diff --git a/.commitlintrc.json b/.commitlintrc.json index ba22b047f2de..95c8309b1dd6 100644 --- a/.commitlintrc.json +++ b/.commitlintrc.json @@ -28,7 +28,7 @@ "mon", "monitoring", "multus", - "network", + "network", "nfs", "object", "operator", diff --git a/Documentation/CRDs/specification.md b/Documentation/CRDs/specification.md index f16e696accb9..c88f883d1172 100644 --- a/Documentation/CRDs/specification.md +++ b/Documentation/CRDs/specification.md @@ -7470,7 +7470,7 @@ Kubernetes core/v1.ResourceRequirements (Optional) -

The resource requirements for the rgw pods

+

The resource requirements for the mds pods

@@ -7963,8 +7963,8 @@ StretchClusterSpec volumeClaimTemplate
- -Kubernetes core/v1.PersistentVolumeClaim + +VolumeClaimTemplate @@ -8019,8 +8019,8 @@ bool volumeClaimTemplate
- -Kubernetes core/v1.PersistentVolumeClaim + +VolumeClaimTemplate @@ -11165,8 +11165,8 @@ string volumeClaimTemplates
- -[]Kubernetes core/v1.PersistentVolumeClaim + +[]VolumeClaimTemplate @@ -11699,8 +11699,8 @@ map[string]string volumeClaimTemplates
- -[]Kubernetes core/v1.PersistentVolumeClaim + +[]VolumeClaimTemplate @@ -12026,6 +12026,227 @@ KafkaEndpointSpec +

VolumeClaimTemplate +

+

+(Appears on:MonSpec, MonZoneSpec, Selection, StorageClassDeviceSet) +

+
+

VolumeClaimTemplate is a simplified version of K8s corev1’s PVC. It has no type meta or status.

+
+ + + + + + + + + + + + + + + + + +
FieldDescription
+metadata
+ + +Kubernetes meta/v1.ObjectMeta + + +		 +(Optional) +

Standard object’s metadata. +More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

+Refer to the Kubernetes API documentation for the fields of the +metadata field. +
+spec
+ + +Kubernetes core/v1.PersistentVolumeClaimSpec + + +		 +(Optional) +

spec defines the desired characteristics of a volume requested by a pod author. +More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+accessModes
+ + +[]Kubernetes core/v1.PersistentVolumeAccessMode + + +		 +(Optional) +

accessModes contains the desired access modes the volume should have. +More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

+
+selector
+ + +Kubernetes meta/v1.LabelSelector + + +		 +(Optional) +

selector is a label query over volumes to consider for binding.

+
+resources
+ + +Kubernetes core/v1.VolumeResourceRequirements + + +		 +(Optional) +

resources represents the minimum resources the volume should have. +If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +that are lower than previous value but must still be higher than capacity recorded in the +status field of the claim. +More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

+
+volumeName
+ +string + +		 +(Optional) +

volumeName is the binding reference to the PersistentVolume backing this claim.

+
+storageClassName
+ +string + +		 +(Optional) +

storageClassName is the name of the StorageClass required by the claim. +More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

+
+volumeMode
+ + +Kubernetes core/v1.PersistentVolumeMode + + +		 +(Optional) +

volumeMode defines what type of volume is required by the claim. +Value of Filesystem is implied when not included in claim spec.

+
+dataSource
+ + +Kubernetes core/v1.TypedLocalObjectReference + + +		 +(Optional) +

dataSource field can be used to specify either: +* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +* An existing PVC (PersistentVolumeClaim) +If the provisioner or an external controller can support the specified data source, +it will create a new volume based on the contents of the specified data source. +When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +If the namespace is specified, then dataSourceRef will not be copied to dataSource.

+
+dataSourceRef
+ + +Kubernetes core/v1.TypedObjectReference + + +		 +(Optional) +

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +volume is desired. This may be any object from a non-empty API group (non +core object) or a PersistentVolumeClaim object. +When this field is specified, volume binding will only succeed if the type of +the specified object matches some installed volume populator or dynamic +provisioner. +This field will replace the functionality of the dataSource field and as such +if both fields are non-empty, they must have the same value. For backwards +compatibility, when namespace isn’t specified in dataSourceRef, +both fields (dataSource and dataSourceRef) will be set to the same +value automatically if one of them is empty and the other is non-empty. +When namespace is specified in dataSourceRef, +dataSource isn’t set to the same value and must be empty. +There are three important differences between dataSource and dataSourceRef: +* While dataSource only allows two specific types of objects, dataSourceRef +allows any non-core object, as well as PersistentVolumeClaim objects. +* While dataSource ignores disallowed values (dropping them), dataSourceRef +preserves all values, and generates an error if a disallowed value is +specified. +* While dataSource only allows local objects, dataSourceRef allows objects +in any namespaces. +(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

+
+volumeAttributesClassName
+ +string + +		 +(Optional) +

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. +If specified, the CSI driver will create or update the volume with the attributes defined +in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, +it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass +will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. +If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass +will be set by the persistentvolume controller if it exists. +If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be +set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource +exists. +More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass +(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

