diff --git a/kubernetes/apps/yugabyte/db/app/helmrelease.yaml b/kubernetes/apps/yugabyte/db/app/helmrelease.yaml new file mode 100644 index 00000000..ad922c15 --- /dev/null +++ b/kubernetes/apps/yugabyte/db/app/helmrelease.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app yugabyte-db +spec: + interval: 30m + chart: + spec: + chart: yugabyte + version: 2.21.1 + sourceRef: + kind: HelmRepository + name: yugabytedb + namespace: flux-system + driftDetection: + mode: enabled + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + fullnameOverride: yugabyte-db + storage: + master: + count: 1 + storageClass: ceph-block + tserver: + count: 1 + storageClass: ceph-block + replicas: + master: 1 + tserver: 1 + totalMasters: 1 + tls: + enabled: true + certManager: + enabled: true + serviceEndpoints: + - name: "yb-master-ui" + type: ClusterIP + annotations: {} + clusterIP: "" + externalTrafficPolicy: Local + app: "yb-master" + loadBalancerIP: "" + ports: + http-ui: "7000" + - name: "yb-tserver-service" + type: ClusterIP + annotations: {} + clusterIP: "" + externalTrafficPolicy: Local + app: "yb-tserver" + loadBalancerIP: "" + ports: + tcp-yql-port: "9042" + tcp-yedis-port: "6379" + tcp-ysql-port: "5433" + - name: "yugabyted-ui-service" + type: ClusterIP + annotations: {} + clusterIP: "" + externalTrafficPolicy: Local + app: "yb-master" + loadBalancerIP: "" + sessionAffinity: ClientIP + ports: + yugabyted-ui: "15433" + serviceMonitor: + enabled: true diff --git a/kubernetes/apps/yugabyte/db/app/kustomization.yaml b/kubernetes/apps/yugabyte/db/app/kustomization.yaml new file mode 100644 index 00000000..17cbc72b --- /dev/null +++ b/kubernetes/apps/yugabyte/db/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/apps/yugabyte/db/ks.yaml b/kubernetes/apps/yugabyte/db/ks.yaml new file mode 100644 index 00000000..cf3cc770 --- /dev/null +++ b/kubernetes/apps/yugabyte/db/ks.yaml @@ -0,0 +1,21 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app yugabyte-db + namespace: flux-system +spec: + targetNamespace: yugabyte + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/yugabyte/db/app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/apps/yugabyte/kustomization.yaml b/kubernetes/apps/yugabyte/kustomization.yaml new file mode 100644 index 00000000..060803be --- /dev/null +++ b/kubernetes/apps/yugabyte/kustomization.yaml @@ -0,0 +1,8 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./namespace.yaml + # -- + - ./db/ks.yaml diff --git a/kubernetes/apps/yugabyte/namespace.yaml b/kubernetes/apps/yugabyte/namespace.yaml new file mode 100644 index 00000000..b6bda045 --- /dev/null +++ b/kubernetes/apps/yugabyte/namespace.yaml @@ -0,0 +1,39 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: yugabyte + annotations: + kustomize.toolkit.fluxcd.io/prune: disabled + labels: + pod-security.kubernetes.io/enforce: baseline +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json +apiVersion: notification.toolkit.fluxcd.io/v1beta3 +kind: Provider +metadata: + name: alertmanager + namespace: yugabyte +spec: + type: alertmanager + address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json +apiVersion: notification.toolkit.fluxcd.io/v1beta3 +kind: Alert +metadata: + name: alertmanager + namespace: yugabyte +spec: + providerRef: + name: alertmanager + eventSeverity: error + eventSources: + - kind: HelmRelease + name: '*' + - kind: HelmChart + name: '*' + - kind: HelmRepository + name: '*' + - kind: Kustomization + name: '*' diff --git a/kubernetes/apps/yugabyte/operator/app/helmrelease.yaml b/kubernetes/apps/yugabyte/operator/app/helmrelease.yaml new file mode 100644 index 00000000..6ee62998 --- /dev/null +++ b/kubernetes/apps/yugabyte/operator/app/helmrelease.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app yugabyte-operator +spec: + interval: 30m + chart: + spec: + chart: yugabyte-k8s-operator + version: 0.1.4 + sourceRef: + kind: HelmRepository + name: yugabytedb + namespace: flux-system + driftDetection: + mode: enabled + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + fullnameOverride: yugabyte-operator + yugaware: + storage: 100Gi + storageClass: ceph-block + serviceMonitor: + enabled: true + kubernetesOperatorNamespace: "" diff --git a/kubernetes/apps/yugabyte/operator/app/kustomization.yaml b/kubernetes/apps/yugabyte/operator/app/kustomization.yaml new file mode 100644 index 00000000..17cbc72b --- /dev/null +++ b/kubernetes/apps/yugabyte/operator/app/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/apps/yugabyte/operator/crd/crd.yaml b/kubernetes/apps/yugabyte/operator/crd/crd.yaml new file mode 100644 index 00000000..3c39b8bc --- /dev/null +++ b/kubernetes/apps/yugabyte/operator/crd/crd.yaml @@ -0,0 +1,1806 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: backups.operator.yugabyte.io +spec: + group: operator.yugabyte.io + scope: Namespaced + names: + plural: backups + singular: backup + kind: Backup + categories: + - all + - yugabyte + versions: + - name: v1alpha1 + subresources: + status: {} + served: true + storage: true + schema: + openAPIV3Schema: + description: Custom resource definition for YugabyteDB backups. + type: object + properties: + status: + type: object + description: Backup status for the backup custom resource. + properties: + message: + description: String log message from backup controller + type: string + resourceUUID: + description: Internal UUID of the backup resource. + type: string + taskUUID: + description: Internal UUID of the task associated with the backup resource. + type: string + + spec: + type: object + properties: + backupType: + description: > + Type of backup to be taken. + Allowed values are - + YQL_TABLE_TYPE REDIS_TABLE_TYPE PGSQL_TABLE_TYPE TRANSACTION_STATUS_TABLE_TYPE + type: string + enum: + - YQL_TABLE_TYPE + - PGSQL_TABLE_TYPE + sse: + description: Server side encryption for the backup. + type: boolean + storageConfig: + description: > + Storage configuration for the backup, + should contain name of storage config object + type: string + universe: + description: > + Name of the universe for which backup is to be taken, + refers to a ybuniverse CR name. + type: string + tableByTableBackup: + description: Boolean indicating if backup is to be taken table by table. + type: boolean + keyspace: + description: Name of keyspace to be backed up. + type: string + timeBeforeDelete: + description: Time before backup is deleted from storage in milliseconds. + type: integer + minimum: 0 + required: + - keyspace + - backupType + - storageConfig + - universe + + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: releases.operator.yugabyte.io +spec: + group: operator.yugabyte.io + scope: Namespaced + names: + plural: releases + singular: release + kind: Release + categories: + - all + - yugabyte + versions: + - name: v1alpha1 + subresources: + status: {} + additionalPrinterColumns: + - name: Version + type: string + description: The state of the universe + jsonPath: .spec.config.version + - name: Status + type: string + description: The state of the universe + jsonPath: .status.message + - name: Downloaded + type: string + description: The Software version of the Universe + jsonPath: .status.success + served: true + storage: true + schema: + openAPIV3Schema: + type: object + description: > + Custom resource definition for YugabyteDB release, describes a release. + properties: + status: + description: Release status on the cluster. + type: object + properties: + message: + description: String log message from release controller + type: string + success: + description: > + Boolean indicating if the release was successfully + downloaded and usable + type: boolean + resourceUUID: + description: Internal UUID of the release resource. + type: string + spec: + type: object + description: Release object specification. + properties: + config: + description: Release download configration, we support GCS, S3 and HTTP. + type: object + properties: + version: + description: > + Version of the release chart to use. + Refer to the release charts at charts.yugabyte.com + type: string + downloadConfig: + description: > + Download configugration, + we support GCS, S3 and HTTP as download sources for now. + type: object + properties: + s3: + description: S3 download configuration + type: object + properties: + accessKeyId: + description: S3 access key + type: string + secretAccessKey: + description: S3 secret key + type: string + paths: + description: S3 paths to download the release from + type: object + properties: + x86_64: + type: string + description: Optional Path to x86_64 package + x86_64_checksum: + type: string + description: Checksum for x86_64 package + helmChart: + type: string + description: Required Path to the Helm chart package + helmChartChecksum: + description: Optional checksum for Helm chart package + type: string + gcs: + type: object + properties: + paths: + type: object + properties: + x86_64: + type: string + description: Optional Path to x86_64 package + x86_64_checksum: + type: string + description: Optional Checksum for x86_64 package + helmChart: + type: string + description: Path to the Helm chart package + helmChartChecksum: + type: string + description: Optional checksum for Helm chart package + credentialsJson: + type: string + description: GCS service key JSON + http: + type: object + properties: + paths: + type: object + properties: + x86_64: + type: string + description: Optional Path to x86_64 package + x86_64_checksum: + type: string + description: Optional Checksum for x86_64 package + helmChart: + type: string + description: Path to the Helm chart package + helmChartChecksum: + type: string + description: Optional checksum for Helm chart package + + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: restorejobs.operator.yugabyte.io +spec: + group: operator.yugabyte.io + scope: Namespaced + names: + plural: restorejobs + singular: restorejob + kind: RestoreJob + categories: + - all + - yugabyte + versions: + - name: v1alpha1 + subresources: + status: {} + served: true + storage: true + schema: + openAPIV3Schema: + type: object + description: Custom resource definition for YugabyteDB restore job + properties: + status: + type: object + description: Restore job status for the restore job custom resource. + properties: + message: + description: String log message from restore job controller + type: string + taskUUID: + description: > + Internal UUID of the task associated with + the restore job resource. + type: string + resourceUUID: + description: Internal UUID of the restore operation. + type: string + spec: + type: object + properties: + actionType: + description: Type of action to be taken. Allowed values - RESTORE + type: string + enum: + - RESTORE + universe: + description: > + Name of the universe for which restore is to be taken, + refers to a ybuniverse CR name. + type: string + backup: + description: > + Name of the backup to be restored, + refers to a backup CR name. + type: string + keyspace: + description: Name of the keyspace to be restored. + type: string + + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: storageconfigs.operator.yugabyte.io +spec: + group: operator.yugabyte.io + scope: Namespaced + names: + plural: storageconfigs + singular: storageconfig + kind: StorageConfig + categories: + - all + - yugabyte + versions: + - name: v1alpha1 + subresources: + status: {} + served: true + storage: true + schema: + openAPIV3Schema: + description: Custom resource definition for YugabyteDB backup storage configuration. + type: object + properties: + status: + description: > + Storage configuration status for the storage configuration custom resource. + type: object + properties: + message: + description: String log message from storage configuration controller. + type: string + success: + description: > + Boolean indicating if the storage configuration was successfully created. + type: boolean + resourceUUID: + description: Internal UUID of the storage configuration resource. + type: string + spec: + type: object + properties: + config_type: + description: + Type of storage configuration to be created. + Allowed values - STORAGE_S3, STORAGE_NFS, STORAGE_GCS, STORAGE_AZ + type: string + enum: + - STORAGE_S3 + - STORAGE_NFS + - STORAGE_GCS + - STORAGE_AZ + data: + type: object + description: Data object to create storage configuration. + properties: + AWS_ACCESS_KEY_ID: + description: AWS access key id for the S3 storage configuration. + type: string + AWS_SECRET_ACCESS_KEY: + description: AWS secret access key for the S3 storage configuration. + type: string + BACKUP_LOCATION: + description: Backup location for the storage configuration. + type: string + x-kubernetes-validations: + - message: BACKUP_LOCATION cannot be changed + rule: self == oldSelf + GCS_CREDENTIALS_JSON: + description: GCS credentials JSON for the GCS storage configuration. + type: string + AZURE_STORAGE_SAS_TOKEN: + description: Azure SAS token for the Azure storage configuration. + type: string + required: + - BACKUP_LOCATION + + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: support-bundles.operator.yugabyte.io +spec: + group: operator.yugabyte.io + scope: Namespaced + names: + plural: support-bundles + singular: support-bundle + kind: SupportBundle + shortNames: + - sb + categories: + - all + - yugabyte + versions: + - name: v1alpha1 + subresources: + status: {} + served: true + storage: true + schema: + openAPIV3Schema: + description: > + Custom resource definition for YugabyteDB support bundle to capture logs, + events in case of failures. + type: object + properties: + status: + description: Support bundle status for the support bundle custom resource. + type: object + properties: + status: + description: > + Status of the support bundle. + Allowed values - generating, ready, failed + type: string + enum: + - generating + - ready + - failed + access: + description: Access details for the generated support bundle to download. + type: string + resourceUUID: + description: Internal UUID of the support bundle resource. + type: string + spec: + type: object + properties: + universeName: + description: > + Name of the universe for which support bundle is to be generated, + refers to a ybuniverse CR name. + type: string + collectionTimerange: + description: Time range for which logs and events are to be collected. + type: object + properties: + startDate: + description: Start date for the logs and events collection. + type: string + example: 2022-12-12T13:07:18Z, + format: date-time + endDate: + description: End date for the logs and events collection. + type: string + example: 2022-12-12T13:07:18Z, + format: date-time + required: + - startDate + components: + description: > + Components for which logs and events are to be collected. If not provided, all + components will be collected. + type: array + items: + type: string + enum: + - UniverseLogs + - ApplicationLogs + - OutputFiles + - ErrorFiles + - CoreFiles + - GFlags + - Instance + - ConsensusMeta + - TabletMeta + - YbcLogs + - K8sInfo + + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: ybuniverses.operator.yugabyte.io +spec: + group: operator.yugabyte.io + versions: + - name: v1alpha1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + description: > + Custom resource definition for YugabyteDB universe. + This CR describes the universe configuration for an instance of yugabytedb database. + For details about YugabyteDB please refer to https://docs.yugabyte.com/ + properties: + spec: + type: object + description: Schema spec for a yugabytedb universe. + x-kubernetes-validations: + - message: replicationFactor <= numNodes + rule: self.replicationFactor <= self.numNodes + properties: + universeName: + type: string + description: Name of the universe object to create + x-kubernetes-validations: + - message: universeName cannot be changed once set. + rule: self == oldSelf + numNodes: + description: Number of tservers in the universe to create. + type: integer + replicationFactor: + description: Number of times to replicate data in a universe. + type: integer + x-kubernetes-validations: + - message: Replication Factor is cannot be changed + rule: self == oldSelf + gFlags: + description: > + Configuration flags for the universe. + These can be set on masters or tservers + type: object + properties: + tserverGFlags: + description: > + Configuration flags for the tserver process in the universe. + type: object + additionalProperties: + type: string + masterGFlags: + description: > + Configuration flags for the master process in the universe. + type: object + additionalProperties: + type: string + perAZ: + description: > + Configuration flags per AZ per process in the universe. + type: object + additionalProperties: + type: object + properties: + tserverGFlags: + type: object + additionalProperties: + type: string + masterGFlags: + type: object + additionalProperties: + type: string + + enableYSQL: + description: Enable YSQL interface in the universe. + default: true + type: boolean + x-kubernetes-validations: + - message: enableYSQL cannot be changed + rule: self == oldSelf + enableNodeToNodeEncrypt: + description: > + Enable node to node encryption in the universe. + This encrypts the data in transit between nodes. + type: boolean + default: true + x-kubernetes-validations: + - message: enableNodeToNodeEncrypt cannot be changed + rule: self == oldSelf + enableClientToNodeEncrypt: + description: > + Enable client to node encryption in the universe. + Enable this to use tls enabled connnection between + client and database. + type: boolean + default: true + x-kubernetes-validations: + - message: enableClientToNodeEncrypt cannot be changed + rule: self == oldSelf + ybSoftwareVersion: + description: Version of DB software to use