diff --git a/charts/psmdb-db/Chart.yaml b/charts/psmdb-db/Chart.yaml index 0e95231d..401ec1a3 100644 --- a/charts/psmdb-db/Chart.yaml +++ b/charts/psmdb-db/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.17.0" +appVersion: "1.18.0" description: A Helm chart for installing Percona Server MongoDB Cluster Databases using the PSMDB Operator. name: psmdb-db home: https://www.percona.com/doc/kubernetes-operator-for-psmongodb/index.html -version: 1.17.1 +version: 1.18.0 maintainers: - name: tplavcic email: tomislav.plavcic@percona.com diff --git a/charts/psmdb-db/README.md b/charts/psmdb-db/README.md index 65396253..6b7671d2 100644 --- a/charts/psmdb-db/README.md +++ b/charts/psmdb-db/README.md @@ -3,32 +3,37 @@ This chart deploys Percona Server for MongoDB Cluster on Kubernetes controlled by Percona Operator for MongoDB. Useful links: + - [Operator Github repository](https://github.com/percona/percona-server-mongodb-operator) - [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-psmongodb/index.html) ## Pre-requisites -* Percona Operator for MongoDB running in your Kubernetes cluster. See installation details [here](https://github.com/percona/percona-helm-charts/blob/main/charts/psmdb-operator) or in the [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-psmongodb/helm.html). -* Kubernetes 1.27+ -* Helm v3 + +- Percona Operator for MongoDB running in your Kubernetes cluster. See installation details [here](https://github.com/percona/percona-helm-charts/blob/main/charts/psmdb-operator) or in the [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-psmongodb/helm.html). +- Kubernetes 1.28+ +- Helm v3 # Chart Details + This chart will deploy Percona Server for MongoDB Cluster in Kubernetes. It will create a Custom Resource, and the Operator will trigger the creation of corresponding Kubernetes primitives: StatefulSets, Pods, Secrets, etc. ## Installing the Chart + To install the chart with the `psmdb` release name using a dedicated namespace (recommended): ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-db percona/psmdb-db --version 1.17.0 --namespace my-namespace +helm install my-db percona/psmdb-db --version 1.18.0 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | --------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | -| `crVersion` | CR Cluster Manifest version | `1.17.0` | +| `crVersion` | CR Cluster Manifest version | `1.18.0` | | `pause` | Stop PSMDB Database safely | `false` | | `unmanaged` | Start cluster and don't manage it (cross cluster replication) | `false` | +| `enableVolumeExpansion` | Allows to resize `PersistentVolumeClaim`s by changing `.volumeSpec.persistentVolumeClaim.resources` field | `false` | | `unsafeFlags.tls` | Allows users from configuring a cluster without TLS/SSL certificates | `false` | | `unsafeFlags.replsetSize` | Allows users from configuring a cluster with unsafe parameters: starting it with less than 3 replica set instances or with an even number of replica set instances without additional arbiter | `false` | | `unsafeFlags.mongosSize` | Allows users from configuring a sharded cluster with less than 3 config server Pods or less than 2 mongos Pods | `false` | @@ -48,8 +53,9 @@ The chart can be customized using the following configurable parameters: | `upgradeOptions.setFCV` | Set feature compatibility version on major upgrade | `false` | | `finalizers:percona.com/delete-psmdb-pvc` | Set this if you want to delete database persistent volumes on cluster deletion | `[]` | | `finalizers:percona.com/delete-psmdb-pods-in-order` | Set this if you want to delete PSMDB pods in order (primary last) | `[]` | +| `finalizers:percona.com/delete-pitr-chunks` | Set this if you want to delete all pitr chunks on cluster deletion | `[]` | | `image.repository` | PSMDB Container image repository | `percona/percona-server-mongodb` | -| `image.tag` | PSMDB Container image tag | `7.0.12-7` | +| `image.tag` | PSMDB Container image tag | `7.0.14-8-multi` | | `imagePullPolicy` | The policy used to update images | `Always` | | `imagePullSecrets` | PSMDB Container pull secret | `[]` | | `initImage.repository` | Repository for custom init image | `""` | @@ -65,6 +71,7 @@ The chart can be customized using the following configurable parameters: | | | `secrets.users` | The name of the Secrets object for the MongoDB users required to run the operator | `""` | | `secrets.encryptionKey` | Set secret for data at rest encryption key | `""` | +| `secrets.keyFile` | Specifies a secret key file for authenticating MongoDB instances | `""` | | `secrets.vault` | Specifies a secret object to provide integration with HashiCorp Vault | `""` | | `secrets.ldapSecret` | Specifies a secret object for LDAP over TLS connection between MongoDB and OpenLDAP server | `""` | | `secrets.sse` | The name of the Secrets object for server side encryption credentials | `""` | @@ -73,179 +80,207 @@ The chart can be customized using the following configurable parameters: | | | `pmm.enabled` | Enable integration with [Percona Monitoring and Management software](https://www.percona.com/blog/2020/07/23/using-percona-kubernetes-operators-with-percona-monitoring-and-management/) | `false` | | `pmm.image.repository` | PMM Container image repository | `percona/pmm-client` | -| `pmm.image.tag` | PMM Container image tag | `2.42.0` | +| `pmm.image.tag` | PMM Container image tag | `2.43.2` | | `pmm.serverHost` | PMM server related K8S service hostname | `monitoring-service` | | `pmm.containerSecurityContext` | Set the security context for PMM container | `{}` | -| `pmm.resources` | Set resources for PMM container | `{}` | -| `pmm.mongodParams` | PMM mongod params | `""` | +| `pmm.resources` | Set resources for PMM container | `{}` | +| `pmm.mongodParams` | PMM mongod params | `""` | +| `pmm.mongosParams` | PMM mongos params | `""` | | | -| `pmm.mongosParams` | PMM mongos params | `""` | +| `replsets.rs0.name` | ReplicaSet name | `rs0` | +| `replsets.rs0.size` | ReplicaSet size (pod quantity) | `3` | +| `replsets.rs0.terminationGracePeriodSeconds` | The amount of seconds Kubernetes will wait for a clean replica set Pods termination | `""` | +| `replsets.rs0.externalNodes.host` | The URL or IP address of the external replset instance | `""` | +| `replsets.rs0.externalNodes.port` | The port number of the external replset instance | `""` | +| `replsets.rs0.externalNodes.votes` | The number of [votes](https://docs.mongodb.com/manual/reference/replica-configuration/#mongodb-rsconf-rsconf.members-n-.votes) of the external replset instance | `""` | +| `replsets.rs0.externalNodes.priority` | The [priority](https://docs.mongodb.com/manual/reference/replica-configuration/#mongodb-rsconf-rsconf.members-n-.priority) of the external replset instance | `""` | +| `replsets.rs0.configuration` | Custom config for mongod in replica set | `""` | +| `replsets.rs0.topologySpreadConstraints` | Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | `{}` | +| `replsets.rs0.replsetOverrides` | Use if you need tooverride the replica set members FQDNs with custom hostnames. Each key under `replsetOverrides` should be name of a Pod. The Operator won’t perform any validation for hostnames, so it's the user’s responsibility to ensure connectivity | `{}` | +| `replsets.rs0.serviceAccountName` | Run replicaset Containers under specified K8S SA | `""` | +| `replsets.rs0.affinity.antiAffinityTopologyKey` | ReplicaSet Pod affinity | `kubernetes.io/hostname` | +| `replsets.rs0.affinity.advanced` | ReplicaSet Pod advanced affinity | `{}` | +| `replsets.rs0.tolerations` | ReplicaSet Pod tolerations | `[]` | +| `replsets.rs0.priorityClass` | ReplicaSet Pod priorityClassName | `""` | +| `replsets.rs0.annotations` | ReplicaSet Pod annotations | `{}` | +| `replsets.rs0.labels` | ReplicaSet Pod labels | `{}` | +| `replsets.rs0.nodeSelector` | ReplicaSet Pod nodeSelector labels | `{}` | +| `replsets.rs0.livenessProbe` | ReplicaSet Pod livenessProbe structure | `{}` | +| `replsets.rs0.readinessProbe` | ReplicaSet Pod readinessProbe structure | `{}` | +| `replsets.rs0.storage` | Set cacheSizeRatio or other custom MongoDB storage options | `{}` | +| `replsets.rs0.podSecurityContext` | Set the security context for a Pod | `{}` | +| `replsets.rs0.containerSecurityContext` | Set the security context for a Container | `{}` | +| `replsets.rs0.runtimeClass` | ReplicaSet Pod runtimeClassName | `""` | +| `replsets.rs0.sidecars` | ReplicaSet Pod sidecars | `{}` | +| `replsets.rs0.sidecarVolumes` | ReplicaSet Pod sidecar volumes | `[]` | +| `replsets.rs0.sidecarPVCs` | ReplicaSet Pod sidecar PVCs | `[]` | +| `replsets.rs0.podDisruptionBudget.maxUnavailable` | ReplicaSet failed Pods maximum quantity | `1` | +| `replsets.rs0.splitHorizons` | External URI for Split-horizon for replica set Pods of the exposed cluster | `{}` | +| `replsets.rs0.expose.enabled` | Allow access to replicaSet from outside of Kubernetes | `false` | +| `replsets.rs0.expose.type` | Network service access point type | `ClusterIP` | +| `replsets.rs0.expose.loadBalancerIP` | Set client IP to Load Balancer | `""` | +| `replsets.rs0.expose.loadBalancerSourceRanges` | Limit client IP's access to Load Balancer | `{}` | +| `replsets.rs0.expose.annotations` | ReplicaSet service annotations | `{}` | +| `replsets.rs0.expose.labels` | ReplicaSet service labels | `{}` | +| `replsets.rs0.expose.internalTrafficPolicy` | ReplicaSet service internal traffic policy | `Local` | +| `replsets.rs0.expose.externalTrafficPolicy` | ReplicaSet service external traffic policy | `Local` | +| `replsets.rs0.schedulerName` | ReplicaSet Pod schedulerName | `""` | +| `replsets.rs0.resources` | ReplicaSet Pods resource requests and limits | `{}` | +| `replsets.rs0.volumeSpec` | ReplicaSet Pods storage resources | `{}` | +| `replsets.rs0.volumeSpec.emptyDir` | ReplicaSet Pods emptyDir K8S storage | `{}` | +| `replsets.rs0.volumeSpec.hostPath` | ReplicaSet Pods hostPath K8S storage | | +| `replsets.rs0.volumeSpec.hostPath.path` | ReplicaSet Pods hostPath K8S storage path | `""` | +| `replsets.rs0.volumeSpec.hostPath.type` | Type for hostPath volume | `Directory` | +| `replsets.rs0.volumeSpec.pvc` | ReplicaSet Pods PVC request parameters | | +| `replsets.rs0.volumeSpec.pvc.annotations` | The Kubernetes annotations metadata for Persistent Volume Claim | `{}` | +| `replsets.rs0.volumeSpec.pvc.labels` | The Kubernetes labels metadata for Persistent Volume Claim | `{}` | +| `replsets.rs0.volumeSpec.pvc.storageClassName` | ReplicaSet Pods PVC target storageClass | `""` | +| `replsets.rs0.volumeSpec.pvc.accessModes` | ReplicaSet Pods PVC access policy | `[]` | +| `replsets.rs0.volumeSpec.pvc.resources.requests.storage` | ReplicaSet Pods PVC storage size | `3Gi` | +| `replsets.rs0.hostAliases` | The IP address for Kubernetes host aliases | `[]` | +| `replsets.rs0.nonvoting.enabled` | Add MongoDB nonvoting Pods | `false` | +| `replsets.rs0.nonvoting.podSecurityContext` | Set the security context for a Pod | `{}` | +| `replsets.rs0.nonvoting.containerSecurityContext` | Set the security context for a Container | `{}` | +| `replsets.rs0.nonvoting.size` | Number of nonvoting Pods | `1` | +| `replsets.rs0.nonvoting.configuration` | Custom config for mongod nonvoting member | `""` | +| `replsets.rs0.nonvoting.serviceAccountName` | Run replicaset nonvoting Container under specified K8S SA | `""` | +| `replsets.rs0.nonvoting.affinity.antiAffinityTopologyKey` | Nonvoting Pods affinity | `kubernetes.io/hostname` | +| `replsets.rs0.nonvoting.affinity.advanced` | Nonvoting Pods advanced affinity | `{}` | +| `replsets.rs0.nonvoting.tolerations` | Nonvoting Pod tolerations | `[]` | +| `replsets.rs0.nonvoting.priorityClass` | Nonvoting Pod priorityClassName | `""` | +| `replsets.rs0.primaryPreferTagSelector.region` | Makes MongoDB instance to be selected as Primary based on specified region | `""` | +| `replsets.rs0.primaryPreferTagSelector.zone` | Makes MongoDB instance to be selected as Primary based on specified zone | `""` | +| `replsets.rs0.nonvoting.annotations` | Nonvoting Pod annotations | `{}` | +| `replsets.rs0.nonvoting.labels` | Nonvoting Pod labels | `{}` | +| `replsets.rs0.nonvoting.nodeSelector` | Nonvoting Pod nodeSelector labels | `{}` | +| `replsets.rs0.nonvoting.podDisruptionBudget.maxUnavailable` | Nonvoting failed Pods maximum quantity | `1` | +| `replsets.rs0.nonvoting.resources` | Nonvoting Pods resource requests and limits | `{}` | +| `replsets.rs0.nonvoting.volumeSpec` | Nonvoting Pods storage resources | `{}` | +| `replsets.rs0.nonvoting.volumeSpec.emptyDir` | Nonvoting Pods emptyDir K8S storage | `{}` | +| `replsets.rs0.nonvoting.volumeSpec.hostPath` | Nonvoting Pods hostPath K8S storage | | +| `replsets.rs0.nonvoting.volumeSpec.hostPath.path` | Nonvoting Pods hostPath K8S storage path | `""` | +| `replsets.rs0.nonvoting.volumeSpec.hostPath.type` | Type for hostPath volume | `Directory` | +| `replsets.rs0.nonvoting.volumeSpec.pvc` | Nonvoting Pods PVC request parameters | | +| `replsets.rs0.nonvoting.volumeSpec.pvc.annotations` | The Kubernetes annotations metadata for Persistent Volume Claim | `{}` | +| `replsets.rs0.nonvoting.volumeSpec.pvc.labels` | The Kubernetes labels metadata for Persistent Volume Claim | `{}` | +| `replsets.rs0.nonvoting.volumeSpec.pvc.storageClassName` | Nonvoting Pods PVC target storageClass | `""` | +| `replsets.rs0.nonvoting.volumeSpec.pvc.accessModes` | Nonvoting Pods PVC access policy | `[]` | +| `replsets.rs0.nonvoting.volumeSpec.pvc.resources.requests.storage` | Nonvoting Pods PVC storage size | `3Gi` | +| `replsets.rs0.arbiter.enabled` | Create MongoDB arbiter service | `false` | +| `replsets.rs0.arbiter.size` | MongoDB arbiter Pod quantity | `1` | +| `replsets.rs0.arbiter.serviceAccountName` | Run replicaset arbiter Container under specified K8S SA | `""` | +| `replsets.rs0.arbiter.affinity.antiAffinityTopologyKey` | MongoDB arbiter Pod affinity | `kubernetes.io/hostname` | +| `replsets.rs0.arbiter.affinity.advanced` | MongoDB arbiter Pod advanced affinity | `{}` | +| `replsets.rs0.arbiter.tolerations` | MongoDB arbiter Pod tolerations | `[]` | +| `replsets.rs0.arbiter.priorityClass` | MongoDB arbiter priorityClassName | `""` | +| `replsets.rs0.arbiter.annotations` | MongoDB arbiter Pod annotations | `{}` | +| `replsets.rs0.arbiter.labels` | MongoDB arbiter Pod labels | `{}` | +| `replsets.rs0.arbiter.nodeSelector` | MongoDB arbiter Pod nodeSelector labels | `{}` | | | -| `replsets.rs0.name` | ReplicaSet name | `rs0` | -| `replsets.rs0.size` | ReplicaSet size (pod quantity) | `3` | -| `replsets.rs0.terminationGracePeriodSeconds` | The amount of seconds Kubernetes will wait for a clean replica set Pods termination | `""` | -| `replsets.rs0.externalNodes` | ReplicaSet external nodes (cross cluster replication) | `[]` | -| `replsets.rs0.configuration` | Custom config for mongod in replica set | `""` | -| `replsets.rs0.topologySpreadConstraints` | Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | `{}` | -| `replsets.rs0.serviceAccountName` | Run replicaset Containers under specified K8S SA | `""` | -| `replsets.rs0.affinity.antiAffinityTopologyKey` | ReplicaSet Pod affinity | `kubernetes.io/hostname` | -| `replsets.rs0.affinity.advanced` | ReplicaSet Pod advanced affinity | `{}` | -| `replsets.rs0.tolerations` | ReplicaSet Pod tolerations | `[]` | -| `replsets.rs0.priorityClass` | ReplicaSet Pod priorityClassName | `""` | -| `replsets.rs0.annotations` | ReplicaSet Pod annotations | `{}` | -| `replsets.rs0.labels` | ReplicaSet Pod labels | `{}` | -| `replsets.rs0.nodeSelector` | ReplicaSet Pod nodeSelector labels | `{}` | -| `replsets.rs0.livenessProbe` | ReplicaSet Pod livenessProbe structure | `{}` | -| `replsets.rs0.readinessProbe` | ReplicaSet Pod readinessProbe structure | `{}` | -| `replsets.rs0.storage` | Set cacheSizeRatio or other custom MongoDB storage options | `{}` | -| `replsets.rs0.podSecurityContext` | Set the security context for a Pod | `{}` | -| `replsets.rs0.containerSecurityContext` | Set the security context for a Container | `{}` | -| `replsets.rs0.runtimeClass` | ReplicaSet Pod runtimeClassName | `""` | -| `replsets.rs0.sidecars` | ReplicaSet Pod sidecars | `{}` | -| `replsets.rs0.sidecarVolumes` | ReplicaSet Pod sidecar volumes | `[]` | -| `replsets.rs0.sidecarPVCs` | ReplicaSet Pod sidecar PVCs | `[]` | -| `replsets.rs0.podDisruptionBudget.maxUnavailable` | ReplicaSet failed Pods maximum quantity | `1` | -| `replsets.rs0.splitHorizons` | External URI for Split-horizon for replica set Pods of the exposed cluster | `{}` | -| `replsets.rs0.expose.enabled` | Allow access to replicaSet from outside of Kubernetes | `false` | -| `replsets.rs0.expose.exposeType` | Network service access point type | `ClusterIP` | -| `replsets.rs0.expose.loadBalancerSourceRanges` | Limit client IP's access to Load Balancer | `{}` | -| `replsets.rs0.expose.serviceAnnotations` | ReplicaSet