+
+

ZoneSpec

diff --git a/Documentation/Storage-Configuration/Monitoring/ceph-monitoring.md b/Documentation/Storage-Configuration/Monitoring/ceph-monitoring.md index 7cb6e352ff07..46e809673735 100644 --- a/Documentation/Storage-Configuration/Monitoring/ceph-monitoring.md +++ b/Documentation/Storage-Configuration/Monitoring/ceph-monitoring.md @@ -21,8 +21,11 @@ First the Prometheus operator needs to be started in the cluster so it can watch A full explanation can be found in the [Prometheus operator repository on GitHub](https://github.com/prometheus-operator/prometheus-operator), but the quick instructions can be found here: ```console -kubectl apply -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.40.0/bundle.yaml +kubectl create -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.71.1/bundle.yaml ``` +!!! note + If the Prometheus Operator is already present in your cluster, the command provided above may fail. For a detailed explanation of the issue and a workaround, please refer to [this issue](https://github.com/rook/rook/issues/13459). + This will start the Prometheus operator, but before moving on, wait until the operator is in the `Running` state: @@ -247,7 +250,7 @@ To clean up all the artifacts created by the monitoring walk-through, copy/paste kubectl delete -f service-monitor.yaml kubectl delete -f prometheus.yaml kubectl delete -f prometheus-service.yaml -kubectl delete -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.40.0/bundle.yaml +kubectl delete -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.71.1/bundle.yaml ``` Then the rest of the instructions in the [Prometheus Operator docs](https://github.com/prometheus-operator/prometheus-operator#removal) can be followed to finish cleaning up. diff --git a/ROADMAP.md b/ROADMAP.md index 20bc846aedb0..377ddcf51a88 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -12,8 +12,10 @@ See the [GitHub project boards](https://github.com/rook/rook/projects) for the m The following high level features are targeted for Rook v1.14 (April 2024). For more detailed project tracking see the [v1.14 board](https://github.com/rook/rook/projects/31). +* Support for Ceph Squid (v19) * Allow setting the application name on a CephBlockPool [#13744](https://github.com/rook/rook/pull/13744) * Pool sharing for multiple object stores [#11411](https://github.com/rook/rook/issues/11411) +* DNS subdomain style access to RGW buckets [#4780](https://github.com/rook/rook/issues/4780) * Replace a single OSD when a metadataDevice is configured with multiple OSDs [#13240](https://github.com/rook/rook/issues/13240) * Create a default service account for all Ceph daemons [#13362](https://github.com/rook/rook/pull/13362) * Enable the rook orchestrator mgr module by default for improved dashboard integration [#13760](https://github.com/rook/rook/issues/13760) diff --git a/build/crds/build-crds.sh b/build/crds/build-crds.sh index 929534fb4a8f..c88adb3b04d4 100755 --- a/build/crds/build-crds.sh +++ b/build/crds/build-crds.sh @@ -23,7 +23,7 @@ set -o pipefail SCRIPT_ROOT=$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd -P) CONTROLLER_GEN_BIN_PATH=$1 YQ_BIN_PATH=$2 -: "${MAX_DESC_LEN:=100}" +: "${MAX_DESC_LEN:=-1}" # allowDangerousTypes is used to accept float64 CRD_OPTIONS="crd:maxDescLen=$MAX_DESC_LEN,generateEmbeddedObjectMeta=true,allowDangerousTypes=true" @@ -113,4 +113,22 @@ done < <(find "$OLM_CATALOG_DIR" -type f -name '*.yaml' | sort) echo "---" >>"$CEPH_CRDS_FILE_PATH" # yq doesn't output the first doc separator $YQ_BIN_PATH eval-all '.' "${CRD_FILES[@]}" >>"$CEPH_CRDS_FILE_PATH" +# Remove long, repeat descriptions in CRDs, especially for things that are well-known K8s types +# Use this to manually inspect descriptions to see where there are repetitions of long ones: +# cat deploy/examples/crds.yaml | grep description | sed 's/^[[:space:]]*//g' | sort > desc.yml + +# remove descriptions from all placement configs +$YQ_BIN_PATH --inplace eval 'del(.. | .placement? | .. | .description?)' "$CEPH_CRDS_FILE_PATH" +$YQ_BIN_PATH --inplace eval 'del(.. | .preparePlacement? | .. | .description?)' "$CEPH_CRDS_FILE_PATH" + +$YQ_BIN_PATH --inplace eval 'del(.. | .terminationGracePeriodSeconds? | .description?)' "$CEPH_CRDS_FILE_PATH" + +# volume source usage is a well-known k8s type +$YQ_BIN_PATH --inplace eval 'del(.. | .volumeSource? | .. | .description?)' "$CEPH_CRDS_FILE_PATH" + +# yq turns 'creationTimestamp: null' into 'creationTimestamp: {}' in CRDs +# this field is also unnecessary, so just remove it +$YQ_BIN_PATH --inplace eval 'del(.. | .creationTimestamp?)' "$CEPH_CRDS_FILE_PATH" + +# generate helm resources after pruning build_helm_resources diff --git a/cmd/rook/main.go b/cmd/rook/main.go index 618abf3b73eb..67888bb4abce 100644 --- a/cmd/rook/main.go +++ b/cmd/rook/main.go @@ -23,6 +23,7 @@ import ( "github.com/rook/rook/cmd/rook/userfacing" "github.com/rook/rook/cmd/rook/util" "github.com/rook/rook/cmd/rook/version" + _ "go.uber.org/automaxprocs" ) func main() { diff --git a/deploy/charts/rook-ceph/templates/resources.yaml b/deploy/charts/rook-ceph/templates/resources.yaml index 59004984c578..572c5e57a6e4 100644 --- a/deploy/charts/rook-ceph/templates/resources.yaml +++ b/deploy/charts/rook-ceph/templates/resources.yaml @@ -6,7 +6,6 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 helm.sh/resource-policy: keep - creationTimestamp: null name: cephblockpoolradosnamespaces.ceph.rook.io spec: group: ceph.rook.io @@ -23,10 +22,10 @@ spec: description: CephBlockPoolRadosNamespace represents a Ceph BlockPool Rados Namespace properties: apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: Kind is a string value representing the REST resource this object represents. + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -40,7 +39,7 @@ spec: - message: blockPoolName is immutable rule: self == oldSelf name: - description: The name of the CephBlockPoolRadosNamespaceSpec namespace. + description: The name of the CephBlockPoolRadosNamespaceSpec namespace. If not set, the default is the name of the CR. type: string x-kubernetes-validations: - message: name is immutable @@ -76,7 +75,6 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 helm.sh/resource-policy: keep - creationTimestamp: null name: cephblockpools.ceph.rook.io spec: group: ceph.rook.io @@ -97,21 +95,21 @@ spec: description: CephBlockPool represents a Ceph Storage Pool properties: apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: Kind is a string value representing the REST resource this object represents. + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NamedBlockPoolSpec allows a block pool to be created with a non-default name. + description: NamedBlockPoolSpec allows a block pool to be created with a non-default name. This is more specific than the NamedPoolSpec so we get schema validation on the allowed pool names that can be specified. properties: application: description: The application name to set on the pool. Only expected to be set for rgw pools. type: string compressionMode: - description: 'DEPRECATED: use Parameters instead, e.g.' + description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters' enum: - none - passive @@ -138,11 +136,11 @@ spec: description: The algorithm for erasure coding type: string codingChunks: - description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool + description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered. minimum: 0 type: integer dataChunks: - description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool t + description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery. minimum: 0 type: integer required: @@ -150,7 +148,7 @@ spec: - dataChunks type: object failureDomain: - description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush ' + description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map' type: string mirroring: description: The mirroring settings @@ -246,14 +244,14 @@ spec: description: RequireSafeReplicaSize if false allows you to set replica 1 type: boolean size: - description: Size - Number of copies per object in a replicated storage pool, including the object itself (requir + description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type) minimum: 0 type: integer subFailureDomain: description: SubFailureDomain the name of the sub-failure domain type: string targetSizeRatio: - description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capac + description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity type: number required: - size @@ -463,7 +461,6 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 helm.sh/resource-policy: keep - creationTimestamp: null name: cephbucketnotifications.ceph.rook.io spec: group: ceph.rook.io @@ -480,10 +477,10 @@ spec: description: CephBucketNotification represents a Bucket Notifications properties: apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: Kind is a string value representing the REST resource this object represents. + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -618,7 +615,6 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 helm.sh/resource-policy: keep - creationTimestamp: null name: cephbuckettopics.ceph.rook.io spec: group: ceph.rook.io @@ -639,10 +635,10 @@ spec: description: CephBucketTopic represents a Ceph Object Topic for Bucket Notifications properties: apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: Kind is a string value representing the REST resource this object represents. + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -685,7 +681,7 @@ spec: description: Indicate whether the server certificate is validated by the client or not type: boolean sendCloudEvents: - description: 'Send the notifications with the CloudEvents header: https://github.' + description: 'Send the notifications with the CloudEvents header: https://github.com/cloudevents/spec/blob/main/cloudevents/adapters/aws-s3.md' type: boolean uri: description: The URI of the HTTP endpoint to push notification to @@ -767,7 +763,6 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 helm.sh/resource-policy: keep - creationTimestamp: null name: cephclients.ceph.rook.io spec: group: ceph.rook.io @@ -788,10 +783,10 @@ spec: description: CephClient represents a Ceph Client properties: apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: Kind is a string value representing the REST resource this object represents. + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -840,7 +835,6 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 helm.sh/resource-policy: keep - creationTimestamp: null name: cephclusters.ceph.rook.io spec: group: ceph.rook.io @@ -887,10 +881,10 @@ spec: description: CephCluster is a Ceph storage cluster properties: apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: Kind is a string value representing the REST resource this object represents. + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -923,10 +917,10 @@ spec: description: Whether to allow unsupported versions (do not set to true in production) type: boolean image: - description: Image is the container image used to launch the ceph daemons, such as quay. + description: Image is the container image used to launch the ceph daemons, such as quay.io/ceph/ceph: The full list of images can be found at https://quay.io/repository/ceph/ceph?tab=tags type: string imagePullPolicy: - description: ImagePullPolicy describes a policy for if/when to pull a container image One of Always, Never, IfNot + description: ImagePullPolicy describes a policy for if/when to pull a container image One of Always, Never, IfNotPresent. enum: - IfNotPresent - Always @@ -935,11 +929,11 @@ spec: type: string type: object cleanupPolicy: - description: Indicates user intent when deleting a cluster; blocks orchestration and should not be set if cluster + description: Indicates user intent when deleting a cluster; blocks orchestration and should not be set if cluster deletion is not imminent. nullable: true properties: allowUninstallWithVolumes: - description: AllowUninstallWithVolumes defines whether we can proceed with the uninstall if they are RBD images s + description: AllowUninstallWithVolumes defines whether we can proceed with the uninstall if they are RBD images still present type: boolean confirmation: description: Confirmation represents the cleanup confirmation @@ -969,7 +963,7 @@ spec: type: object type: object continueUpgradeAfterChecksEvenIfNotHealthy: - description: ContinueUpgradeAfterChecksEvenIfNotHealthy defines if an upgrade should continue even if PGs are not + description: ContinueUpgradeAfterChecksEvenIfNotHealthy defines if an upgrade should continue even if PGs are not clean type: boolean crashCollector: description: A spec for the crash controller @@ -999,7 +993,7 @@ spec: description: ReadAffinity defines the read affinity settings for CSI driver. properties: crushLocationLabels: - description: CrushLocationLabels defines which node labels to use as CRUSH location. + description: CrushLocationLabels defines which node labels to use as CRUSH location. This should correspond to the values set in the CRUSH map. items: type: string type: array @@ -1054,19 +1048,19 @@ spec: description: This enables management of poddisruptionbudgets type: boolean osdMaintenanceTimeout: - description: 'OSDMaintenanceTimeout sets how many additional minutes the DOWN/OUT interval is for drained failure ' + description: OSDMaintenanceTimeout sets how many additional minutes the DOWN/OUT interval is for drained failure domains it only works if managePodBudgets is true. the default is 30 minutes format: int64 type: integer pgHealthCheckTimeout: - description: PGHealthCheckTimeout is the time (in minutes) that the operator will wait for the placement groups t + description: PGHealthCheckTimeout is the time (in minutes) that the operator will wait for the placement groups to become healthy (active+clean) after a drain was completed and OSDs came back up. Rook will continue with the next drain if the timeout exceeds. It only works if managePodBudgets is true. No values or 0 means that the operator will wait until the placement groups are healthy before unblocking the next drain. format: int64 type: integer pgHealthyRegex: - description: PgHealthyRegex is the regular expression that is used to determine which PG states should be conside + description: PgHealthyRegex is the regular expression that is used to determine which PG states should be considered healthy. The default is `^(active\+clean|active\+clean\+scrubbing|active\+clean\+scrubbing\+deep)$` type: string type: object external: - description: Whether the Ceph Cluster is running external to this Kubernetes cluster mon, mgr, osd, mds, and disc + description: Whether the Ceph Cluster is running external to this Kubernetes cluster mon, mgr, osd, mds, and discover daemons will not be created for external clusters. nullable: true properties: enable: @@ -1127,19 +1121,19 @@ spec: description: Disabled determines whether probe is disable or not type: boolean probe: - description: 'Probe describes a health check to be performed against a container to determine whether it is alive ' + description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. properties: exec: description: Exec specifies the action to take. properties: command: - description: 'Command is the command line to execute inside the container, the working directory for the command ' + description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1150,7 +1144,7 @@ spec: format: int32 type: integer service: - description: Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github. + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: string required: - port @@ -1159,7 +1153,7 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the pod IP. + description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP allows repeated headers. @@ -1167,7 +1161,7 @@ spec: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name. + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1184,7 +1178,7 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. + description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: description: Scheme to use for connecting to the host. Defaults to HTTP. @@ -1193,7 +1187,7 @@ spec: - port type: object initialDelaySeconds: - description: Number of seconds after the container has started before liveness probes are initiated. + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: @@ -1201,7 +1195,7 @@ spec: format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1214,17 +1208,16 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. + description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. format: int64 type: integer timeoutSeconds: - description: Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -1239,19 +1232,19 @@ spec: description: Disabled determines whether probe is disable or not type: boolean probe: - description: 'Probe describes a health check to be performed against a container to determine whether it is alive ' + description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. properties: exec: description: Exec specifies the action to take. properties: command: - description: 'Command is the command line to execute inside the container, the working directory for the command ' + description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1262,7 +1255,7 @@ spec: format: int32 type: integer service: - description: Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github. + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: string required: - port @@ -1271,7 +1264,7 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the pod IP. + description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP allows repeated headers. @@ -1279,7 +1272,7 @@ spec: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name. + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1296,7 +1289,7 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. + description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: description: Scheme to use for connecting to the host. Defaults to HTTP. @@ -1305,7 +1298,7 @@ spec: - port type: object initialDelaySeconds: - description: Number of seconds after the container has started before liveness probes are initiated. + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: @@ -1313,7 +1306,7 @@ spec: format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1326,17 +1319,16 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. + description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. format: int64 type: integer timeoutSeconds: - description: Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -1437,14 +1429,8 @@ spec: volumeClaimTemplate: description: VolumeClaimTemplate is the PVC template properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this object represents. - type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -1464,18 +1450,18 @@ spec: type: string type: object spec: - description: spec defines the desired characteristics of a volume requested by a pod author. + description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.' + description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.' + description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1489,10 +1475,10 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volum + description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1501,14 +1487,14 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a g + description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: resources represents the minimum resources the volume should have. + description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -1517,7 +1503,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1526,7 +1512,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1535,16 +1521,16 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -1556,104 +1542,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: storageClassName is the name of the StorageClass required by the claim. + description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it''s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.' type: string volumeMode: - description: volumeMode defines what type of volume is required by the