in the universe. + type: string + providerName: + description: Preexisting Provider name to use in the universe. + type: string + x-kubernetes-validations: + - message: providerName cannot be changed + rule: self == oldSelf + zoneFilter: + description: > + Only deploy yugabytedb nodes in these zones mentioned in the list. + Defaults to all zones if unspecified. + type: array + x-kubernetes-validations: + - message: zoneFilter cannot be changed + rule: self == oldSelf + items: + type: string + enableYSQLAuth: + description: enableYSQLAuth enables authentication for YSQL inteface. + type: boolean + default: false + x-kubernetes-validations: + - message: enableYSQL auth cannot be changed once set. + rule: self == oldSelf + ysqlPassword: + description: Used to refer to secrets if enableYSQLAuth is set. + type: object + x-kubernetes-validations: + - message: ysqlPassword cannot be changed once set. + rule: self == oldSelf + properties: + secretName: + type: string + required: + - secretName + enableYCQL: + description: Enable YCQL interface in the universe. + type: boolean + default: false + x-kubernetes-validations: + - message: enableYCQL cannot be changed once set. + rule: self == oldSelf + enableYCQLAuth: + description: enableYCQLAuth enables authentication for YCQL inteface. + type: boolean + default: false + x-kubernetes-validations: + - message: enableYCQLAuth cannot be changed once set. + rule: self == oldSelf + ycqlPassword: + description: Used to refer to secrets if enableYCQLAuth is set. + type: object + x-kubernetes-validations: + - message: ycqlPassword cannot be changed once set. + rule: self == oldSelf + properties: + secretName: + type: string + required: + - secretName + enableIPV6: + description: Enable IPV6 in the universe. + type: boolean + default: false + x-kubernetes-validations: + - message: enableIPV6 cannot be changed once set. + rule: self == oldSelf + enableLoadBalancer: + description: > + Enable LoadBalancer access to the universe. + Creates a service with Type:LoadBalancer + in the universe for tserver and masters. + type: boolean + default: false + x-kubernetes-validations: + - message: enableExposingService cannot be changed once set. + rule: self == oldSelf + deviceInfo: + description: > + Device information for the universe to + refer to storage information for volume, + storage classes etc. + properties: + volumeSize: + type: integer + default: 100 + numVolumes: + type: integer + default: 1 + x-kubernetes-validations: + - message: numVolumes cannot be changed once set. + rule: self == oldSelf + storageClass: + type: string + x-kubernetes-validations: + - message: StorageClass cannot be changed once set. + rule: self == oldSelf + type: object + kubernetesOverrides: + description: > + Kubernetes overrides for the universe. + Please refer to yugabyteDB documentation for more details. + https://docs.yugabyte.com/preview/yugabyte-platform/create-deployments/create-universe-multi-zone-kubernetes/#configure-helm-overrides + type: object + # Since this is not an exhaustive list yet. + # Helm chart can have a bunch more properties. + x-kubernetes-preserve-unknown-fields: true + properties: + resource: + type: object + properties: + master: + type: object + properties: + requests: + type: object + properties: + cpu: + type: string + x-kubernetes-int-or-string: true + memory: + type: string + x-kubernetes-int-or-string: true + limits: + type: object + properties: + cpu: + type: string + x-kubernetes-int-or-string: true + memory: + type: string + x-kubernetes-int-or-string: true + tserver: + type: object + properties: + requests: + type: object + properties: + cpu: + type: string + x-kubernetes-int-or-string: true + memory: + type: string + x-kubernetes-int-or-string: true + limits: + type: object + properties: + cpu: + type: string + x-kubernetes-int-or-string: true + memory: + type: string + x-kubernetes-int-or-string: true + master: + type: object + properties: + affinity: + description: Pod scheduling affinity settings + type: object + properties: + podAffinity: + description: Pod affinity is a group of inter pod affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node to + find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those + matching the labelSelector relative to the + given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on + which a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label + query over a set of resources. The