API Reference for ArangoDeployment V1

Spec

.spec.agents.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.agents.allowMemberRecreation

Type: boolean [ref]

AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:

  • For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default true)
  • For Agents and Single this value is hardcoded to false and the value provided in spec is ignored.

.spec.agents.annotations

Type: object [ref]

Annotations specified the annotations added to Pods in this group. Annotations are merged with spec.annotations.


.spec.agents.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.agents.annotationsMode

Type: string [ref]

AnnotationsMode Define annotations mode which should be use while overriding annotations


.spec.agents.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.agents.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.agents.count

Type: integer [ref]

Count setting specifies the number of servers to start for the given group. For the Agent group, this value must be a positive, odd number. The default value is 3 for all groups except single (there the default is 1 for spec.mode: Single and 2 for spec.mode: ActiveFailover). For the syncworkers group, it is highly recommended to use the same number as for the dbservers group.


.spec.agents.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.agents.envs[int].name

Type: string [ref]


.spec.agents.envs[int].value

Type: string [ref]


.spec.agents.ephemeralVolumes.apps.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.agents.ephemeralVolumes.temp.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.agents.exporterPort

Type: integer [ref]

ExporterPort define Port used by exporter


.spec.agents.extendedRotationCheck

Type: boolean [ref]

ExtendedRotationCheck extend checks for rotation


.spec.agents.externalPortEnabled

Type: boolean [ref]

ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members


.spec.agents.indexMethod

Type: string [ref]

IndexMethod define group Indexing method

Possible Values:

  • "random" (default) - Pick random ID for member. Enforced on the Community Operator.
  • "ordered" - Use sequential number as Member ID, starting from 0. Enterprise Operator required.

.spec.agents.initContainers.containers

Type: []core.Container [ref]

Containers contains list of containers

Links:


.spec.agents.initContainers.mode

Type: string [ref]

Mode keep container replace mode


.spec.agents.internalPort

Type: integer [ref]

InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.agents.internalPortProtocol

Type: string [ref]

InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.agents.labels

Type: object [ref]

Labels specified the labels added to Pods in this group.


.spec.agents.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.agents.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels


.spec.agents.maxCount

Type: integer [ref]

MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.


.spec.agents.memoryReservation

Type: integer [ref]

MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value. If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent. Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.

Links:

Default Value: 0


.spec.agents.minCount

Type: integer [ref]

MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.


.spec.agents.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.agents.nodeSelector

Type: map[string]string [ref]

NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.

Links:


.spec.agents.numactl.args

Type: array [ref]

Args define list of the numactl process

Default Value: []


.spec.agents.numactl.enabled

Type: boolean [ref]

Enabled define if numactl should be enabled

Default Value: false


.spec.agents.numactl.path

Type: string [ref]

Path define numactl path within the container

Default Value: /usr/bin/numactl


.spec.agents.overrideDetectedNumberOfCores

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable

OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources. If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.

Links:

Default Value: true


.spec.agents.overrideDetectedTotalMemory

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable

OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources. If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.

Links:

Default Value: true


.spec.agents.podModes.network

Type: string [ref]


.spec.agents.podModes.pid

Type: string [ref]


.spec.agents.port

Type: integer [ref]

Port define Port used by member


.spec.agents.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name Will be forwarded to the pod spec.

Links:


.spec.agents.probes.livenessProbeDisabled

Type: boolean [ref]

LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group

Default Value: false


.spec.agents.probes.livenessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.agents.probes.livenessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.agents.probes.livenessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.agents.probes.livenessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.agents.probes.livenessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.agents.probes.ReadinessProbeDisabled

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is deprecated, kept only for backward compatibility.

OldReadinessProbeDisabled if true readinessProbes are disabled


.spec.agents.probes.readinessProbeDisabled

Type: boolean [ref]

ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility


.spec.agents.probes.readinessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.agents.probes.readinessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.agents.probes.readinessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.agents.probes.readinessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.agents.probes.readinessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.agents.probes.startupProbeDisabled

Type: boolean [ref]

StartupProbeDisabled if true startupProbes are disabled


.spec.agents.probes.startupProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.agents.probes.startupProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.agents.probes.startupProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.agents.probes.startupProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.agents.probes.startupProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.agents.pvcResizeMode

Type: string [ref]

VolumeResizeMode specified resize mode for PVCs and PVs

Possible Values:

  • "runtime" (default) - PVC will be resized in Pod runtime (EKS, GKE)
  • "rotate" - Pod will be shutdown and PVC will be resized (AKS)

.spec.agents.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.agents.schedulerName

Type: string [ref]

SchedulerName define scheduler name used for group


.spec.agents.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.agents.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.agents.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.agents.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.agents.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.agents.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.agents.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.agents.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.agents.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.agents.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.agents.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.agents.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.agents.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.agents.serviceAccountName

Type: string [ref]

ServiceAccountName setting specifies the serviceAccountName for the Pods created for each server of this group. If empty, it defaults to using the default service account. Using an alternative ServiceAccount is typically used to separate access rights. The ArangoDB deployments need some very minimal access rights. With the deployment of the operator, we grant the rights to ‘get’ all ‘pod’ resources. If you are using a different service account, please grant these rights to that service account.


.spec.agents.shutdownDelay

Type: integer [ref]

ShutdownDelay define how long operator should delay finalizer removal after shutdown


.spec.agents.shutdownMethod

Type: string [ref]

ShutdownMethod describe procedure of member shutdown taken by Operator


.spec.agents.sidecarCoreNames

Type: array [ref]

SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: “server”, “worker”) are reserved, and they don’t have any impact.


.spec.agents.sidecars

Type: []core.Container [ref]

Sidecars specifies a list of additional containers to be started

Links:


.spec.agents.storageClassName

Type: string [ref]

[!WARNING] DEPRECATED

Use VolumeClaimTemplate instead.

StorageClassName specifies the classname for storage of the servers.


.spec.agents.terminationGracePeriodSeconds

Type: integer [ref]

TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation


.spec.agents.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group. By default, suitable tolerations are set for the following keys with the NoExecute effect:

  • node.kubernetes.io/not-ready
  • node.kubernetes.io/unreachable
  • node.alpha.kubernetes.io/unreachable (will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

Links:


.spec.agents.volumeAllowShrink

Type: boolean [ref]

[!WARNING] DEPRECATED

Not used anymore

VolumeAllowShrink allows shrinking of the volume


.spec.agents.volumeClaimTemplate

Type: core.PersistentVolumeClaim [ref]

VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group. This setting is not available for group coordinators, syncmasters & syncworkers. The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem. If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage and iops is not forwarded to the pods resource requirements.

Links:


.spec.agents.volumeMounts

Type: []ServerGroupSpecVolumeMount [ref]

VolumeMounts define list of volume mounts mounted into server container

Links:


.spec.agents.volumes[int].configMap

Type: core.ConfigMapVolumeSource [ref]

ConfigMap which should be mounted into pod

Links:


.spec.agents.volumes[int].emptyDir

Type: core.EmptyDirVolumeSource [ref]

EmptyDir

Links:


.spec.agents.volumes[int].hostPath

Type: core.HostPathVolumeSource [ref]

HostPath

Links:


.spec.agents.volumes[int].name

Type: string [ref]

Name of volume


.spec.agents.volumes[int].persistentVolumeClaim

Type: core.PersistentVolumeClaimVolumeSource [ref]

PersistentVolumeClaim

Links:


.spec.agents.volumes[int].secret

Type: core.SecretVolumeSource [ref]

Secret which should be mounted into pod

Links:


.spec.allowUnsafeUpgrade

Type: boolean [ref]

AllowUnsafeUpgrade determines if upgrade on missing member or with not in sync shards is allowed


.spec.annotations

Type: object [ref]

Annotations specifies the annotations added to all ArangoDeployment owned resources (pods, services, PVC’s, PDB’s).


