diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b4c1672d..8405247f3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ## [master](https://github.com/arangodb/kube-arangodb/tree/master) (N/A) - (Improvement) Bump dependencies +- (Documentation) (1.3.0) EE & CE Definitions ## [1.2.20](https://github.com/arangodb/kube-arangodb/tree/1.2.20) (2022-10-25) - (Feature) Add action progress diff --git a/Makefile b/Makefile index b0fe9d337..73910ae25 100644 --- a/Makefile +++ b/Makefile @@ -61,7 +61,7 @@ HELM_OPTIONS = --set "operator.image=$(OPERATORIMAGE)" \ --set "operator.resources=null" \ --set "operator.debug=$(DEBUG)" -ifeq ($(shell $(HELM) version --client --template '{{.Version}}' | cut -f 1 -d '.'),v3) +ifeq ($(shell $(HELM) version --client --template '{{.Version}}' 2> /dev/null | cut -f 1 -d '.'),v3) # Using helm v3 HELM_PACKAGE_CMD = $(HELM) package "$(ROOTDIR)/chart/$(CHART_NAME)" -d "$(ROOTDIR)/bin/charts" \ --version "$(VERSION_MAJOR_MINOR_PATCH)" @@ -113,6 +113,8 @@ ifndef MANIFESTSUFFIX MANIFESTSUFFIX := -dev endif endif + +ifeq ($(RELEASE_MODE),community) MANIFESTPATHCRD := manifests/arango-crd$(MANIFESTSUFFIX).yaml MANIFESTPATHDEPLOYMENT := manifests/arango-deployment$(MANIFESTSUFFIX).yaml MANIFESTPATHDEPLOYMENTREPLICATION := manifests/arango-deployment-replication$(MANIFESTSUFFIX).yaml @@ -121,16 +123,33 @@ MANIFESTPATHAPPS := manifests/arango-apps$(MANIFESTSUFFIX).yaml MANIFESTPATHK2KCLUSTERSYNC := manifests/arango-k2kclustersync$(MANIFESTSUFFIX).yaml MANIFESTPATHSTORAGE := manifests/arango-storage$(MANIFESTSUFFIX).yaml MANIFESTPATHALL := manifests/arango-all$(MANIFESTSUFFIX).yaml -MANIFESTPATHTEST := manifests/arango-test$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHCRD := manifests/kustomize/crd/arango-crd$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHDEPLOYMENT := manifests/kustomize/deployment/arango-deployment$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHDEPLOYMENTREPLICATION := manifests/kustomize/deployment-replication/arango-deployment-replication$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHBACKUP := manifests/kustomize/backup/arango-backup$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHAPPS := manifests/kustomize/apps/arango-apps$(MANIFESTSUFFIX).yaml -KUSTOMIZEPATHK2KCLUSTERSYNC := manifests/kustomize/apps/arango-k2kclustersync$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHK2KCLUSTERSYNC := manifests/kustomize/k2kclustersync/arango-k2kclustersync$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHSTORAGE := manifests/kustomize/storage/arango-storage$(MANIFESTSUFFIX).yaml KUSTOMIZEPATHALL := manifests/kustomize/all/arango-all$(MANIFESTSUFFIX).yaml -KUSTOMIZEPATHTEST := manifests/kustomize/test/arango-test$(MANIFESTSUFFIX).yaml +else +MANIFESTPATHCRD := manifests/enterprise-crd$(MANIFESTSUFFIX).yaml +MANIFESTPATHDEPLOYMENT := manifests/enterprise-deployment$(MANIFESTSUFFIX).yaml +MANIFESTPATHDEPLOYMENTREPLICATION := manifests/enterprise-deployment-replication$(MANIFESTSUFFIX).yaml +MANIFESTPATHBACKUP := manifests/enterprise-backup$(MANIFESTSUFFIX).yaml +MANIFESTPATHAPPS := manifests/enterprise-apps$(MANIFESTSUFFIX).yaml +MANIFESTPATHK2KCLUSTERSYNC := manifests/enterprise-k2kclustersync$(MANIFESTSUFFIX).yaml +MANIFESTPATHSTORAGE := manifests/enterprise-storage$(MANIFESTSUFFIX).yaml +MANIFESTPATHALL := manifests/enterprise-all$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHCRD := manifests/kustomize-enterprise/crd/enterprise-crd$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHDEPLOYMENT := manifests/kustomize-enterprise/deployment/enterprise-deployment$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHDEPLOYMENTREPLICATION := manifests/kustomize-enterprise/deployment-replication/enterprise-deployment-replication$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHBACKUP := manifests/kustomize-enterprise/backup/enterprise-backup$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHAPPS := manifests/kustomize-enterprise/apps/enterprise-apps$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHK2KCLUSTERSYNC := manifests/kustomize-enterprise/k2kclustersync/enterprise-k2kclustersync$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHSTORAGE := manifests/kustomize-enterprise/storage/enterprise-storage$(MANIFESTSUFFIX).yaml +KUSTOMIZEPATHALL := manifests/kustomize-enterprise/all/enterprise-all$(MANIFESTSUFFIX).yaml +endif + ifndef DEPLOYMENTNAMESPACE DEPLOYMENTNAMESPACE := default endif @@ -356,8 +375,6 @@ manifests: $(eval $(call manifest-generator, crd, kube-arangodb-crd)) -$(eval $(call manifest-generator, test, kube-arangodb-test)) - $(eval $(call manifest-generator, deployment, kube-arangodb, \ --set "operator.features.deployment=true" \ --set "operator.features.deploymentReplications=false" \ @@ -454,7 +471,7 @@ patch-examples: $(ROOTDIR)/scripts/patch_examples.sh $(VERSION_MAJOR_MINOR_PATCH) .PHONY: patch-release -patch-release: patch-readme patch-examples +patch-release: patch-readme patch-examples patch-chart .PHONY: patch-chart patch-chart: diff --git a/README.md b/README.md index e4283c940..b1cbc60ab 100644 --- a/README.md +++ b/README.md @@ -85,20 +85,11 @@ Feature-wise production readiness table: | Operator Internal Metrics Exporter | 1.2.0 | >= 3.6.0 | Community, Enterprise | 1.2.0 | Production | True | --deployment.feature.metrics-exporter | N/A | | Operator Ephemeral Volumes | 1.2.2 | >= 3.7.0 | Community, Enterprise | 1.2.2 | Alpha | False | --deployment.feature.ephemeral-volumes | N/A | -## Release notes for 0.3.16 +## Operator Community Edition (CE) -In this release we have reworked the Helm charts. One notable change is -that we now create a new service account specifically for the operator. -The actual deployment still runs by default under the `default` service -account unless one changes that. Note that the service account under -which the ArangoDB runs needs a small set of extra permissions. For -the `default` service account we grant them when the operator is -deployed. If you use another service account you have to grant these -permissions yourself. See -[here](docs/Manual/Deployment/Kubernetes/DeploymentResource.md#specgroupserviceaccountname-string) -for details. +Image: `arangodb/kube-arangodb:1.2.20` -## Installation of latest release using Kubectl +### Installation of latest CE release using Kubectl ```bash kubectl apply -f https://raw.githubusercontent.com/arangodb/kube-arangodb/1.2.20/manifests/arango-crd.yaml @@ -112,7 +103,7 @@ kubectl apply -f https://raw.githubusercontent.com/arangodb/kube-arangodb/1.2.20 This procedure can also be used for upgrades and will not harm any running ArangoDB deployments. -## Installation of latest release using kustomize +### Installation of latest CE release using kustomize Installation using [kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) looks like installation from yaml files, but user is allowed to modify namespace or resource names without yaml modifications. @@ -131,7 +122,7 @@ bases: - https://github.com/arangodb/kube-arangodb/manifests/kustomize/deployment/?ref=1.0.3 ``` -## Installation of latest release using Helm +### Installation of latest CE release using Helm Only use this procedure for a new install of the operator. See below for upgrades. @@ -146,7 +137,7 @@ helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/ helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-1.2.20.tgz --set "operator.features.storage=true" ``` -## Upgrading the operator using Helm +### Upgrading the operator using Helm To upgrade the operator to the latest version with Helm, you have to delete the previous deployment and then install the latest. **HOWEVER**: @@ -183,6 +174,95 @@ helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/ helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-1.2.20.tgz --set "operator.features.storage=true" ``` +## Operator Enterprise Edition (EE) + +Image: `arangodb/kube-arangodb-enterprise:1.2.20` + +### Installation of latest EE release using Kubectl + +```bash +kubectl apply -f https://raw.githubusercontent.com/arangodb/kube-arangodb/1.2.20/manifests/enterprise-crd.yaml +kubectl apply -f https://raw.githubusercontent.com/arangodb/kube-arangodb/1.2.20/manifests/enterprise-deployment.yaml +# To use `ArangoLocalStorage`, also run +kubectl apply -f https://raw.githubusercontent.com/arangodb/kube-arangodb/1.2.20/manifests/enterprise-storage.yaml +# To use `ArangoDeploymentReplication`, also run +kubectl apply -f https://raw.githubusercontent.com/arangodb/kube-arangodb/1.2.20/manifests/enterprise-deployment-replication.yaml +``` + +This procedure can also be used