  2038. have to be prepended with the same prefix.
  2039. **Changing this field may require a restart.**
  2040. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core
  2041. items:
  2042. type: object
  2043. description: |
  2044. A custom application init container that run within the cluster's Pods. The custom init
  2045. containers will run following the defined sequence as the end of cluster's Pods init
  2046. containers.
  2047. The name used in this section will be prefixed with the string `custom-` so that when
  2048. referencing them in the .spec.containers section of SGInstanceProfile the name used
  2049. have to be prepended with the same prefix.
  2050. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core\n
  2051. **Changing this field may require a restart.**
  2052. required: ["name"]
  2053. properties: *containers-items-properties
  2054. customContainers:
  2055. type: array
  2056. description: |
  2057. A list of custom application containers that run within the shards cluster's Pods.
  2058. The name used in this section will be prefixed with the string `custom-` so that when
  2059. referencing them in the .spec.containers section of SGInstanceProfile the name used
  2060. have to be prepended with the same prefix.
  2061. **Changing this field may require a restart.**
  2062. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core
  2063. items:
  2064. type: object
  2065. description: |
  2066. A custom application container that run within the cluster's Pods. The custom
  2067. containers will run following the defined sequence as the end of cluster's Pods
  2068. containers.
  2069. The name used in this section will be prefixed with the string `custom-` so that when
  2070. referencing them in the .spec.containers section of SGInstanceProfile the name used
  2071. have to be prepended with the same prefix.
  2072. See: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#container-v1-core\n
  2073. **Changing this field may require a restart.**
  2074. required: ["name"]
  2075. properties: *containers-items-properties
  2076. customVolumeMounts:
  2077. type: object
  2078. description: Custom Pod volumes to mount into the specified container's filesystem.
  2079. additionalProperties:
  2080. type: array
  2081. description: Custom Pod volumes to mount into the specified container's filesystem.
  2082. items: *volume-mounts-items
  2083. customInitVolumeMounts:
  2084. type: object
  2085. description: Custom Pod volumes to mount into the specified init container's filesystem.
  2086. additionalProperties:
  2087. type: array
  2088. description: Custom Pod volumes to mount into the specified init container's filesystem.
  2089. items: *volume-mounts-items
  2090. configurations:
  2091. type: object
  2092. description: |
  2093. Shards custom configurations.
  2094. properties:
  2095. sgPostgresConfig:
  2096. type: string
  2097. description: |
  2098. Name of the [SGPostgresConfig](https://stackgres.io/doc/latest/reference/crd/sgpgconfig) used for the cluster. It must exist. When not set, a default Postgres config, for the major version selected, is used.
  2099. sgPoolingConfig:
  2100. type: string
  2101. description: |
  2102. Name of the [SGPoolingConfig](https://stackgres.io/doc/latest/reference/crd/sgpoolconfig) used for this cluster. Each pod contains a sidecar with a connection pooler (currently: [PgBouncer](https://www.pgbouncer.org/)). The connection pooler is implemented as a sidecar.
  2103. If not set, a default configuration will be used. Disabling connection pooling altogether is possible if the disableConnectionPooling property of the pods object is set to true.
  2104. replication: *replication
  2105. metadata:
  2106. type: object
  2107. description: Metadata information from shards cluster created resources.
  2108. properties:
  2109. annotations:
  2110. type: object
  2111. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to be passed to resources created and managed by StackGres.
  2112. properties:
  2113. allResources:
  2114. type: object
  2115. description: Annotations to attach to any resource created or managed by StackGres.
  2116. additionalProperties:
  2117. type: string
  2118. clusterPods:
  2119. type: object
  2120. description: Annotations to attach to pods created or managed by StackGres.
  2121. additionalProperties:
  2122. type: string
  2123. services:
  2124. type: object
  2125. description: Annotations to attach to all services created or managed by StackGres.
  2126. additionalProperties:
  2127. type: string
  2128. primaryService:
  2129. type: object
  2130. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-primary` service.
  2131. additionalProperties:
  2132. type: string
  2133. replicasService:
  2134. type: object
  2135. description: Custom Kubernetes [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) passed to the `-replicas` service.
  2136. additionalProperties:
  2137. type: string
  2138. labels:
  2139. type: object
  2140. description: Custom Kubernetes [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) to be passed to resources created and managed by StackGres.
  2141. properties:
  2142. clusterPods:
  2143. type: object
  2144. description: Labels to attach to Pods created or managed by StackGres.
  2145. additionalProperties:
  2146. type: string
  2147. services:
  2148. type: object
  2149. description: Labels to attach to Services and Endpoints created or managed by StackGres.