claim. + description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the PersistentVolume backing this claim. type: string type: object - status: - description: status represents the current information/status of a persistent volume claim. Read-only. - properties: - accessModes: - description: accessModes contains the actual access modes the volume backing the PVC has. - items: - type: string - type: array - allocatedResourceStatuses: - additionalProperties: - description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource tha - type: string - description: allocatedResourceStatuses stores status of resource being resized for the given PVC. - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: allocatedResources tracks the resources allocated to a PVC including its capacity. - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of the underlying volume. - type: object - conditions: - description: conditions is the current Condition of persistent volume claim. - items: - description: PersistentVolumeClaimCondition contains details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message indicating details about last transition. - type: string - reason: - description: 'reason is a unique, this should be a short, machine understandable string that gives the reason for ' - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - type: string - modifyVolumeStatus: - description: ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - properties: - status: - description: status is the status of the ControllerModifyVolume operation. - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being rec - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -1663,14 +1568,8 @@ spec: volumeClaimTemplate: description: VolumeClaimTemplate is the PVC definition properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this object represents. - type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -1690,18 +1589,18 @@ spec: type: string type: object spec: - description: spec defines the desired characteristics of a volume requested by a pod author. + description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.' + description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.' + description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1715,10 +1614,10 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volum + description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1727,14 +1626,14 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a g + description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: resources represents the minimum resources the volume should have. + description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -1743,7 +1642,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1752,7 +1651,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1761,16 +1660,16 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -1782,104 +1681,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: storageClassName is the name of the StorageClass required by the claim. + description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it''s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.' type: string volumeMode: - description: volumeMode defines what type of volume is required by the claim. + description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the PersistentVolume backing this claim. type: string type: object - status: - description: status represents the current information/status of a persistent volume claim. Read-only. - properties: - accessModes: - description: accessModes contains the actual access modes the volume backing the PVC has. - items: - type: string - type: array - allocatedResourceStatuses: - additionalProperties: - description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource tha - type: string - description: allocatedResourceStatuses stores status of resource being resized for the given PVC. - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: allocatedResources tracks the resources allocated to a PVC including its capacity. - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of the underlying volume. - type: object - conditions: - description: conditions is the current Condition of persistent volume claim. - items: - description: PersistentVolumeClaimCondition contains details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message indicating details about last transition. - type: string - reason: - description: 'reason is a unique, this should be a short, machine understandable string that gives the reason for ' - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - type: string - modifyVolumeStatus: - description: ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - properties: - status: - description: status is the status of the ControllerModifyVolume operation. - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being rec - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object type: object x-kubernetes-preserve-unknown-fields: true zones: @@ -1896,14 +1714,8 @@ spec: volumeClaimTemplate: description: VolumeClaimTemplate is the PVC template properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this object represents. - type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -1923,18 +1735,18 @@ spec: type: string type: object spec: - description: spec defines the desired characteristics of a volume requested by a pod author. + description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.' + description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.' + description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1948,10 +1760,10 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volum + description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1960,14 +1772,14 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a g + description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: resources represents the minimum resources the volume should have. + description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -1976,7 +1788,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1985,7 +1797,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1994,16 +1806,16 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -2015,104 +1827,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: storageClassName is the name of the StorageClass required by the claim. + description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it''s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.' type: string volumeMode: - description: volumeMode defines what type of volume is required by the claim. + description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the PersistentVolume backing this claim. type: string type: object - status: - description: status represents the current information/status of a persistent volume claim. Read-only. - properties: - accessModes: - description: accessModes contains the actual access modes the volume backing the PVC has. - items: - type: string - type: array - allocatedResourceStatuses: - additionalProperties: - description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource tha - type: string - description: allocatedResourceStatuses stores status of resource being resized for the given PVC. - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: allocatedResources tracks the resources allocated to a PVC including its capacity. - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of the underlying volume. - type: object - conditions: - description: conditions is the current Condition of persistent volume claim. - items: - description: PersistentVolumeClaimCondition contains details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message indicating details about last transition. - type: string - reason: - description: 'reason is a unique, this should be a short, machine understandable string that gives the reason for ' - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - type: string - modifyVolumeStatus: - description: ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - properties: - status: - description: status is the status of the ControllerModifyVolume operation. - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being rec - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -2128,7 +1859,7 @@ spec: nullable: true properties: enabled: - description: Enabled determines whether to create the prometheus rules for the ceph cluster. + description: Enabled determines whether to create the prometheus rules for the ceph cluster. If true, the prometheus types must exist or the creation will fail. Default is false. type: boolean externalMgrEndpoints: description: ExternalMgrEndpoints points to an existing Ceph prometheus exporter endpoint @@ -2139,7 +1870,7 @@ spec: description: The Hostname of this endpoint type: string ip: - description: The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0. + description: The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). type: string nodeName: description: 'Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.' @@ -2151,22 +1882,22 @@ spec: description: API version of the referent. type: string fieldPath: - description: If referring to a piece of an object instead of an entire object, this string should contain a valid + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.' + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: - description: 'Name of the referent. More info: https://kubernetes.' + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.' + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.' + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: - description: 'UID of the referent. More info: https://kubernetes.' + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object x-kubernetes-map-type: atomic @@ -2185,7 +1916,7 @@ spec: description: Interval determines prometheus scrape interval type: string metricsDisabled: - description: Whether to disable the metrics reported by Ceph. + description: Whether to disable the metrics reported by Ceph. If false, the prometheus mgr module and Ceph exporter are enabled. If true, the prometheus mgr module and Ceph exporter are both disabled. Default is false. type: boolean port: description: Port is the prometheus server port @@ -2198,20 +1929,20 @@ spec: nullable: true properties: addressRanges: - description: AddressRanges specify a list of CIDRs that Rook will apply to Ceph's 'public_network' and/or 'cluste + description: AddressRanges specify a list of CIDRs that Rook will apply to Ceph's 'public_network' and/or 'cluster_network' configurations. This config section may be used for the "host" or "multus" network providers. nullable: true properties: cluster: description: Cluster defines a list of CIDRs to use for Ceph cluster network communication. items: - description: An IPv4 or IPv6 network CIDR. + description: "An IPv4 or IPv6 network CIDR. \n This naive kubebuilder regex provides immediate feedback for some typos and for a common problem case where the range spec is forgotten (e.g., /24). Rook does in-depth validation in code." pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ type: string type: array public: description: Public defines a list of CIDRs to use for Ceph public network communication. items: - description: An IPv4 or IPv6 network CIDR. + description: "An IPv4 or IPv6 network CIDR. \n This naive kubebuilder regex provides immediate feedback for some typos and for a common problem case where the range spec is forgotten (e.g., /24). Rook does in-depth validation in code." pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ type: string type: array @@ -2233,18 +1964,18 @@ spec: nullable: true properties: enabled: - description: Whether to encrypt the data in transit across the wire to prevent eavesdropping the data on the netw + description: Whether to encrypt the data in transit across the wire to prevent eavesdropping the data on the network. The default is not set. Even if encryption is not enabled, clients still establish a strong initial authentication for the connection and data integrity is still validated with a crc check. When encryption is enabled, all communication between clients and Ceph daemons, or between Ceph daemons will be encrypted. type: boolean type: object requireMsgr2: - description: Whether to require msgr2 (port 3300) even if compression or encryption are not enabled. + description: Whether to require msgr2 (port 3300) even if compression or encryption are not enabled. If true, the msgr1 port (6789) will be disabled. Requires a kernel that supports msgr2 (kernel 5.11 or CentOS 8.4 or newer). type: boolean type: object dualStack: description: DualStack determines whether Ceph daemons should listen on both IPv4 and IPv6 type: boolean hostNetwork: - description: HostNetwork to enable host network. + description: HostNetwork to enable host network. If host networking is enabled or disabled on a running cluster, then the operator will automatically fail over all the mons to apply the new network settings. type: boolean ipFamily: description: IPFamily is the single stack IPv6 or IPv4 protocol @@ -2257,14 +1988,14 @@ spec: description: Enable multiClusterService to export the Services between peer clusters properties: clusterID: - description: ClusterID uniquely identifies a cluster. It is used as a prefix to nslookup exported services. + description: 'ClusterID uniquely identifies a cluster. It is used as a prefix to nslookup exported services. For example: ...svc.clusterset.local' type: string enabled: - description: Enable multiClusterService to export the mon and OSD services to peer cluster. + description: Enable multiClusterService to export the mon and OSD services to peer cluster. Ensure that peer clusters are connected using an MCS API compatible application, like Globalnet Submariner. type: boolean type: object provider: - description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus". + description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus". If the Provider is updated from being empty to "host" on a running cluster, then the operator will automatically fail over all the mons to apply the "host" network settings. enum: - "" - host @@ -2277,7 +2008,7 @@ spec: selectors: additionalProperties: type: string - description: Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks whe + description: "Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the \"multus\" network provider is used. This config section is not used for other network providers. \n Valid keys are \"public\" and \"cluster\". Refer to Ceph networking documentation for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/ \n Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation \n Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. \n As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: \"default/cluster-fast-net\" cluster: \"rook-ceph/ceph-backend-net\"" nullable: true type: object type: object @@ -2289,32 +2020,22 @@ spec: rule: '!has(self.hostNetwork) || self.hostNetwork == false || !has(self.provider) || self.provider == ""' placement: additionalProperties: - description: Placement is the placement for an object properties: nodeAffinity: - description: NodeAffinity is a group of node affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). properties: preference: - description: A node selector term, associated with the corresponding weight. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2324,18 +2045,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2347,7 +2063,6 @@ spec: type: object x-kubernetes-map-type: atomic weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. format: int32 type: integer required: @@ -2356,26 +2071,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no properties: nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2385,18 +2092,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2414,32 +2116,22 @@ spec: x-kubernetes-map-type: atomic type: object podAffinity: - description: PodAffinity is a group of inter pod affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2451,38 +2143,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2494,23 +2177,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -2519,26 +2198,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2550,38 +2221,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2593,17 +2255,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -2611,32 +2270,22 @@ spec: type: array type: object podAntiAffinity: - description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions speci items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2648,38 +2297,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2691,23 +2331,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -2716,26 +2352,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod wi items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2747,38 +2375,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2790,17 +2409,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -2808,49 +2424,34 @@ spec: type: array type: object tolerations: - description: The pod this Toleration is attached to tolerates any taint that matches the triple /-@. e.g., nfs/rook-ceph-my-nfs@example.net. See https://github.com/nfs-ganesha/nfs-ganesha/wiki/RPCSEC_GSS for more detail.' type: string type: object sssd: - description: SSSD enables integration with System Security Services Daemon (SSSD). + description: SSSD enables integration with System Security Services Daemon (SSSD). SSSD can be used to provide user ID mapping from a number of sources. See https://sssd.io for more information about the SSSD project. nullable: true properties: sidecar: description: Sidecar tells Rook to run SSSD in a sidecar alongside the NFS-Ganesha server in each NFS pod. properties: additionalFiles: - description: AdditionalFiles defines any number of additional files that should be mounted into the SSSD sidecar. + description: AdditionalFiles defines any number of additional files that should be mounted into the SSSD sidecar. These files may be referenced by the sssd.conf config file. items: - description: SSSDSidecarAdditionalFile represents the source from where additional files for the the SSSD configu + description: SSSDSidecarAdditionalFile represents the source from where additional files for the the SSSD configuration should come from and are made available. properties: subPath: - description: SubPath defines the sub-path in `/etc/sssd/rook-additional/` where the additional file(s) will be pl + description: SubPath defines the sub-path in `/etc/sssd/rook-additional/` where the additional file(s) will be placed. Each subPath definition must be unique and must not contain ':'. minLength: 1 pattern: ^[^:]+$ type: string volumeSource: - description: VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the additional properties: configMap: - description: configMap represents a configMap that should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9100,82 +7574,60 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic emptyDir: - description: emptyDir represents a temporary directory that shares a pod's lifetime. properties: medium: - description: medium represents what type of storage medium should back this directory. type: string sizeLimit: anyOf: - type: integer - type: string - description: sizeLimit is the total amount of local storage required for this EmptyDir volume. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: - description: hostPath represents a pre-existing file or directory on the host machine that is directly exposed to properties: path: - description: path of the directory on the host. type: string type: - description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.' type: string required: - path type: object persistentVolumeClaim: - description: persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same name properties: claimName: - description: claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. type: string readOnly: - description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false. type: boolean required: - claimName type: object projected: - description: projected items for all in one resources secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along with other supported volume types properties: clusterTrustBundle: - description: ClusterTrustBundle allows a pod to access the `.spec. properties: labelSelector: - description: Select all ClusterTrustBundles that match this label selector. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -9187,42 +7639,31 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle by object name. type: string optional: - description: If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. type: boolean path: - description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. type: string required: - path type: object configMap: - description: configMap information about the configMap data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9230,56 +7671,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume file items: - description: DownwardAPIVolumeFile represents information to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 07' format: int32 type: integer path: - description: 'Required: Path is the relative path name of the file to be created.' type: string resourceFieldRef: - description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.' properties: containerName: - description: 'Container name: required for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -9291,22 +7718,16 @@ spec: type: array type: object secret: - description: secret information about the secret data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9314,25 +7735,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional field specify whether the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience of the token. type: string expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. format: int64 type: integer path: - description: path is the path relative to the mount point of the file to project the token into. type: string required: - path @@ -9341,26 +7756,19 @@ spec: type: array type: object secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9368,10 +7776,8 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.' type: string type: object type: object @@ -9381,7 +7787,7 @@ spec: type: object type: array debugLevel: - description: DebugLevel sets the debug level for SSSD. If unset or set to 0, Rook does nothing. + description: 'DebugLevel sets the debug level for SSSD. If unset or set to 0, Rook does nothing. Otherwise, this may be a value between 1 and 10. See SSSD docs for more info: https://sssd.io/troubleshooting/basics.html#sssd-debug-logs' maximum: 10 minimum: 0 type: integer @@ -9393,12 +7799,12 @@ spec: description: Resources allow specifying resource requests/limits on the SSSD sidecar container. properties: claims: - description: Claims lists the names of resources, defined in spec. + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec. + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string required: - name @@ -9414,7 +7820,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9423,36 +7829,28 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sssdConfigFile: - description: SSSDConfigFile defines where the SSSD configuration should be sourced from. + description: SSSDConfigFile defines where the SSSD configuration should be sourced from. The config file will be placed into `/etc/sssd/sssd.conf`. If this is left empty, Rook will not add the file. This allows you to manage the `sssd.conf` file yourself however you wish. For example, you may build it into your custom Ceph container image or use the Vault agent injector to securely add the file via annotations on the CephNFS spec (passed to the NFS server pods). properties: volumeSource: - description: VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the SSSD confi properties: configMap: - description: configMap represents a configMap that should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9460,82 +7858,60 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic emptyDir: - description: emptyDir represents a temporary directory that shares a pod's lifetime. properties: medium: - description: medium represents what type of storage medium should back this directory. type: string sizeLimit: anyOf: - type: integer - type: string - description: sizeLimit is the total amount of local storage required for this EmptyDir volume. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: - description: hostPath represents a pre-existing file or directory on the host machine that is directly exposed to properties: path: - description: path of the directory on the host. type: string type: - description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.' type: string required: - path type: object persistentVolumeClaim: - description: persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same name properties: claimName: - description: claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. type: string readOnly: - description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false. type: boolean required: - claimName type: object projected: - description: projected items for all in one resources secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along with other supported volume types properties: clusterTrustBundle: - description: ClusterTrustBundle allows a pod to access the `.spec. properties: labelSelector: - description: Select all ClusterTrustBundles that match this label selector. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -9547,42 +7923,31 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle by object name. type: string optional: - description: If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. type: boolean path: - description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. type: string required: - path type: object configMap: - description: configMap information about the configMap data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9590,56 +7955,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume file items: - description: DownwardAPIVolumeFile represents information to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 07' format: int32 type: integer path: - description: 'Required: Path is the relative path name of the file to be created.' type: string resourceFieldRef: - description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.' properties: containerName: - description: 'Container name: required for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -9651,22 +8002,16 @@ spec: type: array type: object secret: - description: secret information about the secret data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9674,25 +8019,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional field specify whether the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience of the token. type: string expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. format: int64 type: integer path: - description: path is the path relative to the mount point of the file to project the token into. type: string required: - path @@ -9701,26 +8040,19 @@ spec: type: array type: object secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9728,10 +8060,8 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.' type: string type: object type: object @@ -9755,7 +8085,7 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true hostNetwork: - description: Whether host networking is enabled for the Ganesha server. + description: Whether host networking is enabled for the Ganesha server. If not set, the network settings from the cluster CR will be applied. nullable: true type: boolean labels: @@ -9766,25 +8096,25 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true livenessProbe: - description: A liveness-probe to verify that Ganesha server has valid run-time state. If LivenessProbe. + description: A liveness-probe to verify that Ganesha server has valid run-time state. If LivenessProbe.Disabled is false and LivenessProbe.Probe is nil uses default probe. properties: disabled: description: Disabled determines whether probe is disable or not type: boolean probe: - description: 'Probe describes a health check to be performed against a container to determine whether it is alive ' + description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. properties: exec: description: Exec specifies the action to take. properties: command: - description: 'Command is the command line to execute inside the container, the working directory for the command ' + description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -9795,7 +8125,7 @@ spec: format: int32 type: integer service: - description: Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github. + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: string required: - port @@ -9804,7 +8134,7 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the pod IP. + description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP allows repeated headers. @@ -9812,7 +8142,7 @@ spec: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name. + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -9829,7 +8159,7 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. + description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: description: Scheme to use for connecting to the host. Defaults to HTTP. @@ -9838,7 +8168,7 @@ spec: - port type: object initialDelaySeconds: - description: Number of seconds after the container has started before liveness probes are initiated. + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: @@ -9846,7 +8176,7 @@ spec: format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -9859,17 +8189,16 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. + description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. format: int64 type: integer timeoutSeconds: - description: Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -9878,33 +8207,23 @@ spec: description: LogLevel set logging level type: string placement: - description: The affinity to place the ganesha pods nullable: true properties: nodeAffinity: - description: NodeAffinity is a group of node affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). properties: preference: - description: A node selector term, associated with the corresponding weight. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9914,18 +8233,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9937,7 +8251,6 @@ spec: type: object x-kubernetes-map-type: atomic weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. format: int32 type: integer required: @@ -9946,26 +8259,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no properties: nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9975,18 +8280,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -10004,32 +8304,22 @@ spec: x-kubernetes-map-type: atomic type: object podAffinity: - description: PodAffinity is a group of inter pod affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10041,38 +8331,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10084,23 +8365,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -10109,26 +8386,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10140,38 +8409,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10183,17 +8443,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -10201,32 +8458,22 @@ spec: type: array type: object podAntiAffinity: - description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions speci items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10238,38 +8485,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10281,23 +8519,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -10306,26 +8540,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod wi items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10337,38 +8563,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10380,17 +8597,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -10398,49 +8612,34 @@ spec: type: array type: object tolerations: - description: The pod this Toleration is attached to tolerates any taint that matches the triple The full list of images can be found at https://quay.io/repository/ceph/ceph?tab=tags type: string imagePullPolicy: - description: ImagePullPolicy describes a policy for if/when to pull a container image One of Always, Never, IfNot + description: ImagePullPolicy describes a policy for if/when to pull a container image One of Always, Never, IfNotPresent. enum: - IfNotPresent - Always @@ -933,11 +927,11 @@ spec: type: string type: object cleanupPolicy: - description: Indicates user intent when deleting a cluster; blocks orchestration and should not be set if cluster + description: Indicates user intent when deleting a cluster; blocks orchestration and should not be set if cluster deletion is not imminent. nullable: true properties: allowUninstallWithVolumes: - description: AllowUninstallWithVolumes defines whether we can proceed with the uninstall if they are RBD images s + description: AllowUninstallWithVolumes defines whether we can proceed with the uninstall if they are RBD images still present type: boolean confirmation: description: Confirmation represents the cleanup confirmation @@ -967,7 +961,7 @@ spec: type: object type: object continueUpgradeAfterChecksEvenIfNotHealthy: - description: ContinueUpgradeAfterChecksEvenIfNotHealthy defines if an upgrade should continue even if PGs are not + description: ContinueUpgradeAfterChecksEvenIfNotHealthy defines if an upgrade should continue even if PGs are not clean type: boolean crashCollector: description: A spec for the crash controller @@ -997,7 +991,7 @@ spec: description: ReadAffinity defines the read affinity settings for CSI driver. properties: crushLocationLabels: - description: CrushLocationLabels defines which node labels to use as CRUSH location. + description: CrushLocationLabels defines which node labels to use as CRUSH location. This should correspond to the values set in the CRUSH map. items: type: string type: array @@ -1052,19 +1046,19 @@ spec: description: This enables management of poddisruptionbudgets type: boolean osdMaintenanceTimeout: - description: 'OSDMaintenanceTimeout sets how many additional minutes the DOWN/OUT interval is for drained failure ' + description: OSDMaintenanceTimeout sets how many additional minutes the DOWN/OUT interval is for drained failure domains it only works if managePodBudgets is true. the default is 30 minutes format: int64 type: integer pgHealthCheckTimeout: - description: PGHealthCheckTimeout is the time (in minutes) that the operator will wait for the placement groups t + description: PGHealthCheckTimeout is the time (in minutes) that the operator will wait for the placement groups to become healthy (active+clean) after a drain was completed and OSDs came back up. Rook will continue with the next drain if the timeout exceeds. It only works if managePodBudgets is true. No values or 0 means that the operator will wait until the placement groups are healthy before unblocking the next drain. format: int64 type: integer pgHealthyRegex: - description: PgHealthyRegex is the regular expression that is used to determine which PG states should be conside + description: PgHealthyRegex is the regular expression that is used to determine which PG states should be considered healthy. The default is `^(active\+clean|active\+clean\+scrubbing|active\+clean\+scrubbing\+deep)$` type: string type: object external: - description: Whether the Ceph Cluster is running external to this Kubernetes cluster mon, mgr, osd, mds, and disc + description: Whether the Ceph Cluster is running external to this Kubernetes cluster mon, mgr, osd, mds, and discover daemons will not be created for external clusters. nullable: true properties: enable: @@ -1125,19 +1119,19 @@ spec: description: Disabled determines whether probe is disable or not type: boolean probe: - description: 'Probe describes a health check to be performed against a container to determine whether it is alive ' + description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. properties: exec: description: Exec specifies the action to take. properties: command: - description: 'Command is the command line to execute inside the container, the working directory for the command ' + description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1148,7 +1142,7 @@ spec: format: int32 type: integer service: - description: Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github. + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: string required: - port @@ -1157,7 +1151,7 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the pod IP. + description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP allows repeated headers. @@ -1165,7 +1159,7 @@ spec: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name. + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1182,7 +1176,7 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. + description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: description: Scheme to use for connecting to the host. Defaults to HTTP. @@ -1191,7 +1185,7 @@ spec: - port type: object initialDelaySeconds: - description: Number of seconds after the container has started before liveness probes are initiated. + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: @@ -1199,7 +1193,7 @@ spec: format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1212,17 +1206,16 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. + description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. format: int64 type: integer timeoutSeconds: - description: Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -1237,19 +1230,19 @@ spec: description: Disabled determines whether probe is disable or not type: boolean probe: - description: 'Probe describes a health check to be performed against a container to determine whether it is alive ' + description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. properties: exec: description: Exec specifies the action to take. properties: command: - description: 'Command is the command line to execute inside the container, the working directory for the command ' + description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1260,7 +1253,7 @@ spec: format: int32 type: integer service: - description: Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github. + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: string required: - port @@ -1269,7 +1262,7 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the pod IP. + description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP allows repeated headers. @@ -1277,7 +1270,7 @@ spec: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name. + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1294,7 +1287,7 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. + description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: description: Scheme to use for connecting to the host. Defaults to HTTP. @@ -1303,7 +1296,7 @@ spec: - port type: object initialDelaySeconds: - description: Number of seconds after the container has started before liveness probes are initiated. + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: @@ -1311,7 +1304,7 @@ spec: format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1324,17 +1317,16 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. + description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. format: int64 type: integer timeoutSeconds: - description: Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -1435,14 +1427,8 @@ spec: volumeClaimTemplate: description: VolumeClaimTemplate is the PVC template properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this object represents. - type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -1462,18 +1448,18 @@ spec: type: string type: object spec: - description: spec defines the desired characteristics of a volume requested by a pod author. + description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.' + description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.' + description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1487,10 +1473,10 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volum + description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1499,14 +1485,14 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a g + description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: resources represents the minimum resources the volume should