.spec.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.annotationsMode

Type: string [ref]

AnnotationsMode defines annotations mode which should be use while overriding annotations.

Possible Values:

  • "disabled" (default) - Disable annotations/labels override. Default if there is no annotations/labels set in ArangoDeployment
  • "append" - Add new annotations/labels without affecting old ones
  • "replace" - Replace existing annotations/labels

.spec.architecture

Type: []string [ref]

Architecture defines the list of supported architectures. First element on the list is marked as default architecture. Possible values are:

  • amd64: Use processors with the x86-64 architecture.
  • arm64: Use processors with the 64-bit ARM architecture. The setting expects a list of strings, but you should only specify a single list item for the architecture, except when you want to migrate from one architecture to the other. The first list item defines the new default architecture for the deployment that you want to migrate to.

Links:

Default Value: ['amd64']


.spec.auth.jwtSecretName

Type: string [ref]

JWTSecretName setting specifies the name of a kubernetes Secret that contains a secret key used for generating JWT tokens to access all ArangoDB servers. When no name is specified, it defaults to <deployment-name>-jwt. To disable authentication, set this value to None. If you specify a name of a Secret, that secret must have the key value in a data field named token. If you specify a name of a Secret that does not exist, a random key is created and stored in a Secret with given name. Changing secret key results in restarting of a whole cluster.


.spec.bootstrap.passwordSecretNames

Type: map[string]string [ref]

PasswordSecretNames contains a map of username to password-secret-name This setting specifies a secret name for the credentials per specific users. When a deployment is created the operator will setup the user accounts according to the credentials given by the secret. If the secret doesn’t exist the operator creates a secret with a random password. There are two magic values for the secret name:

  • None specifies no action. This disables root password randomization. This is the default value. (Thus the root password is empty - not recommended)
  • Auto specifies automatic name generation, which is <deploymentname>-root-password.

Links:


.spec.chaos.enabled

Type: boolean [ref]

Enabled switches the chaos monkey for a deployment on or off.


.spec.chaos.interval

Type: integer [ref]

Interval is the time between events


.spec.chaos.kill-pod-probability

Type: integer [ref]

KillPodProbability is the chance of a pod being killed during an event


.spec.ClusterDomain

Type: string [ref]

ClusterDomain define domain used in the kubernetes cluster. Required only of domain is not set to default (cluster.local)

Default Value: cluster.local


.spec.communicationMethod

Type: string [ref]

CommunicationMethod define communication method used in deployment

Possible Values:

  • "headless" (default) - Define old communication mechanism, based on headless service.
  • "dns" - Define ClusterIP Service DNS based communication.
  • "short-dns" - Define ClusterIP Service DNS based communication. Use namespaced short DNS (used in migration)
  • "headless-dns" - Define Headless Service DNS based communication.
  • "ip" - Define ClusterIP Service IP based communication.

.spec.coordinators.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.coordinators.allowMemberRecreation

Type: boolean [ref]

AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:

  • For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default true)
  • For Agents and Single this value is hardcoded to false and the value provided in spec is ignored.

.spec.coordinators.annotations

Type: object [ref]

Annotations specified the annotations added to Pods in this group. Annotations are merged with spec.annotations.


.spec.coordinators.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.coordinators.annotationsMode

Type: string [ref]

AnnotationsMode Define annotations mode which should be use while overriding annotations


.spec.coordinators.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.coordinators.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.coordinators.count

Type: integer [ref]

Count setting specifies the number of servers to start for the given group. For the Agent group, this value must be a positive, odd number. The default value is 3 for all groups except single (there the default is 1 for spec.mode: Single and 2 for spec.mode: ActiveFailover). For the syncworkers group, it is highly recommended to use the same number as for the dbservers group.


.spec.coordinators.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.coordinators.envs[int].name

Type: string [ref]


.spec.coordinators.envs[int].value

Type: string [ref]


.spec.coordinators.ephemeralVolumes.apps.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.coordinators.ephemeralVolumes.temp.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.coordinators.exporterPort

Type: integer [ref]

ExporterPort define Port used by exporter


.spec.coordinators.extendedRotationCheck

Type: boolean [ref]

ExtendedRotationCheck extend checks for rotation


.spec.coordinators.externalPortEnabled

Type: boolean [ref]

ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members


.spec.coordinators.indexMethod

Type: string [ref]

IndexMethod define group Indexing method

Possible Values:

  • "random" (default) - Pick random ID for member. Enforced on the Community Operator.
  • "ordered" - Use sequential number as Member ID, starting from 0. Enterprise Operator required.

.spec.coordinators.initContainers.containers

Type: []core.Container [ref]

Containers contains list of containers

Links:


.spec.coordinators.initContainers.mode

Type: string [ref]

Mode keep container replace mode


.spec.coordinators.internalPort

Type: integer [ref]

InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.coordinators.internalPortProtocol

Type: string [ref]

InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.coordinators.labels

Type: object [ref]

Labels specified the labels added to Pods in this group.


.spec.coordinators.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.coordinators.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels


.spec.coordinators.maxCount

Type: integer [ref]

MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.


.spec.coordinators.memoryReservation

Type: integer [ref]

MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value. If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent. Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.

Links:

Default Value: 0


.spec.coordinators.minCount

Type: integer [ref]

MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.


.spec.coordinators.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.coordinators.nodeSelector

Type: map[string]string [ref]

NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.

Links:


.spec.coordinators.numactl.args

Type: array [ref]

Args define list of the numactl process

Default Value: []


.spec.coordinators.numactl.enabled

Type: boolean [ref]

Enabled define if numactl should be enabled

Default Value: false


.spec.coordinators.numactl.path

Type: string [ref]

Path define numactl path within the container

Default Value: /usr/bin/numactl


.spec.coordinators.overrideDetectedNumberOfCores

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable

OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources. If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.

Links:

Default Value: true


.spec.coordinators.overrideDetectedTotalMemory

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable

OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources. If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.

Links:

Default Value: true


.spec.coordinators.podModes.network

Type: string [ref]


.spec.coordinators.podModes.pid

Type: string [ref]


.spec.coordinators.port

Type: integer [ref]

Port define Port used by member


.spec.coordinators.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name Will be forwarded to the pod spec.

Links:


.spec.coordinators.probes.livenessProbeDisabled

Type: boolean [ref]

LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group

Default Value: false


.spec.coordinators.probes.livenessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.coordinators.probes.livenessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.coordinators.probes.livenessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.coordinators.probes.livenessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.coordinators.probes.livenessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.coordinators.probes.ReadinessProbeDisabled

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is deprecated, kept only for backward compatibility.

