188 KiB
API Reference for ArangoDeployment V1
Spec
.spec.agents.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.agents.allowMemberRecreation: boolean
AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:
- For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default
true) - For Agents and Single this value is hardcoded to
falseand the value provided in spec is ignored.
.spec.agents.annotations: object
Annotations specified the annotations added to Pods in this group.
Annotations are merged with spec.annotations.
.spec.agents.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.agents.annotationsMode: string
AnnotationsMode Define annotations mode which should be use while overriding annotations
.spec.agents.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.agents.args: []string
Args setting specifies additional command-line arguments passed to all servers of this group.
Default Value: []
.spec.agents.count: integer
Count setting specifies the number of servers to start for the given group.
For the Agent group, this value must be a positive, odd number.
The default value is 3 for all groups except single (there the default is 1
for spec.mode: Single and 2 for spec.mode: ActiveFailover).
For the syncworkers group, it is highly recommended to use the same number
as for the dbservers group.
.spec.agents.entrypoint: string
Entrypoint overrides container executable
.spec.agents.envs[int].name: string
.spec.agents.envs[int].value: string
.spec.agents.ephemeralVolumes.apps.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.agents.ephemeralVolumes.temp.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.agents.exporterPort: integer
ExporterPort define Port used by exporter
.spec.agents.extendedRotationCheck: boolean
ExtendedRotationCheck extend checks for rotation
.spec.agents.externalPortEnabled: boolean
ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members
.spec.agents.indexMethod: string
IndexMethod define group Indexing method
Possible Values:
- random (default) - Pick random ID for member. Enforced on the Community Operator.
- ordered - Use sequential number as Member ID, starting from 0. Enterprise Operator required.
.spec.agents.initContainers.containers: []core.Container
Containers contains list of containers
Links:
.spec.agents.initContainers.mode: string
Mode keep container replace mode
.spec.agents.internalPort: integer
InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.agents.internalPortProtocol: string
InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.agents.labels: object
Labels specified the labels added to Pods in this group.
.spec.agents.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.agents.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
.spec.agents.maxCount: integer
MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.
.spec.agents.memoryReservation: integer
MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value.
If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent.
Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.
Links:
Default Value: 0
.spec.agents.minCount: integer
MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.
.spec.agents.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.agents.nodeSelector: map[string]string
NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.
Links:
.spec.agents.numactl.args: array
Args define list of the numactl process
Default Value: []
.spec.agents.numactl.enabled: boolean
Enabled define if numactl should be enabled
Default Value: false
.spec.agents.numactl.path: string
Path define numactl path within the container
Default Value: /usr/bin/numactl
.spec.agents.overrideDetectedNumberOfCores: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable
OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources.
If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.
Links:
Default Value: true
.spec.agents.overrideDetectedTotalMemory: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable
OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources.
If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.
Links:
Default Value: true
.spec.agents.podModes.network: string
.spec.agents.podModes.pid: string
.spec.agents.port: integer
Port define Port used by member
.spec.agents.priorityClassName: string
PriorityClassName specifies a priority class name Will be forwarded to the pod spec.
Links:
.spec.agents.probes.livenessProbeDisabled: boolean
LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group
Default Value: false
.spec.agents.probes.livenessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.agents.probes.livenessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.agents.probes.livenessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.agents.probes.livenessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.agents.probes.livenessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.agents.probes.ReadinessProbeDisabled: boolean
OldReadinessProbeDisabled if true readinessProbes are disabled Deprecated: This field is deprecated, keept only for backward compatibility.
.spec.agents.probes.readinessProbeDisabled: boolean
ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility
.spec.agents.probes.readinessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.agents.probes.readinessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.agents.probes.readinessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.agents.probes.readinessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.agents.probes.readinessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.agents.probes.startupProbeDisabled: boolean
StartupProbeDisabled if true startupProbes are disabled
.spec.agents.probes.startupProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.agents.probes.startupProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.agents.probes.startupProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.agents.probes.startupProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.agents.probes.startupProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.agents.pvcResizeMode: string
VolumeResizeMode specified resize mode for PVCs and PVs
Possible Values:
- runtime (default) - PVC will be resized in Pod runtime (EKS, GKE)
- rotate - Pod will be shutdown and PVC will be resized (AKS)
.spec.agents.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.agents.schedulerName: string
SchedulerName define scheduler name used for group
.spec.agents.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.agents.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.agents.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.agents.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.agents.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.agents.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.agents.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.agents.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.agents.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.agents.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.agents.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.agents.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.agents.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.agents.serviceAccountName: string
ServiceAccountName setting specifies the serviceAccountName for the Pods created
for each server of this group. If empty, it defaults to using the
default service account.
Using an alternative ServiceAccount is typically used to separate access rights.
The ArangoDB deployments need some very minimal access rights. With the
deployment of the operator, we grant the rights to 'get' all 'pod' resources.
If you are using a different service account, please grant these rights
to that service account.
.spec.agents.shutdownDelay: integer
ShutdownDelay define how long operator should delay finalizer removal after shutdown
.spec.agents.shutdownMethod: string
ShutdownMethod describe procedure of member shutdown taken by Operator
.spec.agents.sidecarCoreNames: array
SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: "server", "worker") are reserved, and they don't have any impact.
.spec.agents.sidecars: []core.Container
Sidecars specifies a list of additional containers to be started
Links:
.spec.agents.storageClassName: string
StorageClassName specifies the classname for storage of the servers.
.spec.agents.terminationGracePeriodSeconds: integer
TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation
.spec.agents.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
By default, suitable tolerations are set for the following keys with the NoExecute effect:
node.kubernetes.io/not-readynode.kubernetes.io/unreachablenode.alpha.kubernetes.io/unreachable(will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
Links:
.spec.agents.volumeAllowShrink: boolean
Deprecated: VolumeAllowShrink allows shrink the volume
.spec.agents.volumeClaimTemplate: core.PersistentVolumeClaim
VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group.
This setting is not available for group coordinators, syncmasters & syncworkers.
The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem.
If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim
with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage
and iops is not forwarded to the pods resource requirements.
Links:
.spec.agents.volumeMounts: []ServerGroupSpecVolumeMount
VolumeMounts define list of volume mounts mounted into server container
Links:
.spec.agents.volumes[int].configMap: core.ConfigMapVolumeSource
ConfigMap which should be mounted into pod
Links:
.spec.agents.volumes[int].emptyDir: core.EmptyDirVolumeSource
EmptyDir
Links:
.spec.agents.volumes[int].hostPath: core.HostPathVolumeSource
HostPath
Links:
.spec.agents.volumes[int].name: string
Name of volume
.spec.agents.volumes[int].persistentVolumeClaim: core.PersistentVolumeClaimVolumeSource
PersistentVolumeClaim
Links:
.spec.agents.volumes[int].secret: core.SecretVolumeSource
Secret which should be mounted into pod
Links:
.spec.allowUnsafeUpgrade: boolean
AllowUnsafeUpgrade determines if upgrade on missing member or with not in sync shards is allowed
.spec.annotations: object
Annotations specifies the annotations added to all ArangoDeployment owned resources (pods, services, PVC’s, PDB’s).
.spec.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.annotationsMode: string
AnnotationsMode defines annotations mode which should be use while overriding annotations.
Possible Values:
- disabled (default) - Disable annotations/labels override. Default if there is no annotations/labels set in ArangoDeployment
- append - Add new annotations/labels without affecting old ones
- replace - Replace existing annotations/labels
.spec.architecture: []string
Architecture defines the list of supported architectures. First element on the list is marked as default architecture. Possible values are:
amd64: Use processors with the x86-64 architecture.arm64: Use processors with the 64-bit ARM architecture. The setting expects a list of strings, but you should only specify a single list item for the architecture, except when you want to migrate from one architecture to the other. The first list item defines the new default architecture for the deployment that you want to migrate to.
