{ "description": "ExternalMariaDB is the Schema for the external MariaDBs API. It is used to define external MariaDB server.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "ExternalMariaDBSpec defines the desired state of an External MariaDB", "properties": { "connection": { "description": "Connection defines a template to configure a Connection for the external MariaDB.", "properties": { "healthCheck": { "description": "HealthCheck to be used in the Connection.", "properties": { "interval": { "description": "Interval used to perform health checks.", "type": "string" }, "retryInterval": { "description": "RetryInterval is the interval used to perform health check retries.", "type": "string" } }, "type": "object", "additionalProperties": false }, "params": { "additionalProperties": { "type": "string" }, "description": "Params to be used in the Connection.", "type": "object" }, "port": { "description": "Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener.", "format": "int32", "type": "integer" }, "secretName": { "description": "SecretName to be used in the Connection.", "type": "string" }, "secretTemplate": { "description": "SecretTemplate to be used in the Connection.", "properties": { "databaseKey": { "description": "DatabaseKey to be used in the Secret.", "type": "string" }, "format": { "description": "Format to be used in the Secret.", "type": "string" }, "hostKey": { "description": "HostKey to be used in the Secret.", "type": "string" }, "key": { "description": "Key to be used in the Secret.", "type": "string" }, "metadata": { "description": "Metadata to be added to the Secret object.", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations to be added to children resources.", "type": "object" }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to be added to children resources.", "type": "object" } }, "type": "object", "additionalProperties": false }, "passwordKey": { "description": "PasswordKey to be used in the Secret.", "type": "string" }, "portKey": { "description": "PortKey to be used in the Secret.", "type": "string" }, "usernameKey": { "description": "UsernameKey to be used in the Secret.", "type": "string" } }, "type": "object", "additionalProperties": false }, "serviceName": { "description": "ServiceName to be used in the Connection.", "type": "string" } }, "type": "object", "additionalProperties": false }, "host": { "description": "Hostname of the external MariaDB.", "type": "string" }, "image": { "description": "Image name to be used to perform operations on the external MariaDB, for example, for taking backups.\nThe supported format is `:`. Only MariaDB official images are supported.\nIf not provided, the MariaDB image version be inferred by the operator in runtime. The default MariaDB image will be used in this case,", "type": "string" }, "imagePullPolicy": { "description": "ImagePullPolicy is the image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`.", "enum": [ "Always", "Never", "IfNotPresent" ], "type": "string" }, "imagePullSecrets": { "description": "ImagePullSecrets is the list of pull Secrets to be used to pull the image.", "items": { "description": "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.35/#localobjectreference-v1-core.", "properties": { "name": { "default": "", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "inheritMetadata": { "description": "InheritMetadata defines the metadata to be inherited by children resources.", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations to be added to children resources.", "type": "object" }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to be added to children resources.", "type": "object" } }, "type": "object", "additionalProperties": false }, "passwordSecretKeyRef": { "description": "PasswordSecretKeyRef is a reference to the password to connect to the external MariaDB.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "port": { "default": 3306, "description": "Port of the external MariaDB.", "format": "int32", "type": "integer" }, "tls": { "description": "TLS defines the PKI to be used with the external MariaDB.", "properties": { "clientCASecretRef": { "description": "ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the client certificate.", "properties": { "name": { "default": "", "type": "string" } }, "type": "object", "additionalProperties": false }, "clientCertIssuerRef": { "description": "ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with clientCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef.", "properties": { "group": { "description": "Group of the resource being referred to.", "type": "string" }, "kind": { "description": "Kind of the resource being referred to.", "type": "string" }, "name": { "description": "Name of the resource being referred to.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "clientCertSecretRef": { "description": "ClientCertSecretRef is a reference to a TLS Secret containing the client certificate.\nIt is mutually exclusive with clientCertIssuerRef.", "properties": { "name": { "default": "", "type": "string" } }, "type": "object", "additionalProperties": false }, "enabled": { "description": "Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance.\nIt is enabled by default.", "type": "boolean" }, "galeraSSTEnabled": { "description": "GaleraSSTEnabled determines whether Galera SST connections should use TLS.\nIt disabled by default.", "type": "boolean" }, "mutual": { "description": "Mutual specifies whether TLS must be mutual between server and client for external connections.\nWhen set to false, the client certificate will not be sent during the TLS handshake.\nIt is enabled by default.", "type": "boolean" }, "required": { "description": "Required specifies whether TLS must be enforced for all connections.\nUser TLS requirements take precedence over this.\nIt disabled by default.", "type": "boolean" }, "serverCASecretRef": { "description": "ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the server certificate.", "properties": { "name": { "default": "", "type": "string" } }, "type": "object", "additionalProperties": false }, "serverCertIssuerRef": { "description": "ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with serverCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef.", "properties": { "group": { "description": "Group of the resource being referred to.", "type": "string" }, "kind": { "description": "Kind of the resource being referred to.", "type": "string" }, "name": { "description": "Name of the resource being referred to.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "serverCertSecretRef": { "description": "ServerCertSecretRef is a reference to a TLS Secret containing the server certificate.\nIt is mutually exclusive with serverCertIssuerRef.", "properties": { "name": { "default": "", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "username": { "description": "Username is the username to connect to the external MariaDB.", "type": "string" } }, "required": [ "host", "username" ], "type": "object", "additionalProperties": false }, "status": { "description": "ExternalMariaDBStatus defines the observed state of MariaDB", "properties": { "conditions": { "description": "Conditions for the ExternalMariadb object.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" }, "isGaleraEnabled": { "description": "IsGaleraEnabled indicates that the external MariaDb has Galera enabled.", "type": "boolean" }, "version": { "description": "Version of the external MariaDB server.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "required": [ "spec" ], "type": "object" }