for upgrades and will not harm any +running ArangoDB deployments. + +### Installation of latest EE release using kustomize + +Installation using [kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) looks like installation from yaml files, +but user is allowed to modify namespace or resource names without yaml modifications. + +IT is recommended to use kustomization instead of handcrafting namespace in yaml files - kustomization will replace not only resource namespaces, +but also namespace references in resources like ClusterRoleBinding. + +Example kustomization file: +``` +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: my-custom-namespace + +bases: + - https://github.com/arangodb/kube-arangodb/manifests/kustomize-enterprise/deployment/?ref=1.0.3 +``` + +### Installation of latest EE release using Helm + +Only use this procedure for a new install of the operator. See below for +upgrades. + +```bash +# The following will install the custom resources required by the operators. +helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-crd-1.2.20.tgz --set "operator.image=arangodb/kube-arangodb-enterprise:1.2.20" +# The following will install the operator for `ArangoDeployment` & +# `ArangoDeploymentReplication` resources. +helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-1.2.20.tgz --set "operator.image=arangodb/kube-arangodb-enterprise:1.2.20" +# To use `ArangoLocalStorage`, set field `operator.features.storage` to true +helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-1.2.20.tgz --set "operator.image=arangodb/kube-arangodb-enterprise:1.2.20" --set "operator.features.storage=true" +``` + +### Upgrading the operator using Helm + +To upgrade the operator to the latest version with Helm, you have to +delete the previous deployment and then install the latest. **HOWEVER**: +You *must not delete* the deployment of the custom resource definitions +(CRDs), or your ArangoDB deployments will be deleted! + +Therefore, you have to use `helm list` to find the deployments for the +operator (`kube-arangodb`) and of the storage operator +(`kube-arangodb-storage`) and use `helm delete` to delete them using the +automatically generated deployment names. Here is an example of a `helm +list` output: + +``` +% helm list +NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE +steely-mule 1 Sun Mar 31 21:11:07 2019 DEPLOYED kube-arangodb-crd-0.3.9 default +vetoed-ladybird 1 Mon Apr 8 11:36:58 2019 DEPLOYED kube-arangodb-0.3.10-preview default +``` + +So here, you would have to do + +```bash +helm delete vetoed-ladybird +``` + +but **not delete `steely-mule`**. Then you could install the new version +with `helm install` as normal: + +```bash +# The following will install the operator for `ArangoDeployment` & +# `ArangoDeploymentReplication` resources. +helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-1.2.20.tgz --set "operator.image=arangodb/kube-arangodb-enterprise:1.2.20" +# To use `ArangoLocalStorage`, set field `operator.features.storage` to true +helm install https://github.com/arangodb/kube-arangodb/releases/download/1.2.20/kube-arangodb-1.2.20.tgz --set "operator.image=arangodb/kube-arangodb-enterprise:1.2.20" --set "operator.features.storage=true" +``` + ## Building ```bash @@ -193,11 +273,3 @@ kubectl apply -f manifests/arango-storage-dev.yaml # To use `ArangoDeploymentReplication`, also run kubectl apply -f manifests/arango-deployment-replication-dev.yaml ``` - -## ArangoExporter - -[ArangoExporter](https://github.com/arangodb-helper/arangodb-exporter) project has been merged with ArangoOperator. -Starting from ArangoDB 3.6 Servers expose metrics endpoint with prometheus compatible format. From this point Exporter -is used only for TLS and/or Authentication termination to be compatible with all Prometheus installations. - -ArangoExporter documentation can be found [here](./docs/design/exporter.md) diff --git a/chart/kube-arangodb-test/Chart.yaml b/chart/kube-arangodb-test/Chart.yaml deleted file mode 100644 index 344e6a4a3..000000000 --- a/chart/kube-arangodb-test/Chart.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -name: kube-arangodb-test -version: 1.2.20 - -description: "ArangoDB Kubernetes Test Access" \ No newline at end of file diff --git a/chart/kube-arangodb-test/templates/_helpers.tpl b/chart/kube-arangodb-test/templates/_helpers.tpl deleted file mode 100644 index cfc81a88c..000000000 --- a/chart/kube-arangodb-test/templates/_helpers.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - -{{/* -Expand the name of the chart. -*/}} -{{- define "kube-arangodb-test.name" -}} -{{- printf "%s" .Chart.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Expand the name of the release. -*/}} -{{- define "kube-arangodb-test.releaseName" -}} -{{- printf "%s" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Combine name of the deployment. -*/}} -{{- define "kube-arangodb-test.fullName" -}} -{{- printf "%s-%s" .Chart.Name .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} \ No newline at end of file diff --git a/chart/kube-arangodb-test/templates/cluster-role-binding.yaml b/chart/kube-arangodb-test/templates/cluster-role-binding.yaml deleted file mode 100644 index 22d7eb344..000000000 --- a/chart/kube-arangodb-test/templates/cluster-role-binding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "kube-arangodb-test.fullName" . }} - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ template "kube-arangodb-test.name" . }} - helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/instance: {{ .Release.Name }} - release: {{ .Release.Name }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: - - kind: ServiceAccount - name: {{ template "kube-arangodb-test.releaseName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/chart/kube-arangodb-test/templates/service-account.yaml b/chart/kube-arangodb-test/templates/service-account.yaml deleted file mode 100644 index d32bafeb1..000000000 --- a/chart/kube-arangodb-test/templates/service-account.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "kube-arangodb-test.releaseName" . }} - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ template "kube-arangodb-test.name" . }} - helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/instance: {{ .Release.Name }} - release: {{ .Release.Name }} -{{- if .Values.imagePullSecrets }} -imagePullSecrets: -{{- range .Values.imagePullSecrets }} - - name: {{ . }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/chart/kube-arangodb-test/values.yaml b/chart/kube-arangodb-test/values.yaml deleted file mode 100644 index cc8b9c001..000000000 --- a/chart/kube-arangodb-test/values.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- - -imagePullSecrets: [] \ No newline at end of file diff --git a/manifests/arango-test.yaml b/manifests/arango-test.yaml deleted file mode 100644 index cf882cd9b..000000000 --- a/manifests/arango-test.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# Source: kube-arangodb-test/templates/service-account.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: test - namespace: default - labels: - app.kubernetes.io/name: kube-arangodb-test - helm.sh/chart: kube-arangodb-test-1.2.20 - app.kubernetes.io/managed-by: Tiller - app.kubernetes.io/instance: test - release: test ---- -# Source: kube-arangodb-test/templates/cluster-role-binding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kube-arangodb-test-test - namespace: default - labels: - app.kubernetes.io/name: kube-arangodb-test - helm.sh/chart: kube-arangodb-test-1.2.20 - app.kubernetes.io/managed-by: Tiller - app.kubernetes.io/instance: test - release: test -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: - - kind: ServiceAccount - name: test - namespace: default diff --git a/manifests/enterprise-all.yaml b/manifests/enterprise-all.yaml new file mode 100644 index 000000000..525bd07ab --- /dev/null +++ b/manifests/enterprise-all.yaml @@ -0,0 +1,899 @@ +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-all-operator-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-all-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangolocalstorages.storage.