OldReadinessProbeDisabled if true readinessProbes are disabled


.spec.coordinators.probes.readinessProbeDisabled

Type: boolean [ref]

ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility


.spec.coordinators.probes.readinessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.coordinators.probes.readinessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.coordinators.probes.readinessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.coordinators.probes.readinessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.coordinators.probes.readinessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.coordinators.probes.startupProbeDisabled

Type: boolean [ref]

StartupProbeDisabled if true startupProbes are disabled


.spec.coordinators.probes.startupProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.coordinators.probes.startupProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.coordinators.probes.startupProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.coordinators.probes.startupProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.coordinators.probes.startupProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.coordinators.pvcResizeMode

Type: string [ref]

VolumeResizeMode specified resize mode for PVCs and PVs

Possible Values:

  • "runtime" (default) - PVC will be resized in Pod runtime (EKS, GKE)
  • "rotate" - Pod will be shutdown and PVC will be resized (AKS)

.spec.coordinators.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.coordinators.schedulerName

Type: string [ref]

SchedulerName define scheduler name used for group


.spec.coordinators.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.coordinators.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.coordinators.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.coordinators.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.coordinators.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.coordinators.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.coordinators.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.coordinators.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.coordinators.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.coordinators.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.coordinators.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.coordinators.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.coordinators.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.coordinators.serviceAccountName

Type: string [ref]

ServiceAccountName setting specifies the serviceAccountName for the Pods created for each server of this group. If empty, it defaults to using the default service account. Using an alternative ServiceAccount is typically used to separate access rights. The ArangoDB deployments need some very minimal access rights. With the deployment of the operator, we grant the rights to ‘get’ all ‘pod’ resources. If you are using a different service account, please grant these rights to that service account.


.spec.coordinators.shutdownDelay

Type: integer [ref]

ShutdownDelay define how long operator should delay finalizer removal after shutdown


.spec.coordinators.shutdownMethod

Type: string [ref]

ShutdownMethod describe procedure of member shutdown taken by Operator


.spec.coordinators.sidecarCoreNames

Type: array [ref]

SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: “server”, “worker”) are reserved, and they don’t have any impact.


.spec.coordinators.sidecars

Type: []core.Container [ref]

Sidecars specifies a list of additional containers to be started

Links:


.spec.coordinators.storageClassName

Type: string [ref]

[!WARNING] DEPRECATED

Use VolumeClaimTemplate instead.

StorageClassName specifies the classname for storage of the servers.


.spec.coordinators.terminationGracePeriodSeconds

Type: integer [ref]

TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation


.spec.coordinators.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group. By default, suitable tolerations are set for the following keys with the NoExecute effect:

  • node.kubernetes.io/not-ready
  • node.kubernetes.io/unreachable
  • node.alpha.kubernetes.io/unreachable (will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

Links:


.spec.coordinators.volumeAllowShrink

Type: boolean [ref]

[!WARNING] DEPRECATED

Not used anymore

VolumeAllowShrink allows shrinking of the volume


.spec.coordinators.volumeClaimTemplate

Type: core.PersistentVolumeClaim [ref]

VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group. This setting is not available for group coordinators, syncmasters & syncworkers. The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem. If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage and iops is not forwarded to the pods resource requirements.

Links:


.spec.coordinators.volumeMounts

Type: []ServerGroupSpecVolumeMount [ref]

VolumeMounts define list of volume mounts mounted into server container

Links:


.spec.coordinators.volumes[int].configMap

Type: core.ConfigMapVolumeSource [ref]

ConfigMap which should be mounted into pod

Links:


.spec.coordinators.volumes[int].emptyDir

Type: core.EmptyDirVolumeSource [ref]

EmptyDir

Links:


.spec.coordinators.volumes[int].hostPath

Type: core.HostPathVolumeSource [ref]

HostPath

Links:


.spec.coordinators.volumes[int].name

Type: string [ref]

Name of volume


.spec.coordinators.volumes[int].persistentVolumeClaim

Type: core.PersistentVolumeClaimVolumeSource [ref]

PersistentVolumeClaim

Links:


.spec.coordinators.volumes[int].secret

Type: core.SecretVolumeSource [ref]

Secret which should be mounted into pod

Links:


.spec.database.maintenance

Type: boolean [ref]

Maintenance manage maintenance mode on Cluster side. Requires maintenance feature to be enabled


.spec.dbservers.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.dbservers.allowMemberRecreation

Type: boolean [ref]

AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:

  • For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default true)
  • For Agents and Single this value is hardcoded to false and the value provided in spec is ignored.

.spec.dbservers.annotations

Type: object [ref]

Annotations specified the annotations added to Pods in this group. Annotations are merged with spec.annotations.


.spec.dbservers.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.dbservers.annotationsMode

Type: string [ref]

AnnotationsMode Define annotations mode which should be use while overriding annotations


.spec.dbservers.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.dbservers.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.dbservers.count

Type: integer [ref]

Count setting specifies the number of servers to start for the given group. For the Agent group, this value must be a positive, odd number. The default value is 3 for all groups except single (there the default is 1 for spec.mode: Single and 2 for spec.mode: ActiveFailover). For the syncworkers group, it is highly recommended to use the same number as for the dbservers group.


.spec.dbservers.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.dbservers.envs[int].name

Type: string [ref]


.spec.dbservers.envs[int].value

Type: string [ref]


.spec.dbservers.ephemeralVolumes.apps.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.dbservers.ephemeralVolumes.temp.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.dbservers.exporterPort

Type: integer [ref]

ExporterPort define Port used by exporter


.spec.dbservers.extendedRotationCheck

Type: boolean [ref]

ExtendedRotationCheck extend checks for rotation


.spec.dbservers.externalPortEnabled

Type: boolean [ref]

ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members


.spec.dbservers.indexMethod

Type: string [ref]

IndexMethod define group Indexing method

Possible Values:

  • "random" (default) - Pick random ID for member. Enforced on the Community Operator.
  • "ordered" - Use sequential number as Member ID, starting from 0. Enterprise Operator required.

.spec.dbservers.initContainers.containers

Type: []core.Container [ref]

Containers contains list of containers

Links:


.spec.dbservers.initContainers.mode

Type: string [ref]

Mode keep container replace mode


.spec.dbservers.internalPort

Type: integer [ref]

InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.dbservers.internalPortProtocol

Type: string [ref]

InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.dbservers.labels

Type: object [ref]

Labels specified the labels added to Pods in this group.


.spec.dbservers.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.dbservers.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels


.spec.dbservers.maxCount

Type: integer [ref]

MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.


.spec.dbservers.memoryReservation

Type: integer [ref]

MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value. If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent. Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.

Links:

Default Value: 0


.spec.dbservers.minCount

Type: integer [ref]

MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.


.spec.dbservers.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.dbservers.nodeSelector

Type: map[string]string [ref]

NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.

Links:


.spec.dbservers.numactl.args

Type: array [ref]

Args define list of the numactl process

Default Value: []


.spec.dbservers.numactl.enabled

Type: boolean [ref]

Enabled define if numactl should be enabled

Default Value: false


.spec.dbservers.numactl.path

Type: string [ref]

Path define numactl path within the container

Default Value: /usr/bin/numactl


.spec.dbservers.overrideDetectedNumberOfCores

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable

OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources. If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.

Links:

Default Value: true


.spec.dbservers.overrideDetectedTotalMemory

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable

OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources. If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.

Links:

Default Value: true


.spec.dbservers.podModes.network

Type: string [ref]


.spec.dbservers.podModes.pid

Type: string [ref]


.spec.dbservers.port

Type: integer [ref]

Port define Port used by member


.spec.dbservers.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name Will be forwarded to the pod spec.