result + of matchLabels and matchExpressions are + ANDed. An empty label selector matches + all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label selector is a label query + over a set of resources. The result of matchLabels + and matchExpressions are ANDed. An empty label + selector matches all objects. A null label + selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + type: object + description: "Pod anti affinity is a group of inter pod + anti affinity scheduling rules." + properties: + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + topologyKey: + type: string + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: ["In", "NotIn", "Exists", "DoesNotExist"] + values: + type: array + items: + type: string + matchLabels: + type: object + additionalProperties: + type: string + namespaces: + type: array + items: + type: string + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + weight: + type: integer + podAffinityTerm: + type: object + properties: + topologyKey: + type: string + labelSelector: + type: object + properties: + topologyKey: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: ["In", "NotIn", "Exists", + "DoesNotExist"] + values: + type: array + items: + type: string + matchLabels: + type: object + additionalProperties: + type: string + namespaces: + type: array + items: + type: string + nodeAffinity: + description: Node affinity settings + type: object + properties: + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + weight: + type: integer + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + topologyKey: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + + + + extraEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + secretEnv: + type: array + items: + type: object + properties: + name: + type: string + secretKeyRef: + type: object + properties: + name: + type: string + key: + type: string + podAnnotations: + type: object + additionalProperties: + type: string + podLabels: + type: object + additionalProperties: + type: string + tolerations: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - Exists + - Equal + - NotEqual + - DoesNotExist + value: + type: string + effect: + type: string + enum: + - NoSchedule + - PreferNoSchedule + - NoExecute + tolerationSeconds: + type: integer + extraVolumes: + type: array + items: + type: object + properties: + name: + type: string + persistentVolumeClaim: + type: object + properties: + claimName: + type: string + extraVolumeMounts: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + tserver: + type: object + properties: + affinity: + description: Pod scheduling affinity settings + type: object + properties: + podAffinity: + description: Pod affinity is a group of inter pod affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node to + find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those + matching the labelSelector relative to the + given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on + which a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label + query over a set of resources. The result + of matchLabels and matchExpressions are + ANDed. An empty label selector matches + all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label selector is a label query + over a set of resources. The result of matchLabels + and matchExpressions are ANDed. An empty label + selector matches all objects. A null label + selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + type: object + description: "Pod anti affinity is a group of inter pod + anti affinity scheduling rules." + properties: + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + topologyKey: + type: string + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: ["In", "NotIn", "Exists", "DoesNotExist"] + values: + type: array + items: + type: string + matchLabels: + type: object + additionalProperties: + type: string + namespaces: + type: array + items: + type: string + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + weight: + type: integer + podAffinityTerm: + type: object + properties: + topologyKey: + type: string + labelSelector: + type: object + properties: + topologyKey: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: ["In", "NotIn", "Exists", + "DoesNotExist"] + values: + type: array + items: + type: string + matchLabels: + type: object + additionalProperties: + type: string + namespaces: + type: array + items: + type: string + + + + + nodeAffinity: + description: Node