{ "description": "Kafka is the Schema for the kafkas API.\nInfo \"Exposes secret keys\": `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`, `KAFKA_CA_CERT`", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "KafkaSpec defines the desired state of Kafka", "properties": { "authSecretRef": { "description": "Authentication reference to Aiven token in a secret", "properties": { "key": { "minLength": 1, "type": "string" }, "name": { "minLength": 1, "type": "string" } }, "required": [ "key", "name" ], "type": "object", "additionalProperties": false }, "cloudName": { "description": "Cloud the service runs in.", "maxLength": 256, "type": "string" }, "connInfoSecretTarget": { "description": "Secret configuration.", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations added to the secret", "type": "object", "x-kubernetes-preserve-unknown-fields": true }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels added to the secret", "type": "object", "x-kubernetes-preserve-unknown-fields": true }, "name": { "description": "Name of the secret resource to be created. By default, it is equal to the resource name", "type": "string", "x-kubernetes-validations": [ { "message": "Value is immutable", "rule": "self == oldSelf" } ] }, "prefix": { "description": "Prefix for the secret's keys.\nAdded \"as is\" without any transformations.\nBy default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "connInfoSecretTargetDisabled": { "description": "When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.", "type": "boolean", "x-kubernetes-validations": [ { "message": "connInfoSecretTargetDisabled is immutable.", "rule": "self == oldSelf" } ] }, "disk_space": { "description": "The disk space of the service, possible values depend on the service type, the cloud provider and the project.\nReducing will result in the service re-balancing.\nThe removal of this field does not change the value.", "pattern": "(?i)^[1-9][0-9]*(GiB|G)?$", "type": "string" }, "karapace": { "description": "Switch the service to use Karapace for schema registry and REST proxy", "type": "boolean" }, "maintenanceWindowDow": { "description": "Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc.", "enum": [ "monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday" ], "type": "string" }, "maintenanceWindowTime": { "description": "Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format.", "maxLength": 8, "type": "string" }, "plan": { "description": "Subscription plan.", "maxLength": 128, "type": "string" }, "project": { "description": "Identifies the project this resource belongs to", "maxLength": 63, "pattern": "^[a-zA-Z0-9_-]+$", "type": "string", "x-kubernetes-validations": [ { "message": "Value is immutable", "rule": "self == oldSelf" } ] }, "projectVPCRef": { "description": "ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID automatically", "properties": { "name": { "minLength": 1, "type": "string" }, "namespace": { "minLength": 1, "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "projectVpcId": { "description": "Identifier of the VPC the service should be in, if any.", "maxLength": 36, "type": "string" }, "serviceIntegrations": { "description": "Service integrations to specify when creating a service. Not applied after initial service creation", "items": { "description": "Service integrations to specify when creating a service. Not applied after initial service creation", "properties": { "integrationType": { "enum": [ "read_replica" ], "type": "string" }, "sourceServiceName": { "maxLength": 64, "minLength": 1, "type": "string" } }, "required": [ "integrationType", "sourceServiceName" ], "type": "object", "additionalProperties": false }, "maxItems": 1, "type": "array", "x-kubernetes-validations": [ { "message": "Value is immutable", "rule": "self == oldSelf" } ] }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags are key-value pairs that allow you to categorize services.", "type": "object" }, "technicalEmails": { "description": "Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability.", "items": { "properties": { "email": { "description": "Email address.", "pattern": "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", "type": "string" } }, "required": [ "email" ], "type": "object", "additionalProperties": false }, "maxItems": 10, "type": "array" }, "terminationProtection": { "description": "Prevent service from being deleted. It is recommended to have this enabled for all services.", "type": "boolean" }, "userConfig": { "description": "Kafka specific user configuration options", "properties": { "additional_backup_regions": { "description": "Deprecated. Additional Cloud Regions for Backup Replication", "items": { "type": "string" }, "maxItems": 1, "type": "array" }, "aiven_kafka_topic_messages": { "description": "Allow access to read Kafka topic messages in the Aiven Console and REST API.", "type": "boolean" }, "custom_domain": { "description": "Serve the web frontend using a custom CNAME pointing to the Aiven DNS name", "maxLength": 