  2150. additionalProperties:
  2151. type: string
  2152. prometheusAutobind:
  2153. type: boolean
  2154. description: |
  2155. **Deprecated** use instead .spec.configurations.observability.prometheusAutobind.
  2156. distributedLogs:
  2157. type: object
  2158. description: |
  2159. StackGres features a functionality for all pods to send Postgres, Patroni and PgBouncer logs to a central (distributed) location, which is in turn another Postgres database. Logs can then be accessed via SQL interface or from the web UI. This section controls whether to enable this feature or not. If not enabled, logs are send to the pod's standard output.
  2160. **Example:**
  2161. ```yaml
  2162. apiVersion: stackgres.io/v1alpha1
  2163. kind: SGShardedCluster
  2164. metadata:
  2165. name: stackgres
  2166. spec:
  2167. distributedLogs:
  2168. sgDistributedLogs: distributedlogs
  2169. ```
  2170. properties:
  2171. sgDistributedLogs:
  2172. type: string
  2173. description: |
  2174. Name of the [SGDistributedLogs](https://stackgres.io/doc/latest/reference/crd/sgdistributedlogs/) to use for this cluster. It must exist.
  2175. retention:
  2176. type: string
  2177. pattern: '^[0-9]+ (minutes?|hours?|days?|months?)'
  2178. description: |
  2179. Define a retention window with the syntax `<integer> (minutes|hours|days|months)` in which log entries are kept.
  2180. Log entries will be removed when they get older more than the double of the specified retention window.
  2181. When this field is changed the retention will be applied only to log entries that are newer than the end of
  2182. the retention window previously specified. If no retention window was previously specified it is considered
  2183. to be of 7 days. This means that if previous retention window is of `7 days` new retention configuration will
  2184. apply after UTC timestamp calculated with: `SELECT date_trunc('days', now() at time zone 'UTC') - INTERVAL '7 days'`.
  2185. nonProductionOptions:
  2186. type: object
  2187. properties:
  2188. disableClusterPodAntiAffinity:
  2189. type: boolean
  2190. description: |
  2191. It is a best practice, on non-containerized environments, when running production workloads, to run each database server on a different server (virtual or physical), i.e., not to co-locate more than one database server per host.
  2192. The same best practice applies to databases on containers. By default, StackGres will not allow to run more than one StackGres pod on a given Kubernetes node. Set this property to true to allow more than one StackGres pod per node.
  2193. This property default value may be changed depending on the value of field `.spec.profile`.
  2194. This property default value may be changed depending on the value of field `.spec.profile`.
  2195. disablePatroniResourceRequirements:
  2196. type: boolean
  2197. description: |
  2198. It is a best practice, on containerized environments, when running production workloads, to enforce container's resources requirements.
  2199. The same best practice applies to databases on containers. By default, StackGres will configure resource requirements for patroni container. Set this property to true to prevent StackGres from setting patroni container's resources requirement.
  2200. This property default value may be changed depending on the value of field `.spec.profile`.
  2201. disableClusterResourceRequirements:
  2202. type: boolean
  2203. description: |
  2204. It is a best practice, on containerized environments, when running production workloads, to enforce container's resources requirements.
  2205. By default, StackGres will configure resource requirements for all the containers. Set this property to true to prevent StackGres from setting container's resources requirements (except for patroni container, see `disablePatroniResourceRequirements`).
  2206. This property default value may be changed depending on the value of field `.spec.profile`.
  2207. enableSetPatroniCpuRequests:
  2208. type: boolean
  2209. description: |
  2210. **Deprecated** this value is ignored and you can consider it as always `true`.
  2211. On containerized environments, when running production workloads, enforcing container's cpu requirements request to be equals to the limit allow to achieve the highest level of performance. Doing so, reduces the chances of leaving
  2212. the workload with less cpu than it requires. It also allow to set [static CPU management policy](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy) that allows to guarantee a pod the usage exclusive CPUs on the node.
  2213. By default, StackGres will configure cpu requirements to have the same limit and request for the patroni container. Set this property to true to prevent StackGres from setting patroni container's cpu requirements request equals to the limit
  2214. when `.spec.requests.cpu` is configured in the referenced `SGInstanceProfile`.
  2215. default: false
  2216. enableSetClusterCpuRequests:
  2217. type: boolean
  2218. description: |
  2219. **Deprecated** this value is ignored and you can consider it as always `true`.
  2220. On containerized environments, when running production workloads, enforcing container's cpu requirements request to be equals to the limit allow to achieve the highest level of performance. Doing so, reduces the chances of leaving
  2221. the workload with less cpu than it requires. It also allow to set [static CPU management policy](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy) that allows to guarantee a pod the usage exclusive CPUs on the node.