Links:
Default Value: ['amd64']
.spec.auth.jwtSecretName: string
JWTSecretName setting specifies the name of a kubernetes Secret that contains
the JWT token used for accessing all ArangoDB servers.
When no name is specified, it defaults to <deployment-name>-jwt.
To disable authentication, set this value to None.
If you specify a name of a Secret, that secret must have the token
in a data field named token.
If you specify a name of a Secret that does not exist, a random token is created
and stored in a Secret with given name.
Changing a JWT token results in restarting of a whole cluster.
.spec.bootstrap.passwordSecretNames: map[string]string
PasswordSecretNames contains a map of username to password-secret-name This setting specifies a secret name for the credentials per specific users. When a deployment is created the operator will setup the user accounts according to the credentials given by the secret. If the secret doesn't exist the operator creates a secret with a random password. There are two magic values for the secret name:
Nonespecifies no action. This disables root password randomization. This is the default value. (Thus the root password is empty - not recommended)Autospecifies automatic name generation, which is<deploymentname>-root-password.
Links:
.spec.chaos.enabled: boolean
Enabled switches the chaos monkey for a deployment on or off.
.spec.chaos.interval: integer
Interval is the time between events
.spec.chaos.kill-pod-probability: integer
KillPodProbability is the chance of a pod being killed during an event
.spec.ClusterDomain: string
ClusterDomain define domain used in the kubernetes cluster. Required only of domain is not set to default (cluster.local)
Default Value: cluster.local
.spec.communicationMethod: string
CommunicationMethod define communication method used in deployment
Possible Values:
- headless (default) - Define old communication mechanism, based on headless service.
- dns - Define ClusterIP Service DNS based communication.
- short-dns - Define ClusterIP Service DNS based communication. Use namespaced short DNS (used in migration)
- headless-dns - Define Headless Service DNS based communication.
- ip - Define ClusterIP Service IP based communication.
.spec.coordinators.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.coordinators.allowMemberRecreation: boolean
AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:
- For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default
true) - For Agents and Single this value is hardcoded to
falseand the value provided in spec is ignored.
.spec.coordinators.annotations: object
Annotations specified the annotations added to Pods in this group.
Annotations are merged with spec.annotations.
.spec.coordinators.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.coordinators.annotationsMode: string
AnnotationsMode Define annotations mode which should be use while overriding annotations
.spec.coordinators.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.coordinators.args: []string
Args setting specifies additional command-line arguments passed to all servers of this group.
Default Value: []
.spec.coordinators.count: integer
Count setting specifies the number of servers to start for the given group.
For the Agent group, this value must be a positive, odd number.
The default value is 3 for all groups except single (there the default is 1
for spec.mode: Single and 2 for spec.mode: ActiveFailover).
For the syncworkers group, it is highly recommended to use the same number
as for the dbservers group.
.spec.coordinators.entrypoint: string
Entrypoint overrides container executable
.spec.coordinators.envs[int].name: string
.spec.coordinators.envs[int].value: string
.spec.coordinators.ephemeralVolumes.apps.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.coordinators.ephemeralVolumes.temp.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.coordinators.exporterPort: integer
ExporterPort define Port used by exporter
.spec.coordinators.extendedRotationCheck: boolean
ExtendedRotationCheck extend checks for rotation
.spec.coordinators.externalPortEnabled: boolean
ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members
.spec.coordinators.indexMethod: string
IndexMethod define group Indexing method
Possible Values:
- random (default) - Pick random ID for member. Enforced on the Community Operator.
- ordered - Use sequential number as Member ID, starting from 0. Enterprise Operator required.
.spec.coordinators.initContainers.containers: []core.Container
Containers contains list of containers
Links:
.spec.coordinators.initContainers.mode: string
Mode keep container replace mode
.spec.coordinators.internalPort: integer
InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.coordinators.internalPortProtocol: string
InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.coordinators.labels: object
Labels specified the labels added to Pods in this group.
.spec.coordinators.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.coordinators.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
.spec.coordinators.maxCount: integer
MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.
.spec.coordinators.memoryReservation: integer
MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value.
If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent.
Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.
Links:
Default Value: 0
.spec.coordinators.minCount: integer
MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.
.spec.coordinators.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.coordinators.nodeSelector: map[string]string
NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.
Links:
.spec.coordinators.numactl.args: array
Args define list of the numactl process
Default Value: []
.spec.coordinators.numactl.enabled: boolean
Enabled define if numactl should be enabled
Default Value: false
.spec.coordinators.numactl.path: string
Path define numactl path within the container
Default Value: /usr/bin/numactl
.spec.coordinators.overrideDetectedNumberOfCores: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable
OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources.
If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.
Links:
Default Value: true
.spec.coordinators.overrideDetectedTotalMemory: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable
OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources.
If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.
Links:
Default Value: true
.spec.coordinators.podModes.network: string
.spec.coordinators.podModes.pid: string
.spec.coordinators.port: integer
Port define Port used by member
.spec.coordinators.priorityClassName: string
PriorityClassName specifies a priority class name Will be forwarded to the pod spec.
Links:
.spec.coordinators.probes.livenessProbeDisabled: boolean
LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group
Default Value: false
.spec.coordinators.probes.livenessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.coordinators.probes.livenessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.coordinators.probes.livenessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.coordinators.probes.livenessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.coordinators.probes.livenessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.coordinators.probes.ReadinessProbeDisabled: boolean
OldReadinessProbeDisabled if true readinessProbes are disabled Deprecated: This field is deprecated, keept only for backward compatibility.
.spec.coordinators.probes.readinessProbeDisabled: boolean
ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility
.spec.coordinators.probes.readinessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.coordinators.probes.readinessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.coordinators.probes.readinessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.coordinators.probes.readinessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.coordinators.probes.readinessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.coordinators.probes.startupProbeDisabled: boolean
StartupProbeDisabled if true startupProbes are disabled
.spec.coordinators.probes.startupProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.coordinators.probes.startupProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.coordinators.probes.startupProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.coordinators.probes.startupProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.coordinators.probes.startupProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.coordinators.pvcResizeMode: string
VolumeResizeMode specified resize mode for PVCs and PVs
Possible Values:
- runtime (default) - PVC will be resized in Pod runtime (EKS, GKE)
- rotate - Pod will be shutdown and PVC will be resized (AKS)
.spec.coordinators.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.coordinators.schedulerName: string
SchedulerName define scheduler name used for group
.spec.coordinators.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.coordinators.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.coordinators.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.coordinators.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.coordinators.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.coordinators.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.coordinators.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.coordinators.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.coordinators.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.coordinators.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.coordinators.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.coordinators.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.coordinators.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.coordinators.serviceAccountName: string
ServiceAccountName setting specifies the serviceAccountName for the Pods created
for each server of this group. If empty, it defaults to using the
default service account.
Using an alternative ServiceAccount is typically used to separate access rights.
The ArangoDB deployments need some very minimal access rights. With the
deployment of the operator, we grant the rights to 'get' all 'pod' resources.
If you are using a different service account, please grant these rights
to that service account.
.spec.coordinators.shutdownDelay: integer
ShutdownDelay define how long operator should delay finalizer removal after shutdown
.spec.coordinators.shutdownMethod: string
ShutdownMethod describe procedure of member shutdown taken by Operator
.spec.coordinators.sidecarCoreNames: array
SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: "server", "worker") are reserved, and they don't have any impact.
.spec.coordinators.sidecars: []core.Container
Sidecars specifies a list of additional containers to be started
Links:
.spec.coordinators.storageClassName: string
StorageClassName specifies the classname for storage of the servers.
.spec.coordinators.terminationGracePeriodSeconds: integer
TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation
.spec.coordinators.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
By default, suitable tolerations are set for the following keys with the NoExecute effect:
node.kubernetes.io/not-readynode.kubernetes.io/unreachablenode.alpha.kubernetes.io/unreachable(will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
Links:
.spec.coordinators.volumeAllowShrink: boolean
Deprecated: VolumeAllowShrink allows shrink the volume
.spec.coordinators.volumeClaimTemplate: core.PersistentVolumeClaim
VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group.