Links:


.spec.dbservers.probes.livenessProbeDisabled

Type: boolean [ref]

LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group

Default Value: false


.spec.dbservers.probes.livenessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.dbservers.probes.livenessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.dbservers.probes.livenessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.dbservers.probes.livenessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.dbservers.probes.livenessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.dbservers.probes.ReadinessProbeDisabled

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is deprecated, kept only for backward compatibility.

OldReadinessProbeDisabled if true readinessProbes are disabled


.spec.dbservers.probes.readinessProbeDisabled

Type: boolean [ref]

ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility


.spec.dbservers.probes.readinessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.dbservers.probes.readinessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.dbservers.probes.readinessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.dbservers.probes.readinessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.dbservers.probes.readinessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.dbservers.probes.startupProbeDisabled

Type: boolean [ref]

StartupProbeDisabled if true startupProbes are disabled


.spec.dbservers.probes.startupProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.dbservers.probes.startupProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.dbservers.probes.startupProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.dbservers.probes.startupProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.dbservers.probes.startupProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.dbservers.pvcResizeMode

Type: string [ref]

VolumeResizeMode specified resize mode for PVCs and PVs

Possible Values:

  • "runtime" (default) - PVC will be resized in Pod runtime (EKS, GKE)
  • "rotate" - Pod will be shutdown and PVC will be resized (AKS)

.spec.dbservers.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.dbservers.schedulerName

Type: string [ref]

SchedulerName define scheduler name used for group


.spec.dbservers.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.dbservers.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.dbservers.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.dbservers.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.dbservers.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.dbservers.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.dbservers.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.dbservers.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.dbservers.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.dbservers.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.dbservers.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.dbservers.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.dbservers.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.dbservers.serviceAccountName

Type: string [ref]

ServiceAccountName setting specifies the serviceAccountName for the Pods created for each server of this group. If empty, it defaults to using the default service account. Using an alternative ServiceAccount is typically used to separate access rights. The ArangoDB deployments need some very minimal access rights. With the deployment of the operator, we grant the rights to ‘get’ all ‘pod’ resources. If you are using a different service account, please grant these rights to that service account.


.spec.dbservers.shutdownDelay

Type: integer [ref]

ShutdownDelay define how long operator should delay finalizer removal after shutdown


.spec.dbservers.shutdownMethod

Type: string [ref]

ShutdownMethod describe procedure of member shutdown taken by Operator


.spec.dbservers.sidecarCoreNames

Type: array [ref]

SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: “server”, “worker”) are reserved, and they don’t have any impact.


.spec.dbservers.sidecars

Type: []core.Container [ref]

Sidecars specifies a list of additional containers to be started

Links:


.spec.dbservers.storageClassName

Type: string [ref]

[!WARNING] DEPRECATED

Use VolumeClaimTemplate instead.

StorageClassName specifies the classname for storage of the servers.


.spec.dbservers.terminationGracePeriodSeconds

Type: integer [ref]

TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation


.spec.dbservers.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group. By default, suitable tolerations are set for the following keys with the NoExecute effect:

  • node.kubernetes.io/not-ready
  • node.kubernetes.io/unreachable
  • node.alpha.kubernetes.io/unreachable (will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

Links:


.spec.dbservers.volumeAllowShrink

Type: boolean [ref]

[!WARNING] DEPRECATED

Not used anymore

VolumeAllowShrink allows shrinking of the volume


.spec.dbservers.volumeClaimTemplate

Type: core.PersistentVolumeClaim [ref]

VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group. This setting is not available for group coordinators, syncmasters & syncworkers. The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem. If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage and iops is not forwarded to the pods resource requirements.

Links:


.spec.dbservers.volumeMounts

Type: []ServerGroupSpecVolumeMount [ref]

VolumeMounts define list of volume mounts mounted into server container

Links:


.spec.dbservers.volumes[int].configMap

Type: core.ConfigMapVolumeSource [ref]

ConfigMap which should be mounted into pod

Links:


.spec.dbservers.volumes[int].emptyDir

Type: core.EmptyDirVolumeSource [ref]

EmptyDir

Links:


.spec.dbservers.volumes[int].hostPath

Type: core.HostPathVolumeSource [ref]

HostPath

Links:


.spec.dbservers.volumes[int].name

Type: string [ref]

Name of volume


.spec.dbservers.volumes[int].persistentVolumeClaim

Type: core.PersistentVolumeClaimVolumeSource [ref]

PersistentVolumeClaim

Links:


.spec.dbservers.volumes[int].secret

Type: core.SecretVolumeSource [ref]

Secret which should be mounted into pod

Links:


.spec.disableIPv6

Type: boolean [ref]

DisableIPv6 setting prevents the use of IPv6 addresses by ArangoDB servers. This setting cannot be changed after the deployment has been created.

Default Value: false


.spec.downtimeAllowed

Type: boolean [ref]

DowntimeAllowed setting is used to allow automatic reconciliation actions that yield some downtime of the ArangoDB deployment. When this setting is set to false, no automatic action that may result in downtime is allowed. If the need for such an action is detected, an event is added to the ArangoDeployment. Once this setting is set to true, the automatic action is executed. Operations that may result in downtime are:

  • Rotating TLS CA certificate Note: It is still possible that there is some downtime when the Kubernetes cluster is down, or in a bad state, irrespective of the value of this setting.

Default Value: false


.spec.environment

Type: string [ref]

Environment setting specifies the type of environment in which the deployment is created.

Possible Values:

  • "Development" (default) - This value optimizes the deployment for development use. It is possible to run a deployment on a small number of nodes (e.g. minikube).
  • "Production" - This value optimizes the deployment for production use. It puts required affinity constraints on all pods to avoid Agents & DB-Servers from running on the same machine.

.spec.externalAccess.advertisedEndpoint

Type: string [ref]

AdvertisedEndpoint is passed to the coordinators/single servers for advertising a specific endpoint


.spec.externalAccess.loadBalancerIP

Type: string [ref]

LoadBalancerIP define optional IP used to configure a load-balancer on, in case of Auto or LoadBalancer type. If you do not specify this setting, an IP will be chosen automatically by the load-balancer provisioner.


.spec.externalAccess.loadBalancerSourceRanges

Type: array [ref]

LoadBalancerSourceRanges define LoadBalancerSourceRanges used for LoadBalancer Service type If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.

Links:


.spec.externalAccess.managedServiceNames

Type: array [ref]

ManagedServiceNames keeps names of services which are not managed by KubeArangoDB. It is only relevant when type of service is managed.


.spec.externalAccess.nodePort

Type: integer [ref]

NodePort define optional port used in case of Auto or NodePort type. This setting is used when spec.externalAccess.type is set to NodePort or Auto. If you do not specify this setting, a random port will be chosen automatically.


.spec.externalAccess.type

Type: string [ref]

Type specifies the type of Service that will be created to provide access to the ArangoDB deployment from outside the Kubernetes cluster.

Possible Values:

  • "Auto" (default) - Create a Service of type LoadBalancer and fallback to a Service or type NodePort when the LoadBalancer is not assigned an IP address.
  • "None" - limit access to application running inside the Kubernetes cluster.
  • "LoadBalancer" - Create a Service of type LoadBalancer for the ArangoDB deployment.
  • "NodePort" - Create a Service of type NodePort for the ArangoDB deployment.