255, "type": "string" }, "ip_filter": { "description": "Allow incoming connections from CIDR address block, e.g. '10.20.0.0/16'", "items": { "description": "CIDR address block, either as a string, or in a dict with an optional description field", "properties": { "description": { "description": "Description for IP filter list entry", "maxLength": 1024, "type": "string" }, "network": { "description": "CIDR address block", "maxLength": 43, "type": "string" } }, "required": [ "network" ], "type": "object", "additionalProperties": false }, "maxItems": 1024, "type": "array" }, "kafka": { "description": "Kafka broker configuration values", "properties": { "auto_create_topics_enable": { "description": "Enable auto creation of topics", "type": "boolean" }, "compression_type": { "description": "Specify the final compression type for a given topic. This configuration accepts the standard compression codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts 'uncompressed' which is equivalent to no compression; and 'producer' which means retain the original compression codec set by the producer.", "enum": [ "gzip", "snappy", "lz4", "zstd", "uncompressed", "producer" ], "type": "string" }, "connections_max_idle_ms": { "description": "Idle connections timeout: the server socket processor threads close the connections that idle for longer than this.", "maximum": 3600000, "minimum": 1000, "type": "integer" }, "default_replication_factor": { "description": "Replication factor for autocreated topics", "maximum": 10, "minimum": 1, "type": "integer" }, "group_initial_rebalance_delay_ms": { "description": "The amount of time, in milliseconds, the group coordinator will wait for more consumers to join a new group before performing the first rebalance. A longer delay means potentially fewer rebalances, but increases the time until processing begins. The default value for this is 3 seconds. During development and testing it might be desirable to set this to 0 in order to not delay test execution time.", "maximum": 300000, "minimum": 0, "type": "integer" }, "group_max_session_timeout_ms": { "description": "The maximum allowed session timeout for registered consumers. Longer timeouts give consumers more time to process messages in between heartbeats at the cost of a longer time to detect failures.", "maximum": 1800000, "minimum": 0, "type": "integer" }, "group_min_session_timeout_ms": { "description": "The minimum allowed session timeout for registered consumers. Longer timeouts give consumers more time to process messages in between heartbeats at the cost of a longer time to detect failures.", "maximum": 60000, "minimum": 0, "type": "integer" }, "log_cleaner_delete_retention_ms": { "description": "How long are delete records retained?", "maximum": 315569260000, "minimum": 0, "type": "integer" }, "log_cleaner_max_compaction_lag_ms": { "description": "The maximum amount of time message will remain uncompacted. Only applicable for logs that are being compacted", "minimum": 30000, "type": "integer" }, "log_cleaner_min_cleanable_ratio": { "description": "Controls log compactor frequency. Larger value means more frequent compactions but also more space wasted for logs. Consider setting log.cleaner.max.compaction.lag.ms to enforce compactions sooner, instead of setting a very high value for this option.", "maximum": 0.9, "minimum": 0.2, "type": "number" }, "log_cleaner_min_compaction_lag_ms": { "description": "The minimum time a message will remain uncompacted in the log. Only applicable for logs that are being compacted.", "minimum": 0, "type": "integer" }, "log_cleanup_policy": { "description": "The default cleanup policy for segments beyond the retention window", "enum": [ "delete", "compact", "compact,delete" ], "type": "string" }, "log_flush_interval_messages": { "description": "The number of messages accumulated on a log partition before messages are flushed to disk", "minimum": 1, "type": "integer" }, "log_flush_interval_ms": { "description": "The maximum time in ms that a message in any topic is kept in memory before flushed to disk. If not set, the value in log.flush.scheduler.interval.ms is used", "minimum": 0, "type": "integer" }, "log_index_interval_bytes": { "description": "The interval with which Kafka adds an entry to the offset index", "maximum": 104857600, "minimum": 0, "type": "integer" }, "log_index_size_max_bytes": { "description": "The maximum size in bytes of the offset index", "maximum": 104857600, "minimum": 1048576, "type": "integer" }, "log_local_retention_bytes": { "description": "The maximum size of local log segments that can grow for a partition before it gets eligible for deletion. If set to -2, the value of log.retention.bytes is used. The effective value should always be less than or equal to log.retention.bytes value.", "minimum": -2, "type": "integer" }, "log_local_retention_ms": { "description": "The number of milliseconds to keep the local log segments before it gets eligible for deletion. If set to -2, the value of log.retention.ms is used. The effective value should always