This setting is not available for group coordinators, syncmasters & syncworkers.
The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem.
If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim
with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage
and iops is not forwarded to the pods resource requirements.
Links:
.spec.coordinators.volumeMounts: []ServerGroupSpecVolumeMount
VolumeMounts define list of volume mounts mounted into server container
Links:
.spec.coordinators.volumes[int].configMap: core.ConfigMapVolumeSource
ConfigMap which should be mounted into pod
Links:
.spec.coordinators.volumes[int].emptyDir: core.EmptyDirVolumeSource
EmptyDir
Links:
.spec.coordinators.volumes[int].hostPath: core.HostPathVolumeSource
HostPath
Links:
.spec.coordinators.volumes[int].name: string
Name of volume
.spec.coordinators.volumes[int].persistentVolumeClaim: core.PersistentVolumeClaimVolumeSource
PersistentVolumeClaim
Links:
.spec.coordinators.volumes[int].secret: core.SecretVolumeSource
Secret which should be mounted into pod
Links:
.spec.database.maintenance: boolean
Maintenance manage maintenance mode on Cluster side. Requires maintenance feature to be enabled
.spec.dbservers.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.dbservers.allowMemberRecreation: boolean
AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:
- For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default
true) - For Agents and Single this value is hardcoded to
falseand the value provided in spec is ignored.
.spec.dbservers.annotations: object
Annotations specified the annotations added to Pods in this group.
Annotations are merged with spec.annotations.
.spec.dbservers.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.dbservers.annotationsMode: string
AnnotationsMode Define annotations mode which should be use while overriding annotations
.spec.dbservers.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.dbservers.args: []string
Args setting specifies additional command-line arguments passed to all servers of this group.
Default Value: []
.spec.dbservers.count: integer
Count setting specifies the number of servers to start for the given group.
For the Agent group, this value must be a positive, odd number.
The default value is 3 for all groups except single (there the default is 1
for spec.mode: Single and 2 for spec.mode: ActiveFailover).
For the syncworkers group, it is highly recommended to use the same number
as for the dbservers group.
.spec.dbservers.entrypoint: string
Entrypoint overrides container executable
.spec.dbservers.envs[int].name: string
.spec.dbservers.envs[int].value: string
.spec.dbservers.ephemeralVolumes.apps.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.dbservers.ephemeralVolumes.temp.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.dbservers.exporterPort: integer
ExporterPort define Port used by exporter
.spec.dbservers.extendedRotationCheck: boolean
ExtendedRotationCheck extend checks for rotation
.spec.dbservers.externalPortEnabled: boolean
ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members
.spec.dbservers.indexMethod: string
IndexMethod define group Indexing method
Possible Values:
- random (default) - Pick random ID for member. Enforced on the Community Operator.
- ordered - Use sequential number as Member ID, starting from 0. Enterprise Operator required.
.spec.dbservers.initContainers.containers: []core.Container
Containers contains list of containers
Links:
.spec.dbservers.initContainers.mode: string
Mode keep container replace mode
.spec.dbservers.internalPort: integer
InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.dbservers.internalPortProtocol: string
InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.dbservers.labels: object
Labels specified the labels added to Pods in this group.
.spec.dbservers.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.dbservers.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
.spec.dbservers.maxCount: integer
MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.
.spec.dbservers.memoryReservation: integer
MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value.
If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent.
Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.
Links:
Default Value: 0
.spec.dbservers.minCount: integer
MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.
.spec.dbservers.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.dbservers.nodeSelector: map[string]string
NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.
Links:
.spec.dbservers.numactl.args: array
Args define list of the numactl process
Default Value: []
.spec.dbservers.numactl.enabled: boolean
Enabled define if numactl should be enabled
Default Value: false
.spec.dbservers.numactl.path: string
Path define numactl path within the container
Default Value: /usr/bin/numactl
.spec.dbservers.overrideDetectedNumberOfCores: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable
OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources.
If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.
Links:
Default Value: true
.spec.dbservers.overrideDetectedTotalMemory: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable
OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources.
If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.
Links:
Default Value: true
.spec.dbservers.podModes.network: string
.spec.dbservers.podModes.pid: string
.spec.dbservers.port: integer
Port define Port used by member
.spec.dbservers.priorityClassName: string
PriorityClassName specifies a priority class name Will be forwarded to the pod spec.
Links:
.spec.dbservers.probes.livenessProbeDisabled: boolean
LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group
Default Value: false
.spec.dbservers.probes.livenessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.dbservers.probes.livenessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.dbservers.probes.livenessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.dbservers.probes.livenessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.dbservers.probes.livenessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.dbservers.probes.ReadinessProbeDisabled: boolean
OldReadinessProbeDisabled if true readinessProbes are disabled Deprecated: This field is deprecated, keept only for backward compatibility.
.spec.dbservers.probes.readinessProbeDisabled: boolean
ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility
.spec.dbservers.probes.readinessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.dbservers.probes.readinessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.dbservers.probes.readinessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.dbservers.probes.readinessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.dbservers.probes.readinessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.dbservers.probes.startupProbeDisabled: boolean
StartupProbeDisabled if true startupProbes are disabled
.spec.dbservers.probes.startupProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.dbservers.probes.startupProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.dbservers.probes.startupProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.dbservers.probes.startupProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.dbservers.probes.startupProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.dbservers.pvcResizeMode: string
VolumeResizeMode specified resize mode for PVCs and PVs
Possible Values:
- runtime (default) - PVC will be resized in Pod runtime (EKS, GKE)
- rotate - Pod will be shutdown and PVC will be resized (AKS)
.spec.dbservers.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.dbservers.schedulerName: string
SchedulerName define scheduler name used for group
.spec.dbservers.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.dbservers.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.dbservers.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.dbservers.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.dbservers.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.dbservers.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.dbservers.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.dbservers.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.dbservers.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.dbservers.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.dbservers.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.dbservers.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.dbservers.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.dbservers.serviceAccountName: string
ServiceAccountName setting specifies the serviceAccountName for the Pods created
for each server of this group. If empty, it defaults to using the
default service account.
Using an alternative ServiceAccount is typically used to separate access rights.
The ArangoDB deployments need some very minimal access rights. With the
deployment of the operator, we grant the rights to 'get' all 'pod' resources.
If you are using a different service account, please grant these rights
to that service account.
.spec.dbservers.shutdownDelay: integer
ShutdownDelay define how long operator should delay finalizer removal after shutdown
.spec.dbservers.shutdownMethod: string
ShutdownMethod describe procedure of member shutdown taken by Operator
.spec.dbservers.sidecarCoreNames: array
SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: "server", "worker") are reserved, and they don't have any impact.
.spec.dbservers.sidecars: []core.Container
Sidecars specifies a list of additional containers to be started
Links:
.spec.dbservers.storageClassName: string
StorageClassName specifies the classname for storage of the servers.
.spec.dbservers.terminationGracePeriodSeconds: integer
TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation
.spec.dbservers.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
By default, suitable tolerations are set for the following keys with the NoExecute effect:
node.kubernetes.io/not-readynode.kubernetes.io/unreachablenode.alpha.kubernetes.io/unreachable(will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
Links:
.spec.dbservers.volumeAllowShrink: boolean
Deprecated: VolumeAllowShrink allows shrink the volume
.spec.dbservers.volumeClaimTemplate: core.PersistentVolumeClaim
VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group.
This setting is not available for group coordinators, syncmasters & syncworkers.
The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem.
If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim
with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage
and iops is not forwarded to the pods resource requirements.