.spec.features.foxx.queues

Type: boolean [ref]


.spec.id.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.id.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.id.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.id.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.id.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.id.nodeSelector

Type: object [ref]

NodeSelector specifies a set of selectors for nodes


.spec.id.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name


.spec.id.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.id.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.id.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.id.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.id.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.id.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.id.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.id.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.id.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.id.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.id.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.id.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.id.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.id.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.id.serviceAccountName

Type: string [ref]

ServiceAccountName specifies the name of the service account used for Pods in this group.


.spec.id.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group.

Links:


.spec.image

Type: string [ref]

Image specifies the docker image to use for all ArangoDB servers. In a development environment this setting defaults to arangodb/arangodb:latest. For production environments this is a required setting without a default value. It is highly recommend to use explicit version (not latest) for production environments.


.spec.imageDiscoveryMode

Type: string [ref]

ImageDiscoveryMode specifies the image discovery mode.

Possible Values:

  • "kubelet" (default) - Use sha256 of the discovered image in the pods
  • "direct" - Use image provided in the spec.image directly in the pods

.spec.imagePullPolicy

Type: core.PullPolicy [ref]

ImagePullPolicy specifies the pull policy for the docker image to use for all ArangoDB servers.

Links:

Possible Values:

  • "Always" (default) - Means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.
  • "Never" - Means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn’t present
  • "IfNotPresent" - Means that kubelet pulls if the image isn’t present on disk. Container will fail if the image isn’t present and the pull fails.

.spec.imagePullSecrets

Type: array [ref]

ImagePullSecrets specifies the list of image pull secrets for the docker image to use for all ArangoDB servers.


.spec.labels

Type: object [ref]

Labels specifies the labels added to Pods in this group.


.spec.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels

Possible Values:

  • "disabled" (default) - Disable annotations/labels override. Default if there is no annotations/labels set in ArangoDeployment
  • "append" - Add new annotations/labels without affecting old ones
  • "replace" - Replace existing annotations/labels

.spec.license.secretName

Type: string [ref]

SecretName setting specifies the name of a kubernetes Secret that contains the license key token used for enterprise images. This value is not used for the Community Edition.


.spec.lifecycle.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.memberPropagationMode

Type: string [ref]

MemberPropagationMode defines how changes to pod spec should be propogated. Changes to a pod’s configuration require a restart of that pod in almost all cases. Pods are restarted eagerly by default, which can cause more restarts than desired, especially when updating arangod as well as the operator. The propagation of the configuration changes can be deferred to the next restart, either triggered manually by the user or by another operation like an upgrade. This reduces the number of restarts for upgrading both the server and the operator from two to one.

Possible Values:

  • "always" (default) - Restart the member as soon as a configuration change is discovered
  • "on-restart" - Wait until the next restart to change the member configuration

.spec.metrics.authentication.jwtTokenSecretName

Type: string [ref]

JWTTokenSecretName contains the name of the JWT kubernetes secret used for authentication


.spec.metrics.enabled

Type: boolean [ref]

Enabled if this is set to true, the operator runs a sidecar container for every Agent, DB-Server, Coordinator and Single server.

Links:

Default Value: false


.spec.metrics.extensions.usageMetrics

Type: boolean [ref]

[!IMPORTANT] UsageMetrics needs to be also enabled via DBServer Arguments

UsageMetrics enables ArangoDB Usage metrics scrape. Affects only DBServers in the Cluster mode.

Links:

Default Value: false


.spec.metrics.image

Type: string [ref]

[!WARNING] DEPRECATED

Image is now extracted from Operator Pod

Image used for the Metrics Sidecar


.spec.metrics.mode

Type: string [ref]

[!WARNING] DEPRECATED

Not used anymore

Mode define metrics exported mode


.spec.metrics.port

Type: integer [ref]


.spec.metrics.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.metrics.serviceMonitor.enabled

Type: boolean [ref]


.spec.metrics.serviceMonitor.labels

Type: object [ref]


.spec.metrics.tls

Type: boolean [ref]

TLS defines if TLS should be enabled on Metrics exporter endpoint. This option will enable TLS only if TLS is enabled on ArangoDeployment, otherwise true value will not take any effect.

Default Value: true


.spec.mode

Type: string [ref]

Mode specifies the type of ArangoDB deployment to create.

Possible Values:

  • "Cluster" (default) - Full cluster. Defaults to 3 Agents, 3 DB-Servers & 3 Coordinators.
  • "ActiveFailover" - Active-failover single pair. Defaults to 3 Agents and 2 single servers.
  • "Single" - Single server only (note this does not provide high availability or reliability).

This field is immutable: Change of the ArangoDeployment Mode is not possible after creation.


.spec.networkAttachedVolumes

Type: boolean [ref]

NetworkAttachedVolumes If set to true, a ResignLeadership operation will be triggered when a DB-Server pod is evicted (rather than a CleanOutServer operation). Furthermore, the pod will simply be redeployed on a different node, rather than cleaned and retired and replaced by a new member. You must only set this option to true if your persistent volumes are “movable” in the sense that they can be mounted from a different k8s node, like in the case of network attached volumes. If your persistent volumes are tied to a specific pod, you must leave this option on false.

Default Value: true


.spec.rebalancer.enabled

Type: boolean [ref]


.spec.rebalancer.optimizers.leader

Type: boolean [ref]


.spec.rebalancer.parallelMoves

Type: integer [ref]


.spec.rebalancer.readers.count

Type: boolean [ref]

[!WARNING] DEPRECATED

does not work in Rebalancer V2

Count Enable Shard Count machanism


.spec.recovery.autoRecover

Type: boolean [ref]


.spec.restoreEncryptionSecret

Type: string [ref]

RestoreEncryptionSecret specifies optional name of secret which contains encryption key used for restore


.spec.restoreFrom

Type: string [ref]

RestoreFrom setting specifies a ArangoBackup resource name the cluster should be restored from. After a restore or failure to do so, the status of the deployment contains information about the restore operation in the restore key. It will contain some of the following fields:

  • requestedFrom: name of the ArangoBackup used to restore from.
  • message: optional message explaining why the restore failed.
  • state: state indicating if the restore was successful or not. Possible values: Restoring, Restored, RestoreFailed If the restoreFrom key is removed from the spec, the restore key is deleted as well. A new restore attempt is made if and only if either in the status restore is not set or if spec.restoreFrom and status.requestedFrom are different.

.spec.rocksdb.encryption.keySecretName

Type: string [ref]

KeySecretName setting specifies the name of a Kubernetes Secret that contains an encryption key used for encrypting all data stored by ArangoDB servers. When an encryption key is used, encryption of the data in the cluster is enabled, without it encryption is disabled. The default value is empty. This requires the Enterprise Edition. The encryption key cannot be changed after the cluster has been created. The secret specified by this setting, must have a data field named ‘key’ containing an encryption key that is exactly 32 bytes long.


.spec.single.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.single.allowMemberRecreation

Type: boolean [ref]

AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:

  • For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default true)
  • For Agents and Single this value is hardcoded to false and the value provided in spec is ignored.

.spec.single.annotations

Type: object [ref]

Annotations specified the annotations added to Pods in this group. Annotations are merged with spec.annotations.


.spec.single.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.single.annotationsMode

Type: string [ref]

AnnotationsMode Define annotations mode which should be use while overriding annotations


.spec.single.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.single.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.single.count

Type: integer [ref]

Count setting specifies the number of servers to start for the given group. For the Agent group, this value must be a positive, odd number. The default value is 3 for all groups except single (there the default is 1 for spec.mode: Single and 2 for spec.mode: ActiveFailover). For the syncworkers group, it is highly recommended to use the same number as for the dbservers group.