service annotations | `{}` | -| `replsets.rs0.expose.serviceLabels` | ReplicaSet service labels | `{}` | -| `replsets.rs0.schedulerName` | ReplicaSet Pod schedulerName | `""` | -| `replsets.rs0.resources` | ReplicaSet Pods resource requests and limits | `{}` | -| `replsets.rs0.volumeSpec` | ReplicaSet Pods storage resources | `{}` | -| `replsets.rs0.volumeSpec.emptyDir` | ReplicaSet Pods emptyDir K8S storage | `{}` | -| `replsets.rs0.volumeSpec.hostPath` | ReplicaSet Pods hostPath K8S storage | | -| `replsets.rs0.volumeSpec.hostPath.path` | ReplicaSet Pods hostPath K8S storage path | `""` | -| `replsets.rs0.volumeSpec.hostPath.type` | Type for hostPath volume | `Directory` | -| `replsets.rs0.volumeSpec.pvc` | ReplicaSet Pods PVC request parameters | | -| `replsets.rs0.volumeSpec.pvc.annotations` | The Kubernetes annotations metadata for Persistent Volume Claim | `{}` | -| `replsets.rs0.volumeSpec.pvc.labels` | The Kubernetes labels metadata for Persistent Volume Claim | `{}` | -| `replsets.rs0.volumeSpec.pvc.storageClassName` | ReplicaSet Pods PVC target storageClass | `""` | -| `replsets.rs0.volumeSpec.pvc.accessModes` | ReplicaSet Pods PVC access policy | `[]` | -| `replsets.rs0.volumeSpec.pvc.resources.requests.storage` | ReplicaSet Pods PVC storage size | `3Gi` | -| `replsets.rs0.hostAliases` | The IP address for Kubernetes host aliases | `[]` | -| `replsets.rs0.nonvoting.enabled` | Add MongoDB nonvoting Pods | `false` | -| `replsets.rs0.nonvoting.podSecurityContext` | Set the security context for a Pod | `{}` | -| `replsets.rs0.nonvoting.containerSecurityContext` | Set the security context for a Container | `{}` | -| `replsets.rs0.nonvoting.size` | Number of nonvoting Pods | `1` | -| `replsets.rs0.nonvoting.configuration` | Custom config for mongod nonvoting member | `""` | -| `replsets.rs0.nonvoting.serviceAccountName` | Run replicaset nonvoting Container under specified K8S SA | `""` | -| `replsets.rs0.nonvoting.affinity.antiAffinityTopologyKey` | Nonvoting Pods affinity | `kubernetes.io/hostname` | -| `replsets.rs0.nonvoting.affinity.advanced` | Nonvoting Pods advanced affinity | `{}` | -| `replsets.rs0.nonvoting.tolerations` | Nonvoting Pod tolerations | `[]` | -| `replsets.rs0.nonvoting.priorityClass` | Nonvoting Pod priorityClassName | `""` | -| `replsets.rs0.nonvoting.annotations` | Nonvoting Pod annotations | `{}` | -| `replsets.rs0.nonvoting.labels` | Nonvoting Pod labels | `{}` | -| `replsets.rs0.nonvoting.nodeSelector` | Nonvoting Pod nodeSelector labels | `{}` | -| `replsets.rs0.nonvoting.podDisruptionBudget.maxUnavailable` | Nonvoting failed Pods maximum quantity | `1` | -| `replsets.rs0.nonvoting.resources` | Nonvoting Pods resource requests and limits | `{}` | -| `replsets.rs0.nonvoting.volumeSpec` | Nonvoting Pods storage resources | `{}` | -| `replsets.rs0.nonvoting.volumeSpec.emptyDir` | Nonvoting Pods emptyDir K8S storage | `{}` | -| `replsets.rs0.nonvoting.volumeSpec.hostPath` | Nonvoting Pods hostPath K8S storage | | -| `replsets.rs0.nonvoting.volumeSpec.hostPath.path` | Nonvoting Pods hostPath K8S storage path | `""` | -| `replsets.rs0.nonvoting.volumeSpec.hostPath.type` | Type for hostPath volume | `Directory` | -| `replsets.rs0.nonvoting.volumeSpec.pvc` | Nonvoting Pods PVC request parameters | | -| `replsets.rs0.nonvoting.volumeSpec.pvc.annotations` | The Kubernetes annotations metadata for Persistent Volume Claim | `{}` | -| `replsets.rs0.nonvoting.volumeSpec.pvc.labels` | The Kubernetes labels metadata for Persistent Volume Claim | `{}` | -| `replsets.rs0.nonvoting.volumeSpec.pvc.storageClassName` | Nonvoting Pods PVC target storageClass | `""` | -| `replsets.rs0.nonvoting.volumeSpec.pvc.accessModes` | Nonvoting Pods PVC access policy | `[]` | -| `replsets.rs0.nonvoting.volumeSpec.pvc.resources.requests.storage` | Nonvoting Pods PVC storage size | `3Gi` | -| `replsets.rs0.arbiter.enabled` | Create MongoDB arbiter service | `false` | -| `replsets.rs0.arbiter.size` | MongoDB arbiter Pod quantity | `1` | -| `replsets.rs0.arbiter.serviceAccountName` | Run replicaset arbiter Container under specified K8S SA | `""` | -| `replsets.rs0.arbiter.affinity.antiAffinityTopologyKey` | MongoDB arbiter Pod affinity | `kubernetes.io/hostname` | -| `replsets.rs0.arbiter.affinity.advanced` | MongoDB arbiter Pod advanced affinity | `{}` | -| `replsets.rs0.arbiter.tolerations` | MongoDB arbiter Pod tolerations | `[]` | -| `replsets.rs0.arbiter.priorityClass` | MongoDB arbiter priorityClassName | `""` | -| `replsets.rs0.arbiter.annotations` | MongoDB arbiter Pod annotations | `{}` | -| `replsets.rs0.arbiter.labels` | MongoDB arbiter Pod labels | `{}` | -| `replsets.rs0.arbiter.nodeSelector` | MongoDB arbiter Pod nodeSelector labels | `{}` | +| `sharding.enabled` | Enable sharding setup | `true` | +| `sharding.balancer.enabled` | Enable/disable balancer | `true` | +| `sharding.configrs.size` | Config ReplicaSet size (pod quantity) | `3` | +| `sharding.configrs.terminationGracePeriodSeconds` | The amount of seconds Kubernetes will wait for a clean replica set Pods termination | `""` | +| `sharding.configrs.externalNodes.host` | The URL or IP address of the external config server instance | `""` | +| `sharding.configrs.externalNodes.port` | The port number of the external config server instance | `""` | +| `sharding.configrs.externalNodes.votes` | The number of [votes :octicons-link-external-16:](https://docs.mongodb.com/manual/reference/replica-configuration/#mongodb-rsconf-rsconf.members-n-.votes) of the [external config server instance](replication-main.md) | `""` | +| `sharding.configrs.externalNodes.priority` | The [priority :octicons-link-external-16:](https://docs.mongodb.com/manual/reference/replica-configuration/#mongodb-rsconf-rsconf.members-n-.priority) of the [external config server instance](replication-main.md) | `""` | +| `sharding.configrs.configuration` | Custom config for mongod in config replica set | `""` | +| `sharding.configrs.topologySpreadConstraints` | Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | `{}` | +| `sharding.configrs.serviceAccountName` | Run sharding configrs Containers under specified K8S SA | `""` | +| `sharding.configrs.affinity.antiAffinityTopologyKey` | Config ReplicaSet Pod affinity | `kubernetes.io/hostname` | +| `sharding.configrs.affinity.advanced` | Config ReplicaSet Pod advanced affinity | `{}` | +| `sharding.configrs.tolerations` | Config ReplicaSet Pod tolerations | `[]` | +| `sharding.configrs.priorityClass` | Config ReplicaSet Pod priorityClassName | `""` | +| `sharding.configrs.annotations` | Config ReplicaSet Pod annotations | `{}` | +| `sharding.configrs.labels` | Config ReplicaSet Pod labels | `{}` | +| `sharding.configrs.nodeSelector` | Config ReplicaSet Pod nodeSelector labels | `{}` | +| `sharding.configrs.livenessProbe` | Config ReplicaSet Pod livenessProbe structure | `{}` | +| `sharding.configrs.readinessProbe` | Config ReplicaSet Pod readinessProbe structure | `{}` | +| `sharding.configrs.storage` | Set cacheSizeRatio or other custom MongoDB storage options | `{}` | +| `sharding.configrs.podSecurityContext` | Set the security context for a Pod | `{}` | +| `sharding.configrs.containerSecurityContext` | Set the security context for a Container | `{}` | +| `sharding.configrs.runtimeClass` | Config ReplicaSet Pod runtimeClassName | `""` | +| `sharding.configrs.sidecars` | Config ReplicaSet Pod sidecars | `{}` | +| `sharding.configrs.sidecarVolumes` | Config ReplicaSet Pod sidecar volumes | `[]` | +| `sharding.configrs.sidecarPVCs` | Config ReplicaSet Pod sidecar PVCs | `[]` | +| `sharding.configrs.podDisruptionBudget.maxUnavailable` | Config ReplicaSet failed Pods maximum quantity | `1` | +| `sharding.configrs.expose.enabled` | Allow access to cfg replica from outside of Kubernetes | `false` | +| `sharding.configrs.expose.type` | Network service access point type | `ClusterIP` | +| `sharding.configrs.expose.loadBalancerIP` | Set client IP to Load Balancer | `""` | +| `sharding.configrs.expose.loadBalancerSourceRanges` | Limit client IP's access to Load Balancer | `{}` | +| `sharding.configrs.expose.annotations` | Config ReplicaSet service annotations | `{}` | +| `sharding.configrs.expose.labels` | Config ReplicaSet service labels | `{}` | +| `sharding.configrs.expose.internalTrafficPolicy` | Config ReplicaSet service internal traffic policy | `Local` | +| `sharding.configrs.expose.externalTrafficPolicy` | Config