Links:
.spec.dbservers.volumeMounts: []ServerGroupSpecVolumeMount
VolumeMounts define list of volume mounts mounted into server container
Links:
.spec.dbservers.volumes[int].configMap: core.ConfigMapVolumeSource
ConfigMap which should be mounted into pod
Links:
.spec.dbservers.volumes[int].emptyDir: core.EmptyDirVolumeSource
EmptyDir
Links:
.spec.dbservers.volumes[int].hostPath: core.HostPathVolumeSource
HostPath
Links:
.spec.dbservers.volumes[int].name: string
Name of volume
.spec.dbservers.volumes[int].persistentVolumeClaim: core.PersistentVolumeClaimVolumeSource
PersistentVolumeClaim
Links:
.spec.dbservers.volumes[int].secret: core.SecretVolumeSource
Secret which should be mounted into pod
Links:
.spec.disableIPv6: boolean
DisableIPv6 setting prevents the use of IPv6 addresses by ArangoDB servers. This setting cannot be changed after the deployment has been created.
Default Value: false
.spec.downtimeAllowed: boolean
DowntimeAllowed setting is used to allow automatic reconciliation actions that yield some downtime of the ArangoDB deployment. When this setting is set to false, no automatic action that may result in downtime is allowed. If the need for such an action is detected, an event is added to the ArangoDeployment. Once this setting is set to true, the automatic action is executed. Operations that may result in downtime are:
- Rotating TLS CA certificate Note: It is still possible that there is some downtime when the Kubernetes cluster is down, or in a bad state, irrespective of the value of this setting.
Default Value: false
.spec.environment: string
Environment setting specifies the type of environment in which the deployment is created.
Possible Values:
- Development (default) - This value optimizes the deployment for development use. It is possible to run a deployment on a small number of nodes (e.g. minikube).
- Production - This value optimizes the deployment for production use. It puts required affinity constraints on all pods to avoid Agents & DB-Servers from running on the same machine.
.spec.externalAccess.advertisedEndpoint: string
AdvertisedEndpoint is passed to the coordinators/single servers for advertising a specific endpoint
.spec.externalAccess.loadBalancerIP: string
LoadBalancerIP define optional IP used to configure a load-balancer on, in case of Auto or LoadBalancer type. If you do not specify this setting, an IP will be chosen automatically by the load-balancer provisioner.
.spec.externalAccess.loadBalancerSourceRanges: array
LoadBalancerSourceRanges define LoadBalancerSourceRanges used for LoadBalancer Service type If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.
Links:
.spec.externalAccess.managedServiceNames: array
ManagedServiceNames keeps names of services which are not managed by KubeArangoDB.
It is only relevant when type of service is managed.
.spec.externalAccess.nodePort: integer
NodePort define optional port used in case of Auto or NodePort type.
This setting is used when spec.externalAccess.type is set to NodePort or Auto.
If you do not specify this setting, a random port will be chosen automatically.
.spec.externalAccess.type: string
Type specifies the type of Service that will be created to provide access to the ArangoDB deployment from outside the Kubernetes cluster.
Possible Values:
- Auto (default) - Create a Service of type LoadBalancer and fallback to a Service or type NodePort when the LoadBalancer is not assigned an IP address.
- None - limit access to application running inside the Kubernetes cluster.
- LoadBalancer - Create a Service of type LoadBalancer for the ArangoDB deployment.
- NodePort - Create a Service of type NodePort for the ArangoDB deployment.
.spec.features.foxx.queues: boolean
.spec.id.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.id.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.id.entrypoint: string
Entrypoint overrides container executable
.spec.id.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.id.nodeSelector: object
NodeSelector specifies a set of selectors for nodes
.spec.id.priorityClassName: string
PriorityClassName specifies a priority class name
.spec.id.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.id.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.id.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.id.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.id.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.id.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.id.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.id.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.id.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.id.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.id.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.id.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.id.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.id.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.id.serviceAccountName: string
ServiceAccountName specifies the name of the service account used for Pods in this group.
.spec.id.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
Links:
.spec.image: string
Image specifies the docker image to use for all ArangoDB servers. In a development environment this setting defaults to arangodb/arangodb:latest. For production environments this is a required setting without a default value. It is highly recommend to use explicit version (not latest) for production environments.
.spec.imageDiscoveryMode: string
ImageDiscoveryMode specifies the image discovery mode.
Possible Values:
- kubelet (default) - Use sha256 of the discovered image in the pods
- direct - Use image provided in the spec.image directly in the pods
.spec.imagePullPolicy: core.PullPolicy
ImagePullPolicy specifies the pull policy for the docker image to use for all ArangoDB servers.
Links:
Possible Values:
- Always (default) - Means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.
- Never - Means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present
- IfNotPresent - Means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.
.spec.imagePullSecrets: array
ImagePullSecrets specifies the list of image pull secrets for the docker image to use for all ArangoDB servers.
.spec.labels: object
Labels specifies the labels added to Pods in this group.
.spec.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
Possible Values:
- disabled (default) - Disable annotations/labels override. Default if there is no annotations/labels set in ArangoDeployment
- append - Add new annotations/labels without affecting old ones
- replace - Replace existing annotations/labels
.spec.license.secretName: string
SecretName setting specifies the name of a kubernetes Secret that contains
the license key token used for enterprise images. This value is not used for
the Community Edition.
.spec.lifecycle.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.memberPropagationMode: string
MemberPropagationMode defines how changes to pod spec should be propogated. Changes to a pod’s configuration require a restart of that pod in almost all cases. Pods are restarted eagerly by default, which can cause more restarts than desired, especially when updating arangod as well as the operator. The propagation of the configuration changes can be deferred to the next restart, either triggered manually by the user or by another operation like an upgrade. This reduces the number of restarts for upgrading both the server and the operator from two to one.
Possible Values:
- always (default) - Restart the member as soon as a configuration change is discovered
- on-restart - Wait until the next restart to change the member configuration
.spec.metrics.authentication.jwtTokenSecretName: string
JWTTokenSecretName contains the name of the JWT kubernetes secret used for authentication
.spec.metrics.enabled: boolean
Enabled if this is set to true, the operator runs a sidecar container for
every Agent, DB-Server, Coordinator and Single server.
Links:
Default Value: false
.spec.metrics.image: string
deprecated
.spec.metrics.mode: string
deprecated
.spec.metrics.port: integer
.spec.metrics.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.metrics.serviceMonitor.enabled: boolean
.spec.metrics.serviceMonitor.labels: object
.spec.metrics.tls: boolean
TLS defines if TLS should be enabled on Metrics exporter endpoint.
This option will enable TLS only if TLS is enabled on ArangoDeployment,
otherwise true value will not take any effect.
Default Value: true
.spec.mode: string
Mode specifies the type of ArangoDB deployment to create.
Possible Values:
- Cluster (default) - Full cluster. Defaults to 3 Agents, 3 DB-Servers & 3 Coordinators.
- ActiveFailover - Active-failover single pair. Defaults to 3 Agents and 2 single servers.
- Single - Single server only (note this does not provide high availability or reliability).
This field is immutable: Change of the ArangoDeployment Mode is not possible after creation.
.spec.networkAttachedVolumes: boolean
NetworkAttachedVolumes
If set to true, a ResignLeadership operation will be triggered when a DB-Server pod is evicted (rather than a CleanOutServer operation).
Furthermore, the pod will simply be redeployed on a different node, rather than cleaned and retired and replaced by a new member.
You must only set this option to true if your persistent volumes are “movable” in the sense that they can be mounted from a different k8s node, like in the case of network attached volumes.
If your persistent volumes are tied to a specific pod, you must leave this option on false.
Default Value: true
.spec.rebalancer.enabled: boolean
.spec.rebalancer.optimizers.leader: boolean
.spec.rebalancer.parallelMoves: integer
.spec.rebalancer.readers.count: boolean
deprecated does not work in Rebalancer V2 Count Enable Shard Count machanism
.spec.recovery.autoRecover: boolean
.spec.restoreEncryptionSecret: string
RestoreEncryptionSecret specifies optional name of secret which contains encryption key used for restore
.spec.restoreFrom: string
RestoreFrom setting specifies a ArangoBackup resource name the cluster should be restored from.
After a restore or failure to do so, the status of the deployment contains information about the restore operation in the restore key.