.spec.single.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.single.envs[int].name

Type: string [ref]


.spec.single.envs[int].value

Type: string [ref]


.spec.single.ephemeralVolumes.apps.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.single.ephemeralVolumes.temp.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.single.exporterPort

Type: integer [ref]

ExporterPort define Port used by exporter


.spec.single.extendedRotationCheck

Type: boolean [ref]

ExtendedRotationCheck extend checks for rotation


.spec.single.externalPortEnabled

Type: boolean [ref]

ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members


.spec.single.indexMethod

Type: string [ref]

IndexMethod define group Indexing method

Possible Values:

  • "random" (default) - Pick random ID for member. Enforced on the Community Operator.
  • "ordered" - Use sequential number as Member ID, starting from 0. Enterprise Operator required.

.spec.single.initContainers.containers

Type: []core.Container [ref]

Containers contains list of containers

Links:


.spec.single.initContainers.mode

Type: string [ref]

Mode keep container replace mode


.spec.single.internalPort

Type: integer [ref]

InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.single.internalPortProtocol

Type: string [ref]

InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.single.labels

Type: object [ref]

Labels specified the labels added to Pods in this group.


.spec.single.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.single.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels


.spec.single.maxCount

Type: integer [ref]

MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.


.spec.single.memoryReservation

Type: integer [ref]

MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value. If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent. Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.

Links:

Default Value: 0


.spec.single.minCount

Type: integer [ref]

MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.


.spec.single.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.single.nodeSelector

Type: map[string]string [ref]

NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.

Links:


.spec.single.numactl.args

Type: array [ref]

Args define list of the numactl process

Default Value: []


.spec.single.numactl.enabled

Type: boolean [ref]

Enabled define if numactl should be enabled

Default Value: false


.spec.single.numactl.path

Type: string [ref]

Path define numactl path within the container

Default Value: /usr/bin/numactl


.spec.single.overrideDetectedNumberOfCores

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable

OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources. If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.

Links:

Default Value: true


.spec.single.overrideDetectedTotalMemory

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable

OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources. If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.

Links:

Default Value: true


.spec.single.podModes.network

Type: string [ref]


.spec.single.podModes.pid

Type: string [ref]


.spec.single.port

Type: integer [ref]

Port define Port used by member


.spec.single.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name Will be forwarded to the pod spec.

Links:


.spec.single.probes.livenessProbeDisabled

Type: boolean [ref]

LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group

Default Value: false


.spec.single.probes.livenessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.single.probes.livenessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.single.probes.livenessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.single.probes.livenessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.single.probes.livenessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.single.probes.ReadinessProbeDisabled

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is deprecated, kept only for backward compatibility.

OldReadinessProbeDisabled if true readinessProbes are disabled


.spec.single.probes.readinessProbeDisabled

Type: boolean [ref]

ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility


.spec.single.probes.readinessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.single.probes.readinessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.single.probes.readinessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.single.probes.readinessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.single.probes.readinessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.single.probes.startupProbeDisabled

Type: boolean [ref]

StartupProbeDisabled if true startupProbes are disabled


.spec.single.probes.startupProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.single.probes.startupProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.single.probes.startupProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.single.probes.startupProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.single.probes.startupProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.single.pvcResizeMode

Type: string [ref]

VolumeResizeMode specified resize mode for PVCs and PVs

Possible Values:

  • "runtime" (default) - PVC will be resized in Pod runtime (EKS, GKE)
  • "rotate" - Pod will be shutdown and PVC will be resized (AKS)

.spec.single.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.single.schedulerName

Type: string [ref]

SchedulerName define scheduler name used for group


.spec.single.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.single.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.single.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.single.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.single.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.single.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.single.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.single.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.single.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.single.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.single.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.single.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.single.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.single.serviceAccountName

Type: string [ref]

ServiceAccountName setting specifies the serviceAccountName for the Pods created for each server of this group. If empty, it defaults to using the default service account. Using an alternative ServiceAccount is typically used to separate access rights. The ArangoDB deployments need some very minimal access rights. With the deployment of the operator, we grant the rights to ‘get’ all ‘pod’ resources. If you are using a different service account, please grant these rights to that service account.


.spec.single.shutdownDelay

Type: integer [ref]

ShutdownDelay define how long operator should delay finalizer removal after shutdown


.spec.single.shutdownMethod

Type: string [ref]

ShutdownMethod describe procedure of member shutdown taken by Operator


.spec.single.sidecarCoreNames

Type: array [ref]

SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: “server”, “worker”) are reserved, and they don’t have any impact.


.spec.single.sidecars

Type: []core.Container [ref]

Sidecars specifies a list of additional containers to be started

Links:


.spec.single.storageClassName

Type: string [ref]

[!WARNING] DEPRECATED

Use VolumeClaimTemplate instead.

StorageClassName specifies the classname for storage of the servers.


.spec.single.terminationGracePeriodSeconds

Type: integer [ref]

TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation


.spec.single.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group. By default, suitable tolerations are set for the following keys with the NoExecute effect:

  • node.kubernetes.io/not-ready
  • node.kubernetes.io/unreachable
  • node.alpha.kubernetes.io/unreachable (will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

Links:


.spec.single.volumeAllowShrink

Type: boolean [ref]

[!WARNING] DEPRECATED

Not used anymore

VolumeAllowShrink allows shrinking of the volume


.spec.single.volumeClaimTemplate

Type: core.PersistentVolumeClaim [ref]

VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group. This setting is not available for group coordinators, syncmasters & syncworkers. The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem. If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage and iops is not forwarded to the pods resource requirements.

Links:


.spec.single.volumeMounts

Type: []ServerGroupSpecVolumeMount [ref]

VolumeMounts define list of volume mounts mounted into server container

Links:


.spec.single.volumes[int].configMap

Type: core.ConfigMapVolumeSource [ref]

ConfigMap which should be mounted into pod

Links:


.spec.single.volumes[int].emptyDir

Type: core.EmptyDirVolumeSource [ref]

EmptyDir

Links:


.spec.single.volumes[int].hostPath

Type: core.HostPathVolumeSource [ref]

HostPath

Links:


.spec.single.volumes[int].name

Type: string [ref]

Name of volume


.spec.single.volumes[int].persistentVolumeClaim

Type: core.PersistentVolumeClaimVolumeSource [ref]

PersistentVolumeClaim

Links:


.spec.single.volumes[int].secret

Type: core.SecretVolumeSource [ref]

Secret which should be mounted into pod

Links:


.spec.storageEngine

Type: string [ref]

StorageEngine specifies the type of storage engine used for all servers in the cluster.

Possible Values:

  • "RocksDB" (default) - To use the RocksDB storage engine.
  • "MMFiles" - To use the MMFiles storage engine. Deprecated.

This field is immutable: This setting cannot be changed after the cluster has been created.


.spec.sync.auth.clientCASecretName

Type: string [ref]

ClientCASecretName setting specifies the name of a kubernetes Secret that contains a PEM encoded CA certificate used for client certificate verification in all ArangoSync master servers. This is a required setting when spec.sync.enabled is true.


.spec.sync.auth.jwtSecretName

Type: string [ref]

JWTSecretName setting specifies the name of a kubernetes Secret that contains the JWT token used for accessing all ArangoSync master servers. When not specified, the spec.auth.jwtSecretName value is used. If you specify a name of a Secret that does not exist, a random token is created and stored in a Secret with given name.