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +spec: + group: storage.arangodb.com + names: + kind: ArangoLocalStorage + listKind: ArangoLocalStorageList + plural: arangolocalstorages + shortNames: + - arangostorage + singular: arangolocalstorage + scope: Cluster + versions: + - name: v1alpha + served: true + storage: true + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes", "persistentvolumes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["persistentvolumes", "persistentvolumeclaims", "endpoints", "events", "services"] + verbs: ["*"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["*"] + - apiGroups: ["storage.arangodb.com"] + resources: ["arangolocalstorages"] + verbs: ["*"] +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps.arangodb.com"] + resources: ["arangojobs","arangojobs/status"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackuppolicies/status", "arangobackups", "arangobackups/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangodeployments/status","arangomembers", "arangomembers/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangoclustersynchronizations", "arangoclustersynchronizations/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangotasks", "arangotasks/status"] + verbs: ["*"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets", "serviceaccounts", "configmaps"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["*"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackups"] + verbs: ["get", "list", "watch"] + - apiGroups: ["monitoring.coreos.com"] + resources: ["servicemonitors"] + verbs: ["get", "create", "delete", "update", "list", "watch", "patch"] +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["replication.database.arangodb.com"] + resources: ["arangodeploymentreplications", "arangodeploymentreplications/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangoclustersynchronizations"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-job +subjects: + - kind: ServiceAccount + name: arango-all-operator-job + namespace: default +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-default +subjects: + - kind: ServiceAccount + name: default + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-all-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-all-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + spec: + serviceAccountName: arango-all-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - all + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.deployment + - --operator.deployment-replication + - --operator.storage + + - --operator.backup + + - --operator.apps + + - --operator.k2k-cluster-sync + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + - name: ARANGOJOB_SA_NAME + value: "arango-all-operator-job" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + diff --git a/manifests/enterprise-apps.yaml b/manifests/enterprise-apps.yaml new file mode 100644 index 000000000..5861b6b5e --- /dev/null +++ b/manifests/enterprise-apps.yaml @@ -0,0 +1,441 @@ +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-apps-operator-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-apps-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-apps-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-apps-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-apps-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-apps-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-apps-operator + namespace: default +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-apps-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-apps-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-apps-operator + namespace: default +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-apps-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps.arangodb.com"] + resources: ["arangojobs","arangojobs/status"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-apps-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-apps-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-apps-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-apps-operator + namespace: default + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-apps-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-apps-operator-rbac-job +subjects: + - kind: ServiceAccount + name: arango-apps-operator-job + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-apps-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-apps-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + spec: + serviceAccountName: arango-apps-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - apps + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + + + - --operator.apps + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + - name: ARANGOJOB_SA_NAME + value: "arango-apps-operator-job" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/enterprise-backup.yaml b/manifests/enterprise-backup.yaml new file mode 100644 index 000000000..834e40502 --- /dev/null +++ b/manifests/enterprise-backup.yaml @@ -0,0 +1,388 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-backup-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-backup-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-backup-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-backup-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-backup-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-backup-operator + namespace: default +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-backup-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-backup-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-backup-operator + namespace: default +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-backup-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackuppolicies/status", "arangobackups", "arangobackups/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-backup-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-backup-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-backup-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-backup-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-backup-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup + spec: + serviceAccountName: arango-backup-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - backup + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + + - --operator.backup + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/enterprise-crd.yaml b/manifests/enterprise-crd.yaml new file mode 100644 index 000000000..efa098464 --- /dev/null +++ b/manifests/enterprise-crd.yaml @@ -0,0 +1,398 @@ +--- +# Source: kube-arangodb-crd/templates/backup-policy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangobackuppolicies.backup.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: backup.arangodb.com + names: + kind: ArangoBackupPolicy + listKind: ArangoBackupPolicyList + plural: arangobackuppolicies + shortNames: + - arangobackuppolicy + - arangobp + singular: arangobackuppolicy + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .spec.schedule + description: Schedule + name: Schedule + type: string + - jsonPath: .status.scheduled + description: Scheduled + name: Scheduled + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackupPolicy object + name: Message + type: string + subresources: + status: {} + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + additionalPrinterColumns: + - jsonPath: .spec.schedule + description: Schedule + name: Schedule + type: string + - jsonPath: .status.scheduled + description: Scheduled + name: Scheduled + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackupPolicy object + name: Message + type: string + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/backup.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangobackups.backup.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: backup.arangodb.com + names: + kind: ArangoBackup + listKind: ArangoBackupList + plural: arangobackups + shortNames: + - arangobackup + singular: arangobackup + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .spec.policyName + description: Policy name + name: Policy + type: string + - jsonPath: .spec.deployment.name + description: Deployment name + name: Deployment + type: string + - jsonPath: .status.backup.version + description: Backup Version + name: Version + type: string + - jsonPath: .status.backup.createdAt + description: Backup Creation Timestamp + name: Created + type: string + - jsonPath: .status.backup.sizeInBytes + description: Backup Size in Bytes + name: Size + type: integer + format: byte + - jsonPath: .status.backup.numberOfDBServers + description: Backup Number of the DB Servers + name: DBServers + type: integer + - jsonPath: .status.state + description: The actual state of the ArangoBackup + name: State + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackup object + name: Message + type: string + subresources: + status: {} + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + additionalPrinterColumns: + - jsonPath: .spec.policyName + description: Policy name + name: Policy + type: string + - jsonPath: .spec.deployment.name + description: Deployment name + name: Deployment + type: string + - jsonPath: .status.backup.version + description: Backup Version + name: Version + type: string + - jsonPath: .status.backup.createdAt + description: Backup Creation Timestamp + name: Created + type: string + - jsonPath: .status.backup.sizeInBytes + description: Backup Size in Bytes + name: Size + type: integer + format: byte + - jsonPath: .status.backup.numberOfDBServers + description: Backup Number of the DB Servers + name: DBServers + type: integer + - jsonPath: .status.state + description: The actual state of the ArangoBackup + name: State + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackup object + name: Message + type: string + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/deployment-replications.