It will contain some of the following fields:
requestedFrom: name of the ArangoBackup used to restore from.message: optional message explaining why the restore failed.state: state indicating if the restore was successful or not. Possible values: Restoring, Restored, RestoreFailed If the restoreFrom key is removed from the spec, the restore key is deleted as well. A new restore attempt is made if and only if either in the status restore is not set or if spec.restoreFrom and status.requestedFrom are different.
.spec.rocksdb.encryption.keySecretName: string
KeySecretName setting specifies the name of a Kubernetes Secret that contains an encryption key used for encrypting all data stored by ArangoDB servers.
When an encryption key is used, encryption of the data in the cluster is enabled, without it encryption is disabled.
The default value is empty.
This requires the Enterprise Edition.
The encryption key cannot be changed after the cluster has been created.
The secret specified by this setting, must have a data field named 'key' containing an encryption key that is exactly 32 bytes long.
.spec.single.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.single.allowMemberRecreation: boolean
AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:
- For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default
true) - For Agents and Single this value is hardcoded to
falseand the value provided in spec is ignored.
.spec.single.annotations: object
Annotations specified the annotations added to Pods in this group.
Annotations are merged with spec.annotations.
.spec.single.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.single.annotationsMode: string
AnnotationsMode Define annotations mode which should be use while overriding annotations
.spec.single.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.single.args: []string
Args setting specifies additional command-line arguments passed to all servers of this group.
Default Value: []
.spec.single.count: integer
Count setting specifies the number of servers to start for the given group.
For the Agent group, this value must be a positive, odd number.
The default value is 3 for all groups except single (there the default is 1
for spec.mode: Single and 2 for spec.mode: ActiveFailover).
For the syncworkers group, it is highly recommended to use the same number
as for the dbservers group.
.spec.single.entrypoint: string
Entrypoint overrides container executable
.spec.single.envs[int].name: string
.spec.single.envs[int].value: string
.spec.single.ephemeralVolumes.apps.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.single.ephemeralVolumes.temp.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.single.exporterPort: integer
ExporterPort define Port used by exporter
.spec.single.extendedRotationCheck: boolean
ExtendedRotationCheck extend checks for rotation
.spec.single.externalPortEnabled: boolean
ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members
.spec.single.indexMethod: string
IndexMethod define group Indexing method
Possible Values:
- random (default) - Pick random ID for member. Enforced on the Community Operator.
- ordered - Use sequential number as Member ID, starting from 0. Enterprise Operator required.
.spec.single.initContainers.containers: []core.Container
Containers contains list of containers
Links:
.spec.single.initContainers.mode: string
Mode keep container replace mode
.spec.single.internalPort: integer
InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.single.internalPortProtocol: string
InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.single.labels: object
Labels specified the labels added to Pods in this group.
.spec.single.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.single.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
.spec.single.maxCount: integer
MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.
.spec.single.memoryReservation: integer
MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value.
If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent.
Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.
Links:
Default Value: 0
.spec.single.minCount: integer
MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.
.spec.single.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.single.nodeSelector: map[string]string
NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.
Links:
.spec.single.numactl.args: array
Args define list of the numactl process
Default Value: []
.spec.single.numactl.enabled: boolean
Enabled define if numactl should be enabled
Default Value: false
.spec.single.numactl.path: string
Path define numactl path within the container
Default Value: /usr/bin/numactl
.spec.single.overrideDetectedNumberOfCores: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable
OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources.
If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.
Links:
Default Value: true
.spec.single.overrideDetectedTotalMemory: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable
OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources.
If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.
Links:
Default Value: true
.spec.single.podModes.network: string
.spec.single.podModes.pid: string
.spec.single.port: integer
Port define Port used by member
.spec.single.priorityClassName: string
PriorityClassName specifies a priority class name Will be forwarded to the pod spec.
Links:
.spec.single.probes.livenessProbeDisabled: boolean
LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group
Default Value: false
.spec.single.probes.livenessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.single.probes.livenessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.single.probes.livenessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.single.probes.livenessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.single.probes.livenessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.single.probes.ReadinessProbeDisabled: boolean
OldReadinessProbeDisabled if true readinessProbes are disabled Deprecated: This field is deprecated, keept only for backward compatibility.
.spec.single.probes.readinessProbeDisabled: boolean
ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility
.spec.single.probes.readinessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.single.probes.readinessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.single.probes.readinessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.single.probes.readinessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.single.probes.readinessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.single.probes.startupProbeDisabled: boolean
StartupProbeDisabled if true startupProbes are disabled
.spec.single.probes.startupProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.single.probes.startupProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.single.probes.startupProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.single.probes.startupProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.single.probes.startupProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.single.pvcResizeMode: string
VolumeResizeMode specified resize mode for PVCs and PVs
Possible Values:
- runtime (default) - PVC will be resized in Pod runtime (EKS, GKE)
- rotate - Pod will be shutdown and PVC will be resized (AKS)
.spec.single.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.single.schedulerName: string
SchedulerName define scheduler name used for group
.spec.single.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.single.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.single.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.single.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.single.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.single.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.single.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.single.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.single.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.single.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.single.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.single.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.single.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.single.serviceAccountName: string
ServiceAccountName setting specifies the serviceAccountName for the Pods created
for each server of this group. If empty, it defaults to using the
default service account.
Using an alternative ServiceAccount is typically used to separate access rights.
The ArangoDB deployments need some very minimal access rights. With the
deployment of the operator, we grant the rights to 'get' all 'pod' resources.
If you are using a different service account, please grant these rights
to that service account.
.spec.single.shutdownDelay: integer
ShutdownDelay define how long operator should delay finalizer removal after shutdown
.spec.single.shutdownMethod: string
ShutdownMethod describe procedure of member shutdown taken by Operator
.spec.single.sidecarCoreNames: array
SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: "server", "worker") are reserved, and they don't have any impact.
.spec.single.sidecars: []core.Container
Sidecars specifies a list of additional containers to be started
Links:
.spec.single.storageClassName: string
StorageClassName specifies the classname for storage of the servers.
.spec.single.terminationGracePeriodSeconds: integer
TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation
.spec.single.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
By default, suitable tolerations are set for the following keys with the NoExecute effect:
node.kubernetes.io/not-readynode.kubernetes.io/unreachablenode.alpha.kubernetes.io/unreachable(will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
Links:
.spec.single.volumeAllowShrink: boolean
Deprecated: VolumeAllowShrink allows shrink the volume
.spec.single.volumeClaimTemplate: core.PersistentVolumeClaim
VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group.
This setting is not available for group coordinators, syncmasters & syncworkers.
The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem.
If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim
with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage
and iops is not forwarded to the pods resource requirements.
Links:
.spec.single.volumeMounts: []ServerGroupSpecVolumeMount
VolumeMounts define list of volume mounts mounted into server container
Links:
.spec.single.volumes[int].configMap: core.ConfigMapVolumeSource
ConfigMap which should be mounted into pod
Links:
.spec.single.volumes[int].emptyDir: core.EmptyDirVolumeSource
EmptyDir
Links:
.spec.single.volumes[int].hostPath: core.HostPathVolumeSource
HostPath
Links:
.spec.single.volumes[int].name: string
Name of volume
.spec.single.volumes[int].persistentVolumeClaim: core.PersistentVolumeClaimVolumeSource
PersistentVolumeClaim
Links:
.spec.single.volumes[int].secret: core.SecretVolumeSource
Secret which should be mounted into pod
Links:
.spec.storageEngine: string
StorageEngine specifies the type of storage engine used for all servers in the cluster.
Possible Values:
- RocksDB (default) - To use the RocksDB storage engine.
- MMFiles - To use the MMFiles storage engine. Deprecated.
This field is immutable: This setting cannot be changed after the cluster has been created.
.spec.sync.auth.clientCASecretName: string
ClientCASecretName setting specifies the name of a kubernetes Secret that contains
a PEM encoded CA certificate used for client certificate verification
in all ArangoSync master servers.