.spec.sync.enabled

Type: boolean [ref]

Enabled setting enables/disables support for data center 2 data center replication in the cluster. When enabled, the cluster will contain a number of syncmaster & syncworker servers.

Default Value: false


.spec.sync.externalAccess.accessPackageSecretNames

Type: []string [ref]

AccessPackageSecretNames setting specifies the names of zero of more Secrets that will be created by the deployment operator containing “access packages”. An access package contains those Secrets that are needed to access the SyncMasters of this ArangoDeployment. By removing a name from this setting, the corresponding Secret is also deleted. Note that to remove all access packages, leave an empty array in place ([]). Completely removing the setting results in not modifying the list.

Links:


.spec.sync.externalAccess.advertisedEndpoint

Type: string [ref]

AdvertisedEndpoint is passed to the coordinators/single servers for advertising a specific endpoint


.spec.sync.externalAccess.loadBalancerIP

Type: string [ref]

LoadBalancerIP define optional IP used to configure a load-balancer on, in case of Auto or LoadBalancer type. If you do not specify this setting, an IP will be chosen automatically by the load-balancer provisioner.


.spec.sync.externalAccess.loadBalancerSourceRanges

Type: array [ref]

LoadBalancerSourceRanges define LoadBalancerSourceRanges used for LoadBalancer Service type If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.

Links:


.spec.sync.externalAccess.managedServiceNames

Type: array [ref]

ManagedServiceNames keeps names of services which are not managed by KubeArangoDB. It is only relevant when type of service is managed.


.spec.sync.externalAccess.masterEndpoint

Type: []string [ref]

MasterEndpoint setting specifies the master endpoint(s) advertised by the ArangoSync SyncMasters. If not set, this setting defaults to:

  • If spec.sync.externalAccess.loadBalancerIP is set, it defaults to https://<load-balancer-ip>:<8629>.
  • Otherwise it defaults to https://<sync-service-dns-name>:<8629>.

.spec.sync.externalAccess.nodePort

Type: integer [ref]

NodePort define optional port used in case of Auto or NodePort type. This setting is used when spec.externalAccess.type is set to NodePort or Auto. If you do not specify this setting, a random port will be chosen automatically.


.spec.sync.externalAccess.type

Type: string [ref]

Type specifies the type of Service that will be created to provide access to the ArangoDB deployment from outside the Kubernetes cluster.

Possible Values:

  • "Auto" (default) - Create a Service of type LoadBalancer and fallback to a Service or type NodePort when the LoadBalancer is not assigned an IP address.
  • "None" - limit access to application running inside the Kubernetes cluster.
  • "LoadBalancer" - Create a Service of type LoadBalancer for the ArangoDB deployment.
  • "NodePort" - Create a Service of type NodePort for the ArangoDB deployment.

.spec.sync.image

Type: string [ref]


.spec.sync.monitoring.tokenSecretName

Type: string [ref]

TokenSecretName setting specifies the name of a kubernetes Secret that contains the bearer token used for accessing all monitoring endpoints of all arangod/arangosync servers. When not specified, no monitoring token is used.


.spec.sync.tls.altNames

Type: []string [ref]

AltNames setting specifies a list of alternate names that will be added to all generated certificates. These names can be DNS names or email addresses. The default value is empty.


.spec.sync.tls.caSecretName

Type: string [ref]

CASecretName setting specifies the name of a kubernetes Secret that contains a standard CA certificate + private key used to sign certificates for individual ArangoDB servers. When no name is specified, it defaults to <deployment-name>-ca. To disable authentication, set this value to None. If you specify a name of a Secret that does not exist, a self-signed CA certificate + key is created and stored in a Secret with given name. The specified Secret, must contain the following data fields:

  • ca.crt PEM encoded public key of the CA certificate
  • ca.key PEM encoded private key of the CA certificate

.spec.sync.tls.mode

Type: string [ref]


.spec.sync.tls.sni.mapping.<string>

Type: array [ref]


.spec.sync.tls.ttl

Type: string [ref]

TTL setting specifies the time to live of all generated server certificates. When the server certificate is about to expire, it will be automatically replaced by a new one and the affected server will be restarted. Note: The time to live of the CA certificate (when created automatically) will be set to 10 years.

Default Value: "2160h" (about 3 months)


.spec.syncmasters.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.syncmasters.allowMemberRecreation

Type: boolean [ref]

AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:

  • For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default true)
  • For Agents and Single this value is hardcoded to false and the value provided in spec is ignored.

.spec.syncmasters.annotations

Type: object [ref]

Annotations specified the annotations added to Pods in this group. Annotations are merged with spec.annotations.


.spec.syncmasters.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.syncmasters.annotationsMode

Type: string [ref]

AnnotationsMode Define annotations mode which should be use while overriding annotations


.spec.syncmasters.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.syncmasters.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.syncmasters.count

Type: integer [ref]

Count setting specifies the number of servers to start for the given group. For the Agent group, this value must be a positive, odd number. The default value is 3 for all groups except single (there the default is 1 for spec.mode: Single and 2 for spec.mode: ActiveFailover). For the syncworkers group, it is highly recommended to use the same number as for the dbservers group.


.spec.syncmasters.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.syncmasters.envs[int].name

Type: string [ref]


.spec.syncmasters.envs[int].value

Type: string [ref]


.spec.syncmasters.ephemeralVolumes.apps.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.syncmasters.ephemeralVolumes.temp.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.syncmasters.exporterPort

Type: integer [ref]

ExporterPort define Port used by exporter


.spec.syncmasters.extendedRotationCheck

Type: boolean [ref]

ExtendedRotationCheck extend checks for rotation


.spec.syncmasters.externalPortEnabled

Type: boolean [ref]

ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members


.spec.syncmasters.indexMethod

Type: string [ref]

IndexMethod define group Indexing method

Possible Values:

  • "random" (default) - Pick random ID for member. Enforced on the Community Operator.
  • "ordered" - Use sequential number as Member ID, starting from 0. Enterprise Operator required.

.spec.syncmasters.initContainers.containers

Type: []core.Container [ref]

Containers contains list of containers

Links:


.spec.syncmasters.initContainers.mode

Type: string [ref]

Mode keep container replace mode


.spec.syncmasters.internalPort

Type: integer [ref]

InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.syncmasters.internalPortProtocol

Type: string [ref]

InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.syncmasters.labels

Type: object [ref]

Labels specified the labels added to Pods in this group.


.spec.syncmasters.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.syncmasters.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels


.spec.syncmasters.maxCount

Type: integer [ref]

MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.


.spec.syncmasters.memoryReservation

Type: integer [ref]

MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value. If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent. Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.

Links:

Default Value: 0


.spec.syncmasters.minCount

Type: integer [ref]

MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.


.spec.syncmasters.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.syncmasters.nodeSelector

Type: map[string]string [ref]

NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.

Links:


.spec.syncmasters.numactl.args

Type: array [ref]

Args define list of the numactl process

Default Value: []


.spec.syncmasters.numactl.enabled

Type: boolean [ref]

Enabled define if numactl should be enabled

Default Value: false


.spec.syncmasters.numactl.path

Type: string [ref]

Path define numactl path within the container

Default Value: /usr/bin/numactl


.spec.syncmasters.overrideDetectedNumberOfCores

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable

OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources. If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.

Links:

Default Value: true


.spec.syncmasters.overrideDetectedTotalMemory

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable

OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources. If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.