have. + description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -1515,7 +1501,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1524,7 +1510,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1533,16 +1519,16 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -1554,104 +1540,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: storageClassName is the name of the StorageClass required by the claim. + description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it''s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.' type: string volumeMode: - description: volumeMode defines what type of volume is required by the claim. + description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the PersistentVolume backing this claim. type: string type: object - status: - description: status represents the current information/status of a persistent volume claim. Read-only. - properties: - accessModes: - description: accessModes contains the actual access modes the volume backing the PVC has. - items: - type: string - type: array - allocatedResourceStatuses: - additionalProperties: - description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource tha - type: string - description: allocatedResourceStatuses stores status of resource being resized for the given PVC. - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: allocatedResources tracks the resources allocated to a PVC including its capacity. - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of the underlying volume. - type: object - conditions: - description: conditions is the current Condition of persistent volume claim. - items: - description: PersistentVolumeClaimCondition contains details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message indicating details about last transition. - type: string - reason: - description: 'reason is a unique, this should be a short, machine understandable string that gives the reason for ' - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - type: string - modifyVolumeStatus: - description: ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - properties: - status: - description: status is the status of the ControllerModifyVolume operation. - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being rec - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -1661,14 +1566,8 @@ spec: volumeClaimTemplate: description: VolumeClaimTemplate is the PVC definition properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this object represents. - type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -1688,18 +1587,18 @@ spec: type: string type: object spec: - description: spec defines the desired characteristics of a volume requested by a pod author. + description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.' + description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.' + description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1713,10 +1612,10 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volum + description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1725,14 +1624,14 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a g + description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: resources represents the minimum resources the volume should have. + description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -1741,7 +1640,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1750,7 +1649,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1759,16 +1658,16 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -1780,104 +1679,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: storageClassName is the name of the StorageClass required by the claim. + description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it''s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.' type: string volumeMode: - description: volumeMode defines what type of volume is required by the claim. + description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the PersistentVolume backing this claim. type: string type: object - status: - description: status represents the current information/status of a persistent volume claim. Read-only. - properties: - accessModes: - description: accessModes contains the actual access modes the volume backing the PVC has. - items: - type: string - type: array - allocatedResourceStatuses: - additionalProperties: - description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource tha - type: string - description: allocatedResourceStatuses stores status of resource being resized for the given PVC. - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: allocatedResources tracks the resources allocated to a PVC including its capacity. - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of the underlying volume. - type: object - conditions: - description: conditions is the current Condition of persistent volume claim. - items: - description: PersistentVolumeClaimCondition contains details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message indicating details about last transition. - type: string - reason: - description: 'reason is a unique, this should be a short, machine understandable string that gives the reason for ' - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - type: string - modifyVolumeStatus: - description: ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - properties: - status: - description: status is the status of the ControllerModifyVolume operation. - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being rec - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object type: object x-kubernetes-preserve-unknown-fields: true zones: @@ -1894,14 +1712,8 @@ spec: volumeClaimTemplate: description: VolumeClaimTemplate is the PVC template properties: - apiVersion: - description: APIVersion defines the versioned schema of this representation of an object. - type: string - kind: - description: Kind is a string value representing the REST resource this object represents. - type: string metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.' + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -1921,18 +1733,18 @@ spec: type: string type: object spec: - description: spec defines the desired characteristics of a volume requested by a pod author. + description: 'spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.' + description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.' + description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1946,10 +1758,10 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volum + description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource being referenced. + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being referenced @@ -1958,14 +1770,14 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a g + description: Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: resources represents the minimum resources the volume should have. + description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -1974,7 +1786,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1983,7 +1795,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -1992,16 +1804,16 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -2013,104 +1825,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: storageClassName is the name of the StorageClass required by the claim. + description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + description: 'volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it''s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.' type: string volumeMode: - description: volumeMode defines what type of volume is required by the claim. + description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the PersistentVolume backing this claim. type: string type: object - status: - description: status represents the current information/status of a persistent volume claim. Read-only. - properties: - accessModes: - description: accessModes contains the actual access modes the volume backing the PVC has. - items: - type: string - type: array - allocatedResourceStatuses: - additionalProperties: - description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource tha - type: string - description: allocatedResourceStatuses stores status of resource being resized for the given PVC. - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: allocatedResources tracks the resources allocated to a PVC including its capacity. - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources of the underlying volume. - type: object - conditions: - description: conditions is the current Condition of persistent volume claim. - items: - description: PersistentVolumeClaimCondition contains details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message indicating details about last transition. - type: string - reason: - description: 'reason is a unique, this should be a short, machine understandable string that gives the reason for ' - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - type: string - modifyVolumeStatus: - description: ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - properties: - status: - description: status is the status of the ControllerModifyVolume operation. - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being rec - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -2126,7 +1857,7 @@ spec: nullable: true properties: enabled: - description: Enabled determines whether to create the prometheus rules for the ceph cluster. + description: Enabled determines whether to create the prometheus rules for the ceph cluster. If true, the prometheus types must exist or the creation will fail. Default is false. type: boolean externalMgrEndpoints: description: ExternalMgrEndpoints points to an existing Ceph prometheus exporter endpoint @@ -2137,7 +1868,7 @@ spec: description: The Hostname of this endpoint type: string ip: - description: The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0. + description: The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). type: string nodeName: description: 'Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.' @@ -2149,22 +1880,22 @@ spec: description: API version of the referent. type: string fieldPath: - description: If referring to a piece of an object instead of an entire object, this string should contain a valid + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.' + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: - description: 'Name of the referent. More info: https://kubernetes.' + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.' + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.' + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: - description: 'UID of the referent. More info: https://kubernetes.' + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object x-kubernetes-map-type: atomic @@ -2183,7 +1914,7 @@ spec: description: Interval determines prometheus scrape interval type: string metricsDisabled: - description: Whether to disable the metrics reported by Ceph. + description: Whether to disable the metrics reported by Ceph. If false, the prometheus mgr module and Ceph exporter are enabled. If true, the prometheus mgr module and Ceph exporter are both disabled. Default is false. type: boolean port: description: Port is the prometheus server port @@ -2196,20 +1927,20 @@ spec: nullable: true properties: addressRanges: - description: AddressRanges specify a list of CIDRs that Rook will apply to Ceph's 'public_network' and/or 'cluste + description: AddressRanges specify a list of CIDRs that Rook will apply to Ceph's 'public_network' and/or 'cluster_network' configurations. This config section may be used for the "host" or "multus" network providers. nullable: true properties: cluster: description: Cluster defines a list of CIDRs to use for Ceph cluster network communication. items: - description: An IPv4 or IPv6 network CIDR. + description: "An IPv4 or IPv6 network CIDR. \n This naive kubebuilder regex provides immediate feedback for some typos and for a common problem case where the range spec is forgotten (e.g., /24). Rook does in-depth validation in code." pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ type: string type: array public: description: Public defines a list of CIDRs to use for Ceph public network communication. items: - description: An IPv4 or IPv6 network CIDR. + description: "An IPv4 or IPv6 network CIDR. \n This naive kubebuilder regex provides immediate feedback for some typos and for a common problem case where the range spec is forgotten (e.g., /24). Rook does in-depth validation in code." pattern: ^[0-9a-fA-F:.]{2,}\/[0-9]{1,3}$ type: string type: array @@ -2231,18 +1962,18 @@ spec: nullable: true properties: enabled: - description: Whether to encrypt the data in transit across the wire to prevent eavesdropping the data on the netw + description: Whether to encrypt the data in transit across the wire to prevent eavesdropping the data on the network. The default is not set. Even if encryption is not enabled, clients still establish a strong initial authentication for the connection and data integrity is still validated with a crc check. When encryption is enabled, all communication between clients and Ceph daemons, or between Ceph daemons will be encrypted. type: boolean type: object requireMsgr2: - description: Whether to require msgr2 (port 3300) even if compression or encryption are not enabled. + description: Whether to require msgr2 (port 3300) even if compression or encryption are not enabled. If true, the msgr1 port (6789) will be disabled. Requires a kernel that supports msgr2 (kernel 5.11 or CentOS 8.4 or newer). type: boolean type: object dualStack: description: DualStack determines whether Ceph daemons should listen on both IPv4 and IPv6 type: boolean hostNetwork: - description: HostNetwork to enable host network. + description: HostNetwork to enable host network. If host networking is enabled or disabled on a running cluster, then the operator will automatically fail over all the mons to apply the new network settings. type: boolean ipFamily: description: IPFamily is the single stack IPv6 or IPv4 protocol @@ -2255,14 +1986,14 @@ spec: description: Enable multiClusterService to export the Services between peer clusters properties: clusterID: - description: ClusterID uniquely identifies a cluster. It is used as a prefix to nslookup exported services. + description: 'ClusterID uniquely identifies a cluster. It is used as a prefix to nslookup exported services. For example: ...svc.clusterset.local' type: string enabled: - description: Enable multiClusterService to export the mon and OSD services to peer cluster. + description: Enable multiClusterService to export the mon and OSD services to peer cluster. Ensure that peer clusters are connected using an MCS API compatible application, like Globalnet Submariner. type: boolean type: object provider: - description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus". + description: Provider is what provides network connectivity to the cluster e.g. "host" or "multus". If the Provider is updated from being empty to "host" on a running cluster, then the operator will automatically fail over all the mons to apply the "host" network settings. enum: - "" - host @@ -2275,7 +2006,7 @@ spec: selectors: additionalProperties: type: string - description: Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks whe + description: "Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the \"multus\" network provider is used. This config section is not used for other network providers. \n Valid keys are \"public\" and \"cluster\". Refer to Ceph networking documentation for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/ \n Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation \n Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. \n As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: \"default/cluster-fast-net\" cluster: \"rook-ceph/ceph-backend-net\"" nullable: true type: object type: object @@ -2287,32 +2018,22 @@ spec: rule: '!has(self.hostNetwork) || self.hostNetwork == false || !has(self.provider) || self.provider == ""' placement: additionalProperties: - description: Placement is the placement for an object properties: nodeAffinity: - description: NodeAffinity is a group of node affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). properties: preference: - description: A node selector term, associated with the corresponding weight. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2322,18 +2043,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2345,7 +2061,6 @@ spec: type: object x-kubernetes-map-type: atomic weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. format: int32 type: integer required: @@ -2354,26 +2069,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no properties: nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2383,18 +2090,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -2412,32 +2114,22 @@ spec: x-kubernetes-map-type: atomic type: object podAffinity: - description: PodAffinity is a group of inter pod affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2449,38 +2141,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2492,23 +2175,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -2517,26 +2196,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2548,38 +2219,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2591,17 +2253,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -2609,32 +2268,22 @@ spec: type: array type: object podAntiAffinity: - description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions speci items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2646,38 +2295,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2689,23 +2329,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -2714,26 +2350,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod wi items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2745,38 +2373,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -2788,17 +2407,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -2806,49 +2422,34 @@ spec: type: array type: object tolerations: - description: The pod this Toleration is attached to tolerates any taint that matches the triple /-@. e.g., nfs/rook-ceph-my-nfs@example.net. See https://github.com/nfs-ganesha/nfs-ganesha/wiki/RPCSEC_GSS for more detail.' type: string type: object sssd: - description: SSSD enables integration with System Security Services Daemon (SSSD). + description: SSSD enables integration with System Security Services Daemon (SSSD). SSSD can be used to provide user ID mapping from a number of sources. See https://sssd.io for more information about the SSSD project. nullable: true properties: sidecar: description: Sidecar tells Rook to run SSSD in a sidecar alongside the NFS-Ganesha server in each NFS pod. properties: additionalFiles: - description: AdditionalFiles defines any number of additional files that should be mounted into the SSSD sidecar. + description: AdditionalFiles defines any number of additional files that should be mounted into the SSSD sidecar. These files may be referenced by the sssd.conf config file. items: - description: SSSDSidecarAdditionalFile represents the source from where additional files for the the SSSD configu + description: SSSDSidecarAdditionalFile represents the source from where additional files for the the SSSD configuration should come from and are made available. properties: subPath: - description: SubPath defines the sub-path in `/etc/sssd/rook-additional/` where the additional file(s) will be pl + description: SubPath defines the sub-path in `/etc/sssd/rook-additional/` where the additional file(s) will be placed. Each subPath definition must be unique and must not contain ':'. minLength: 1 pattern: ^[^:]+$ type: string volumeSource: - description: VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the additional properties: configMap: - description: configMap represents a configMap that should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9093,82 +7567,60 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic emptyDir: - description: emptyDir represents a temporary directory that shares a pod's lifetime. properties: medium: - description: medium represents what type of storage medium should back this directory. type: string sizeLimit: anyOf: - type: integer - type: string - description: sizeLimit is the total amount of local storage required for this EmptyDir volume. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: - description: hostPath represents a pre-existing file or directory on the host machine that is directly exposed to properties: path: - description: path of the directory on the host. type: string type: - description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.' type: string required: - path type: object persistentVolumeClaim: - description: persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same name properties: claimName: - description: claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. type: string readOnly: - description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false. type: boolean required: - claimName type: object projected: - description: projected items for all in one resources secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along with other supported volume types properties: clusterTrustBundle: - description: ClusterTrustBundle allows a pod to access the `.spec. properties: labelSelector: - description: Select all ClusterTrustBundles that match this label selector. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -9180,42 +7632,31 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle by object name. type: string optional: - description: If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. type: boolean path: - description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. type: string required: - path type: object configMap: - description: configMap information about the configMap data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9223,56 +7664,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume file items: - description: DownwardAPIVolumeFile represents information to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 07' format: int32 type: integer path: - description: 'Required: Path is the relative path name of the file to be created.' type: string resourceFieldRef: - description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.' properties: containerName: - description: 'Container name: required for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -9284,22 +7711,16 @@ spec: type: array type: object secret: - description: secret information about the secret data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9307,25 +7728,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional field specify whether the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience of the token. type: string expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. format: int64 type: integer path: - description: path is the path relative to the mount point of the file to project the token into. type: string required: - path @@ -9334,26 +7749,19 @@ spec: type: array type: object secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9361,10 +7769,8 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.' type: string type: object type: object @@ -9374,7 +7780,7 @@ spec: type: object type: array debugLevel: - description: DebugLevel sets the debug level for SSSD. If unset or set to 0, Rook does nothing. + description: 'DebugLevel sets the debug level for SSSD. If unset or set to 0, Rook does nothing. Otherwise, this may be a value between 1 and 10. See SSSD docs for more info: https://sssd.io/troubleshooting/basics.html#sssd-debug-logs' maximum: 10 minimum: 0 type: integer @@ -9386,12 +7792,12 @@ spec: description: Resources allow specifying resource requests/limits on the SSSD sidecar container. properties: claims: - description: Claims lists the names of resources, defined in spec. + description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec. + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string required: - name @@ -9407,7 +7813,7 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.' + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9416,36 +7822,28 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sssdConfigFile: - description: SSSDConfigFile defines where the SSSD configuration should be sourced from. + description: SSSDConfigFile defines where the SSSD configuration should be sourced from. The config file will be placed into `/etc/sssd/sssd.conf`. If this is left empty, Rook will not add the file. This allows you to manage the `sssd.conf` file yourself however you wish. For example, you may build it into your custom Ceph container image or use the Vault agent injector to securely add the file via annotations on the CephNFS spec (passed to the NFS server pods). properties: volumeSource: - description: VolumeSource accepts a pared down version of the standard Kubernetes VolumeSource for the SSSD confi properties: configMap: - description: configMap represents a configMap that should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9453,82 +7851,60 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic emptyDir: - description: emptyDir represents a temporary directory that shares a pod's lifetime. properties: medium: - description: medium represents what type of storage medium should back this directory. type: string sizeLimit: anyOf: - type: integer - type: string - description: sizeLimit is the total amount of local storage required for this EmptyDir volume. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object hostPath: - description: hostPath represents a pre-existing file or directory on the host machine that is directly exposed to properties: path: - description: path of the directory on the host. type: string type: - description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.' type: string required: - path type: object persistentVolumeClaim: - description: persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same name properties: claimName: - description: claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. type: string readOnly: - description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false. type: boolean required: - claimName type: object projected: - description: projected items for all in one resources secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to set permissions on created files by default. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along with other supported volume types properties: clusterTrustBundle: - description: ClusterTrustBundle allows a pod to access the `.spec. properties: labelSelector: - description: Select all ClusterTrustBundles that match this label selector. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -9540,42 +7916,31 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle by object name. type: string optional: - description: If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. type: boolean path: - description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. type: string required: - path type: object configMap: - description: configMap information about the configMap data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be proj items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9583,56 +7948,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume file items: - description: DownwardAPIVolumeFile represents information to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 07' format: int32 type: integer path: - description: 'Required: Path is the relative path name of the file to be created.' type: string resourceFieldRef: - description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.' properties: containerName: - description: 'Container name: required for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -9644,22 +7995,16 @@ spec: type: array type: object secret: - description: secret information about the secret data to project properties: items: - description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9667,25 +8012,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.' type: string optional: - description: optional field specify whether the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience of the token. type: string expirationSeconds: - description: expirationSeconds is the requested duration of validity of the service account token. format: int64 type: integer path: - description: path is the path relative to the mount point of the file to project the token into. type: string required: - path @@ -9694,26 +8033,19 @@ spec: type: array type: object secret: - description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used to set permissions on created files by default.' format: int32 type: integer items: - description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be project items: - description: Maps a string key to a path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to set permissions on this file.' format: int32 type: integer path: - description: path is the relative path of the file to map the key to. May not be an absolute path. type: string required: - key @@ -9721,10 +8053,8 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.' type: string type: object type: object @@ -9748,7 +8078,7 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true hostNetwork: - description: Whether host networking is enabled for the Ganesha server. + description: Whether host networking is enabled for the Ganesha server. If not set, the network settings from the cluster CR will be applied. nullable: true type: boolean labels: @@ -9759,25 +8089,25 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true livenessProbe: - description: A liveness-probe to verify that Ganesha server has valid run-time state. If LivenessProbe. + description: A liveness-probe to verify that Ganesha server has valid run-time state. If LivenessProbe.Disabled is false and LivenessProbe.Probe is nil uses default probe. properties: disabled: description: Disabled determines whether probe is disable or not type: boolean probe: - description: 'Probe describes a health check to be performed against a container to determine whether it is alive ' + description: Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. properties: exec: description: Exec specifies the action to take. properties: command: - description: 'Command is the command line to execute inside the container, the working directory for the command ' + description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe to be considered failed after having succeeded. + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -9788,7 +8118,7 @@ spec: format: int32 type: integer service: - description: Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github. + description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." type: string required: - port @@ -9797,7 +8127,7 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the pod IP. + description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP allows repeated headers. @@ -9805,7 +8135,7 @@ spec: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name. + description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -9822,7 +8152,7 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. + description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: description: Scheme to use for connecting to the host. Defaults to HTTP. @@ -9831,7 +8161,7 @@ spec: - port type: object initialDelaySeconds: - description: Number of seconds after the container has started before liveness probes are initiated. + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: @@ -9839,7 +8169,7 @@ spec: format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe to be considered successful after having failed. + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -9852,17 +8182,16 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. + description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. format: int64 type: integer timeoutSeconds: - description: Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -9871,33 +8200,23 @@ spec: description: LogLevel set logging level type: string placement: - description: The affinity to place the ganesha pods nullable: true properties: nodeAffinity: - description: NodeAffinity is a group of node affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). properties: preference: - description: A node selector term, associated with the corresponding weight. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9907,18 +8226,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9930,7 +8244,6 @@ spec: type: object x-kubernetes-map-type: atomic weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. format: int32 type: integer required: @@ -9939,26 +8252,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no properties: nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. properties: matchExpressions: - description: A list of node selector requirements by node's labels. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9968,18 +8273,13 @@ spec: type: object type: array matchFields: - description: A list of node selector requirements by node's fields. items: - description: 'A node selector requirement is a selector that contains values, a key, and an operator that relates ' properties: key: - description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship to a set of values. type: string values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. items: type: string type: array @@ -9997,32 +8297,22 @@ spec: x-kubernetes-map-type: atomic type: object podAffinity: - description: PodAffinity is a group of inter pod affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: 'The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified ' items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10034,38 +8324,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10077,23 +8358,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -10102,26 +8379,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will no items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10133,38 +8402,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10176,17 +8436,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -10194,32 +8451,22 @@ spec: type: array type: object podAntiAffinity: - description: PodAntiAffinity is a group of inter pod anti affinity scheduling rules properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions speci items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10231,38 +8478,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10274,23 +8512,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: @@ -10299,26 +8533,18 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod wi items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) t properties: labelSelector: - description: A label query over a set of resources, in this case pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10330,38 +8556,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates properties: key: - description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. type: string values: - description: values is an array of string values. items: type: string type: array @@ -10373,17 +8590,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching th type: string required: - topologyKey @@ -10391,49 +8605,34 @@ spec: type: array type: object tolerations: - description: The pod this Toleration is attached to tolerates any taint that matches the triple ./pkg/apis require ( github.com/IBM/keyprotect-go-client v0.12.2 - github.com/aws/aws-sdk-go v1.50.20 + github.com/aws/aws-sdk-go v1.50.25 github.com/banzaicloud/k8s-objectmatcher v1.8.0 github.com/ceph/go-ceph v0.26.0 github.com/coreos/pkg v0.0.0-20230601102743-20bbbf26f4d8 @@ -27,7 +27,8 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.8.4 github.com/sykesm/zap-logfmt v0.0.4 - go.uber.org/zap v1.26.0 + go.uber.org/automaxprocs v1.5.3 + go.uber.org/zap v1.27.0 golang.org/x/exp v0.0.0-20231127185646-65229373498e golang.org/x/sync v0.6.0 gopkg.in/ini.v1 v1.67.0 diff --git a/go.sum b/go.sum index acdb6f8ae994..dc1a688f5ad1 100644 --- a/go.sum +++ b/go.sum @@ -111,8 +111,8 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkY github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-sdk-go v1.44.164/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/aws/aws-sdk-go v1.50.20 h1:xfAnSDVf/azIWTVQXQODp89bubvCS85r70O3nuQ4dnE= -github.com/aws/aws-sdk-go v1.50.20/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.50.25 h1:vhiHtLYybv1Nhx3Kv18BBC6L0aPJHaG9aeEsr92W99c= +github.com/aws/aws-sdk-go v1.50.25/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/banzaicloud/k8s-objectmatcher v1.8.0 h1:Nugn25elKtPMTA2br+JgHNeSQ04sc05MDPmpJnd1N2A= github.com/banzaicloud/k8s-objectmatcher v1.8.0/go.mod h1:p2LSNAjlECf07fbhDyebTkPUIYnU05G+WfGgkTmgeMg= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -665,6 +665,8 @@ github.com/portworx/dcos-secrets v0.0.0-20180616013705-8e8ec3f66611/go.mod h1:4h github.com/portworx/kvdb v0.0.0-20200929023115-b312c7519467/go.mod h1:Q8YyrNDvPp3DVF96BDcQuaC7fAYUCuUX+l58S7OnD2M= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= +github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= +github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.71.2 h1:HZdPRm0ApWPg7F4sHgbqWkL+ddWfpTZsopm5HM/2g4o= github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.71.2/go.mod h1:3RiUkFmR9kmPZi9r/8a5jw0a9yg+LMmr7qa0wjqvSiI= github.com/prometheus-operator/prometheus-operator/pkg/client v0.71.2 h1:7eyX8MypewjShiOFj6sOX+Ad+EJUIQ5qzdvM/U76cHs= @@ -791,6 +793,8 @@ go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/automaxprocs v1.5.3 h1:kWazyxZUrS3Gs4qUpbwo5kEIMGe/DAvi5Z4tl2NW4j8= +go.uber.org/automaxprocs v1.5.3/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= @@ -804,8 +808,8 @@ go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9E go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.12.