be less than or equal to log.retention.ms value.", "minimum": -2, "type": "integer" }, "log_message_downconversion_enable": { "description": "This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests.", "type": "boolean" }, "log_message_timestamp_difference_max_ms": { "description": "The maximum difference allowed between the timestamp when a broker receives a message and the timestamp specified in the message", "minimum": 0, "type": "integer" }, "log_message_timestamp_type": { "description": "Define whether the timestamp in the message is message create time or log append time.", "enum": [ "CreateTime", "LogAppendTime" ], "type": "string" }, "log_preallocate": { "description": "Should pre allocate file when create new segment?", "type": "boolean" }, "log_retention_bytes": { "description": "The maximum size of the log before deleting messages", "minimum": -1, "type": "integer" }, "log_retention_hours": { "description": "The number of hours to keep a log file before deleting it", "maximum": 2147483647, "minimum": -1, "type": "integer" }, "log_retention_ms": { "description": "The number of milliseconds to keep a log file before deleting it (in milliseconds), If not set, the value in log.retention.minutes is used. If set to -1, no time limit is applied.", "minimum": -1, "type": "integer" }, "log_roll_jitter_ms": { "description": "The maximum jitter to subtract from logRollTimeMillis (in milliseconds). If not set, the value in log.roll.jitter.hours is used", "minimum": 0, "type": "integer" }, "log_roll_ms": { "description": "The maximum time before a new log segment is rolled out (in milliseconds).", "minimum": 1, "type": "integer" }, "log_segment_bytes": { "description": "The maximum size of a single log file", "maximum": 1073741824, "minimum": 10485760, "type": "integer" }, "log_segment_delete_delay_ms": { "description": "The amount of time to wait before deleting a file from the filesystem", "maximum": 3600000, "minimum": 0, "type": "integer" }, "max_connections_per_ip": { "description": "The maximum number of connections allowed from each ip address (defaults to 2147483647).", "maximum": 2147483647, "minimum": 256, "type": "integer" }, "max_incremental_fetch_session_cache_slots": { "description": "The maximum number of incremental fetch sessions that the broker will maintain.", "maximum": 10000, "minimum": 1000, "type": "integer" }, "message_max_bytes": { "description": "The maximum size of message that the server can receive.", "maximum": 100001200, "minimum": 0, "type": "integer" }, "min_insync_replicas": { "description": "When a producer sets acks to 'all' (or '-1'), min.insync.replicas specifies the minimum number of replicas that must acknowledge a write for the write to be considered successful.", "maximum": 7, "minimum": 1, "type": "integer" }, "num_partitions": { "description": "Number of partitions for autocreated topics", "maximum": 1000, "minimum": 1, "type": "integer" }, "offsets_retention_minutes": { "description": "Log retention window in minutes for offsets topic", "maximum": 2147483647, "minimum": 1, "type": "integer" }, "producer_purgatory_purge_interval_requests": { "description": "The purge interval (in number of requests) of the producer request purgatory(defaults to 1000).", "maximum": 10000, "minimum": 10, "type": "integer" }, "replica_fetch_max_bytes": { "description": "The number of bytes of messages to attempt to fetch for each partition (defaults to 1048576). This is not an absolute maximum, if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made.", "maximum": 104857600, "minimum": 1048576, "type": "integer" }, "replica_fetch_response_max_bytes": { "description": "Maximum bytes expected for the entire fetch response (defaults to 10485760). Records are fetched in batches, and if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made. As such, this is not an absolute maximum.", "maximum": 1048576000, "minimum": 10485760, "type": "integer" }, "sasl_oauthbearer_expected_audience": { "description": "The (optional) comma-delimited setting for the broker to use to verify that the JWT was issued for one of the expected audiences.", "maxLength": 128, "pattern": "^[^\\r\\n]*$", "type": "string" }, "sasl_oauthbearer_expected_issuer": { "description": "Optional setting for the broker to use to verify that the JWT was created by the expected issuer.", "maxLength": 128, "pattern": "^[^\\r\\n]*$", "type": "string" }, "sasl_oauthbearer_jwks_endpoint_url": { "description": "OIDC JWKS endpoint URL. By setting this the SASL SSL OAuth2/OIDC authentication is enabled. See also other options for SASL OAuth2/OIDC.", "maxLength": 2048, "type": "string" }, "sasl_oauthbearer_sub_claim_name": { "description": "Name of the scope from which to extract the subject claim from the JWT. Defaults to sub.", "maxLength": 128, "pattern": "^[^\\r\\n]*$", "type": "string" }, "socket_request_max_bytes": { "description": "The maximum number of bytes in a socket request (defaults to 104857600).", "maximum": 209715200, "minimum": 