  2222. By default, StackGres will configure cpu requirements to have the same limit and request for all the containers. Set this property to true to prevent StackGres from setting container's cpu requirements request equals to the limit (except for patroni container, see `enablePatroniCpuRequests`)
  2223. when `.spec.requests.containers.<container name>.cpu` `.spec.requests.initContainers.<container name>.cpu` is configured in the referenced `SGInstanceProfile`.
  2224. default: false
  2225. enableSetPatroniMemoryRequests:
  2226. type: boolean
  2227. description: |
  2228. **Deprecated** this value is ignored and you can consider it as always `true`.
  2229. On containerized environments, when running production workloads, enforcing container's memory requirements request to be equals to the limit allow to achieve the highest level of performance. Doing so, reduces the chances of leaving
  2230. the workload with less memory than it requires.
  2231. By default, StackGres will configure memory requirements to have the same limit and request for the patroni container. Set this property to true to prevent StackGres from setting patroni container's memory requirements request equals to the limit
  2232. when `.spec.requests.memory` is configured in the referenced `SGInstanceProfile`.
  2233. default: false
  2234. enableSetClusterMemoryRequests:
  2235. type: boolean
  2236. description: |
  2237. **Deprecated** this value is ignored and you can consider it as always `true`.
  2238. On containerized environments, when running production workloads, enforcing container's memory requirements request to be equals to the limit allow to achieve the highest level of performance. Doing so, reduces the chances of leaving
  2239. the workload with less memory than it requires.
  2240. By default, StackGres will configure memory requirements to have the same limit and request for all the containers. Set this property to true to prevent StackGres from setting container's memory requirements request equals to the limit (except for patroni container, see `enablePatroniCpuRequests`)
  2241. when `.spec.requests.containers.<container name>.memory` `.spec.requests.initContainers.<container name>.memory` is configured in the referenced `SGInstanceProfile`.
  2242. default: false
  2243. enabledFeatureGates:
  2244. type: array
  2245. description: |
  2246. A list of StackGres feature gates to enable (not suitable for a production environment).
  2247. Available feature gates are:
  2248. * `babelfish-flavor`: Allow to use `babelfish` flavor.
  2249. items:
  2250. type: string
  2251. description: The name of the fature gate to enable.
  2252. initialData:
  2253. type: object
  2254. description: |
  2255. Sharded cluster initialization data options. Sharded cluster may be initialized empty, or from a sharded backup restoration.
  2256. **This field can only be set on creation.**
  2257. properties:
  2258. restore:
  2259. type: object
  2260. description: |
  2261. This section allows to restore a sharded cluster from an existing copy of the metadata and data.
  2262. properties:
  2263. fromBackup:
  2264. type: object
  2265. description: |
  2266. From which sharded backup to restore and how the process is configured
  2267. **Example:**
  2268. ```yaml
  2269. apiVersion: stackgres.io/v1
  2270. kind: SGShardedCluster
  2271. metadata:
  2272. name: stackgres
  2273. spec:
  2274. initialData:
  2275. restore:
  2276. fromBackup:
  2277. name: stackgres-backup
  2278. downloadDiskConcurrency: 1
  2279. ```
  2280. properties:
  2281. name:
  2282. type: string
  2283. description: |
  2284. When set to the name of an existing [SGShardedBackup](https://stackgres.io/doc/latest/reference/crd/sgshardedbackup), the sharded cluster is initialized by restoring the
  2285. backup data to it. If not set, the sharded cluster is initialized empty. The selected sharded backup must be in the same namespace.
  2286. targetInclusive:
  2287. type: boolean
  2288. description: |
  2289. Specify the [recovery_target_inclusive](https://postgresqlco.nf/doc/en/param/recovery_target_timeline/) to stop recovery just after the specified
  2290. recovery target (true), or just before the recovery target (false). Applies when targetLsn, pointInTimeRecovery, or targetXid is specified. This
  2291. setting controls whether transactions having exactly the target WAL location (LSN), commit time, or transaction ID, respectively, will be included
  2292. in the recovery. Default is true.
  2293. pointInTimeRecovery:
  2294. type: object
  2295. description: |
  2296. It is possible to restore the database to its state at any time since your backup was taken using Point-in-Time Recovery (PITR) as long as another
  2297. backup newer than the PITR requested restoration date does not exists.
  2298. Point In Time Recovery (PITR). PITR allow to restore the database state to an arbitrary point of time in the past, as long as you specify a backup
  2299. older than the PITR requested restoration date and does not exists a backup newer than the same restoration date.
