{ "description": "LinstorCluster is the Schema for the linstorclusters API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "LinstorClusterSpec defines the desired state of LinstorCluster", "properties": { "apiTLS": { "description": "ApiTLS secures the LINSTOR API.\n\nThis configures the TLS key and certificate used to secure the LINSTOR API.", "nullable": true, "properties": { "apiSecretName": { "description": "ApiSecretName references a secret holding the TLS key and certificate used to protect the API.\nDefaults to \"linstor-api-tls\".", "type": "string" }, "caReference": { "description": "CAReference configures the CA certificate to use when validating TLS certificates.\nIf not set, the TLS secret is expected to contain a \"ca.crt\" containing the CA certificate.", "properties": { "key": { "default": "ca.crt", "description": "Key to select in the resource.\nDefaults to ca.crt if not specified.", "type": "string" }, "kind": { "default": "Secret", "description": "Kind of the resource containing the CA Certificate, either a ConfigMap or Secret.", "enum": [ "ConfigMap", "Secret" ], "type": "string" }, "name": { "description": "Name of the resource containing the CA Certificate.", "type": "string" }, "optional": { "description": "Optional specifies whether the resource and its key must exist.", "type": "boolean" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "certManager": { "description": "CertManager references a cert-manager Issuer or ClusterIssuer.\nIf set, cert-manager.io/Certificate resources will be created, provisioning the secrets referenced in\n*SecretName using the issuer configured here.", "properties": { "group": { "description": "Group of the resource being referred to.", "type": "string" }, "kind": { "description": "Kind of the resource being referred to.", "type": "string" }, "name": { "description": "Name of the resource being referred to.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "clientSecretName": { "description": "ClientSecretName references a secret holding the TLS key and certificate used by the operator to configure\nthe cluster. Defaults to \"linstor-client-tls\".", "type": "string" }, "csiControllerSecretName": { "description": "CsiControllerSecretName references a secret holding the TLS key and certificate used by the CSI Controller\nto provision volumes. Defaults to \"linstor-csi-controller-tls\".", "type": "string" }, "csiNodeSecretName": { "description": "CsiNodeSecretName references a secret holding the TLS key and certificate used by the CSI Nodes to query\nthe volume state. Defaults to \"linstor-csi-node-tls\".", "type": "string" } }, "type": "object", "additionalProperties": false }, "controller": { "description": "Controller controls the deployment of the LINSTOR Controller Deployment.", "properties": { "enabled": { "default": true, "description": "Enable the component.", "type": "boolean" }, "podTemplate": { "description": "Template to apply to Pods of the component.\n\nThe template is applied as a patch to the default deployment, so it can be \"sparse\", not listing any\ncontainers or volumes that should remain unchanged.\nSee https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates", "type": "object", "x-kubernetes-map-type": "atomic", "x-kubernetes-preserve-unknown-fields": true } }, "type": "object", "additionalProperties": false }, "csiController": { "description": "CSIController controls the deployment of the CSI Controller Deployment.", "properties": { "enabled": { "default": true, "description": "Enable the component.", "type": "boolean" }, "podTemplate": { "description": "Template to apply to Pods of the component.\n\nThe template is applied as a patch to the default deployment, so it can be \"sparse\", not listing any\ncontainers or volumes that should remain unchanged.\nSee https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates", "type": "object", "x-kubernetes-map-type": "atomic", "x-kubernetes-preserve-unknown-fields": true } }, "type": "object", "additionalProperties": false }, "csiNode": { "description": "CSINode controls the deployment of the CSI Node DaemonSet.", "properties": { "enabled": { "default": true, "description": "Enable the component.", "type": "boolean" }, "podTemplate": { "description": "Template to apply to Pods of the component.\n\nThe template is applied as a patch to the default deployment, so it can be \"sparse\", not listing any\ncontainers or volumes that should remain unchanged.\nSee https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates", "type": "object", "x-kubernetes-map-type": "atomic", "x-kubernetes-preserve-unknown-fields": true } }, "type": "object", "additionalProperties": false }, "externalController": { "description": "ExternalController references an external controller.\nWhen set, the Operator will skip deploying a LINSTOR Controller and instead use the external cluster\nto register satellites.", "properties": { "url": { "description": "URL of the external controller.", "minLength": 3, "type": "string" } }, "required": [ "url" ], "type": "object", "additionalProperties": false }, "highAvailabilityController": { "description": "HighAvailabilityController controls the deployment of the High Availability Controller DaemonSet.", "properties": { "enabled": { "default": true, "description": "Enable the component.", "type": "boolean" }, "podTemplate": { "description": "Template to apply to Pods of the component.\n\nThe template is applied as a patch to the default deployment, so it can be \"sparse\", not listing any\ncontainers or volumes that should remain unchanged.\nSee https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates", "type": "object", "x-kubernetes-map-type": "atomic", "x-kubernetes-preserve-unknown-fields": true } }, "type": "object", "additionalProperties": false }, "internalTLS": { "description": "InternalTLS secures the connection between LINSTOR Controller and Satellite.