10485760, "type": "integer" }, "transaction_partition_verification_enable": { "description": "Enable verification that checks that the partition has been added to the transaction before writing transactional records to the partition", "type": "boolean" }, "transaction_remove_expired_transaction_cleanup_interval_ms": { "description": "The interval at which to remove transactions that have expired due to transactional.id.expiration.ms passing (defaults to 3600000 (1 hour)).", "maximum": 3600000, "minimum": 600000, "type": "integer" }, "transaction_state_log_segment_bytes": { "description": "The transaction topic segment bytes should be kept relatively small in order to facilitate faster log compaction and cache loads (defaults to 104857600 (100 mebibytes)).", "maximum": 2147483647, "minimum": 1048576, "type": "integer" } }, "type": "object", "additionalProperties": false }, "kafka_authentication_methods": { "description": "Kafka authentication methods", "properties": { "certificate": { "description": "Enable certificate/SSL authentication", "type": "boolean" }, "sasl": { "description": "Enable SASL authentication", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "kafka_connect": { "description": "Enable Kafka Connect service", "type": "boolean" }, "kafka_connect_config": { "description": "Kafka Connect configuration values", "properties": { "connector_client_config_override_policy": { "description": "Defines what client configurations can be overridden by the connector. Default is None", "enum": [ "None", "All" ], "type": "string" }, "consumer_auto_offset_reset": { "description": "What to do when there is no initial offset in Kafka or if the current offset does not exist any more on the server. Default is earliest", "enum": [ "earliest", "latest" ], "type": "string" }, "consumer_fetch_max_bytes": { "description": "Records are fetched in batches by the consumer, and if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that the consumer can make progress. As such, this is not a absolute maximum.", "maximum": 104857600, "minimum": 1048576, "type": "integer" }, "consumer_isolation_level": { "description": "Transaction read isolation level. read_uncommitted is the default, but read_committed can be used if consume-exactly-once behavior is desired.", "enum": [ "read_uncommitted", "read_committed" ], "type": "string" }, "consumer_max_partition_fetch_bytes": { "description": "Records are fetched in batches by the consumer.If the first record batch in the first non-empty partition of the fetch is larger than this limit, the batch will still be returned to ensure that the consumer can make progress.", "maximum": 104857600, "minimum": 1048576, "type": "integer" }, "consumer_max_poll_interval_ms": { "description": "The maximum delay in milliseconds between invocations of poll() when using consumer group management (defaults to 300000).", "maximum": 2147483647, "minimum": 1, "type": "integer" }, "consumer_max_poll_records": { "description": "The maximum number of records returned in a single call to poll() (defaults to 500).", "maximum": 10000, "minimum": 1, "type": "integer" }, "offset_flush_interval_ms": { "description": "The interval at which to try committing offsets for tasks (defaults to 60000).", "maximum": 100000000, "minimum": 1, "type": "integer" }, "offset_flush_timeout_ms": { "description": "Maximum number of milliseconds to wait for records to flush and partition offset data to be committed to offset storage before cancelling the process and restoring the offset data to be committed in a future attempt (defaults to 5000).", "maximum": 2147483647, "minimum": 1, "type": "integer" }, "producer_batch_size": { "description": "This setting gives the upper bound of the batch size to be sent. If there are fewer than this many bytes accumulated for this partition, the producer will 'linger' for the linger.ms time waiting for more records to show up. A batch size of zero will disable batching entirely (defaults to 16384).", "maximum": 5242880, "minimum": 0, "type": "integer" }, "producer_buffer_memory": { "description": "The total bytes of memory the producer can use to buffer records waiting to be sent to the broker (defaults to 33554432).", "maximum": 134217728, "minimum": 5242880, "type": "integer" }, "producer_compression_type": { "description": "Specify the default compression type for producers. This configuration accepts the standard compression codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts 'none' which is the default and equivalent to no compression.", "enum": [ "gzip", "snappy", "lz4", "zstd", "none" ], "type": "string" }, "producer_linger_ms": { "description": "This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will 'linger' for the specified time waiting for more records to show up. Defaults to 0.", "maximum": 5000, "minimum": 0, "type": "integer" }, "producer_max_request_size": { "description": "This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests.", "maximum": 67108864, "minimum": 