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= diff --git a/pkg/apis/ceph.rook.io/v1/types.go b/pkg/apis/ceph.rook.io/v1/types.go index 42ab5e18de5e..3b7d93c97d36 100755 --- a/pkg/apis/ceph.rook.io/v1/types.go +++ b/pkg/apis/ceph.rook.io/v1/types.go @@ -598,7 +598,20 @@ type MonSpec struct { // VolumeClaimTemplate is the PVC definition // +kubebuilder:pruning:PreserveUnknownFields // +optional - VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` + VolumeClaimTemplate *VolumeClaimTemplate `json:"volumeClaimTemplate,omitempty"` +} + +// VolumeClaimTemplate is a simplified version of K8s corev1's PVC. It has no type meta or status. +type VolumeClaimTemplate struct { + // Standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +optional + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec defines the desired characteristics of a volume requested by a pod author. + // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + // +optional + Spec v1.PersistentVolumeClaimSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` } // StretchClusterSpec represents the specification of a stretched Ceph Cluster @@ -626,7 +639,7 @@ type MonZoneSpec struct { // VolumeClaimTemplate is the PVC template // +kubebuilder:pruning:PreserveUnknownFields // +optional - VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` + VolumeClaimTemplate *VolumeClaimTemplate `json:"volumeClaimTemplate,omitempty"` } // MgrSpec represents options to configure a ceph mgr @@ -1171,7 +1184,7 @@ type MetadataServerSpec struct { // +optional Labels Labels `json:"labels,omitempty"` - // The resource requirements for the rgw pods + // The resource requirements for the mds pods // +kubebuilder:pruning:PreserveUnknownFields // +nullable // +optional @@ -2814,7 +2827,7 @@ type Selection struct { Devices []Device `json:"devices,omitempty"` // PersistentVolumeClaims to use as storage // +optional - VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty"` + VolumeClaimTemplates []VolumeClaimTemplate `json:"volumeClaimTemplates,omitempty"` } // PlacementSpec is the placement for core ceph daemons part of the CephCluster CRD @@ -2883,7 +2896,7 @@ type StorageClassDeviceSet struct { // +optional Config map[string]string `json:"config,omitempty"` // VolumeClaimTemplates is a list of PVC templates for the underlying storage devices - VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates"` + VolumeClaimTemplates []VolumeClaimTemplate `json:"volumeClaimTemplates"` // Portable represents OSD portability across the hosts // +optional Portable bool `json:"portable,omitempty"` diff --git a/pkg/apis/ceph.rook.io/v1/volume.go b/pkg/apis/ceph.rook.io/v1/volume.go index cc959c68aa9a..9acb4d8e1de7 100644 --- a/pkg/apis/ceph.rook.io/v1/volume.go +++ b/pkg/apis/ceph.rook.io/v1/volume.go @@ -48,3 +48,13 @@ func (src *ConfigFileVolumeSource) ToKubernetesVolumeSource() *corev1.VolumeSour return dst } + +func (t *VolumeClaimTemplate) ToPVC() *corev1.PersistentVolumeClaim { + if t == nil { + return nil + } + return &corev1.PersistentVolumeClaim{ + ObjectMeta: *t.ObjectMeta.DeepCopy(), + Spec: *t.Spec.DeepCopy(), + } +} diff --git a/pkg/apis/ceph.rook.io/v1/zz_generated.deepcopy.go b/pkg/apis/ceph.rook.io/v1/zz_generated.deepcopy.go index 4d30bb219cbb..d70a304f2044 100644 --- a/pkg/apis/ceph.rook.io/v1/zz_generated.deepcopy.go +++ b/pkg/apis/ceph.rook.io/v1/zz_generated.deepcopy.go @@ -3058,7 +3058,7 @@ func (in *MonSpec) DeepCopyInto(out *MonSpec) { } if in.VolumeClaimTemplate != nil { in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate - *out = new(corev1.PersistentVolumeClaim) + *out = new(VolumeClaimTemplate) (*in).DeepCopyInto(*out) } return @@ -3079,7 +3079,7 @@ func (in *MonZoneSpec) DeepCopyInto(out *MonZoneSpec) { *out = *in if in.VolumeClaimTemplate != nil { in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate - *out = new(corev1.PersistentVolumeClaim) + *out = new(VolumeClaimTemplate) (*in).DeepCopyInto(*out) } return @@ -4240,7 +4240,7 @@ func (in *Selection) DeepCopyInto(out *Selection) { } if in.VolumeClaimTemplates != nil { in, out := &in.VolumeClaimTemplates, &out.VolumeClaimTemplates - *out = make([]corev1.PersistentVolumeClaim, len(*in)) + *out = make([]VolumeClaimTemplate, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4408,7 +4408,7 @@ func (in *StorageClassDeviceSet) DeepCopyInto(out *StorageClassDeviceSet) { } if in.VolumeClaimTemplates != nil { in, out := &in.VolumeClaimTemplates, &out.VolumeClaimTemplates - *out = make([]corev1.PersistentVolumeClaim, len(*in)) + *out = make([]VolumeClaimTemplate, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -4519,6 +4519,24 @@ func (in *TopicEndpointSpec) DeepCopy() *TopicEndpointSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeClaimTemplate) DeepCopyInto(out *VolumeClaimTemplate) { + *out = *in + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeClaimTemplate. +func (in *VolumeClaimTemplate) DeepCopy() *VolumeClaimTemplate { + if in == nil { + return nil + } + out := new(VolumeClaimTemplate) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ZoneSpec) DeepCopyInto(out *ZoneSpec) { *out = *in diff --git a/pkg/daemon/ceph/osd/remove_test.go b/pkg/daemon/ceph/osd/remove_test.go index 7124cd510f71..cbbaf00fdc13 100644 --- a/pkg/daemon/ceph/osd/remove_test.go +++ b/pkg/daemon/ceph/osd/remove_test.go @@ -74,7 +74,7 @@ func TestRemovePVCs(t *testing.T) { Name: "mydata", Count: 2, Portable: true, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{testVolumeClaim("data")}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{testVolumeClaim("data")}, SchedulerName: "custom-scheduler", } err := createTestPVCs(context, clusterInfo, deviceSet) @@ -114,7 +114,7 @@ func TestRemovePVCs(t *testing.T) { Name: "mydata", Count: 2, Portable: true, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{testVolumeClaim("data"), testVolumeClaim("metadata"), testVolumeClaim("wal")}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{testVolumeClaim("data"), testVolumeClaim("metadata"), testVolumeClaim("wal")}, SchedulerName: "custom-scheduler", } err := createTestPVCs(context, clusterInfo, deviceSet) @@ -153,9 +153,9 @@ func createTestPVCs(clusterdContext *clusterd.Context, clusterInfo *client.Clust return cluster.PrepareStorageClassDeviceSets() } -func testVolumeClaim(name string) corev1.PersistentVolumeClaim { +func testVolumeClaim(name string) cephv1.VolumeClaimTemplate { storageClass := "mysource" - claim := corev1.PersistentVolumeClaim{Spec: corev1.PersistentVolumeClaimSpec{ + claim := cephv1.VolumeClaimTemplate{Spec: corev1.PersistentVolumeClaimSpec{ StorageClassName: &storageClass, }} claim.Name = name diff --git a/pkg/operator/ceph/cluster/mon/drain.go b/pkg/operator/ceph/cluster/mon/drain.go index d1b745fdf283..08e8b511a1ec 100644 --- a/pkg/operator/ceph/cluster/mon/drain.go +++ b/pkg/operator/ceph/cluster/mon/drain.go @@ -43,7 +43,7 @@ func (c *Cluster) reconcileMonPDB() error { return nil } - op, err := c.createOrUpdateMonPDB(1) + op, err := c.createOrUpdateMonPDB(c.getMaxUnavailableMonPodCount()) if err != nil { return errors.Wrapf(err, "failed to reconcile mon pdb on op %q", op) } @@ -108,10 +108,18 @@ func (c *Cluster) allowMonDrain(request types.NamespacedName) error { return nil } logger.Info("allow voluntary mon drain after failover") - // change MaxUnavailable mon PDB to 1 - _, err := c.createOrUpdateMonPDB(1) + _, err := c.createOrUpdateMonPDB(c.getMaxUnavailableMonPodCount()) if err != nil { return errors.Wrapf(err, "failed to update MaxUnavailable for mon PDB %q", request.Name) } return nil } + +func (c *Cluster) getMaxUnavailableMonPodCount() int32 { + if c.spec.Mon.Count >= 5 { + logger.Debug("setting the mon pdb max unavailable count to 2 in case there are 5 or more mons") + return 2 + } + + return 1 +} diff --git a/pkg/operator/ceph/cluster/mon/drain_test.go b/pkg/operator/ceph/cluster/mon/drain_test.go index 0bff39becf4c..c2024d965e05 100644 --- a/pkg/operator/ceph/cluster/mon/drain_test.go +++ b/pkg/operator/ceph/cluster/mon/drain_test.go @@ -102,7 +102,7 @@ func TestReconcileMonPDB(t *testing.T) { }, }, }, - expectedMaxUnAvailable: 1, + expectedMaxUnAvailable: 2, errorExpected: false, }, } diff --git a/pkg/operator/ceph/cluster/mon/health_test.go b/pkg/operator/ceph/cluster/mon/health_test.go index bc0b7297aab2..36035d7c66d5 100644 --- a/pkg/operator/ceph/cluster/mon/health_test.go +++ b/pkg/operator/ceph/cluster/mon/health_test.go @@ -121,7 +121,7 @@ func TestCheckHealth(t *testing.T) { // Check that their PVCs are not garbage collected after we create fake PVCs badMon := "c" goodMons := []string{"a", "g", "h"} - c.spec.Mon.VolumeClaimTemplate = &v1.PersistentVolumeClaim{} + c.spec.Mon.VolumeClaimTemplate = &cephv1.VolumeClaimTemplate{} for _, name := range append(goodMons, badMon) { m := &monConfig{ResourceName: "rook-ceph-mon-" + name, DaemonName: name} pvc, err := c.makeDeploymentPVC(m, true) diff --git a/pkg/operator/ceph/cluster/mon/mon.go b/pkg/operator/ceph/cluster/mon/mon.go index d2cf989ea6df..fbceb5f6c186 100644 --- a/pkg/operator/ceph/cluster/mon/mon.go +++ b/pkg/operator/ceph/cluster/mon/mon.go @@ -979,7 +979,7 @@ func (c *Cluster) monVolumeClaimTemplate(mon *monConfig) *v1.PersistentVolumeCla if zone.Name == mon.Zone { if zone.VolumeClaimTemplate != nil { // Found an override for the volume claim template in the zone - return zone.VolumeClaimTemplate + return zone.VolumeClaimTemplate.ToPVC() } break } @@ -987,7 +987,7 @@ func (c *Cluster) monVolumeClaimTemplate(mon *monConfig) *v1.PersistentVolumeCla } // Return the default template since one wasn't found in the zone or zone was not specified - return c.spec.Mon.VolumeClaimTemplate + return c.spec.Mon.VolumeClaimTemplate.ToPVC() } func (c *Cluster) startDeployments(mons []*monConfig, requireAllInQuorum bool) error { @@ -1346,7 +1346,7 @@ func (c *Cluster) startMon(m *monConfig, schedule *controller.MonScheduleInfo) e p.ApplyToPodSpec(&d.Spec.Template.Spec) if deploymentExists { // skip update if mon path has changed - if hasMonPathChanged(existingDeployment, c.spec.Mon.VolumeClaimTemplate) { + if hasMonPathChanged(existingDeployment, c.spec.Mon.VolumeClaimTemplate.ToPVC()) { c.monsToFailover.Insert(m.DaemonName) return nil } diff --git a/pkg/operator/ceph/cluster/mon/mon_test.go b/pkg/operator/ceph/cluster/mon/mon_test.go index c23d130e36bc..a0547f1a8575 100644 --- a/pkg/operator/ceph/cluster/mon/mon_test.go +++ b/pkg/operator/ceph/cluster/mon/mon_test.go @@ -166,7 +166,7 @@ func TestStartMonDeployment(t *testing.T) { // Start mon b on any node in a zone since there is a volumeClaimTemplate m = &monConfig{ResourceName: "rook-ceph-mon-b", DaemonName: "b", Port: 3300, PublicIP: "1.2.3.5", DataPathMap: &config.DataPathMap{}} schedule = &opcontroller.MonScheduleInfo{Hostname: "host-b", Zone: "zoneb"} - c.spec.Mon.VolumeClaimTemplate = &v1.PersistentVolumeClaim{} + c.spec.Mon.VolumeClaimTemplate = &cephv1.VolumeClaimTemplate{} err = c.startMon(m, schedule) assert.NoError(t, err) deployment, err = c.context.Clientset.AppsV1().Deployments(c.Namespace).Get(c.ClusterInfo.Context, m.ResourceName, metav1.GetOptions{}) @@ -647,8 +647,8 @@ func TestFindAvailableZoneForStretchedMon(t *testing.T) { func TestMonVolumeClaimTemplate(t *testing.T) { generalSC := "generalSC" zoneSC := "zoneSC" - defaultTemplate := &v1.PersistentVolumeClaim{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &generalSC}} - zoneTemplate := &v1.PersistentVolumeClaim{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &zoneSC}} + defaultTemplate := &cephv1.VolumeClaimTemplate{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &generalSC}} + zoneTemplate := &cephv1.VolumeClaimTemplate{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &zoneSC}} type fields struct { spec cephv1.ClusterSpec } @@ -662,17 +662,17 @@ func TestMonVolumeClaimTemplate(t *testing.T) { want *v1.PersistentVolumeClaim }{ {"no template", fields{cephv1.ClusterSpec{}}, args{&monConfig{Zone: "z1"}}, nil}, - {"default template", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{VolumeClaimTemplate: defaultTemplate}}}, args{&monConfig{Zone: "z1"}}, defaultTemplate}, + {"default template", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{VolumeClaimTemplate: defaultTemplate}}}, args{&monConfig{Zone: "z1"}}, defaultTemplate.ToPVC()}, {"default template with 3 zones", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{ VolumeClaimTemplate: defaultTemplate, Zones: []cephv1.MonZoneSpec{{Name: "z1"}, {Name: "z2"}, {Name: "z3"}}}}}, args{&monConfig{Zone: "z1"}}, - defaultTemplate}, + defaultTemplate.ToPVC()}, {"overridden template", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{ VolumeClaimTemplate: defaultTemplate, Zones: []cephv1.MonZoneSpec{{Name: "z1", VolumeClaimTemplate: zoneTemplate}, {Name: "z2"}, {Name: "z3"}}}}}, args{&monConfig{Zone: "z1"}}, - zoneTemplate}, + zoneTemplate.ToPVC()}, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -688,8 +688,8 @@ func TestMonVolumeClaimTemplate(t *testing.T) { func TestStretchMonVolumeClaimTemplate(t *testing.T) { generalSC := "generalSC" zoneSC := "zoneSC" - defaultTemplate := &v1.PersistentVolumeClaim{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &generalSC}} - zoneTemplate := &v1.PersistentVolumeClaim{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &zoneSC}} + defaultTemplate := &cephv1.VolumeClaimTemplate{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &generalSC}} + zoneTemplate := &cephv1.VolumeClaimTemplate{Spec: v1.PersistentVolumeClaimSpec{StorageClassName: &zoneSC}} type fields struct { spec cephv1.ClusterSpec } @@ -703,17 +703,17 @@ func TestStretchMonVolumeClaimTemplate(t *testing.T) { want *v1.PersistentVolumeClaim }{ {"no template", fields{cephv1.ClusterSpec{}}, args{&monConfig{Zone: "z1"}}, nil}, - {"default template", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{VolumeClaimTemplate: defaultTemplate}}}, args{&monConfig{Zone: "z1"}}, defaultTemplate}, + {"default template", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{VolumeClaimTemplate: defaultTemplate}}}, args{&monConfig{Zone: "z1"}}, defaultTemplate.ToPVC()}, {"default template with 3 zones", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{ VolumeClaimTemplate: defaultTemplate, StretchCluster: &cephv1.StretchClusterSpec{Zones: []cephv1.MonZoneSpec{{Name: "z1"}, {Name: "z2"}, {Name: "z3"}}}}}}, args{&monConfig{Zone: "z1"}}, - defaultTemplate}, + defaultTemplate.ToPVC()}, {"overridden template", fields{cephv1.ClusterSpec{Mon: cephv1.MonSpec{ VolumeClaimTemplate: defaultTemplate, StretchCluster: &cephv1.StretchClusterSpec{Zones: []cephv1.MonZoneSpec{{Name: "z1", VolumeClaimTemplate: zoneTemplate}, {Name: "z2"}, {Name: "z3"}}}}}}, args{&monConfig{Zone: "z1"}}, - zoneTemplate}, + zoneTemplate.ToPVC()}, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { diff --git a/pkg/operator/ceph/cluster/mon/spec_test.go b/pkg/operator/ceph/cluster/mon/spec_test.go index 3c5d0b43280f..8023acbcba4e 100644 --- a/pkg/operator/ceph/cluster/mon/spec_test.go +++ b/pkg/operator/ceph/cluster/mon/spec_test.go @@ -129,7 +129,7 @@ func TestDeploymentPVCSpec(t *testing.T) { monConfig := testGenMonConfig("a") // configured with default storage request - c.spec.Mon.VolumeClaimTemplate = &v1.PersistentVolumeClaim{} + c.spec.Mon.VolumeClaimTemplate = &cephv1.VolumeClaimTemplate{} pvc, err := c.makeDeploymentPVC(monConfig, false) assert.NoError(t, err) defaultReq, err := resource.ParseQuantity(cephMonDefaultStorageRequest) @@ -139,7 +139,7 @@ func TestDeploymentPVCSpec(t *testing.T) { // limit is preserved req, err := resource.ParseQuantity("22Gi") assert.NoError(t, err) - c.spec.Mon.VolumeClaimTemplate = &v1.PersistentVolumeClaim{ + c.spec.Mon.VolumeClaimTemplate = &cephv1.VolumeClaimTemplate{ Spec: v1.PersistentVolumeClaimSpec{ Resources: v1.VolumeResourceRequirements{ Limits: v1.ResourceList{v1.ResourceStorage: req}, @@ -153,7 +153,7 @@ func TestDeploymentPVCSpec(t *testing.T) { // request is preserved req, err = resource.ParseQuantity("23Gi") assert.NoError(t, err) - c.spec.Mon.VolumeClaimTemplate = &v1.PersistentVolumeClaim{ + c.spec.Mon.VolumeClaimTemplate = &cephv1.VolumeClaimTemplate{ Spec: v1.PersistentVolumeClaimSpec{ Resources: v1.VolumeResourceRequirements{ Requests: v1.ResourceList{v1.ResourceStorage: req}, diff --git a/pkg/operator/ceph/cluster/osd/create_test.go b/pkg/operator/ceph/cluster/osd/create_test.go index cd6596a31a80..54722eb53a1c 100644 --- a/pkg/operator/ceph/cluster/osd/create_test.go +++ b/pkg/operator/ceph/cluster/osd/create_test.go @@ -352,7 +352,7 @@ func Test_startProvisioningOverPVCs(t *testing.T) { { Name: "set1", Count: 0, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{ newDummyPVC("data", namespace, "10Gi", "gp2"), }, }, @@ -377,7 +377,7 @@ func Test_startProvisioningOverPVCs(t *testing.T) { { Name: "set1", Count: 2, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{ newDummyPVC("data", namespace, "10Gi", "gp2"), }, }, @@ -413,7 +413,7 @@ func Test_startProvisioningOverPVCs(t *testing.T) { { Name: "set1", Count: 2, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{}, }, }, }, @@ -639,9 +639,9 @@ func Test_startProvisioningOverNodes(t *testing.T) { }) } -func newDummyPVC(name, namespace string, capacity string, storageClassName string) corev1.PersistentVolumeClaim { +func newDummyPVC(name, namespace string, capacity string, storageClassName string) cephv1.VolumeClaimTemplate { volMode := corev1.PersistentVolumeBlock - return corev1.PersistentVolumeClaim{ + return cephv1.VolumeClaimTemplate{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, diff --git a/pkg/operator/ceph/cluster/osd/deviceSet.go b/pkg/operator/ceph/cluster/osd/deviceSet.go index 512e235b97d8..0b987212b2a5 100644 --- a/pkg/operator/ceph/cluster/osd/deviceSet.go +++ b/pkg/operator/ceph/cluster/osd/deviceSet.go @@ -155,7 +155,7 @@ func (c *Cluster) createDeviceSetPVCsForIndex(newDeviceSet cephv1.StorageClassDe } typesFound.Insert(pvcTemplate.Name) - pvc, err := c.createDeviceSetPVC(existingPVCs, newDeviceSet.Name, pvcTemplate, setIndex) + pvc, err := c.createDeviceSetPVC(existingPVCs, newDeviceSet.Name, *pvcTemplate.ToPVC(), setIndex) if err != nil { errs.addError("failed to provision PVC for device set %q index %d. %v", newDeviceSet.Name, setIndex, err) continue diff --git a/pkg/operator/ceph/cluster/osd/deviceset_test.go b/pkg/operator/ceph/cluster/osd/deviceset_test.go index 218dd20d3577..0dd2f4cf6d9e 100644 --- a/pkg/operator/ceph/cluster/osd/deviceset_test.go +++ b/pkg/operator/ceph/cluster/osd/deviceset_test.go @@ -51,7 +51,7 @@ func testPrepareDeviceSets(t *testing.T, setTemplateName bool) { Name: "mydata", Count: 1, Portable: true, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{claim}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{claim}, SchedulerName: "custom-scheduler", } spec := cephv1.ClusterSpec{ @@ -104,7 +104,7 @@ func TestPrepareDeviceSetWithHolesInPVCs(t *testing.T) { Name: "mydata", Count: 1, Portable: true, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{testVolumeClaim("data"), testVolumeClaim("metadata"), testVolumeClaim("wal")}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{testVolumeClaim("data"), testVolumeClaim("metadata"), testVolumeClaim("wal")}, SchedulerName: "custom-scheduler", } spec := cephv1.ClusterSpec{ @@ -231,9 +231,9 @@ func assertPVCExists(t *testing.T, clientset kubernetes.Interface, namespace, na assert.NotNil(t, pvc) } -func testVolumeClaim(name string) corev1.PersistentVolumeClaim { +func testVolumeClaim(name string) cephv1.VolumeClaimTemplate { storageClass := "mysource" - claim := corev1.PersistentVolumeClaim{Spec: corev1.PersistentVolumeClaimSpec{ + claim := cephv1.VolumeClaimTemplate{Spec: corev1.PersistentVolumeClaimSpec{ StorageClassName: &storageClass, }} claim.Name = name @@ -249,7 +249,7 @@ func TestPrepareDeviceSetsWithCrushParams(t *testing.T) { deviceSet := cephv1.StorageClassDeviceSet{ Name: "datawithcrushparams1", Count: 1, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{testVolumeClaim("testwithcrushparams1")}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{testVolumeClaim("testwithcrushparams1")}, SchedulerName: "custom-scheduler", } deviceSet.VolumeClaimTemplates[0].Annotations = map[string]string{ diff --git a/pkg/operator/ceph/cluster/osd/integration_test.go b/pkg/operator/ceph/cluster/osd/integration_test.go index 252f69cc847b..54928ab13654 100644 --- a/pkg/operator/ceph/cluster/osd/integration_test.go +++ b/pkg/operator/ceph/cluster/osd/integration_test.go @@ -470,7 +470,7 @@ func testOSDIntegration(t *testing.T) { Name: "new", Count: 3, Portable: true, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{}, + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{}, } cephCluster.Spec.Storage.StorageClassDeviceSets = append(cephCluster.Spec.Storage.StorageClassDeviceSets, newSCDS) @@ -487,7 +487,7 @@ func testOSDIntegration(t *testing.T) { assert.Len(t, deploymentsCreated, 0) assert.Len(t, deploymentsUpdated, 34) - cephCluster.Spec.Storage.StorageClassDeviceSets[2].VolumeClaimTemplates = []corev1.PersistentVolumeClaim{ + cephCluster.Spec.Storage.StorageClassDeviceSets[2].VolumeClaimTemplates = []cephv1.VolumeClaimTemplate{ newDummyPVC("data", namespace, "100Gi", "ec2"), newDummyPVC("metadata", namespace, "10Gi", "uncle-rogers-secret-stuff"), } @@ -631,7 +631,7 @@ func newDummyStorageClassDeviceSet( Name: name, Count: count, Portable: portable, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + VolumeClaimTemplates: []cephv1.VolumeClaimTemplate{ newDummyPVC("data", namespace, "10Gi", storageClassName), }, } diff --git a/pkg/operator/ceph/cluster/watcher.go b/pkg/operator/ceph/cluster/watcher.go index 92756e7060df..4f899450e61e 100644 --- a/pkg/operator/ceph/cluster/watcher.go +++ b/pkg/operator/ceph/cluster/watcher.go @@ -60,8 +60,7 @@ var ( // drivers that supports fencing, used in naming networkFence object const ( - rbdDriver = "rbd" - cephfsDriver = "cephfs" + rbdDriver = "rbd" ) func newClientCluster(client client.Client, namespace string, context *clusterd.Context) *clientCluster { @@ -201,11 +200,6 @@ func (c *clientCluster) handleNodeFailure(ctx context.Context, cluster *cephv1.C return pkgerror.Wrapf(err, "failed to delete rbd network fence for node %q.", node.Name) } - err = c.unfenceAndDeleteNetworkFence(ctx, *node, cluster, cephfsDriver) - if err != nil { - return pkgerror.Wrapf(err, "failed to delete cephFS network fence for node %q.", node.Name) - } - return nil } @@ -217,9 +211,9 @@ func (c *clientCluster) fenceNode(ctx context.Context, node *corev1.Node, cluste } logger.Debugf("volumesInuse %s", volumesInuse) - rbdVolumesInUse, cephFSVolumeInUse := getCephVolumesInUse(cluster, volumesInuse) - if