ReplicaSet service external traffic policy | `Local` | +| `sharding.configrs.resources.limits.cpu` | Config ReplicaSet resource limits CPU | `300m` | +| `sharding.configrs.resources.limits.memory` | Config ReplicaSet resource limits memory | `0.5G` | +| `sharding.configrs.resources.requests.cpu` | Config ReplicaSet resource requests CPU | `300m` | +| `sharding.configrs.resources.requests.memory` | Config ReplicaSet resource requests memory | `0.5G` | +| `sharding.configrs.volumeSpec.hostPath` | Config ReplicaSet hostPath K8S storage | | +| `sharding.configrs.volumeSpec.hostPath.path` | Config ReplicaSet hostPath K8S storage path | `""` | +| `sharding.configrs.volumeSpec.hostPath.type` | Type for hostPath volum | `Directory` | +| `sharding.configrs.volumeSpec.emptyDir` | Config ReplicaSet Pods emptyDir K8S storage | | +| `sharding.configrs.volumeSpec.pvc` | Config ReplicaSet Pods PVC request parameters | | +| `sharding.configrs.volumeSpec.pvc.annotations` | The Kubernetes annotations metadata for Persistent Volume Claim | `{}` | +| `sharding.configrs.volumeSpec.pvc.labels` | The Kubernetes labels metadata for Persistent Volume Claim | `{}` | +| `sharding.configrs.volumeSpec.pvc.storageClassName` | Config ReplicaSet Pods PVC storageClass | `""` | +| `sharding.configrs.volumeSpec.pvc.accessModes` | Config ReplicaSet Pods PVC access policy | `[]` | +| `sharding.configrs.volumeSpec.pvc.resources.requests.storage` | Config ReplicaSet Pods PVC storage size | `3Gi` | +| `sharding.configrs.hostAliases` | The IP address for Kubernetes host aliases | `[]` | +| `sharding.mongos.size` | Mongos size (pod quantity) | `3` | +| `sharding.mongos.terminationGracePeriodSeconds` | The amount of seconds Kubernetes will wait for a clean mongos Pods termination | `""` | +| `sharding.mongos.configuration` | Custom config for mongos | `""` | +| `sharding.mongos.topologySpreadConstraints` | Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | `{}` | +| `sharding.mongos.serviceAccountName` | Run sharding mongos Containers under specified K8S SA | `""` | +| `sharding.mongos.affinity.antiAffinityTopologyKey` | Mongos Pods affinity | `kubernetes.io/hostname` | +| `sharding.mongos.affinity.advanced` | Mongos Pods advanced affinity | `{}` | +| `sharding.mongos.tolerations` | Mongos Pods tolerations | `[]` | +| `sharding.mongos.priorityClass` | Mongos Pods priorityClassName | `""` | +| `sharding.mongos.annotations` | Mongos Pods annotations | `{}` | +| `sharding.mongos.labels` | Mongos Pods labels | `{}` | +| `sharding.mongos.nodeSelector` | Mongos Pods nodeSelector labels | `{}` | +| `sharding.mongos.livenessProbe` | Mongos Pod livenessProbe structure | `{}` | +| `sharding.mongos.readinessProbe` | Mongos Pod readinessProbe structure | `{}` | +| `sharding.mongos.podSecurityContext` | Set the security context for a Pod | `{}` | +| `sharding.mongos.containerSecurityContext` | Set the security context for a Container | `{}` | +| `sharding.mongos.runtimeClass` | Mongos Pod runtimeClassName | `""` | +| `sharding.mongos.sidecars` | Mongos Pod sidecars | `{}` | +| `sharding.mongos.sidecarVolumes` | Mongos Pod sidecar volumes | `[]` | +| `sharding.mongos.sidecarPVCs` | Mongos Pod sidecar PVCs | `[]` | +| `sharding.mongos.podDisruptionBudget.maxUnavailable` | Mongos failed Pods maximum quantity | `1` | +| `sharding.mongos.resources.limits.cpu` | Mongos Pods resource limits CPU | `300m` | +| `sharding.mongos.resources.limits.memory` | Mongos Pods resource limits memory | `0.5G` | +| `sharding.mongos.resources.requests.cpu` | Mongos Pods resource requests CPU | `300m` | +| `sharding.mongos.resources.requests.memory` | Mongos Pods resource requests memory | `0.5G` | +| `sharding.mongos.expose.type` | Mongos service type | `ClusterIP` | +| `sharding.mongos.expose.loadBalancerIP` | Set client IP to Load Balancer | `""` | +| `sharding.mongos.expose.servicePerPod` | Create a separate ClusterIP Service for each mongos instance | `false` | +| `sharding.mongos.expose.loadBalancerSourceRanges` | Limit client IP's access to Load Balancer | `{}` | +| `sharding.mongos.expose.annotations` | Mongos service annotations | `{}` | +| `sharding.mongos.expose.labels` | Mongos service labels | `{}` | +| `sharding.mongos.expose.internalTrafficPolicy` | Mongos service internal traffic policy | `Local` | +| `sharding.mongos.expose.externalTrafficPolicy` | Mongos service external traffic policy | `Local` | +| `sharding.mongos.expose.nodePort` | Custom port if exposing mongos via NodePort | `""` | +| `sharding.mongos.hostAliases` | The IP address for Kubernetes host aliases | `[]` | | | -| `sharding.enabled` | Enable sharding setup | `true` | -| `sharding.balancer.enabled` | Enable/disable balancer | `true` | -| `sharding.configrs.size` | Config ReplicaSet size (pod quantity) | `3` | -| `sharding.configrs.terminationGracePeriodSeconds` | The amount of seconds Kubernetes will wait for a clean replica set Pods termination | `""` | -| `sharding.configrs.externalNodes` | Config ReplicaSet external nodes (cross cluster replication) | `[]` | -| `sharding.configrs.configuration` | Custom config for mongod in config replica set | `""` | -| `sharding.configrs.topologySpreadConstraints` | Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | `{}` | -| `sharding.configrs.serviceAccountName` | Run sharding configrs Containers under specified K8S SA | `""` | -| `sharding.configrs.affinity.antiAffinityTopologyKey` | Config ReplicaSet Pod affinity | `kubernetes.io/hostname` | -| `sharding.configrs.affinity.advanced` | Config ReplicaSet Pod advanced affinity | `{}` | -| `sharding.configrs.tolerations` | Config ReplicaSet Pod tolerations | `[]` | -| `sharding.configrs.priorityClass` | Config ReplicaSet Pod priorityClassName | `""` | -| `sharding.configrs.annotations` | Config ReplicaSet Pod annotations | `{}` | -| `sharding.configrs.labels` | Config ReplicaSet Pod labels | `{}` | -| `sharding.configrs.nodeSelector` | Config ReplicaSet Pod nodeSelector labels | `{}` | -| `sharding.configrs.livenessProbe` | Config ReplicaSet Pod livenessProbe structure | `{}` | -| `sharding.configrs.readinessProbe` | Config ReplicaSet Pod readinessProbe structure | `{}` | -| `sharding.configrs.storage` | Set cacheSizeRatio or other custom MongoDB storage options | `{}` | -| `sharding.configrs.podSecurityContext` | Set the security context for a Pod | `{}` | -| `sharding.configrs.containerSecurityContext` | Set the security context for a Container | `{}` | -| `sharding.configrs.runtimeClass` | Config ReplicaSet Pod runtimeClassName | `""` | -| `sharding.configrs.sidecars` | Config ReplicaSet Pod sidecars | `{}` | -| `sharding.configrs.sidecarVolumes` | Config ReplicaSet Pod sidecar volumes | `[]` | -| `sharding.configrs.sidecarPVCs` | Config ReplicaSet Pod sidecar PVCs | `[]` | -| `sharding.configrs.podDisruptionBudget.maxUnavailable` | Config ReplicaSet failed Pods maximum quantity | `1` | -| `sharding.configrs.expose.enabled` | Allow access to cfg replica from outside of Kubernetes | `false` | -| `sharding.configrs.expose.exposeType` | Network service access point type | `ClusterIP` | -| `sharding.configrs.expose.loadBalancerSourceRanges` | Limit client IP's access to Load Balancer | `{}` | -| `sharding.configrs.expose.serviceAnnotations` | Config ReplicaSet service annotations | `{}` | -| `sharding.configrs.expose.serviceLabels` | Config ReplicaSet service labels | `{}` | -| `sharding.configrs.resources.limits.cpu` | Config ReplicaSet resource limits CPU | `300m` | -| `sharding.configrs.resources.limits.memory` | Config ReplicaSet resource limits memory | `0.5G` | -| `sharding.configrs.resources.requests.cpu` | Config ReplicaSet resource requests CPU | `300m` | -| `sharding.configrs.resources.requests.memory` | Config ReplicaSet resource requests memory | `0.5G` | -| `sharding.configrs.volumeSpec.hostPath` | Config ReplicaSet hostPath K8S storage | | -| `sharding.configrs.volumeSpec.hostPath.path` | Config ReplicaSet hostPath K8S storage path | `""` | -| `sharding.configrs.volumeSpec.hostPath.type` | Type for hostPath volum | `Directory` | -| `sharding.configrs.volumeSpec.emptyDir` | Config ReplicaSet Pods emptyDir K8S storage | | -| `sharding.configrs.volumeSpec.pvc` | Config ReplicaSet Pods PVC request parameters | | -| `sharding.configrs.volumeSpec.pvc.annotations` | The Kubernetes annotations metadata for Persistent Volume Claim | `{}` | -| `sharding.configrs.volumeSpec.pvc.labels` | The Kubernetes