affinity settings + type: object + properties: + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + weight: + type: integer + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + topologyKey: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - In + - NotIn + - Exists + - DoesNotExist + - Gt + - Lt + - Eq + values: + type: array + items: + type: string + + + + extraEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + secretEnv: + type: array + items: + type: object + properties: + name: + type: string + secretKeyRef: + type: object + properties: + name: + type: string + key: + type: string + podAnnotations: + type: object + additionalProperties: + type: string + podLabels: + type: object + additionalProperties: + type: string + tolerations: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - Exists + - Equal + - NotEqual + - DoesNotExist + value: + type: string + effect: + type: string + enum: + - NoSchedule + - PreferNoSchedule + - NoExecute + tolerationSeconds: + type: integer + extraVolumes: + type: array + items: + type: object + properties: + name: + type: string + persistentVolumeClaim: + type: object + properties: + claimName: + type: string + extraVolumeMounts: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + serviceEndpoints: + items: + properties: + name: + type: string + type: + type: string + annotations: + additionalProperties: + type: string + type: object + app: + type: string + ports: + additionalProperties: + type: string + type: object + type: object + type: array + nodeSelector: + additionalProperties: + type: string + type: object + status: + description: Status of the universe CR + type: object + properties: + universeState: + description: > + The state of the universe (e.g. "Ready", "Creating", "Editing", "Deleting") + type: string + sqlEndpoints: + description: SQL endpoints for the universe. + type: array + items: + type: string + cqlEndpoints: + description: CQL endpoints for the universe. + type: array + items: + type: string + resourceUUID: + type: string + actions: + type: array + items: + type: object + properties: + action_type: + type: string + message: + type: string + taskUUID: + type: string + status: + type: string + enum: + - queued + - running + - failed + + subresources: + status: {} + additionalPrinterColumns: + - name: State + type: string + description: The state of the universe + jsonPath: .status.universeState + - name: Software Version + type: string + description: The Software version of the Universe + jsonPath: .spec.ybSoftwareVersion + names: + kind: YBUniverse + plural: ybuniverses + singular: ybuniverse + shortNames: + - ybuniverse + categories: + - all + - yugabyte + scope: Namespaced + diff --git a/kubernetes/apps/yugabyte/operator/crd/kustomization.yaml b/kubernetes/apps/yugabyte/operator/crd/kustomization.yaml new file mode 100644 index 00000000..cf0dc623 --- /dev/null +++ b/kubernetes/apps/yugabyte/operator/crd/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./crd.yaml diff --git a/kubernetes/apps/yugabyte/operator/ks.yaml b/kubernetes/apps/yugabyte/operator/ks.yaml new file mode 100644 index 00000000..b5cc992f --- /dev/null +++ b/kubernetes/apps/yugabyte/operator/ks.yaml @@ -0,0 +1,41 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: yugabyte-crd + namespace: flux-system +spec: + targetNamespace: yugabyte + path: ./kubernetes/apps/yugabyte/operator/crd + prune: false + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app yugabyte-operator + namespace: flux-system +spec: + targetNamespace: yugabyte + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: yugabyte-crd + path: ./kubernetes/apps/yugabyte/operator/app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/flux/repositories/helm/kustomization.yaml b/kubernetes/flux/repositories/helm/kustomization.yaml index 90f7d9de..5c078f84 100644 --- a/kubernetes/flux/repositories/helm/kustomization.yaml +++ b/kubernetes/flux/repositories/helm/kustomization.yaml @@ -37,3 +37,4 @@ resources: - ./tailscale.yaml - ./vector.yaml - ./victoriametrics.yaml + - ./yugabytedb.yaml diff --git a/kubernetes/flux/repositories/helm/yugabytedb.yaml b/kubernetes/flux/repositories/helm/yugabytedb.yaml new file mode 100644 index 00000000..042816f7 --- /dev/null +++ b/kubernetes/flux/repositories/helm/yugabytedb.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: yugabytedb + namespace: flux-system +spec: + interval: 2h + url: https://charts.yugabyte.com