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangodeploymentreplications.replication.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: replication.database.arangodb.com + names: + kind: ArangoDeploymentReplication + listKind: ArangoDeploymentReplicationList + plural: arangodeploymentreplications + shortNames: + - arangorepl + singular: arangodeploymentreplication + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/deployment.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangodeployments.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: database.arangodb.com + names: + kind: ArangoDeployment + listKind: ArangoDeploymentList + plural: arangodeployments + shortNames: + - arangodb + - arango + singular: arangodeployment + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} +--- +# Source: kube-arangodb-crd/templates/job.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangojobs.apps.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: apps.arangodb.com + names: + kind: ArangoJob + listKind: ArangoJobList + plural: arangojobs + singular: arangojob + shortNames: + - arangojob + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .spec.arangoDeploymentName + description: Deployment name + name: ArangoDeploymentName + type: string + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/k2kclustersync.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangoclustersynchronizations.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: database.arangodb.com + names: + kind: ArangoClusterSynchronization + listKind: ArangoClusterSynchronizationList + plural: arangoclustersynchronizations + singular: arangoclustersynchronization + shortNames: + - arangoclustersync + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/member.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangomembers.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: database.arangodb.com + names: + kind: ArangoMember + listKind: ArangoMemberList + plural: arangomembers + shortNames: + - arangomembers + singular: arangomember + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} diff --git a/manifests/enterprise-deployment-replication.yaml b/manifests/enterprise-deployment-replication.yaml new file mode 100644 index 000000000..e13bff8f2 --- /dev/null +++ b/manifests/enterprise-deployment-replication.yaml @@ -0,0 +1,385 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-deployment-replication-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-replication-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-replication-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-replication-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-deployment-replication-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-replication-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-deployment-replication-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +rules: + - apiGroups: ["replication.database.arangodb.com"] + resources: ["arangodeploymentreplications", "arangodeploymentreplications/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-deployment-replication-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-deployment-replication-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-deployment-replication-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-deployment-replication-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication + spec: + serviceAccountName: arango-deployment-replication-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - deployment-replication + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.deployment-replication + + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/enterprise-deployment.yaml b/manifests/enterprise-deployment.yaml new file mode 100644 index 000000000..f51144cfb --- /dev/null +++ b/manifests/enterprise-deployment.yaml @@ -0,0 +1,429 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-deployment-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes", "persistentvolumes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-deployment-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-deployment-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-deployment-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-deployment-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangodeployments/status","arangomembers", "arangomembers/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangoclustersynchronizations", "arangoclustersynchronizations/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangotasks", "arangotasks/status"] + verbs: ["*"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets", "serviceaccounts", "configmaps"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["*"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackups"] + verbs: ["get", "list", "watch"] + - apiGroups: ["monitoring.coreos.com"] + resources: ["servicemonitors"] + verbs: ["get", "create", "delete", "update", "list", "watch", "patch"] +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-deployment-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-deployment-operator-rbac-default +subjects: + - kind: ServiceAccount + name: default + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-deployment-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-deployment-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-deployment-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-deployment-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-deployment-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment + spec: + serviceAccountName: arango-deployment-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - deployment + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.deployment + + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize/apps/arango-k2kclustersync.yaml b/manifests/enterprise-k2kclustersync.yaml similarity index 100% rename from manifests/kustomize/apps/arango-k2kclustersync.yaml rename to manifests/enterprise-k2kclustersync.yaml diff --git a/manifests/enterprise-storage.yaml b/manifests/enterprise-storage.yaml new file mode 100644 index 000000000..6c5afcb5a --- /dev/null +++ b/manifests/enterprise-storage.yaml @@ -0,0 +1,421 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-storage-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangolocalstorages.storage.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +spec: + group: storage.arangodb.com + names: + kind: ArangoLocalStorage + listKind: ArangoLocalStorageList + plural: arangolocalstorages + shortNames: + - arangostorage + singular: arangolocalstorage + scope: Cluster + versions: + - name: v1alpha + served: true + storage: true + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-storage-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-storage-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +rules: + - apiGroups: [""] + resources: ["persistentvolumes", "persistentvolumeclaims", "endpoints", "events", "services"] + verbs: ["*"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["*"] + - apiGroups: ["storage.arangodb.com"] + resources: ["arangolocalstorages"] + verbs: ["*"] +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-storage-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-storage-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-storage-operator + namespace: default +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-storage-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-storage-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-storage-operator + namespace: default +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-storage-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-storage-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-storage-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-storage-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-storage-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-storage-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage + spec: + serviceAccountName: arango-storage-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - storage + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.storage + + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + diff --git a/manifests/kustomize-enterprise/all/enterprise-all.yaml b/manifests/kustomize-enterprise/all/enterprise-all.yaml new file mode 100644 index 000000000..525bd07ab --- /dev/null +++ b/manifests/kustomize-enterprise/all/enterprise-all.yaml @@ -0,0 +1,899 @@ +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-all-operator-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-all-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangolocalstorages.storage.