This is a required setting when spec.sync.enabled is true.
.spec.sync.auth.jwtSecretName: string
JWTSecretName setting specifies the name of a kubernetes Secret that contains
the JWT token used for accessing all ArangoSync master servers.
When not specified, the spec.auth.jwtSecretName value is used.
If you specify a name of a Secret that does not exist, a random token is created
and stored in a Secret with given name.
.spec.sync.enabled: boolean
Enabled setting enables/disables support for data center 2 data center
replication in the cluster. When enabled, the cluster will contain
a number of syncmaster & syncworker servers.
Default Value: false
.spec.sync.externalAccess.accessPackageSecretNames: []string
AccessPackageSecretNames setting specifies the names of zero of more Secrets that will be created by the deployment
operator containing "access packages". An access package contains those Secrets that are needed
to access the SyncMasters of this ArangoDeployment.
By removing a name from this setting, the corresponding Secret is also deleted.
Note that to remove all access packages, leave an empty array in place ([]).
Completely removing the setting results in not modifying the list.
Links:
.spec.sync.externalAccess.advertisedEndpoint: string
AdvertisedEndpoint is passed to the coordinators/single servers for advertising a specific endpoint
.spec.sync.externalAccess.loadBalancerIP: string
LoadBalancerIP define optional IP used to configure a load-balancer on, in case of Auto or LoadBalancer type. If you do not specify this setting, an IP will be chosen automatically by the load-balancer provisioner.
.spec.sync.externalAccess.loadBalancerSourceRanges: array
LoadBalancerSourceRanges define LoadBalancerSourceRanges used for LoadBalancer Service type If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.
Links:
.spec.sync.externalAccess.managedServiceNames: array
ManagedServiceNames keeps names of services which are not managed by KubeArangoDB.
It is only relevant when type of service is managed.
.spec.sync.externalAccess.masterEndpoint: []string
MasterEndpoint setting specifies the master endpoint(s) advertised by the ArangoSync SyncMasters. If not set, this setting defaults to:
- If
spec.sync.externalAccess.loadBalancerIPis set, it defaults tohttps://<load-balancer-ip>:<8629>. - Otherwise it defaults to
https://<sync-service-dns-name>:<8629>.
.spec.sync.externalAccess.nodePort: integer
NodePort define optional port used in case of Auto or NodePort type.
This setting is used when spec.externalAccess.type is set to NodePort or Auto.
If you do not specify this setting, a random port will be chosen automatically.
.spec.sync.externalAccess.type: string
Type specifies the type of Service that will be created to provide access to the ArangoDB deployment from outside the Kubernetes cluster.
Possible Values:
- Auto (default) - Create a Service of type LoadBalancer and fallback to a Service or type NodePort when the LoadBalancer is not assigned an IP address.
- None - limit access to application running inside the Kubernetes cluster.
- LoadBalancer - Create a Service of type LoadBalancer for the ArangoDB deployment.
- NodePort - Create a Service of type NodePort for the ArangoDB deployment.
.spec.sync.image: string
.spec.sync.monitoring.tokenSecretName: string
TokenSecretName setting specifies the name of a kubernetes Secret that contains
the bearer token used for accessing all monitoring endpoints of all arangod/arangosync servers.
When not specified, no monitoring token is used.
.spec.sync.tls.altNames: []string
AltNames setting specifies a list of alternate names that will be added to all generated certificates. These names can be DNS names or email addresses. The default value is empty.
.spec.sync.tls.caSecretName: string
CASecretName setting specifies the name of a kubernetes Secret that contains
a standard CA certificate + private key used to sign certificates for individual
ArangoDB servers.
When no name is specified, it defaults to <deployment-name>-ca.
To disable authentication, set this value to None.
If you specify a name of a Secret that does not exist, a self-signed CA certificate + key is created
and stored in a Secret with given name.
The specified Secret, must contain the following data fields:
ca.crtPEM encoded public key of the CA certificateca.keyPEM encoded private key of the CA certificate
.spec.sync.tls.mode: string
.spec.sync.tls.sni.mapping.<string>: array
.spec.sync.tls.ttl: string
TTL setting specifies the time to live of all generated server certificates. When the server certificate is about to expire, it will be automatically replaced by a new one and the affected server will be restarted. Note: The time to live of the CA certificate (when created automatically) will be set to 10 years.
Default Value: "2160h" (about 3 months)
.spec.syncmasters.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.syncmasters.allowMemberRecreation: boolean
AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:
- For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default
true) - For Agents and Single this value is hardcoded to
falseand the value provided in spec is ignored.
.spec.syncmasters.annotations: object
Annotations specified the annotations added to Pods in this group.
Annotations are merged with spec.annotations.
.spec.syncmasters.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.syncmasters.annotationsMode: string
AnnotationsMode Define annotations mode which should be use while overriding annotations
.spec.syncmasters.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.syncmasters.args: []string
Args setting specifies additional command-line arguments passed to all servers of this group.
Default Value: []
.spec.syncmasters.count: integer
Count setting specifies the number of servers to start for the given group.
For the Agent group, this value must be a positive, odd number.
The default value is 3 for all groups except single (there the default is 1
for spec.mode: Single and 2 for spec.mode: ActiveFailover).
For the syncworkers group, it is highly recommended to use the same number
as for the dbservers group.
.spec.syncmasters.entrypoint: string
Entrypoint overrides container executable
.spec.syncmasters.envs[int].name: string
.spec.syncmasters.envs[int].value: string
.spec.syncmasters.ephemeralVolumes.apps.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.syncmasters.ephemeralVolumes.temp.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.syncmasters.exporterPort: integer
ExporterPort define Port used by exporter
.spec.syncmasters.extendedRotationCheck: boolean
ExtendedRotationCheck extend checks for rotation
.spec.syncmasters.externalPortEnabled: boolean
ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members
.spec.syncmasters.indexMethod: string
IndexMethod define group Indexing method
Possible Values:
- random (default) - Pick random ID for member. Enforced on the Community Operator.
- ordered - Use sequential number as Member ID, starting from 0. Enterprise Operator required.
.spec.syncmasters.initContainers.containers: []core.Container
Containers contains list of containers
Links:
.spec.syncmasters.initContainers.mode: string
Mode keep container replace mode
.spec.syncmasters.internalPort: integer
InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.syncmasters.internalPortProtocol: string
InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.syncmasters.labels: object
Labels specified the labels added to Pods in this group.
.spec.syncmasters.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.syncmasters.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
.spec.syncmasters.maxCount: integer
MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.
.spec.syncmasters.memoryReservation: integer
MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value.
If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent.
Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.
Links:
Default Value: 0
.spec.syncmasters.minCount: integer
MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.
.spec.syncmasters.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.syncmasters.nodeSelector: map[string]string
NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.
Links:
.spec.syncmasters.numactl.args: array
Args define list of the numactl process
Default Value: []
.spec.syncmasters.numactl.enabled: boolean
Enabled define if numactl should be enabled
Default Value: false
.spec.syncmasters.numactl.path: string
Path define numactl path within the container
Default Value: /usr/bin/numactl
.spec.syncmasters.overrideDetectedNumberOfCores: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable
OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources.
If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.
Links:
Default Value: true
.spec.syncmasters.overrideDetectedTotalMemory: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable
OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources.
If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.
Links:
Default Value: true
.spec.syncmasters.podModes.network: string
.spec.syncmasters.podModes.pid: string
.spec.syncmasters.port: integer
Port define Port used by member
.spec.syncmasters.priorityClassName: string
PriorityClassName specifies a priority class name Will be forwarded to the pod spec.
Links:
.spec.syncmasters.probes.livenessProbeDisabled: boolean
LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group
Default Value: false
.spec.syncmasters.probes.livenessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.syncmasters.probes.livenessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.syncmasters.probes.livenessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.syncmasters.probes.livenessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.syncmasters.probes.livenessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.syncmasters.probes.ReadinessProbeDisabled: boolean
OldReadinessProbeDisabled if true readinessProbes are disabled Deprecated: This field is deprecated, keept only for backward compatibility.