labels metadata for Persistent Volume Claim | `{}` | -| `sharding.configrs.volumeSpec.pvc.storageClassName` | Config ReplicaSet Pods PVC storageClass | `""` | -| `sharding.configrs.volumeSpec.pvc.accessModes` | Config ReplicaSet Pods PVC access policy | `[]` | -| `sharding.configrs.volumeSpec.pvc.resources.requests.storage` | Config ReplicaSet Pods PVC storage size | `3Gi` | -| `sharding.configrs.hostAliases` | The IP address for Kubernetes host aliases | `[]` | -| `sharding.mongos.size` | Mongos size (pod quantity) | `3` | -| `sharding.mongos.terminationGracePeriodSeconds` | The amount of seconds Kubernetes will wait for a clean mongos Pods termination | `""` | -| `sharding.mongos.configuration` | Custom config for mongos | `""` | -| `sharding.mongos.topologySpreadConstraints` | Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | `{}` | -| `sharding.mongos.serviceAccountName` | Run sharding mongos Containers under specified K8S SA | `""` | -| `sharding.mongos.affinity.antiAffinityTopologyKey` | Mongos Pods affinity | `kubernetes.io/hostname` | -| `sharding.mongos.affinity.advanced` | Mongos Pods advanced affinity | `{}` | -| `sharding.mongos.tolerations` | Mongos Pods tolerations | `[]` | -| `sharding.mongos.priorityClass` | Mongos Pods priorityClassName | `""` | -| `sharding.mongos.annotations` | Mongos Pods annotations | `{}` | -| `sharding.mongos.labels` | Mongos Pods labels | `{}` | -| `sharding.mongos.nodeSelector` | Mongos Pods nodeSelector labels | `{}` | -| `sharding.mongos.livenessProbe` | Mongos Pod livenessProbe structure | `{}` | -| `sharding.mongos.readinessProbe` | Mongos Pod readinessProbe structure | `{}` | -| `sharding.mongos.podSecurityContext` | Set the security context for a Pod | `{}` | -| `sharding.mongos.containerSecurityContext` | Set the security context for a Container | `{}` | -| `sharding.mongos.runtimeClass` | Mongos Pod runtimeClassName | `""` | -| `sharding.mongos.sidecars` | Mongos Pod sidecars | `{}` | -| `sharding.mongos.sidecarVolumes` | Mongos Pod sidecar volumes | `[]` | -| `sharding.mongos.sidecarPVCs` | Mongos Pod sidecar PVCs | `[]` | -| `sharding.mongos.podDisruptionBudget.maxUnavailable` | Mongos failed Pods maximum quantity | `1` | -| `sharding.mongos.resources.limits.cpu` | Mongos Pods resource limits CPU | `300m` | -| `sharding.mongos.resources.limits.memory` | Mongos Pods resource limits memory | `0.5G` | -| `sharding.mongos.resources.requests.cpu` | Mongos Pods resource requests CPU | `300m` | -| `sharding.mongos.resources.requests.memory` | Mongos Pods resource requests memory | `0.5G` | -| `sharding.mongos.expose.exposeType` | Mongos service exposeType | `ClusterIP` | -| `sharding.mongos.expose.servicePerPod` | Create a separate ClusterIP Service for each mongos instance | `false` | -| `sharding.mongos.expose.loadBalancerSourceRanges` | Limit client IP's access to Load Balancer | `{}` | -| `sharding.mongos.expose.serviceAnnotations` | Mongos service annotations | `{}` | -| `sharding.mongos.expose.serviceLabels` | Mongos service labels | `{}` | -| `sharding.mongos.expose.nodePort` | Custom port if exposing mongos via NodePort | `""` | -| `sharding.mongos.hostAliases` | The IP address for Kubernetes host aliases | `[]` | +| `users.name` | The username of the MongoDB application user | `""` | +| `users.db` | Database that the user authenticates against | `""` | +| `users.passwordSecretRef.name` | Name of the secret that contains the user's password | `""` | +| `users.passwordSecretRef.key` | Key in the secret that corresponds to the value of the user's password | `""` | +| `users.roles.role.name` | Name of the MongoDB role assigned to the user. As [built-in roles](https://www.mongodb.com/docs/manual/reference/built-in-roles/#built-in-roles), so [custom roles](https://github.com/mongodb/mongodb-kubernetes-operator/blob/master/docs/deploy-configure.md#define-a-custom-database-role) are supported | `""` | +| `users.roles.role.db` | Database that the MongoDB role applies to | `""` | | | -| `users.name` | The username of the MongoDB application user | `""` | -| `users.db` | Database that the user authenticates against | `""` | -| `users.passwordSecretRef.name` | Name of the secret that contains the user's password | `""` | -| `users.passwordSecretRef.key` | Key in the secret that corresponds to the value of the user's password | `""` | -| `users.roles.role.name` | Name of the MongoDB role assigned to the user. As [built-in roles](https://www.mongodb.com/docs/manual/reference/built-in-roles/#built-in-roles), so [custom roles](https://github.com/mongodb/mongodb-kubernetes-operator/blob/master/docs/deploy-configure.md#define-a-custom-database-role) are supported | `""` | -| `users.roles.role.db` | Database that the MongoDB role applies to | `""` | +| `roles.role` | Name of the custom role. | `""` | +| `roles.db` | Database in which you want to store the user-defined role. | `admin` | +| `roles.authenticationRestrictions.clientSource` | Array of IP addresses or CIDR blocks from which users assigned this role can connect.MongoDB servers reject connection requests from users with this role if the requests come from a client that is not present in this array. | `""` | +| `roles.authenticationRestrictions.serverAddress` | Array of IP addresses or CIDR blocks to which users assigned this role can connect.MongoDB servers reject connection requests from users with this role if the client requests to connect to a server that is not present in this array. | `""` | +| `roles.privileges.actions` | Name of the role. Valid values are built-in roles. | `[]` | +| `roles.privileges.resource.db` | Database for which the privilege `security.roles.privileges.actions` apply. An empty string ("") indicates that the privilege actions apply to all databases. | `""` | +| `roles.privileges.resource.collection` | Collection for which the privilege `security.roles.privileges.actions` apply. An empty string ("") indicates that the privilege actions apply to all of the database's collections. | `""` | +| `roles.privileges.resource.cluster` | Flag that indicates that the privilege `security.roles.privileges.actions` apply to all databases and collections in the MongoDB deployment. If omitted, defaults to false.If set to true, do not provide values for `security.roles.privileges.resource.database` and `security.roles.privileges.resource.collection`. | `""` | +| `roles.roles.role` | Name of the role to inherit from. | `""` | +| `roles.roles.db` | Name of database that contains the role to inherit from. | `""` | | | | `backup.enabled` | Enable backup PBM agent | `true` | | `backup.annotations` | Backup job annotations | `{}` | @@ -253,7 +288,7 @@ The chart can be customized using the following configurable parameters: | `backup.containerSecurityContext` | Set the security context for a Container | `{}` | | `backup.restartOnFailure` | Backup Pods restart policy | `true` | | `backup.image.repository` | PBM Container image repository | `percona/percona-backup-mongodb` | -| `backup.image.tag` | PBM Container image tag | `2.5.0` | +| `backup.image.tag` | PBM Container image tag | `2.7.0-multi` | | `backup.storages` | Local/remote backup storages settings | `{}` | | `backup.pitr.enabled` | Enable point in time recovery for backup | `false` | | `backup.pitr.oplogOnly` | Start collecting oplogs even if full logical backup doesn't exist | `false` | @@ -265,7 +300,6 @@ The chart can be customized using the following configurable parameters: | `backup.tasks` | Backup working schedule | `{}` | | `systemUsers` | PSMDB operator system users | `{}` | - Specify parameters using `--set key=value[,key=value]` argument to `helm install` Notice that you can use multiple replica sets only with sharding enabled. diff --git a/charts/psmdb-db/templates/cluster.yaml b/charts/psmdb-db/templates/cluster.yaml index 59ca721b..165bba3d 100644 --- a/charts/psmdb-db/templates/cluster.yaml +++ b/charts/psmdb-db/templates/cluster.yaml @@ -18,6 +18,7 @@ spec: {{- if .Values.platform }} platform: {{ .Values.platform }} {{- end }} + enableVolumeExpansion: {{ .Values.enableVolumeExpansion }} {{- if .Values.clusterServiceDNSSuffix }} clusterServiceDNSSuffix: {{ .Values.clusterServiceDNSSuffix }} {{- end }} @@ -115,6 +116,10 @@ spec: topologySpreadConstraints: {{ $replset.topologySpreadConstraints | toYaml | indent 6 }} {{- end }} +{{- if $replset.replsetOverrides }} + replsetOverrides: +{{ $replset.replsetOverrides | toYaml | indent 6 }} + {{- end }} {{- if $replset.serviceAccountName }} serviceAccountName: {{ $replset.serviceAccountName }} {{- end }} @@ -124,6 +129,10 @@ spec: {{- end }} {{- if $replset.priorityClass }} priorityClassName: {{ $replset.priorityClass }} + {{- end }} + {{- if $replset.primaryPreferTagSelector }} + primaryPreferTagSelector: +{{ $replset.primaryPreferTagSelector | toYaml | indent 6 }} {{- end }} {{- if $replset.annotations }} annotations: @@ -191,18 +200,27 @@ spec: {{- if $replset.expose }} expose: enabled: {{ $replset.expose.enabled }} - exposeType: {{ $replset.expose.exposeType }} + type: {{ $replset.expose.type }} + {{- if $replset.expose.loadBalancerIP }} + loadBalancerIP: {{ $replset.expose.loadBalancerIP }} + {{- end }} {{- if $replset.expose.