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +spec: + group: storage.arangodb.com + names: + kind: ArangoLocalStorage + listKind: ArangoLocalStorageList + plural: arangolocalstorages + shortNames: + - arangostorage + singular: arangolocalstorage + scope: Cluster + versions: + - name: v1alpha + served: true + storage: true + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes", "persistentvolumes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-all-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["persistentvolumes", "persistentvolumeclaims", "endpoints", "events", "services"] + verbs: ["*"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["*"] + - apiGroups: ["storage.arangodb.com"] + resources: ["arangolocalstorages"] + verbs: ["*"] +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-all-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-all-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps.arangodb.com"] + resources: ["arangojobs","arangojobs/status"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackuppolicies/status", "arangobackups", "arangobackups/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangodeployments/status","arangomembers", "arangomembers/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangoclustersynchronizations", "arangoclustersynchronizations/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangotasks", "arangotasks/status"] + verbs: ["*"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets", "serviceaccounts", "configmaps"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["*"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackups"] + verbs: ["get", "list", "watch"] + - apiGroups: ["monitoring.coreos.com"] + resources: ["servicemonitors"] + verbs: ["get", "create", "delete", "update", "list", "watch", "patch"] +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: ["replication.database.arangodb.com"] + resources: ["arangodeploymentreplications", "arangodeploymentreplications/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangoclustersynchronizations"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-all-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-job +subjects: + - kind: ServiceAccount + name: arango-all-operator-job + namespace: default +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-default +subjects: + - kind: ServiceAccount + name: default + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-all-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-all-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-all-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-all-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-all-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: all + release: all + spec: + serviceAccountName: arango-all-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - all + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.deployment + - --operator.deployment-replication + - --operator.storage + + - --operator.backup + + - --operator.apps + + - --operator.k2k-cluster-sync + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + - name: ARANGOJOB_SA_NAME + value: "arango-all-operator-job" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + diff --git a/manifests/kustomize/test/kustomization.yaml b/manifests/kustomize-enterprise/all/kustomization.yaml similarity index 76% rename from manifests/kustomize/test/kustomization.yaml rename to manifests/kustomize-enterprise/all/kustomization.yaml index 2c509f9c9..9c1e6bd7b 100644 --- a/manifests/kustomize/test/kustomization.yaml +++ b/manifests/kustomize-enterprise/all/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - arango-test.yaml \ No newline at end of file + - enterprise-all.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/apps/enterprise-apps.yaml b/manifests/kustomize-enterprise/apps/enterprise-apps.yaml new file mode 100644 index 000000000..5861b6b5e --- /dev/null +++ b/manifests/kustomize-enterprise/apps/enterprise-apps.yaml @@ -0,0 +1,441 @@ +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-apps-operator-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-apps-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-apps-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-apps-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-apps-operator-rbac-apps + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-apps-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-apps-operator + namespace: default +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-apps-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-apps-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-apps-operator + namespace: default +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-apps-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps.arangodb.com"] + resources: ["arangojobs","arangojobs/status"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-apps-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-apps-operator-rbac-apps + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-apps-operator-rbac-apps +subjects: + - kind: ServiceAccount + name: arango-apps-operator + namespace: default + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-apps-operator-rbac-job + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-apps-operator-rbac-job +subjects: + - kind: ServiceAccount + name: arango-apps-operator-job + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-apps-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-apps-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: apps + release: apps + spec: + serviceAccountName: arango-apps-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - apps + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + + + - --operator.apps + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + - name: ARANGOJOB_SA_NAME + value: "arango-apps-operator-job" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize-enterprise/apps/kustomization.yaml b/manifests/kustomize-enterprise/apps/kustomization.yaml new file mode 100644 index 000000000..6d52702bf --- /dev/null +++ b/manifests/kustomize-enterprise/apps/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-apps.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/backup/enterprise-backup.yaml b/manifests/kustomize-enterprise/backup/enterprise-backup.yaml new file mode 100644 index 000000000..834e40502 --- /dev/null +++ b/manifests/kustomize-enterprise/backup/enterprise-backup.yaml @@ -0,0 +1,388 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-backup-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-backup-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-backup-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-backup-operator-rbac-backup + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-backup-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-backup-operator + namespace: default +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-backup-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-backup-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-backup-operator + namespace: default +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-backup-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackuppolicies/status", "arangobackups", "arangobackups/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get", "list", "watch"] +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-backup-operator-rbac-backup + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-backup-operator-rbac-backup +subjects: + - kind: ServiceAccount + name: arango-backup-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-backup-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-backup-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: backup + release: backup + spec: + serviceAccountName: arango-backup-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - backup + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + + - --operator.backup + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize-enterprise/backup/kustomization.yaml b/manifests/kustomize-enterprise/backup/kustomization.yaml new file mode 100644 index 000000000..50f80ecb7 --- /dev/null +++ b/manifests/kustomize-enterprise/backup/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-backup.