  2300. See also: https://www.postgresql.org/docs/current/continuous-archiving.html
  2301. properties:
  2302. restoreToTimestamp:
  2303. type: string
  2304. description: |
  2305. An ISO 8601 date, that holds UTC date indicating at which point-in-time the database have to be restored.
  2306. downloadDiskConcurrency:
  2307. type: integer
  2308. minimum: 1
  2309. description: |
  2310. The backup fetch process may fetch several streams in parallel. Parallel fetching is enabled when set to a value larger than one.
  2311. If not specified it will be interpreted as latest.
  2312. status:
  2313. type: object
  2314. description: Current status of a StackGres sharded cluster.
  2315. properties:
  2316. conditions:
  2317. type: array
  2318. items:
  2319. type: object
  2320. properties:
  2321. lastTransitionTime:
  2322. description: Last time the condition transitioned from one status to another.
  2323. type: string
  2324. message:
  2325. description: A human readable message indicating details about the transition.
  2326. type: string
  2327. reason:
  2328. description: The reason for the condition's last transition.
  2329. type: string
  2330. status:
  2331. description: Status of the condition, one of True, False, Unknown.
  2332. type: string
  2333. type:
  2334. description: Type of deployment condition.
  2335. type: string
  2336. clusterStatuses:
  2337. type: array
  2338. description: The list of cluster statuses.
  2339. items:
  2340. type: object
  2341. required: ["name"]
  2342. properties:
  2343. name:
  2344. type: string
  2345. description: The name of the cluster.
  2346. pendingRestart:
  2347. type: boolean
  2348. description: Indicates if the cluster requires restart
  2349. toInstallPostgresExtensions:
  2350. type: array
  2351. description: The list of Postgres extensions to install
  2352. items:
  2353. type: object
  2354. required: ["name", "publisher", "version", "repository", "postgresVersion"]
  2355. properties:
  2356. name:
  2357. type: string
  2358. description: The name of the extension to install.
  2359. publisher:
  2360. type: string
  2361. description: The id of the publisher of the extension to install.
  2362. version:
  2363. type: string
  2364. description: The version of the extension to install.
  2365. repository:
  2366. type: string
  2367. description: The repository base URL from where the extension will be installed from.
  2368. postgresVersion:
  2369. type: string
  2370. description: The postgres major version of the extension to install.
  2371. build:
  2372. type: string
  2373. description: The build version of the extension to install.
  2374. extraMounts:
  2375. type: array
  2376. description: The extra mounts of the extension to install.
  2377. items:
  2378. type: string
  2379. description: The extra mount of the installed extension.
  2380. binding:
  2381. type: object
  2382. description: |
  2383. This section follow the schema specified in [Service Binding spec for provisioned service](https://servicebinding.io/spec/core/1.0.0/#provisioned-service).
  2384. For more information see https://servicebinding.io/spec/core/1.0.0/
  2385. properties:
  2386. name:
  2387. type: string
  2388. description: The name of the Secret as specified in [Service Binding spec for provisioned service](https://servicebinding.io/spec/core/1.0.0/#provisioned-service).
  2389. # dbOps:
  2390. # type: object
  2391. # description: |
  2392. # Used by some [SGDbOps](https://stackgres.io/doc/latest/reference/crd/sgdbops) to indicate the operation configuration and status to the operator.
  2393. # properties:
  2394. # majorVersionUpgrade:
  2395. # type: object
  2396. # description: |
  2397. # The major version upgrade configuration and status
  2398. # properties:
  2399. # sourcePostgresVersion:
  2400. # type: string
  2401. # description: |
  2402. # The source PostgreSQL version
  2403. # targetPostgresVersion:
  2404. # type: string
  2405. # description: |
  2406. # The target PostgreSQL version
  2407. # minorVersionUpgrade:
  2408. # type: object
  2409. # description: |
  2410. # The minor version upgrade configuration and status
  2411. # properties:
  2412. # sourcePostgresVersion:
  2413. # type: string
  2414. # description: |
  2415. # Postgres version that is currently running on the cluster
  2416. # targetPostgresVersion:
  2417. # type: string
  2418. # description: |
  2419. # The desired Postgres version for the cluster
  2420. sgBackups:
  2421. type: array
  2422. description: |
  2423. The list of SGBackups that compose the SGShardedBackup used to restore the sharded cluster.
  2424. items:
  2425. type: string
  2426. description: |
  2427. One of the SGBackups that compose the SGShardedBackup used to restore the sharded cluster.