.spec.syncmasters.probes.readinessProbeDisabled: boolean
ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility
.spec.syncmasters.probes.readinessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.syncmasters.probes.readinessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.syncmasters.probes.readinessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.syncmasters.probes.readinessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.syncmasters.probes.readinessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.syncmasters.probes.startupProbeDisabled: boolean
StartupProbeDisabled if true startupProbes are disabled
.spec.syncmasters.probes.startupProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.syncmasters.probes.startupProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.syncmasters.probes.startupProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.syncmasters.probes.startupProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.syncmasters.probes.startupProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.syncmasters.pvcResizeMode: string
VolumeResizeMode specified resize mode for PVCs and PVs
Possible Values:
- runtime (default) - PVC will be resized in Pod runtime (EKS, GKE)
- rotate - Pod will be shutdown and PVC will be resized (AKS)
.spec.syncmasters.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.syncmasters.schedulerName: string
SchedulerName define scheduler name used for group
.spec.syncmasters.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.syncmasters.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.syncmasters.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.syncmasters.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.syncmasters.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.syncmasters.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.syncmasters.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.syncmasters.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.syncmasters.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.syncmasters.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.syncmasters.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.syncmasters.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.syncmasters.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.syncmasters.serviceAccountName: string
ServiceAccountName setting specifies the serviceAccountName for the Pods created
for each server of this group. If empty, it defaults to using the
default service account.
Using an alternative ServiceAccount is typically used to separate access rights.
The ArangoDB deployments need some very minimal access rights. With the
deployment of the operator, we grant the rights to 'get' all 'pod' resources.
If you are using a different service account, please grant these rights
to that service account.
.spec.syncmasters.shutdownDelay: integer
ShutdownDelay define how long operator should delay finalizer removal after shutdown
.spec.syncmasters.shutdownMethod: string
ShutdownMethod describe procedure of member shutdown taken by Operator
.spec.syncmasters.sidecarCoreNames: array
SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: "server", "worker") are reserved, and they don't have any impact.
.spec.syncmasters.sidecars: []core.Container
Sidecars specifies a list of additional containers to be started
Links:
.spec.syncmasters.storageClassName: string
StorageClassName specifies the classname for storage of the servers.
.spec.syncmasters.terminationGracePeriodSeconds: integer
TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation
.spec.syncmasters.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
By default, suitable tolerations are set for the following keys with the NoExecute effect:
node.kubernetes.io/not-readynode.kubernetes.io/unreachablenode.alpha.kubernetes.io/unreachable(will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
Links:
.spec.syncmasters.volumeAllowShrink: boolean
Deprecated: VolumeAllowShrink allows shrink the volume
.spec.syncmasters.volumeClaimTemplate: core.PersistentVolumeClaim
VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group.
This setting is not available for group coordinators, syncmasters & syncworkers.
The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem.
If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim
with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage
and iops is not forwarded to the pods resource requirements.
Links:
.spec.syncmasters.volumeMounts: []ServerGroupSpecVolumeMount
VolumeMounts define list of volume mounts mounted into server container
Links:
.spec.syncmasters.volumes[int].configMap: core.ConfigMapVolumeSource
ConfigMap which should be mounted into pod
Links:
.spec.syncmasters.volumes[int].emptyDir: core.EmptyDirVolumeSource
EmptyDir
Links:
.spec.syncmasters.volumes[int].hostPath: core.HostPathVolumeSource
HostPath
Links:
.spec.syncmasters.volumes[int].name: string
Name of volume
.spec.syncmasters.volumes[int].persistentVolumeClaim: core.PersistentVolumeClaimVolumeSource
PersistentVolumeClaim
Links:
.spec.syncmasters.volumes[int].secret: core.SecretVolumeSource
Secret which should be mounted into pod
Links:
.spec.syncworkers.affinity: core.PodAffinity
Affinity specified additional affinity settings in ArangoDB Pod definitions
Links:
.spec.syncworkers.allowMemberRecreation: boolean
AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:
- For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default
true) - For Agents and Single this value is hardcoded to
falseand the value provided in spec is ignored.
.spec.syncworkers.annotations: object
Annotations specified the annotations added to Pods in this group.
Annotations are merged with spec.annotations.
.spec.syncworkers.annotationsIgnoreList: array
AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored
.spec.syncworkers.annotationsMode: string
AnnotationsMode Define annotations mode which should be use while overriding annotations
.spec.syncworkers.antiAffinity: core.PodAntiAffinity
AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions
Links:
.spec.syncworkers.args: []string
Args setting specifies additional command-line arguments passed to all servers of this group.
Default Value: []
.spec.syncworkers.count: integer
Count setting specifies the number of servers to start for the given group.
For the Agent group, this value must be a positive, odd number.
The default value is 3 for all groups except single (there the default is 1
for spec.mode: Single and 2 for spec.mode: ActiveFailover).
For the syncworkers group, it is highly recommended to use the same number
as for the dbservers group.
.spec.syncworkers.entrypoint: string
Entrypoint overrides container executable
.spec.syncworkers.envs[int].name: string
.spec.syncworkers.envs[int].value: string
.spec.syncworkers.ephemeralVolumes.apps.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.syncworkers.ephemeralVolumes.temp.size: resource.Quantity
Size define size of the ephemeral volume
Links:
.spec.syncworkers.exporterPort: integer
ExporterPort define Port used by exporter
.spec.syncworkers.extendedRotationCheck: boolean
ExtendedRotationCheck extend checks for rotation
.spec.syncworkers.externalPortEnabled: boolean
ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members
.spec.syncworkers.indexMethod: string
IndexMethod define group Indexing method
Possible Values:
- random (default) - Pick random ID for member. Enforced on the Community Operator.
- ordered - Use sequential number as Member ID, starting from 0. Enterprise Operator required.
.spec.syncworkers.initContainers.containers: []core.Container
Containers contains list of containers
Links:
.spec.syncworkers.initContainers.mode: string
Mode keep container replace mode
.spec.syncworkers.internalPort: integer
InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.syncworkers.internalPortProtocol: string
InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members
.spec.syncworkers.labels: object
Labels specified the labels added to Pods in this group.
.spec.syncworkers.labelsIgnoreList: array
LabelsIgnoreList list regexp or plain definitions which labels should be ignored
.spec.syncworkers.labelsMode: string
LabelsMode Define labels mode which should be use while overriding labels
.spec.syncworkers.maxCount: integer
MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.
.spec.syncworkers.memoryReservation: integer
MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value.
If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent.
Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.
Links:
Default Value: 0
.spec.syncworkers.minCount: integer
MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.
.spec.syncworkers.nodeAffinity: core.NodeAffinity
NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions
Links:
.spec.syncworkers.nodeSelector: map[string]string
NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.
Links:
.spec.syncworkers.numactl.args: array
Args define list of the numactl process
Default Value: []
.spec.syncworkers.numactl.enabled: boolean
Enabled define if numactl should be enabled
Default Value: false
.spec.syncworkers.numactl.path: string
Path define numactl path within the container
Default Value: /usr/bin/numactl
.spec.syncworkers.overrideDetectedNumberOfCores: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable
OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources.
If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.
Links:
Default Value: true
.spec.syncworkers.overrideDetectedTotalMemory: boolean
Important: Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable
OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources.
If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.
Links:
Default Value: true
.spec.syncworkers.podModes.network: string
.spec.syncworkers.podModes.pid: string
.spec.syncworkers.port: integer
Port define Port used by member
.spec.syncworkers.priorityClassName: string
PriorityClassName specifies a priority class name Will be forwarded to the pod spec.