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/crd/enterprise-crd.yaml b/manifests/kustomize-enterprise/crd/enterprise-crd.yaml new file mode 100644 index 000000000..efa098464 --- /dev/null +++ b/manifests/kustomize-enterprise/crd/enterprise-crd.yaml @@ -0,0 +1,398 @@ +--- +# Source: kube-arangodb-crd/templates/backup-policy.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangobackuppolicies.backup.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: backup.arangodb.com + names: + kind: ArangoBackupPolicy + listKind: ArangoBackupPolicyList + plural: arangobackuppolicies + shortNames: + - arangobackuppolicy + - arangobp + singular: arangobackuppolicy + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .spec.schedule + description: Schedule + name: Schedule + type: string + - jsonPath: .status.scheduled + description: Scheduled + name: Scheduled + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackupPolicy object + name: Message + type: string + subresources: + status: {} + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + additionalPrinterColumns: + - jsonPath: .spec.schedule + description: Schedule + name: Schedule + type: string + - jsonPath: .status.scheduled + description: Scheduled + name: Scheduled + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackupPolicy object + name: Message + type: string + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/backup.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangobackups.backup.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: backup.arangodb.com + names: + kind: ArangoBackup + listKind: ArangoBackupList + plural: arangobackups + shortNames: + - arangobackup + singular: arangobackup + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .spec.policyName + description: Policy name + name: Policy + type: string + - jsonPath: .spec.deployment.name + description: Deployment name + name: Deployment + type: string + - jsonPath: .status.backup.version + description: Backup Version + name: Version + type: string + - jsonPath: .status.backup.createdAt + description: Backup Creation Timestamp + name: Created + type: string + - jsonPath: .status.backup.sizeInBytes + description: Backup Size in Bytes + name: Size + type: integer + format: byte + - jsonPath: .status.backup.numberOfDBServers + description: Backup Number of the DB Servers + name: DBServers + type: integer + - jsonPath: .status.state + description: The actual state of the ArangoBackup + name: State + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackup object + name: Message + type: string + subresources: + status: {} + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + additionalPrinterColumns: + - jsonPath: .spec.policyName + description: Policy name + name: Policy + type: string + - jsonPath: .spec.deployment.name + description: Deployment name + name: Deployment + type: string + - jsonPath: .status.backup.version + description: Backup Version + name: Version + type: string + - jsonPath: .status.backup.createdAt + description: Backup Creation Timestamp + name: Created + type: string + - jsonPath: .status.backup.sizeInBytes + description: Backup Size in Bytes + name: Size + type: integer + format: byte + - jsonPath: .status.backup.numberOfDBServers + description: Backup Number of the DB Servers + name: DBServers + type: integer + - jsonPath: .status.state + description: The actual state of the ArangoBackup + name: State + type: string + - jsonPath: .status.message + priority: 1 + description: Message of the ArangoBackup object + name: Message + type: string + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/deployment-replications.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangodeploymentreplications.replication.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: replication.database.arangodb.com + names: + kind: ArangoDeploymentReplication + listKind: ArangoDeploymentReplicationList + plural: arangodeploymentreplications + shortNames: + - arangorepl + singular: arangodeploymentreplication + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/deployment.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangodeployments.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: database.arangodb.com + names: + kind: ArangoDeployment + listKind: ArangoDeploymentList + plural: arangodeployments + shortNames: + - arangodb + - arango + singular: arangodeployment + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + - name: v1alpha + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} +--- +# Source: kube-arangodb-crd/templates/job.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangojobs.apps.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: apps.arangodb.com + names: + kind: ArangoJob + listKind: ArangoJobList + plural: arangojobs + singular: arangojob + shortNames: + - arangojob + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .spec.arangoDeploymentName + description: Deployment name + name: ArangoDeploymentName + type: string + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/k2kclustersync.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangoclustersynchronizations.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: database.arangodb.com + names: + kind: ArangoClusterSynchronization + listKind: ArangoClusterSynchronizationList + plural: arangoclustersynchronizations + singular: arangoclustersynchronization + shortNames: + - arangoclustersync + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} + +--- +# Source: kube-arangodb-crd/templates/member.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangomembers.database.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb-crd + helm.sh/chart: kube-arangodb-crd-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: crd + release: crd +spec: + group: database.arangodb.com + names: + kind: ArangoMember + listKind: ArangoMemberList + plural: arangomembers + shortNames: + - arangomembers + singular: arangomember + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} + - name: v2alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: false + subresources: + status: {} diff --git a/manifests/kustomize-enterprise/crd/kustomization.yaml b/manifests/kustomize-enterprise/crd/kustomization.yaml new file mode 100644 index 000000000..a5f650090 --- /dev/null +++ b/manifests/kustomize-enterprise/crd/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-crd.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/deployment-replication/enterprise-deployment-replication.yaml b/manifests/kustomize-enterprise/deployment-replication/enterprise-deployment-replication.yaml new file mode 100644 index 000000000..e13bff8f2 --- /dev/null +++ b/manifests/kustomize-enterprise/deployment-replication/enterprise-deployment-replication.yaml @@ -0,0 +1,385 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-deployment-replication-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-replication-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-replication-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-replication-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-deployment-replication-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-replication-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-deployment-replication-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +rules: + - apiGroups: ["replication.database.arangodb.com"] + resources: ["arangodeploymentreplications", "arangodeploymentreplications/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments"] + verbs: ["get"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-deployment-replication-operator-rbac-deployment-replication + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-deployment-replication-operator-rbac-deployment-replication +subjects: + - kind: ServiceAccount + name: arango-deployment-replication-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-deployment-replication-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-deployment-replication-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment-replication + release: deployment-replication + spec: + serviceAccountName: arango-deployment-replication-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - deployment-replication + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.deployment-replication + + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize-enterprise/deployment-replication/kustomization.yaml b/manifests/kustomize-enterprise/deployment-replication/kustomization.yaml new file mode 100644 index 000000000..c5c9afed9 --- /dev/null +++ b/manifests/kustomize-enterprise/deployment-replication/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-deployment-replication.