len(rbdVolumesInUse) == 0 && len(cephFSVolumeInUse) == 0 { - logger.Debugf("no rbd or cephFS volumes in use for out of service node %q", node.Name) + rbdVolumesInUse := getCephVolumesInUse(cluster, volumesInuse) + if len(rbdVolumesInUse) == 0 { + logger.Debugf("no rbd volumes in use for out of service node %q", node.Name) return nil } @@ -258,46 +252,11 @@ func (c *clientCluster) fenceNode(ctx context.Context, node *corev1.Node, cluste } } - if len(cephFSVolumeInUse) != 0 { - cephFSVolumeInUseMap := make(map[string]struct{}) - for _, vol := range cephFSVolumeInUse { - cephFSVolumeInUseMap[vol] = struct{}{} - } - cephFSPVList := listRWOCephFSPV(listPVs, cluster, cephFSVolumeInUseMap) - if len(cephFSPVList) == 0 { - logger.Debug("No cephFS PVs found on the node") - return nil - } - logger.Infof("node %q require fencing, found cephFS volumes in use", node.Name) - clusterInfo, _, _, err := opcontroller.LoadClusterInfo(c.context, ctx, cluster.Namespace, &cluster.Spec) - if err != nil { - return pkgerror.Wrapf(err, "Failed to load cluster info.") - } - - for i := range cephFSPVList { - err = c.fenceCephFSVolume(ctx, node, cluster, clusterInfo, cephFSPVList[i]) - // We only need to create the network fence for any one of cephFS pv. - if err == nil { - break - } - - // continue to fence next rbd volume if active client not found - if stderrors.Is(err, errActiveClientNotFound) { - continue - } - if i == len(cephFSPVList)-1 { - return pkgerror.Wrapf(err, "failed to fence cephFS volumes") - } - logger.Errorf("failed to fence cephFS volumes %q, trying next cephFS volume", cephFSPVList[i].Name) - } - - } - return nil } -func getCephVolumesInUse(cluster *cephv1.CephCluster, volumesInUse []corev1.UniqueVolumeName) ([]string, []string) { - var rbdVolumesInUse, cephFSVolumeInUse []string +func getCephVolumesInUse(cluster *cephv1.CephCluster, volumesInUse []corev1.UniqueVolumeName) []string { + var rbdVolumesInUse []string for _, volume := range volumesInUse { splitVolumeInUseBased := trimeVolumeInUse(volume) @@ -306,13 +265,9 @@ func getCephVolumesInUse(cluster *cephv1.CephCluster, volumesInUse []corev1.Uniq if len(splitVolumeInUseBased) == 2 && splitVolumeInUseBased[0] == fmt.Sprintf("%s.rbd.csi.ceph.com", cluster.Namespace) { rbdVolumesInUse = append(rbdVolumesInUse, splitVolumeInUseBased[1]) } - - if len(splitVolumeInUseBased) == 2 && splitVolumeInUseBased[0] == fmt.Sprintf("%s.cephfs.csi.ceph.com", cluster.Namespace) { - cephFSVolumeInUse = append(cephFSVolumeInUse, splitVolumeInUseBased[1]) - } } - return rbdVolumesInUse, cephFSVolumeInUse + return rbdVolumesInUse } func trimeVolumeInUse(volume corev1.UniqueVolumeName) []string { @@ -351,36 +306,6 @@ func listRBDPV(listPVs *corev1.PersistentVolumeList, cluster *cephv1.CephCluster return listRbdPV } -func listRWOCephFSPV(listPVs *corev1.PersistentVolumeList, cluster *cephv1.CephCluster, cephFSVolumesInUse map[string]struct{}) []corev1.PersistentVolume { - var listCephFSPV []corev1.PersistentVolume - - for _, pv := range listPVs.Items { - // Skip if pv is not provisioned by CSI - if pv.Spec.CSI == nil { - logger.Debugf("pv %q is not provisioned by CSI", pv.Name) - continue - } - - if pv.Spec.CSI.Driver == fmt.Sprintf("%s.cephfs.csi.ceph.com", cluster.Namespace) { - // Ignore PVs that support multinode access (RWX, ROX), since they can be mounted on multiple nodes. - if pvSupportsMultiNodeAccess(pv.Spec.AccessModes) { - continue - } - - if pv.Spec.CSI.VolumeAttributes["staticVolume"] == "true" { - logger.Debugf("skipping, static pv %q", pv.Name) - continue - } - // Check if the volume is in use - if _, exists := cephFSVolumesInUse[pv.Spec.CSI.VolumeHandle]; exists { - listCephFSPV = append(listCephFSPV, pv) - } - } - - } - return listCephFSPV -} - // pvSupportsMultiNodeAccess returns true if the PV access modes contain ReadWriteMany or ReadOnlyMany. func pvSupportsMultiNodeAccess(accessModes []corev1.PersistentVolumeAccessMode) bool { for _, accessMode := range accessModes { @@ -423,85 +348,6 @@ func (c *clientCluster) fenceRbdImage( return nil } -func (c *clientCluster) fenceCephFSVolume( - ctx context.Context, node *corev1.Node, cluster *cephv1.CephCluster, - clusterInfo *cephclient.ClusterInfo, cephFSPV corev1.PersistentVolume) error { - - logger.Infof("fencing cephfs volume %q on node %q", cephFSPV.Name, node.Name) - - status, err := cephclient.StatusWithUser(c.context, clusterInfo) - if err != nil { - return pkgerror.Wrapf(err, "failed to get ceph status for check active mds") - } - - var activeMDS string - for _, fsRank := range status.Fsmap.ByRank { - if fsRank.Status == "up:active" { - activeMDS = fsRank.Name - } - } - - args := []string{"tell", fmt.Sprintf("mds.%s", activeMDS), "client", "ls", "--format", "json"} - cmd := cephclient.NewCephCommand(c.context, clusterInfo, args) - cmd.JsonOutput = true - - buf, err := cmd.Run() - if err != nil { - return fmt.Errorf("failed to list watchers for cephfs pool/subvoumeName %s/%s. %v", cephFSPV.Spec.CSI.VolumeAttributes["pool"], cephFSPV.Spec.CSI.VolumeAttributes["subvolumeName"], err) - } - ips, err := cephFSMDSClientMarshal(buf, cephFSPV) - if err != nil { - return pkgerror.Wrapf(err, "failed to unmarshal cephfs mds output") - } - - if len(ips) == 0 { - logger.Infof("no active mds clients found for cephfs volume %q", cephFSPV.Name) - return errActiveClientNotFound - } - - err = c.createNetworkFence(ctx, cephFSPV, node, cluster, ips, cephfsDriver) - if err != nil { - return pkgerror.Wrapf(err, "failed to create network fence for node %q", node.Name) - } - - return nil -} - -func cephFSMDSClientMarshal(output []byte, cephFSPV corev1.PersistentVolume) ([]string, error) { - type entity struct { - Addr struct { - Addr string `json:"addr"` - Nonce int `json:"nonce"` - } `json:"addr"` - } - - type clientMetadata struct { - Root string `json:"root"` - } - - type cephFSData struct { - Entity entity `json:"entity"` - ClientMetadata clientMetadata `json:"client_metadata"` - } - - var data []cephFSData - err := json.Unmarshal([]byte(output), &data) - if err != nil { - return []string{}, pkgerror.Wrapf(err, "failed to unmarshal cephFS data output") - } - - watcherIPlist := []string{} - for _, d := range data { - if cephFSPV.Spec.CSI.VolumeAttributes["subvolumePath"] == d.ClientMetadata.Root { - logger.Infof("cephfs mds client ips to fence %v", d.Entity.Addr) - watcherIP := concatenateWatcherIp(d.Entity.Addr.Addr) - watcherIPlist = append(watcherIPlist, watcherIP) - } - } - - return watcherIPlist, nil -} - func rbdStatusUnMarshal(output []byte) ([]string, error) { type rbdStatus struct { Watchers []struct { @@ -524,8 +370,7 @@ func rbdStatusUnMarshal(output []byte) ([]string, error) { } func concatenateWatcherIp(address string) string { - // address is in format `10.63.0.5:0/1254753579` for rbd and - // in the format '10.244.0.12:0' for cephfs + // address is in format `10.63.0.5:0/1254753579` for rbd // split with separation ':0' to remove nounce and concatenating `/32` to define a network with only one IP address watcherIP := strings.Split(address, ":0")[0] + "/32" return watcherIP @@ -604,8 +449,8 @@ func (c *clientCluster) unfenceAndDeleteNetworkFence(ctx context.Context, node c return false, err } - if networkFence.Spec.FenceState != addonsv1alpha1.Unfenced { - logger.Infof("waiting for network fence CR %s to get in %s state before deletion", networkFence.Name, addonsv1alpha1.Unfenced) + if networkFence.Status.Message != addonsv1alpha1.UnFenceOperationSuccessfulMessage { + logger.Infof("waiting for network fence CR %q status to get result %q", networkFence.Name, addonsv1alpha1.UnFenceOperationSuccessfulMessage) return false, err } diff --git a/pkg/operator/ceph/cluster/watcher_test.go b/pkg/operator/ceph/cluster/watcher_test.go index 29b6d60f8e7c..e3585ae81c34 100644 --- a/pkg/operator/ceph/cluster/watcher_test.go +++ b/pkg/operator/ceph/cluster/watcher_test.go @@ -206,7 +206,6 @@ func TestHandleNodeFailure(t *testing.T) { }, VolumesInUse: []corev1.UniqueVolumeName{ "kubernetes.io/csi/rook-ceph.rbd.csi.ceph.com^0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4002", - "kubernetes.io/csi/rook-ceph.cephfs.csi.ceph.com^0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4001", }, }, } @@ -234,30 +233,6 @@ func TestHandleNodeFailure(t *testing.T) { }, } - cephfsPV := &corev1.PersistentVolume{ - ObjectMeta: metav1.ObjectMeta{ - Name: "pvc-58469d41-f6c0-4720-b23a-0a0826b842ca", - Annotations: map[string]string{ - "pv.kubernetes.io/provisioned-by": fmt.Sprintf("%s.cephfs.csi.ceph.com", ns), - "volume.kubernetes.io/provisioner-deletion-secret-name": "rook-csi-cephfs-provisioner", - "volume.kubernetes.io/provisioner-deletion-secret-namespace": ns, - }, - }, - Spec: corev1.PersistentVolumeSpec{ - PersistentVolumeSource: corev1.PersistentVolumeSource{ - CSI: &corev1.CSIPersistentVolumeSource{ - Driver: fmt.Sprintf("%s.cephfs.csi.ceph.com", ns), - VolumeHandle: "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4001", - VolumeAttributes: map[string]string{ - "fsName": "myfs", - "subvolumePath": "/volumes/csi/csi-vol-58469d41-f6c0-4720-b23a-0a0826b842ca", - "subvolumeName": "csi-vol-58469d41-f6c0-4720-b23a-0a0826b842ca", - }, - }, - }, - }, - } - staticRbdPV := &corev1.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ Name: "pvc-58469d41-f6c0-4720-b23a-0a0826b841cb", @@ -278,28 +253,6 @@ func TestHandleNodeFailure(t *testing.T) { }, } - staticCephfsPV := &corev1.PersistentVolume{ - ObjectMeta: metav1.ObjectMeta{ - Name: "pvc-58469d41-f6c0-4720-b23a-0a0826b842cb", - Annotations: map[string]string{ - "pv.kubernetes.io/provisioned-by": fmt.Sprintf("%s.cephfs.csi.ceph.com", ns), - "volume.kubernetes.io/provisioner-deletion-secret-name": "rook-csi-cephfs-provisioner", - "volume.kubernetes.io/provisioner-deletion-secret-namespace": ns, - }, - }, - Spec: corev1.PersistentVolumeSpec{ - PersistentVolumeSource: corev1.PersistentVolumeSource{ - CSI: &corev1.CSIPersistentVolumeSource{ - Driver: fmt.Sprintf("%s.cephfs.csi.ceph.com", ns), - VolumeHandle: "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4001", - VolumeAttributes: map[string]string{ - "staticVolume": "true", - }, - }, - }, - }, - } - pvNotProvisionByCSI := &corev1.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ Name: "pvc-58469d41-f6c0-4720-b23a-0a0826b841cc", @@ -343,9 +296,6 @@ func TestHandleNodeFailure(t *testing.T) { _, err = c.context.Clientset.CoreV1().PersistentVolumes().Create(ctx, rbdPV, metav1.CreateOptions{}) assert.NoError(t, err) - _, err = c.context.Clientset.CoreV1().PersistentVolumes().Create(ctx, cephfsPV, metav1.CreateOptions{}) - assert.NoError(t, err) - _, err = c.context.ApiExtensionsClient.ApiextensionsV1().CustomResourceDefinitions().Create(ctx, &v1.CustomResourceDefinition{ObjectMeta: metav1.ObjectMeta{Name: "networkfences.csiaddons.openshift.io"}}, metav1.CreateOptions{}) assert.NoError(t, err) @@ -357,26 +307,19 @@ func TestHandleNodeFailure(t *testing.T) { err = c.client.Get(ctx, types.NamespacedName{Name: fenceResourceName(node.Name, rbdDriver, ns)}, networkFenceRbd) assert.NoError(t, err) - networkFenceCephFs := &addonsv1alpha1.NetworkFence{} - err = c.client.Get(ctx, types.NamespacedName{Name: fenceResourceName(node.Name, cephfsDriver, ns)}, networkFenceCephFs) - assert.NoError(t, err) - networkFences := &addonsv1alpha1.NetworkFenceList{} err = c.client.List(ctx, networkFences) assert.NoError(t, err) - var rbdCount, cephFsCount int + var rbdCount int for _, fence := range networkFences.Items { // Check if the resource is in the desired namespace if strings.Contains(fence.Name, rbdDriver) { rbdCount++ - } else if strings.Contains(fence.Name, cephfsDriver) { - cephFsCount++ } } assert.Equal(t, 1, rbdCount) - assert.Equal(t, 1, cephFsCount) // For static rbd pv _, err = c.context.Clientset.CoreV1().PersistentVolumes().Create(ctx, staticRbdPV, metav1.CreateOptions{}) @@ -385,28 +328,13 @@ func TestHandleNodeFailure(t *testing.T) { pvList, err := c.context.Clientset.CoreV1().PersistentVolumes().List(ctx, metav1.ListOptions{}) assert.NoError(t, err) - rbdVolumesInUse, _ := getCephVolumesInUse(cephCluster, node.Status.VolumesInUse) + rbdVolumesInUse := getCephVolumesInUse(cephCluster, node.Status.VolumesInUse) rbdPVList := listRBDPV(pvList, cephCluster, rbdVolumesInUse) assert.Equal(t, len(rbdPVList), 1) // it will be equal to one since we have one pv provisioned by csi named `rbdPV` err = c.handleNodeFailure(ctx, cephCluster, node) assert.NoError(t, err) - // For static cephfs pv - _, err = c.context.Clientset.CoreV1().PersistentVolumes().Create(ctx, staticCephfsPV, metav1.CreateOptions{}) - assert.NoError(t, err) - - pvList, err = c.context.Clientset.CoreV1().PersistentVolumes().List(ctx, metav1.ListOptions{}) - assert.NoError(t, err) - - _, cephFSVolumesInUse := getCephVolumesInUse(cephCluster, node.Status.VolumesInUse) - cephFSVolumesInUseMap := make(map[string]struct{}) - for _, vol := range cephFSVolumesInUse { - cephFSVolumesInUseMap[vol] = struct{}{} - } - cephFSPVList := listRWOCephFSPV(pvList, cephCluster, cephFSVolumesInUseMap) - assert.Equal(t, len(cephFSPVList), 1) // it will be equal to one since we have one pv provisioned by csi named `cephfsPV` - err = c.handleNodeFailure(ctx, cephCluster, node) assert.NoError(t, err) @@ -417,7 +345,7 @@ func TestHandleNodeFailure(t *testing.T) { pvList, err = c.context.Clientset.CoreV1().PersistentVolumes().List(ctx, metav1.ListOptions{}) assert.NoError(t, err) - rbdVolumesInUse, _ = getCephVolumesInUse(cephCluster, node.Status.VolumesInUse) + rbdVolumesInUse = getCephVolumesInUse(cephCluster, node.Status.VolumesInUse) rbdPVList = listRBDPV(pvList, cephCluster, rbdVolumesInUse) assert.Equal(t, len(rbdPVList), 1) // it will be equal to one since we have one pv provisioned by csi named `PV` @@ -427,15 +355,15 @@ func TestHandleNodeFailure(t *testing.T) { // When out-of-service taint is removed node.Spec.Taints = []corev1.Taint{} + networkFenceRbd.Status.Message = addonsv1alpha1.UnFenceOperationSuccessfulMessage + err = c.client.Update(ctx, networkFenceRbd) + assert.NoError(t, err) + err = c.handleNodeFailure(ctx, cephCluster, node) assert.NoError(t, err) err = c.client.Get(ctx, types.NamespacedName{Name: fenceResourceName(node.Name, rbdDriver, ns), Namespace: cephCluster.Namespace}, networkFenceRbd) assert.Error(t, err, kerrors.IsNotFound(err)) - - err = c.client.Get(ctx, types.NamespacedName{Name: fenceResourceName(node.Name, cephfsDriver, ns), Namespace: cephCluster.Namespace}, networkFenceCephFs) - assert.Error(t, err, kerrors.IsNotFound(err)) - } func TestGetCephVolumesInUse(t *testing.T) { @@ -443,8 +371,6 @@ func TestGetCephVolumesInUse(t *testing.T) { volInUse := []corev1.UniqueVolumeName{ "kubernetes.io/csi/rook-ceph.rbd.csi.ceph.com^0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4002", "kubernetes.io/csi/rook-ceph.rbd.csi.ceph.com^0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4003", - "kubernetes.io/csi/rook-ceph.cephfs.csi.ceph.com^0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4001", - "kubernetes.io/csi/rook-ceph.cephfs.csi.ceph.com^0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4004", } splitVolInUse := trimeVolumeInUse(volInUse[0]) @@ -455,21 +381,11 @@ func TestGetCephVolumesInUse(t *testing.T) { assert.Equal(t, splitVolInUse[0], "rook-ceph.rbd.csi.ceph.com") assert.Equal(t, splitVolInUse[1], "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4003") - splitVolInUse = trimeVolumeInUse(volInUse[2]) - assert.Equal(t, splitVolInUse[0], "rook-ceph.cephfs.csi.ceph.com") - assert.Equal(t, splitVolInUse[1], "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4001") - - splitVolInUse = trimeVolumeInUse(volInUse[3]) - assert.Equal(t, splitVolInUse[0], "rook-ceph.cephfs.csi.ceph.com") - assert.Equal(t, splitVolInUse[1], "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4004") - - trimRbdVolInUse, trimCephFSVolInUse := getCephVolumesInUse(cephCluster, volInUse) + trimRbdVolInUse := getCephVolumesInUse(cephCluster, volInUse) expectedRbd := []string{"0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4002", "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4003"} - expectedCephfs := []string{"0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4001", "0001-0009-rook-ceph-0000000000000002-24862838-240d-4215-9183-abfc0e9e4004"} assert.Equal(t, expectedRbd, trimRbdVolInUse) - assert.Equal(t, expectedCephfs, trimCephFSVolInUse) } func TestRBDStatusUnMarshal(t *testing.T) { diff --git a/pkg/operator/ceph/version/version.go b/pkg/operator/ceph/version/version.go index c27c20e203db..92d764d6e2fc 100644 --- a/pkg/operator/ceph/version/version.go +++ b/pkg/operator/ceph/version/version.go @@ -310,7 +310,7 @@ func ValidateCephVersionsBetweenLocalAndExternalClusters(localVersion, externalV // Local version must never be higher than the external one if IsSuperior(localVersion, externalVersion) { - return errors.Errorf("local cluster ceph version is higher %q than the external cluster %q, this must never happen", externalVersion.String(), localVersion.String()) + return errors.Errorf("local cluster ceph version %q is higher than the external cluster version %q, this must never happen", localVersion.String(), externalVersion.String()) } // External cluster was updated to a minor version higher, consider updating too! diff --git a/tests/framework/installer/ceph_installer.go b/tests/framework/installer/ceph_installer.go index 525f99d025d4..680925465974 100644 --- a/tests/framework/installer/ceph_installer.go +++ b/tests/framework/installer/ceph_installer.go @@ -520,7 +520,7 @@ func (h *CephInstaller) InstallRook() (bool, error) { if h.settings.UseHelm { // Install Prometheus so we can create the prometheus rules - args := []string{"apply", "-f", "https://raw.githubusercontent.com/coreos/prometheus-operator/v0.40.0/bundle.yaml"} + args := []string{"create", "-f", "https://raw.githubusercontent.com/coreos/prometheus-operator/v0.71.1/bundle.yaml"} _, err = h.k8shelper.MakeContext().Executor.ExecuteCommandWithOutput("kubectl", args...) if err != nil { return false, errors.Wrap(err, "failed to install prometheus") diff --git a/tests/scripts/auto-grow-storage.sh b/tests/scripts/auto-grow-storage.sh index 8871af059f36..38d5aa87030b 100755 --- a/tests/scripts/auto-grow-storage.sh +++ b/tests/scripts/auto-grow-storage.sh @@ -179,7 +179,7 @@ function growOSD(){ function creatingPrerequisites(){ echo "creating Prerequisites deployments - Prometheus Operator and Prometheus Instances" # creating Prometheus operator - kubectl apply -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.40.0/bundle.yaml + kubectl create -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.71.1/bundle.yaml # waiting for Prometheus operator to get ready timeout 30 sh -c "until [ $(kubectl get pod -l app.kubernetes.'io/name'=prometheus-operator -o json | jq -r '.items[0].status.phase') = Running ]; do echo 'waiting for prometheus-operator to get created' && sleep 1; done" # creating a service monitor that will watch the Rook cluster and collect metrics regularly diff --git a/tests/scripts/create-dev-cluster.sh b/tests/scripts/create-dev-cluster.sh index 3809c84b3ea9..cead784ce4ff 100755 --- a/tests/scripts/create-dev-cluster.sh +++ b/tests/scripts/create-dev-cluster.sh @@ -167,7 +167,7 @@ enable_rook_orchestrator() { enable_monitoring() { echo "Enabling monitoring" - $KUBECTL apply -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.40.0/bundle.yaml + $KUBECTL create -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.71.1/bundle.yaml $KUBECTL wait --for=condition=ready pod -l app.kubernetes.io/name=prometheus-operator --timeout=30s $KUBECTL apply -f monitoring/rbac.yaml $KUBECTL apply -f monitoring/service-monitor.yaml diff --git a/tests/scripts/github-action-helper.sh b/tests/scripts/github-action-helper.sh index faf23f116083..9af42bae4b99 100755 --- a/tests/scripts/github-action-helper.sh +++ b/tests/scripts/github-action-helper.sh @@ -296,7 +296,7 @@ function deploy_cluster() { fi # enable monitoring yq w -i -d0 cluster-test.yaml spec.monitoring.enabled true - kubectl apply -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.40.0/bundle.yaml + kubectl create -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.71.1/bundle.yaml kubectl create -f monitoring/rbac.yaml # create the cluster resources