Links:
.spec.syncworkers.probes.livenessProbeDisabled: boolean
LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group
Default Value: false
.spec.syncworkers.probes.livenessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.syncworkers.probes.livenessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.syncworkers.probes.livenessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.syncworkers.probes.livenessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.syncworkers.probes.livenessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.syncworkers.probes.ReadinessProbeDisabled: boolean
OldReadinessProbeDisabled if true readinessProbes are disabled Deprecated: This field is deprecated, keept only for backward compatibility.
.spec.syncworkers.probes.readinessProbeDisabled: boolean
ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility
.spec.syncworkers.probes.readinessProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.syncworkers.probes.readinessProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.syncworkers.probes.readinessProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.syncworkers.probes.readinessProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.syncworkers.probes.readinessProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.syncworkers.probes.startupProbeDisabled: boolean
StartupProbeDisabled if true startupProbes are disabled
.spec.syncworkers.probes.startupProbeSpec.failureThreshold: integer
FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.
Default Value: 3
.spec.syncworkers.probes.startupProbeSpec.initialDelaySeconds: integer
InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.
Default Value: 2
.spec.syncworkers.probes.startupProbeSpec.periodSeconds: integer
PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.
Default Value: 10
.spec.syncworkers.probes.startupProbeSpec.successThreshold: integer
SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
Default Value: 1
.spec.syncworkers.probes.startupProbeSpec.timeoutSeconds: integer
TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.
Default Value: 2
.spec.syncworkers.pvcResizeMode: string
VolumeResizeMode specified resize mode for PVCs and PVs
Possible Values:
- runtime (default) - PVC will be resized in Pod runtime (EKS, GKE)
- rotate - Pod will be shutdown and PVC will be resized (AKS)
.spec.syncworkers.resources: core.ResourceRequirements
Resources holds resource requests & limits
Links:
.spec.syncworkers.schedulerName: string
SchedulerName define scheduler name used for group
.spec.syncworkers.securityContext.addCapabilities: []core.Capability
AddCapabilities add new capabilities to containers
.spec.syncworkers.securityContext.allowPrivilegeEscalation: boolean
AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.
.spec.syncworkers.securityContext.dropAllCapabilities: boolean
DropAllCapabilities specifies if capabilities should be dropped for this pod containers Deprecated: This field is added for backward compatibility. Will be removed in 1.1.0.
.spec.syncworkers.securityContext.fsGroup: integer
FSGroup is a special supplemental group that applies to all containers in a pod.
.spec.syncworkers.securityContext.privileged: boolean
Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.
.spec.syncworkers.securityContext.readOnlyRootFilesystem: boolean
ReadOnlyRootFilesystem if true, mounts the container's root filesystem as read-only.
.spec.syncworkers.securityContext.runAsGroup: integer
RunAsGroup is the GID to run the entrypoint of the container process.
.spec.syncworkers.securityContext.runAsNonRoot: boolean
RunAsNonRoot if true, indicates that the container must run as a non-root user.
.spec.syncworkers.securityContext.runAsUser: integer
RunAsUser is the UID to run the entrypoint of the container process.
.spec.syncworkers.securityContext.seccompProfile: core.SeccompProfile
SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
Links:
.spec.syncworkers.securityContext.seLinuxOptions: core.SELinuxOptions
SELinuxOptions are the labels to be applied to the container
Links:
.spec.syncworkers.securityContext.supplementalGroups: array
SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.
.spec.syncworkers.securityContext.sysctls: map[string]intstr.IntOrString
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int
Links:
Example:
sysctls:
"kernel.shm_rmid_forced": "0"
"net.core.somaxconn": 1024
"kernel.msgmax": "65536"
.spec.syncworkers.serviceAccountName: string
ServiceAccountName setting specifies the serviceAccountName for the Pods created
for each server of this group. If empty, it defaults to using the
default service account.
Using an alternative ServiceAccount is typically used to separate access rights.
The ArangoDB deployments need some very minimal access rights. With the
deployment of the operator, we grant the rights to 'get' all 'pod' resources.
If you are using a different service account, please grant these rights
to that service account.
.spec.syncworkers.shutdownDelay: integer
ShutdownDelay define how long operator should delay finalizer removal after shutdown
.spec.syncworkers.shutdownMethod: string
ShutdownMethod describe procedure of member shutdown taken by Operator
.spec.syncworkers.sidecarCoreNames: array
SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: "server", "worker") are reserved, and they don't have any impact.
.spec.syncworkers.sidecars: []core.Container
Sidecars specifies a list of additional containers to be started
Links:
.spec.syncworkers.storageClassName: string
StorageClassName specifies the classname for storage of the servers.
.spec.syncworkers.terminationGracePeriodSeconds: integer
TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation
.spec.syncworkers.tolerations: []core.Toleration
Tolerations specifies the tolerations added to Pods in this group.
By default, suitable tolerations are set for the following keys with the NoExecute effect:
node.kubernetes.io/not-readynode.kubernetes.io/unreachablenode.alpha.kubernetes.io/unreachable(will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
Links:
.spec.syncworkers.volumeAllowShrink: boolean
Deprecated: VolumeAllowShrink allows shrink the volume
.spec.syncworkers.volumeClaimTemplate: core.PersistentVolumeClaim
VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group.
This setting is not available for group coordinators, syncmasters & syncworkers.
The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem.
If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim
with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage
and iops is not forwarded to the pods resource requirements.
Links:
.spec.syncworkers.volumeMounts: []ServerGroupSpecVolumeMount
VolumeMounts define list of volume mounts mounted into server container
Links:
.spec.syncworkers.volumes[int].configMap: core.ConfigMapVolumeSource
ConfigMap which should be mounted into pod
Links:
.spec.syncworkers.volumes[int].emptyDir: core.EmptyDirVolumeSource
EmptyDir
Links:
.spec.syncworkers.volumes[int].hostPath: core.HostPathVolumeSource
HostPath
Links:
.spec.syncworkers.volumes[int].name: string
Name of volume
.spec.syncworkers.volumes[int].persistentVolumeClaim: core.PersistentVolumeClaimVolumeSource
PersistentVolumeClaim
Links:
.spec.syncworkers.volumes[int].secret: core.SecretVolumeSource
Secret which should be mounted into pod
Links:
.spec.timeouts.actions: map[string]meta.Duration
Actions keep map of the actions timeouts.
Links:
Example:
actions:
AddMember: 30m
.spec.timeouts.maintenanceGracePeriod: integer
MaintenanceGracePeriod action timeout
.spec.timezone: string
Timezone if specified, will set a timezone for deployment.
Must be in format accepted by "tzdata", e.g. America/New_York or Europe/London
.spec.tls.altNames: []string
AltNames setting specifies a list of alternate names that will be added to all generated certificates. These names can be DNS names or email addresses. The default value is empty.
.spec.tls.caSecretName: string
CASecretName setting specifies the name of a kubernetes Secret that contains
a standard CA certificate + private key used to sign certificates for individual
ArangoDB servers.
When no name is specified, it defaults to <deployment-name>-ca.
To disable authentication, set this value to None.
If you specify a name of a Secret that does not exist, a self-signed CA certificate + key is created
and stored in a Secret with given name.
The specified Secret, must contain the following data fields:
ca.crtPEM encoded public key of the CA certificateca.keyPEM encoded private key of the CA certificate
.spec.tls.mode: string
.spec.tls.sni.mapping.<string>: array
.spec.tls.ttl: string
TTL setting specifies the time to live of all generated server certificates. When the server certificate is about to expire, it will be automatically replaced by a new one and the affected server will be restarted. Note: The time to live of the CA certificate (when created automatically) will be set to 10 years.
Default Value: "2160h" (about 3 months)
.spec.topology.enabled: boolean
.spec.topology.label: string
.spec.topology.zones: integer
.spec.upgrade.autoUpgrade: boolean
AutoUpgrade flag specifies if upgrade should be auto-injected, even if is not required (in case of stuck)
Default Value: false
.spec.upgrade.debugLog: boolean
DebugLog flag specifies if containers running upgrade process should print more debugging information. This applies only to init containers.
Default Value: false