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/deployment/enterprise-deployment.yaml b/manifests/kustomize-enterprise/deployment/enterprise-deployment.yaml new file mode 100644 index 000000000..f51144cfb --- /dev/null +++ b/manifests/kustomize-enterprise/deployment/enterprise-deployment.yaml @@ -0,0 +1,429 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-deployment-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-deployment-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes", "persistentvolumes"] + verbs: ["get", "list"] +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-deployment-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-deployment-operator-rbac-deployment + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-deployment-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-deployment-operator + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-deployment-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-deployment-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +rules: + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangodeployments/status","arangomembers", "arangomembers/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangoclustersynchronizations", "arangoclustersynchronizations/status"] + verbs: ["*"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangotasks", "arangotasks/status"] + verbs: ["*"] + - apiGroups: [""] + resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "events", "secrets", "serviceaccounts", "configmaps"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["*"] + - apiGroups: ["backup.arangodb.com"] + resources: ["arangobackuppolicies", "arangobackups"] + verbs: ["get", "list", "watch"] + - apiGroups: ["monitoring.coreos.com"] + resources: ["servicemonitors"] + verbs: ["get", "create", "delete", "update", "list", "watch", "patch"] +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-deployment-operator-rbac-default + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-deployment-operator-rbac-default +subjects: + - kind: ServiceAccount + name: default + namespace: default +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-deployment-operator-rbac-deployment + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-deployment-operator-rbac-deployment +subjects: + - kind: ServiceAccount + name: arango-deployment-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-deployment-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-deployment-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: deployment + release: deployment + spec: + serviceAccountName: arango-deployment-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - deployment + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.deployment + + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize-enterprise/deployment/kustomization.yaml b/manifests/kustomize-enterprise/deployment/kustomization.yaml new file mode 100644 index 000000000..49ba208a0 --- /dev/null +++ b/manifests/kustomize-enterprise/deployment/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-deployment.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/k2kclustersync/enterprise-k2kclustersync.yaml b/manifests/kustomize-enterprise/k2kclustersync/enterprise-k2kclustersync.yaml new file mode 100644 index 000000000..5ec988906 --- /dev/null +++ b/manifests/kustomize-enterprise/k2kclustersync/enterprise-k2kclustersync.yaml @@ -0,0 +1,385 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-k2kclustersync-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-k2kclustersync-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-k2kclustersync-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-k2kclustersync-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-k2kclustersync-operator + namespace: default +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-k2kclustersync-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-k2kclustersync-operator + namespace: default + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangoclustersynchronizations"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-k2kclustersync-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-k2kclustersync-operator + namespace: default + +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-k2kclustersync-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-k2kclustersync-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync + spec: + serviceAccountName: arango-k2kclustersync-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - k2kclustersync + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + + + + - --operator.k2k-cluster-sync + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize-enterprise/k2kclustersync/kustomization.yaml b/manifests/kustomize-enterprise/k2kclustersync/kustomization.yaml new file mode 100644 index 000000000..817cb9d17 --- /dev/null +++ b/manifests/kustomize-enterprise/k2kclustersync/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-k2kclustersync.yaml \ No newline at end of file diff --git a/manifests/kustomize-enterprise/storage/enterprise-storage.yaml b/manifests/kustomize-enterprise/storage/enterprise-storage.yaml new file mode 100644 index 000000000..6c5afcb5a --- /dev/null +++ b/manifests/kustomize-enterprise/storage/enterprise-storage.yaml @@ -0,0 +1,421 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-storage-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: arangolocalstorages.storage.arangodb.com + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +spec: + group: storage.arangodb.com + names: + kind: ArangoLocalStorage + listKind: ArangoLocalStorageList + plural: arangolocalstorages + shortNames: + - arangostorage + singular: arangolocalstorage + scope: Cluster + versions: + - name: v1alpha + served: true + storage: true + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-storage-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-storage-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +rules: + - apiGroups: [""] + resources: ["persistentvolumes", "persistentvolumeclaims", "endpoints", "events", "services"] + verbs: ["*"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["namespaces", "nodes"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["*"] + - apiGroups: ["storage.arangodb.com"] + resources: ["arangolocalstorages"] + verbs: ["*"] +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-storage-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-storage-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-storage-operator + namespace: default +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-storage-operator-rbac-storage + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-storage-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-storage-operator + namespace: default +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-storage-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-storage-operator-rbac-storage + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-storage-operator-rbac-storage +subjects: + - kind: ServiceAccount + name: arango-storage-operator + namespace: default +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-storage-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-storage-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: storage + release: storage + spec: + serviceAccountName: arango-storage-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - storage + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + - --operator.storage + + + + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml + + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml + + diff --git a/manifests/kustomize-enterprise/storage/kustomization.yaml b/manifests/kustomize-enterprise/storage/kustomization.yaml new file mode 100644 index 000000000..0fe89fbfe --- /dev/null +++ b/manifests/kustomize-enterprise/storage/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - enterprise-storage.yaml \ No newline at end of file diff --git a/manifests/kustomize/k2kclustersync/arango-k2kclustersync.yaml