\n\nThis configures the client certificate used when the Controller connects to a Satellite. This only has an effect\nwhen the Satellite is configured to for secure connections using `LinstorSatellite.spec.internalTLS`.", "nullable": true, "properties": { "caReference": { "description": "CAReference configures the CA certificate to use when validating TLS certificates.\nIf not set, the TLS secret is expected to contain a \"ca.crt\" containing the CA certificate.", "properties": { "key": { "default": "ca.crt", "description": "Key to select in the resource.\nDefaults to ca.crt if not specified.", "type": "string" }, "kind": { "default": "Secret", "description": "Kind of the resource containing the CA Certificate, either a ConfigMap or Secret.", "enum": [ "ConfigMap", "Secret" ], "type": "string" }, "name": { "description": "Name of the resource containing the CA Certificate.", "type": "string" }, "optional": { "description": "Optional specifies whether the resource and its key must exist.", "type": "boolean" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "certManager": { "description": "CertManager references a cert-manager Issuer or ClusterIssuer.\nIf set, a Certificate resource will be created, provisioning the secret references in SecretName using the\nissuer configured here.", "properties": { "group": { "description": "Group of the resource being referred to.", "type": "string" }, "kind": { "description": "Kind of the resource being referred to.", "type": "string" }, "name": { "description": "Name of the resource being referred to.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "secretName": { "description": "SecretName references a secret holding the TLS key and certificates.", "type": "string" } }, "type": "object", "additionalProperties": false }, "linstorPassphraseSecret": { "description": "LinstorPassphraseSecret used to configure the LINSTOR master passphrase.\n\nThe referenced secret must contain a single key \"MASTER_PASSPHRASE\". The master passphrase is used to\n* Derive encryption keys for volumes using the LUKS layer.\n* Store credentials for accessing remotes for backups.\nSee https://linbit.com/drbd-user-guide/linstor-guide-1_0-en/#s-encrypt_commands for more information.", "type": "string" }, "nodeAffinity": { "description": "NodeAffinity selects the nodes on which LINSTOR Satellites will be deployed.\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object", "additionalProperties": false }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object", "additionalProperties": false }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "nodeSelector": { "additionalProperties": { "type": "string" }, "description": "NodeSelector selects the nodes on which LINSTOR Satellites will be deployed.\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", "type": "object" }, "patches": { "description": "Patches is a list of kustomize patches to apply.\n\nSee https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patches/ for how to create patches.", "items": { "description": "Patch represent either a Strategic Merge Patch or a JSON patch and its targets.", "properties": { "options": { "additionalProperties": { "type": "boolean" }, "description": "Options is a list of options for the patch", "type": "object" }, "patch": { "description": "Patch is the content of a patch.", "minLength": 1, "type": "string" }, "target": { "description": "Target points to the resources that the patch is applied to", "properties": { "annotationSelector": { "description": "AnnotationSelector is a string that follows the label selection expression\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api\nIt matches against the resource annotations.", "type": "string" }, "group": { "type": "string" }, "kind": { "type": "string" }, "labelSelector": { "description": "LabelSelector is a string that follows the label selection expression\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api\nIt matches against the resource labels.", "type": "string" }, "name": { "description": "Name of the resource.", "type": "string" }, "namespace": { "description": "Namespace the resource belongs to, if it can belong to a namespace.", "type": "string" }, "version": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "required": [ "patch" ], "type": "object", "additionalProperties": false }, "type": "array" }, "properties": { "description": "Properties to apply on the cluster level.\n\nUse to create default settings for DRBD that should apply to all resources or to configure some other cluster\nwide default.", "items": { "properties": { "name": { "description": "Name of the property to set.", "minLength": 1, "type": "string" }, "value": { "description": "Value to set the property to.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "repository": { "description": "Repository used to pull workload images.", "type": "string" }, "tolerations": { "description": "Tolerations selects the nodes on which LINSTOR Satellites will be deployed.\n\nThe default tolerations for DaemonSets are automatically added.", "items": { "description": "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator .", "properties": { "effect": { "description": "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", "type": "string" }, "key": { "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys.", "type": "string" }, "operator": { "description": "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category.", "type": "string" }, "tolerationSeconds": { "description": "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system.", "format": "int64", "type": "integer" }, "value": { "description": "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array", "x-kubernetes-list-type": "atomic" }, "additionalProperties": false }, "type": "object", "additionalProperties": false }, "status": { "description": "LinstorClusterStatus defines the observed state of LinstorCluster", "properties": { "conditions": { "description": "Current LINSTOR Cluster state", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array", "x-kubernetes-list-map-keys": [ "type" ], "x-kubernetes-list-type": "map" } }, "type": "object", "additionalProperties": false } }, "type": "object" }