131072, "type": "integer" }, "scheduled_rebalance_max_delay_ms": { "description": "The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes.", "maximum": 600000, "minimum": 0, "type": "integer" }, "session_timeout_ms": { "description": "The timeout in milliseconds used to detect failures when using Kafka\u2019s group management facilities (defaults to 10000).", "maximum": 2147483647, "minimum": 1, "type": "integer" } }, "type": "object", "additionalProperties": false }, "kafka_connect_secret_providers": { "description": "Configure external secret providers in order to reference external secrets in connector configuration. Currently Hashicorp Vault (provider: vault, auth_method: token) and AWS Secrets Manager (provider: aws, auth_method: credentials) are supported. Secrets can be referenced in connector config with ${::}", "items": { "description": "SecretProvider", "properties": { "aws": { "description": "AWS config for Secret Provider", "properties": { "access_key": { "description": "Access key used to authenticate with aws", "maxLength": 128, "type": "string" }, "auth_method": { "description": "Auth method of the vault secret provider", "enum": [ "credentials" ], "type": "string" }, "region": { "description": "Region used to lookup secrets with AWS SecretManager", "maxLength": 64, "type": "string" }, "secret_key": { "description": "Secret key used to authenticate with aws", "maxLength": 128, "type": "string" } }, "required": [ "auth_method", "region" ], "type": "object", "additionalProperties": false }, "name": { "description": "Name of the secret provider. Used to reference secrets in connector config.", "type": "string" }, "vault": { "description": "Vault Config for Secret Provider", "properties": { "address": { "description": "Address of the Vault server", "maxLength": 65536, "minLength": 1, "type": "string" }, "auth_method": { "description": "Auth method of the vault secret provider", "enum": [ "token" ], "type": "string" }, "engine_version": { "description": "KV Secrets Engine version of the Vault server instance", "enum": [ 1, 2 ], "type": "integer" }, "token": { "description": "Token used to authenticate with vault and auth method `token`.", "maxLength": 256, "type": "string" } }, "required": [ "address", "auth_method" ], "type": "object", "additionalProperties": false } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "type": "array" }, "kafka_rest": { "description": "Enable Kafka-REST service", "type": "boolean" }, "kafka_rest_authorization": { "description": "Enable authorization in Kafka-REST service", "type": "boolean" }, "kafka_rest_config": { "description": "Kafka REST configuration", "properties": { "consumer_enable_auto_commit": { "description": "If true the consumer's offset will be periodically committed to Kafka in the background", "type": "boolean" }, "consumer_request_max_bytes": { "description": "Maximum number of bytes in unencoded message keys and values by a single request", "maximum": 671088640, "minimum": 0, "type": "integer" }, "consumer_request_timeout_ms": { "description": "The maximum total time to wait for messages for a request if the maximum number of messages has not yet been reached", "enum": [ 1000, 15000, 30000 ], "maximum": 30000, "minimum": 1000, "type": "integer" }, "name_strategy": { "description": "Name strategy to use when selecting subject for storing schemas", "enum": [ "topic_name", "record_name", "topic_record_name" ], "type": "string" }, "name_strategy_validation": { "description": "If true, validate that given schema is registered under expected subject name by the used name strategy when producing messages.", "type": "boolean" }, "producer_acks": { "description": "The number of acknowledgments the producer requires the leader to have received before considering a request complete. If set to 'all' or '-1', the leader will wait for the full set of in-sync replicas to acknowledge the record.", "enum": [ "all", "-1", "0", "1" ], "type": "string" }, "producer_compression_type": { "description": "Specify the default compression type for producers. This configuration accepts the standard compression codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts 'none' which is the default and equivalent to no compression.", "enum": [ "gzip", "snappy", "lz4", "zstd", "none" ], "type": "string" }, "producer_linger_ms": { "description": "Wait for up to the given delay to allow batching records together", "maximum": 5000, "minimum": 0, "type": "integer" }, "producer_max_request_size": { "description": "The maximum size of a request in bytes. Note that Kafka broker can also cap the record batch size.", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "simpleconsumer_pool_size_max": { "description": "Maximum number of SimpleConsumers that can be instantiated per broker", "maximum": 250, "minimum": 10, "type": "integer" } }, "type": "object", "additionalProperties": false }, "kafka_version": { "description": "Kafka major version", "enum": [ "3.4", "3.5", "3.6", "3.7" ], "type": "string" }, "letsencrypt_sasl_privatelink": { "description": "Use Letsencrypt CA for Kafka SASL via