b/manifests/kustomize/k2kclustersync/arango-k2kclustersync.yaml new file mode 100644 index 000000000..5ec988906 --- /dev/null +++ b/manifests/kustomize/k2kclustersync/arango-k2kclustersync.yaml @@ -0,0 +1,385 @@ +--- +# Source: kube-arangodb/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: arango-k2kclustersync-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +--- +# Source: kube-arangodb/templates/crd/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-k2kclustersync-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "delete"] + resourceNames: + - "arangodeployments.database.arangodb.com" + - "arangoclustersynchronizations.database.arangodb.com" + - "arangomembers.database.arangodb.com" + - "arangotasks.database.arangodb.com" + - "arangodeploymentreplications.replication.database.arangodb.com" + - "arangobackups.backup.arangodb.com" + - "arangobackuppolicies.backup.arangodb.com" + - "arangojobs.apps.arangodb.com" + - "arangolocalstorages.storage.arangodb.com" +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/crd/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-k2kclustersync-operator-rbac-crd + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-k2kclustersync-operator-rbac-crd +subjects: + - kind: ServiceAccount + name: arango-k2kclustersync-operator + namespace: default +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/cluster-role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: arango-k2kclustersync-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-k2kclustersync-operator + namespace: default + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +rules: + - apiGroups: [""] + resources: ["pods", "services", "endpoints"] + verbs: ["get", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["*"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get"] + - apiGroups: ["database.arangodb.com"] + resources: ["arangodeployments", "arangoclustersynchronizations"] + verbs: ["get", "list", "watch"] + +--- +# Source: kube-arangodb/templates/k2k-cluster-sync-operator/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: arango-k2kclustersync-operator-rbac-k2kclustersync + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: arango-k2kclustersync-operator-rbac-k2kclustersync +subjects: + - kind: ServiceAccount + name: arango-k2kclustersync-operator + namespace: default + +--- +# Source: kube-arangodb/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: arango-k2kclustersync-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +spec: + ports: + - name: server + port: 8528 + protocol: TCP + targetPort: 8528 + - name: http-api + port: 8628 + protocol: TCP + targetPort: 8628 + - name: grpc-api + port: 8728 + protocol: TCP + targetPort: 8728 + selector: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync + role: leader + type: ClusterIP +--- +# Source: kube-arangodb/templates/deployment.yaml +# Scope "legacy" selected +apiVersion: apps/v1 +kind: Deployment +metadata: + name: arango-k2kclustersync-operator + namespace: default + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync +spec: + replicas: 2 + strategy: + type: Recreate + + selector: + matchLabels: + app.kubernetes.io/name: kube-arangodb + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync + template: + metadata: + labels: + app.kubernetes.io/name: kube-arangodb + helm.sh/chart: kube-arangodb-1.2.20 + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: k2kclustersync + release: k2kclustersync + spec: + serviceAccountName: arango-k2kclustersync-operator + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - "amd64" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "kubernetes.io/hostname" + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - kube-arangodb + - key: app.kubernetes.io/instance + operator: In + values: + - k2kclustersync + hostNetwork: false + hostPID: false + hostIPC: false + securityContext: + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: operator + imagePullPolicy: Always + image: arangodb/kube-arangodb:1.2.20 + args: + - --scope=legacy + + + + - --operator.k2k-cluster-sync + - --chaos.allowed=false + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: RELATED_IMAGE_UBI + value: "alpine:3.11" + - name: RELATED_IMAGE_METRICSEXPORTER + value: "arangodb/arangodb-exporter:0.1.7" + - name: RELATED_IMAGE_DATABASE + value: "arangodb/arangodb:latest" + ports: + - name: metrics + containerPort: 8528 + securityContext: + privileged: false + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - 'ALL' + livenessProbe: + httpGet: + path: /health + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + readinessProbe: + httpGet: + path: /ready + port: 8528 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 10 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 5 + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/role.yaml + +--- +# Source: kube-arangodb/templates/apps-operator/service-account-job.yaml + + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/backup-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/default-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-operator/role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/deployment-replications-operator/role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/cluster-role.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/crd.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role-binding.yaml + +--- +# Source: kube-arangodb/templates/storage-operator/role.yaml + diff --git a/manifests/kustomize/test/arango-test.yaml b/manifests/kustomize/test/arango-test.yaml deleted file mode 100644 index cf882cd9b..000000000 --- a/manifests/kustomize/test/arango-test.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# Source: kube-arangodb-test/templates/service-account.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: test - namespace: default - labels: - app.kubernetes.io/name: kube-arangodb-test - helm.sh/chart: kube-arangodb-test-1.2.20 - app.kubernetes.io/managed-by: Tiller - app.kubernetes.io/instance: test - release: test ---- -# Source: kube-arangodb-test/templates/cluster-role-binding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kube-arangodb-test-test - namespace: default - labels: - app.kubernetes.io/name: kube-arangodb-test - helm.sh/chart: kube-arangodb-test-1.2.20 - app.kubernetes.io/managed-by: Tiller - app.kubernetes.io/instance: test - release: test -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: - - kind: ServiceAccount - name: test - namespace: default diff --git a/scripts/collect_logs.sh b/scripts/collect_logs.sh deleted file mode 100755 index 794fbe95b..000000000 --- a/scripts/collect_logs.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -# Collect logs from kube-arangodb operators - -NS=$1 -POSTFIX=$2 - -if [ -z $NS ]; then - echo "Specify a namespace argument" - exit 1 -fi -if [ -z $POSTFIX ]; then - echo "Specify a postfix argument" - exit 1 -fi - -mkdir -p ./logs -kubectl logs -n ${NS} --selector=name=arango-deployment-operator &> ./logs/deployment-${POSTFIX}.log -kubectl logs -n kube-system --selector=name=arango-storage-operator &> ./logs/storage-${POSTFIX}.log diff --git a/scripts/kube_configure_test_cluster.sh b/scripts/kube_configure_test_cluster.sh deleted file mode 100755 index 3b38a6843..000000000 --- a/scripts/kube_configure_test_cluster.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -# Sets the configuration of the cluster in a ConfigMap in kube-system. - -cluster=$(kubectl config current-context) -echo "Configuring cluster $cluster" - -read -p "Does the cluster require local storage (Y/n)? " answer -case ${answer:0:1} in - n|N ) - REQUIRE_LOCAL_STORAGE= - ;; - * ) - REQUIRE_LOCAL_STORAGE=1 - ;; -esac - -mapname="arango-operator-test" -configfile=$(mktemp) -cat < $configfile -REQUIRE_LOCAL_STORAGE=${REQUIRE_LOCAL_STORAGE} -EOF -kubectl delete configmap $mapname -n kube-system --ignore-not-found -kubectl create configmap $mapname -n kube-system --from-env-file=$configfile || exit 1 - -echo Stored configuration: -cat $configfile -rm $configfile diff --git a/scripts/kube_create_backup_remote_secret.sh b/scripts/kube_create_backup_remote_secret.sh deleted file mode 100755 index eb5cbd3f8..000000000 --- a/scripts/kube_create_backup_remote_secret.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -NS=$1 - -if [ -z "$NS" ]; then - echo "Specify a namespace argument" - exit 1 -fi - -if [ -z "$2" ]; then - echo "No secret set" - exit 0 -fi - -case $(uname) in - Darwin) - SECRET=$(echo -n $2 | base64 -b 0) - ;; - *) - SECRET=$(echo -n $2 | base64 -w 0) - ;; -esac - -kubectl apply -f - <