Kubernetes controller for managing Neo4j Aura.
apiVersion: neo4j.infra.doodle.com/v1beta1
kind: AuraInstance
metadata:
name: my-instance
spec:
cloudProvider: gcp
memory: 4GB
region: eu-central-1
tier: free-db
tenantID: xxx-xxx-xx
neo4jVersion: "5"
secret:
name: neo4j-project-admin
---
apiVersion: v1
data:
clientID: c2VjcmV0=
clientSecret: c2VjcmV0=
kind: Secret
metadata:
name: neo4j-project-admin
type: OpaqueIf your secret uses different key names (e.g., clientId instead of clientID), you can specify custom key mappings:
apiVersion: v1
kind: Secret
metadata:
name: neo4j-aura-api-custom
namespace: default
data:
clientId: <base64-encoded-client-id>
clientSecret: <base64-encoded-client-secret>
---
apiVersion: neo4j.infra.doodle.com/v1beta1
kind: AuraInstance
metadata:
name: my-neo4j-instance
namespace: default
spec:
tier: professional-db
region: eu-central-1
cloudProvider: aws
neo4jVersion: "5"
tenantID: 928f3731-1111-5ffd-a2f7-3602aafb304b
memory: 8GB
secret:
name: neo4j-aura-api-custom
clientIDKey: clientId # Map to the actual key in the secret
clientSecretKey: clientSecret # Map to the actual key in the secretEach resource reports various conditions in .status.conditions which will give the necessary insight about the
current state of the resource.
status:
conditions:
- lastTransitionTime: "2023-11-30T12:01:52Z"
message: random cloud error
observedGeneration: 32
reason: ReconciliationFailed
status: "False"
type: ReadyPlease see chart/neo4j-aura-controller for the helm chart docs.
Alternatively you may get the bundled manifests in each release to deploy it using kustomize or use them directly.
The controller can be configured using cmd args:
--base-url string The base API URL for neo4j Aura. (default "https://api.neo4j.io/v1")
--concurrent int The number of concurrent reconciles. (default 4)
--enable-leader-election Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.
--graceful-shutdown-timeout duration The duration given to the reconciler to finish before forcibly stopping. (default 10m0s)
--health-addr string The address the health endpoint binds to. (default ":9557")
--insecure-kubeconfig-exec Allow use of the user.exec section in kubeconfigs provided for remote apply.
--insecure-kubeconfig-tls Allow that kubeconfigs provided for remote apply can disable TLS verification.
--kube-api-burst int The maximum burst queries-per-second of requests sent to the Kubernetes API. (default 300)
--kube-api-qps float32 The maximum queries-per-second of requests sent to the Kubernetes API. (default 50)
--leader-election-lease-duration duration Interval at which non-leader candidates will wait to force acquire leadership (duration string). (default 35s)
--leader-election-release-on-cancel Defines if the leader should step down voluntarily on controller manager shutdown. (default true)
--leader-election-renew-deadline duration Duration that the leading controller manager will retry refreshing leadership before giving up (duration string). (default 30s)
--leader-election-retry-period duration Duration the LeaderElector clients should wait between tries of actions (duration string). (default 5s)
--log-encoding string Log encoding format. Can be 'json' or 'console'. (default "json")
--log-level string Log verbosity level. Can be one of 'trace', 'debug', 'info', 'error'. (default "info")
--max-retry-delay duration The maximum amount of time for which an object being reconciled will have to wait before a retry. (default 15m0s)
--metrics-addr string The address the metric endpoint binds to. (default ":9556")
--min-retry-delay duration The minimum amount of time for which an object being reconciled will have to wait before a retry. (default 750ms)
--token-url string The OAuth2 token endpoint URL for neo4j Aura. Use for the client credentials flow. (default "https://api.neo4j.io/oauth/token")
--watch-all-namespaces Watch for resources in all namespaces, if set to false it will only watch the runtime namespace. (default true)
--watch-label-selector string Watch for resources with matching labels e.g. 'sharding.fluxcd.io/shard=shard1'.