Privatelink", "type": "boolean" }, "private_access": { "description": "Allow access to selected service ports from private networks", "properties": { "kafka": { "description": "Allow clients to connect to kafka with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations", "type": "boolean" }, "kafka_connect": { "description": "Allow clients to connect to kafka_connect with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations", "type": "boolean" }, "kafka_rest": { "description": "Allow clients to connect to kafka_rest with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations", "type": "boolean" }, "prometheus": { "description": "Allow clients to connect to prometheus with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations", "type": "boolean" }, "schema_registry": { "description": "Allow clients to connect to schema_registry with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "privatelink_access": { "description": "Allow access to selected service components through Privatelink", "properties": { "jolokia": { "description": "Enable jolokia", "type": "boolean" }, "kafka": { "description": "Enable kafka", "type": "boolean" }, "kafka_connect": { "description": "Enable kafka_connect", "type": "boolean" }, "kafka_rest": { "description": "Enable kafka_rest", "type": "boolean" }, "prometheus": { "description": "Enable prometheus", "type": "boolean" }, "schema_registry": { "description": "Enable schema_registry", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "public_access": { "description": "Allow access to selected service ports from the public Internet", "properties": { "kafka": { "description": "Allow clients to connect to kafka from the public internet for service nodes that are in a project VPC or another type of private network", "type": "boolean" }, "kafka_connect": { "description": "Allow clients to connect to kafka_connect from the public internet for service nodes that are in a project VPC or another type of private network", "type": "boolean" }, "kafka_rest": { "description": "Allow clients to connect to kafka_rest from the public internet for service nodes that are in a project VPC or another type of private network", "type": "boolean" }, "prometheus": { "description": "Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network", "type": "boolean" }, "schema_registry": { "description": "Allow clients to connect to schema_registry from the public internet for service nodes that are in a project VPC or another type of private network", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "schema_registry": { "description": "Enable Schema-Registry service", "type": "boolean" }, "schema_registry_config": { "description": "Schema Registry configuration", "properties": { "leader_eligibility": { "description": "If true, Karapace / Schema Registry on the service nodes can participate in leader election. It might be needed to disable this when the schemas topic is replicated to a secondary cluster and Karapace / Schema Registry there must not participate in leader election. Defaults to `true`.", "type": "boolean" }, "topic_name": { "description": "The durable single partition topic that acts as the durable log for the data. This topic must be compacted to avoid losing data due to retention policy. Please note that changing this configuration in an existing Schema Registry / Karapace setup leads to previous schemas being inaccessible, data encoded with them potentially unreadable and schema ID sequence put out of order. It's only possible to do the switch while Schema Registry / Karapace is disabled. Defaults to `_schemas`.", "maxLength": 249, "minLength": 1, "type": "string" } }, "type": "object", "additionalProperties": false }, "service_log": { "description": "Store logs for the service so that they are available in the HTTP API and console.", "type": "boolean" }, "static_ips": { "description": "Use static public IP addresses", "type": "boolean" }, "tiered_storage": { "description": "Tiered storage configuration", "properties": { "enabled": { "description": "Whether to enable the tiered storage functionality", "type": "boolean" }, "local_cache": { "description": "Deprecated. Local cache configuration", "properties": { "size": { "description": "Deprecated. Local cache size in bytes", "maximum": 107374182400, "minimum": 1, "type": "integer" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false } }, "required": [ "plan", "project" ], "type": "object", "x-kubernetes-validations": [ { "message": "connInfoSecretTargetDisabled can only be set during resource creation.", "rule": "has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)" } ], "additionalProperties": false }, "status": { "description": "ServiceStatus defines the observed state of service", "properties": { "conditions": { "description": "Conditions represent the latest available observations of a service state", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" }, "state": { "description": "Service state", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object" }