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{ $replset.expose.loadBalancerSourceRanges | toYaml | indent 8 }} {{- end }} - {{- if $replset.expose.serviceAnnotations }} - serviceAnnotations: -{{ $replset.expose.serviceAnnotations | toYaml | indent 8 }} + {{- if $replset.expose.annotations }} + annotations: +{{ $replset.expose.annotations | toYaml | indent 8 }} + {{- end }} + {{- if $replset.expose.labels }} + labels: +{{ $replset.expose.labels | toYaml | indent 8 }} + {{- end }} + {{- if $replset.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ $replset.expose.internalTrafficPolicy }} {{- end }} - {{- if $replset.expose.serviceLabels }} - serviceLabels: -{{ $replset.expose.serviceLabels | toYaml | indent 8 }} + {{- if $replset.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ $replset.expose.externalTrafficPolicy }} {{- end }} {{- end }} {{- if $replset.schedulerName }} @@ -430,18 +448,27 @@ spec: {{- if .Values.sharding.configrs.expose }} expose: enabled: {{ .Values.sharding.configrs.expose.enabled }} - exposeType: {{ .Values.sharding.configrs.expose.exposeType }} + type: {{ .Values.sharding.configrs.expose.type }} + {{- if .Values.sharding.configrs.expose.loadBalancerIP }} + loadBalancerIP: {{ .Values.sharding.configrs.expose.loadBalancerIP }} + {{- end }} {{- if .Values.sharding.configrs.expose.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{ .Values.sharding.configrs.expose.loadBalancerSourceRanges | toYaml | indent 10 }} {{- end }} - {{- if .Values.sharding.configrs.expose.serviceAnnotations }} - serviceAnnotations: -{{ .Values.sharding.configrs.expose.serviceAnnotations | toYaml | indent 10 }} + {{- if .Values.sharding.configrs.expose.annotations }} + annotations: +{{ .Values.sharding.configrs.expose.annotations | toYaml | indent 10 }} {{- end }} - {{- if .Values.sharding.configrs.expose.serviceLabels }} - serviceLabels: -{{ .Values.sharding.configrs.expose.serviceLabels | toYaml | indent 10 }} + {{- if .Values.sharding.configrs.expose.labels }} + labels: +{{ .Values.sharding.configrs.expose.labels | toYaml | indent 10 }} + {{- end }} + {{- if .Values.sharding.configrs.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.sharding.configrs.expose.internalTrafficPolicy }} + {{- end }} + {{- if .Values.sharding.configrs.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.sharding.configrs.expose.externalTrafficPolicy }} {{- end }} {{- end }} resources: @@ -555,7 +582,10 @@ spec: cpu: {{ .Values.sharding.mongos.resources.requests.cpu }} memory: {{ .Values.sharding.mongos.resources.requests.memory }} expose: - exposeType: {{ .Values.sharding.mongos.expose.exposeType }} + type: {{ .Values.sharding.mongos.expose.type }} + {{- if .Values.sharding.mongos.expose.loadBalancerIP }} + loadBalancerIP: {{ .Values.sharding.mongos.expose.loadBalancerIP }} + {{- end }} {{- if .Values.sharding.mongos.expose.servicePerPod }} servicePerPod: {{ .Values.sharding.mongos.expose.servicePerPod }} {{- end }} @@ -563,13 +593,19 @@ spec: loadBalancerSourceRanges: {{ .Values.sharding.mongos.expose.loadBalancerSourceRanges | toYaml | indent 10 }} {{- end }} - {{- if .Values.sharding.mongos.expose.serviceAnnotations }} - serviceAnnotations: -{{ .Values.sharding.mongos.expose.serviceAnnotations | toYaml | indent 10 }} + {{- if .Values.sharding.mongos.expose.annotations }} + annotations: +{{ .Values.sharding.mongos.expose.annotations | toYaml | indent 10 }} + {{- end }} + {{- if .Values.sharding.mongos.expose.labels }} + labels: +{{ .Values.sharding.mongos.expose.labels | toYaml | indent 10 }} {{- end }} - {{- if .Values.sharding.mongos.expose.serviceLabels }} - serviceLabels: -{{ .Values.sharding.mongos.expose.serviceLabels | toYaml | indent 10 }} + {{- if .Values.sharding.mongos.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.sharding.mongos.expose.internalTrafficPolicy }} + {{- end }} + {{- if .Values.sharding.mongos.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.sharding.mongos.expose.externalTrafficPolicy }} {{- end }} {{- if .Values.sharding.mongos.expose.nodePort }} nodePort: {{ .Values.sharding.mongos.expose.nodePort }} @@ -588,6 +624,11 @@ spec: {{ .Values.users | toYaml | indent 2 }} {{- end }} + {{- if .Values.roles }} + roles: +{{ .Values.roles | toYaml | indent 2 }} + {{- end }} + backup: enabled: {{ .Values.backup.enabled }} {{- if .Values.backup.annotations }} diff --git a/charts/psmdb-db/values.yaml b/charts/psmdb-db/values.yaml index 3894023d..ed1f18d0 100644 --- a/charts/psmdb-db/values.yaml +++ b/charts/psmdb-db/values.yaml @@ -14,11 +14,13 @@ finalizers: - percona.com/delete-psmdb-pods-in-order ## Set this if you want to delete database persistent volumes on cluster deletion # - percona.com/delete-psmdb-pvc +## Set this if you want to delete all pitr chunks on cluster deletion +# - percona.com/delete-pitr-chunks nameOverride: "" fullnameOverride: "" -crVersion: 1.17.0 +crVersion: 1.18.0 pause: false unmanaged: false unsafeFlags: @@ -28,6 +30,8 @@ unsafeFlags: terminationGracePeriod: false backupIfUnhealthy: false +enableVolumeExpansion: false + annotations: {} # ignoreAnnotations: @@ -46,13 +50,13 @@ upgradeOptions: image: repository: percona/percona-server-mongodb - tag: 7.0.12-7 + tag: 7.0.14-8-multi imagePullPolicy: Always # imagePullSecrets: [] # initImage: # repository: percona/percona-server-mongodb-operator -# tag: 1.17.0 +# tag: 1.18.0 # initContainerSecurityContext: {} # tls: # mode: preferTLS @@ -68,6 +72,7 @@ secrets: {} # If not set the operator generates the default secret with name -secrets # users: my-cluster-name-secrets # encryptionKey: my-cluster-name-mongodb-encryption-key + # keyFile: my-cluster-name-mongodb-keyfile # vault: my-cluster-name-vault # ldapSecret: my-ldap-secret # sse: my-cluster-name-sse @@ -76,7 +81,7 @@ pmm: enabled: false image: repository: percona/pmm-client - tag: 2.42.0 + tag: 2.43.2 serverHost: monitoring-service # mongodParams: "" # mongosParams: "" @@ -108,6 +113,19 @@ replsets: # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule + # replsetOverrides: + # my-cluster-name-rs0-0: + # host: my-cluster-name-rs0-0.example.net:27017 + # tags: + # key: value-0 + # my-cluster-name-rs0-1: + # host: my-cluster-name-rs0-1.example.net:27017 + # tags: + # key: value-1 + # my-cluster-name-rs0-2: + # host: my-cluster-name-rs0-2.example.net:27017 + # tags: + # key: value-2 affinity: antiAffinityTopologyKey: "kubernetes.io/hostname" # advanced: @@ -121,6 +139,9 @@ replsets: # - S1 # topologyKey: failure-domain.beta.kubernetes.io/zone # tolerations: [] + # primaryPreferTagSelector: + # region: us-west-2 + # zone: us-west-2c # priorityClass: "" # annotations: {} # labels: {} @@ -199,13 +220,15 @@ replsets: # external-2: rs0-2.mycluster2.xyz expose: enabled: false - exposeType: ClusterIP + type: ClusterIP + # loadBalancerIP: 10.0.0.0 # loadBalancerSourceRanges: # - 10.0.0.0/8 - # serviceAnnotations: + # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http - # serviceLabels: + # labels: # some-label: some-key + # internalTrafficPolicy: Local # schedulerName: "" resources: limits: @@ -372,13 +395,15 @@ sharding: maxUnavailable: 1 expose: enabled: false - exposeType: ClusterIP + type: ClusterIP + # loadBalancerIP: 10.0.0.0 # loadBalancerSourceRanges: # - 10.0.0.0/8 - # serviceAnnotations: + # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http - # serviceLabels: + # labels: # some-label: some-key + # internalTrafficPolicy: Local resources: limits: cpu: "300m" @@ -408,7 +433,7 @@ sharding: # - "host2" mongos: - size: 2 + size: 3 # terminationGracePeriodSeconds: 300 # configuration: | # systemLog: @@ -463,14 +488,16 @@ sharding: cpu: "300m" memory: "0.5G" expose: - exposeType: ClusterIP - # servicePerPod: true + enabled: false + type: ClusterIP + # loadBalancerIP: 10.0.0.0/8 # loadBalancerSourceRanges: # - 10.0.0.0/8 - # serviceAnnotations: + # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http - # serviceLabels: + # labels: # some-label: some-key + # internalTrafficPolicy: Local # nodePort: 32017 # auditLog: # destination: file @@ -485,7 +512,7 @@ sharding: # users: # - name: my-user # db: admin -# passwordSecretRef: +# passwordSecretRef: # name: my-user-password # key: my-user-password-key # roles: @@ -495,18 +522,52 @@ sharding: # db: admin # - name: my-usr # db: admin -# passwordSecretRef: +# passwordSecretRef: # name: my-user-pwd # key: my-user-pwd-key # roles: # - name: dbOwner -# db: sometest +# db: sometest + +# roles: +# - role: myClusterwideAdmin +# db: admin +# privileges: +# - resource: +# cluster: true +# actions: +# - addShard +# - resource: +# db: config +# collection: '' +# actions: +# - find +# - update +# - insert +# - remove +# roles: +# - role: read +# db: admin +# - role: my-role +# db: myDb +# privileges: +# - resource: +# db: '' +# collection: '' +# actions: +# - find +# authenticationRestrictions: +# - clientSource: +# - 127.0.0.1 +# serverAddress: +# - 127.0.0.1 + backup: enabled: true image: repository: percona/percona-backup-mongodb - tag: 2.5.0 + tag: 2.7.0-multi # annotations: # iam.amazonaws.com/role: role-arn # podSecurityContext: {} diff --git a/charts/psmdb-operator/Chart.yaml b/charts/psmdb-operator/Chart.yaml index 3b4b89f4..fe55dae6 100644 --- a/charts/psmdb-operator/Chart.yaml +++ b/charts/psmdb-operator/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.17.0" +appVersion: "1.18.0" description: A Helm chart for deploying the Percona Operator for MongoDB name: psmdb-operator home: https://docs.percona.com/percona-operator-for-mongodb/ -version: 1.17.1 +version: 1.18.0 maintainers: - name: tplavcic email: tomislav.plavcic@percona.com diff --git a/charts/psmdb-operator/README.md b/charts/psmdb-operator/README.md index 0602b793..1cd9b881 100644 --- a/charts/psmdb-operator/README.md +++ b/charts/psmdb-operator/README.md @@ -6,7 +6,7 @@ Useful links: - [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-psmongodb/index.html) ## Pre-requisites -* Kubernetes 1.27+ +* Kubernetes 1.28+ * Helm v3 # Installation @@ -19,7 +19,7 @@ To install the chart with the `psmdb` release name using a dedicated namespace ( ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-operator percona/psmdb-operator --version 1.17.1 --namespace my-namespace +helm install my-operator percona/psmdb-operator --version 1.18.0 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: @@ -27,7 +27,7 @@ The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | ---------------------------- | --------------------------------------------------------------------------------------------------- | ----------------------------------------- | | `image.repository` | PSMDB Operator Container image name | `percona/percona-server-mongodb-operator` | -| `image.tag` | PSMDB Operator Container image tag | `1.17.0` | +| `image.tag` | PSMDB Operator Container image tag | `1.18.0` | | `image.pullPolicy` | PSMDB Operator Container pull policy | `Always` | | `image.pullSecrets` | PSMDB Operator Pod pull secret | `[]` | | `replicaCount` | PSMDB Operator Pod quantity | `1` | diff --git a/charts/psmdb-operator/crds/crd.yaml b/charts/psmdb-operator/crds/crd.yaml index 6c2ee036..89641ef5 100644 --- a/charts/psmdb-operator/crds/crd.yaml +++ b/charts/psmdb-operator/crds/crd.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: perconaservermongodbbackups.psmdb.percona.com spec: group: psmdb.percona.com @@ -179,7 +179,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: perconaservermongodbrestores.psmdb.percona.com spec: group: psmdb.percona.com @@ -327,6 +327,15 @@ spec: type: object replset: type: string + selective: + properties: + namespaces: + items: + type: string + type: array + withUsersAndRoles: + type: boolean + type: object storageName: type: string type: object @@ -357,7 +366,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: perconaservermongodbs.psmdb.percona.com spec: group: psmdb.percona.com @@ -901,6 +910,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -933,6 +944,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -1067,6 +1080,8 @@ spec: type: string crVersion: type: string + enableVolumeExpansion: + type: boolean ignoreAnnotations: items: type: string @@ -1264,6 +1279,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -2226,6 +2243,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -2446,10 +2465,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -2809,6 +2830,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -2822,6 +2850,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -3070,6 +3099,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -3077,6 +3107,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -3088,6 +3119,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -3096,6 +3128,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -3113,6 +3146,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -3440,6 +3474,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3546,6 +3581,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3627,6 +3663,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3744,6 +3782,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4019,17 +4058,26 @@ spec: type: object expose: properties: + annotations: + additionalProperties: + type: string + type: object enabled: type: boolean exposeType: type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object loadBalancerSourceRanges: items: type: string type: array - nodePort: - format: int32 - type: integer serviceAnnotations: additionalProperties: type: string @@ -4038,18 +4086,28 @@ spec: additionalProperties: type: string type: object + type: + type: string required: - enabled type: object externalNodes: items: properties: + horizons: + additionalProperties: + type: string + type: object host: type: string port: type: integer priority: type: integer + tags: + additionalProperties: + type: string + type: object votes: type: integer required: @@ -4095,6 +4153,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4713,6 +4772,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4843,6 +4903,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -4889,6 +4951,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4957,6 +5020,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -5177,10 +5242,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -5540,6 +5607,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -5553,6 +5627,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -5801,6 +5876,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -5808,6 +5884,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -5819,6 +5896,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -5827,6 +5905,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -5844,6 +5923,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -6171,6 +6251,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6277,6 +6358,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6358,6 +6440,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -6475,6 +6559,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6854,6 +6939,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -6879,6 +6966,10 @@ spec: type: string type: object type: object + primaryPreferTagSelector: + additionalProperties: + type: string + type: object priorityClassName: type: string readinessProbe: @@ -6900,6 +6991,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6961,6 +7053,21 @@ spec: format: int32 type: integer type: object + replsetOverrides: + additionalProperties: + properties: + horizons: + additionalProperties: + type: string + type: object + host: + type: string + tags: + additionalProperties: + type: string + type: object + type: object + type: object resources: properties: claims: @@ -6968,6 +7075,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7188,10 +7297,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -7551,6 +7662,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -7564,6 +7682,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -7812,6 +7931,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -7819,6 +7939,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -7830,6 +7951,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -7838,6 +7960,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -7855,6 +7978,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -8182,6 +8306,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8288,6 +8413,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8369,6 +8495,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -8486,6 +8614,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8854,12 +8983,72 @@ spec: - size type: object type: array + roles: + items: + properties: + authenticationRestrictions: + items: + properties: + clientSource: + items: + type: string + type: array + serverAddress: + items: + type: string + type: array + type: object + type: array + db: + type: string + privileges: + items: + properties: + actions: + items: + type: string + type: array + resource: + properties: + cluster: + type: boolean + collection: + type: string + db: + type: string + type: object + required: + - actions + type: object + type: array + role: + type: string + roles: + items: + properties: + db: + type: string + role: + type: string + required: + - db + - role + type: object + type: array + required: + - db + - privileges + - role + type: object + type: array schedulerName: type: string secrets: properties: encryptionKey: type: string + keyFile: + type: string ldapSecret: type: string sse: @@ -9812,6 +10001,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -10032,10 +10223,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -10395,6 +10588,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -10408,6 +10608,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -10656,6 +10857,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -10663,6 +10865,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -10674,6 +10877,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -10682,6 +10886,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -10699,6 +10904,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -11026,6 +11232,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -11132,6 +11339,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -11213,6 +11421,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -11330,6 +11540,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -11605,17 +11816,26 @@ spec: type: object expose: properties: + annotations: + additionalProperties: + type: string + type: object enabled: type: boolean exposeType: type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object loadBalancerSourceRanges: items: type: string type: array - nodePort: - format: int32 - type: integer serviceAnnotations: additionalProperties: type: string @@ -11624,18 +11844,28 @@ spec: additionalProperties: type: string type: object + type: + type: string required: - enabled type: object externalNodes: items: properties: + horizons: + additionalProperties: + type: string + type: object host: type: string port: type: integer priority: type: integer + tags: + additionalProperties: + type: string + type: object votes: type: integer required: @@ -11681,6 +11911,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12299,6 +12530,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12429,6 +12661,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -12475,6 +12709,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12543,6 +12778,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -12763,10 +13000,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -13126,6 +13365,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -13139,6 +13385,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -13387,6 +13634,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -13394,6 +13642,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -13405,6 +13654,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -13413,6 +13663,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -13430,6 +13681,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -13757,6 +14009,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13863,6 +14116,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13944,6 +14198,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -14061,6 +14317,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -14440,6 +14697,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -14465,6 +14724,10 @@ spec: type: string type: object type: object + primaryPreferTagSelector: + additionalProperties: + type: string + type: object priorityClassName: type: string readinessProbe: @@ -14486,6 +14749,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -14547,6 +14811,21 @@ spec: format: int32 type: integer type: object + replsetOverrides: + additionalProperties: + properties: + horizons: + additionalProperties: + type: string + type: object + host: + type: string + tags: + additionalProperties: + type: string + type: object + type: object + type: object resources: properties: claims: @@ -14554,6 +14833,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -14774,10 +15055,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -15137,6 +15420,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -15150,6 +15440,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -15398,6 +15689,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -15405,6 +15697,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -15416,6 +15709,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -15424,6 +15718,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -15441,6 +15736,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -15768,6 +16064,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -15874,6 +16171,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -15955,6 +16253,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -16072,6 +16372,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16967,8 +17268,20 @@ spec: type: object expose: properties: + annotations: + additionalProperties: + type: string + type: object exposeType: type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + labels: + additionalProperties: + type: string + type: object loadBalancerSourceRanges: items: type: string @@ -16986,6 +17299,8 @@ spec: type: object servicePerPod: type: boolean + type: + type: string type: object hostAliases: items: @@ -17027,6 +17342,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -17157,6 +17473,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -17206,6 +17524,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -17274,6 +17593,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -17499,10 +17820,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -17862,6 +18185,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -17875,6 +18205,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -18123,6 +18454,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -18130,6 +18462,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -18141,6 +18474,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -18149,6 +18483,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -18166,6 +18501,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -18493,6 +18829,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18599,6 +18936,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18680,6 +19018,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -18797,6 +19137,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19054,14 +19395,10 @@ spec: key: type: string name: - default: "" type: string - optional: - type: boolean required: - - key + - name type: object - x-kubernetes-map-type: atomic roles: items: properties: @@ -19075,7 +19412,6 @@ spec: type: object type: array required: - - db - name - passwordSecretRef - roles @@ -19187,4 +19523,4 @@ spec: served: true storage: true subresources: - status: {} + status: {} \ No newline at end of file diff --git a/charts/psmdb-operator/templates/role.yaml b/charts/psmdb-operator/templates/role.yaml index 537c1e86..4d65e6a7 100644 --- a/charts/psmdb-operator/templates/role.yaml +++ b/charts/psmdb-operator/templates/role.yaml @@ -139,6 +139,7 @@ rules: resources: - issuers - certificates + - certificaterequests verbs: - get - list diff --git a/charts/psmdb-operator/values.yaml b/charts/psmdb-operator/values.yaml index 5c9a00fb..e954e8f2 100644 --- a/charts/psmdb-operator/values.yaml +++ b/charts/psmdb-operator/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 image: repository: percona/percona-server-mongodb-operator - tag: 1.17.0 + tag: 1.18.0 pullPolicy: IfNotPresent # disableTelemetry: according to