Links:

Default Value: true


.spec.syncmasters.podModes.network

Type: string [ref]


.spec.syncmasters.podModes.pid

Type: string [ref]


.spec.syncmasters.port

Type: integer [ref]

Port define Port used by member


.spec.syncmasters.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name Will be forwarded to the pod spec.

Links:


.spec.syncmasters.probes.livenessProbeDisabled

Type: boolean [ref]

LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group

Default Value: false


.spec.syncmasters.probes.livenessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.syncmasters.probes.livenessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.syncmasters.probes.livenessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.syncmasters.probes.livenessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.syncmasters.probes.livenessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.syncmasters.probes.ReadinessProbeDisabled

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is deprecated, kept only for backward compatibility.

OldReadinessProbeDisabled if true readinessProbes are disabled


.spec.syncmasters.probes.readinessProbeDisabled

Type: boolean [ref]

ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility


.spec.syncmasters.probes.readinessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.syncmasters.probes.readinessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.syncmasters.probes.readinessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.syncmasters.probes.readinessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.syncmasters.probes.readinessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.syncmasters.probes.startupProbeDisabled

Type: boolean [ref]

StartupProbeDisabled if true startupProbes are disabled


.spec.syncmasters.probes.startupProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.syncmasters.probes.startupProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.syncmasters.probes.startupProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.syncmasters.probes.startupProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.syncmasters.probes.startupProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.syncmasters.pvcResizeMode

Type: string [ref]

VolumeResizeMode specified resize mode for PVCs and PVs

Possible Values:

  • "runtime" (default) - PVC will be resized in Pod runtime (EKS, GKE)
  • "rotate" - Pod will be shutdown and PVC will be resized (AKS)

.spec.syncmasters.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.syncmasters.schedulerName

Type: string [ref]

SchedulerName define scheduler name used for group


.spec.syncmasters.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.syncmasters.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.syncmasters.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.syncmasters.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.syncmasters.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.syncmasters.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.syncmasters.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.syncmasters.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.syncmasters.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.syncmasters.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.syncmasters.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.syncmasters.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.syncmasters.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.syncmasters.serviceAccountName

Type: string [ref]

ServiceAccountName setting specifies the serviceAccountName for the Pods created for each server of this group. If empty, it defaults to using the default service account. Using an alternative ServiceAccount is typically used to separate access rights. The ArangoDB deployments need some very minimal access rights. With the deployment of the operator, we grant the rights to ‘get’ all ‘pod’ resources. If you are using a different service account, please grant these rights to that service account.


.spec.syncmasters.shutdownDelay

Type: integer [ref]

ShutdownDelay define how long operator should delay finalizer removal after shutdown


.spec.syncmasters.shutdownMethod

Type: string [ref]

ShutdownMethod describe procedure of member shutdown taken by Operator


.spec.syncmasters.sidecarCoreNames

Type: array [ref]

SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: “server”, “worker”) are reserved, and they don’t have any impact.


.spec.syncmasters.sidecars

Type: []core.Container [ref]

Sidecars specifies a list of additional containers to be started

Links:


.spec.syncmasters.storageClassName

Type: string [ref]

[!WARNING] DEPRECATED

Use VolumeClaimTemplate instead.

StorageClassName specifies the classname for storage of the servers.


.spec.syncmasters.terminationGracePeriodSeconds

Type: integer [ref]

TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation


.spec.syncmasters.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group. By default, suitable tolerations are set for the following keys with the NoExecute effect:

  • node.kubernetes.io/not-ready
  • node.kubernetes.io/unreachable
  • node.alpha.kubernetes.io/unreachable (will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

Links:


.spec.syncmasters.volumeAllowShrink

Type: boolean [ref]

[!WARNING] DEPRECATED

Not used anymore

VolumeAllowShrink allows shrinking of the volume


.spec.syncmasters.volumeClaimTemplate

Type: core.PersistentVolumeClaim [ref]

VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group. This setting is not available for group coordinators, syncmasters & syncworkers. The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem. If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage and iops is not forwarded to the pods resource requirements.

Links:


.spec.syncmasters.volumeMounts

Type: []ServerGroupSpecVolumeMount [ref]

VolumeMounts define list of volume mounts mounted into server container

Links:


.spec.syncmasters.volumes[int].configMap

Type: core.ConfigMapVolumeSource [ref]

ConfigMap which should be mounted into pod

Links:


.spec.syncmasters.volumes[int].emptyDir

Type: core.EmptyDirVolumeSource [ref]

EmptyDir

Links:


.spec.syncmasters.volumes[int].hostPath

Type: core.HostPathVolumeSource [ref]

HostPath

Links:


.spec.syncmasters.volumes[int].name

Type: string [ref]

Name of volume


.spec.syncmasters.volumes[int].persistentVolumeClaim

Type: core.PersistentVolumeClaimVolumeSource [ref]

PersistentVolumeClaim

Links:


.spec.syncmasters.volumes[int].secret

Type: core.SecretVolumeSource [ref]

Secret which should be mounted into pod

Links:


.spec.syncworkers.affinity

Type: core.PodAffinity [ref]

Affinity specified additional affinity settings in ArangoDB Pod definitions

Links:


.spec.syncworkers.allowMemberRecreation

Type: boolean [ref]

AllowMemberRecreation allows to recreate member. This setting changes the member recreation logic based on group:

  • For Sync Masters, Sync Workers, Coordinator and DB-Servers it determines if a member can be recreated in case of failure (default true)
  • For Agents and Single this value is hardcoded to false and the value provided in spec is ignored.

.spec.syncworkers.annotations

Type: object [ref]

Annotations specified the annotations added to Pods in this group. Annotations are merged with spec.annotations.


.spec.syncworkers.annotationsIgnoreList

Type: array [ref]

AnnotationsIgnoreList list regexp or plain definitions which annotations should be ignored


.spec.syncworkers.annotationsMode

Type: string [ref]

AnnotationsMode Define annotations mode which should be use while overriding annotations


.spec.syncworkers.antiAffinity

Type: core.PodAntiAffinity [ref]

AntiAffinity specified additional antiAffinity settings in ArangoDB Pod definitions

Links:


.spec.syncworkers.args

Type: []string [ref]

Args setting specifies additional command-line arguments passed to all servers of this group.

Default Value: []


.spec.syncworkers.count

Type: integer [ref]

Count setting specifies the number of servers to start for the given group. For the Agent group, this value must be a positive, odd number. The default value is 3 for all groups except single (there the default is 1 for spec.mode: Single and 2 for spec.mode: ActiveFailover). For the syncworkers group, it is highly recommended to use the same number as for the dbservers group.


.spec.syncworkers.entrypoint

Type: string [ref]

Entrypoint overrides container executable


.spec.syncworkers.envs[int].name

Type: string [ref]


.spec.syncworkers.envs[int].value

Type: string [ref]


.spec.syncworkers.ephemeralVolumes.apps.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.syncworkers.ephemeralVolumes.temp.size

Type: resource.Quantity [ref]

Size define size of the ephemeral volume

Links:


.spec.syncworkers.exporterPort

Type: integer [ref]

ExporterPort define Port used by exporter


.spec.syncworkers.extendedRotationCheck

Type: boolean [ref]

ExtendedRotationCheck extend checks for rotation


.spec.syncworkers.externalPortEnabled

Type: boolean [ref]

ExternalPortEnabled if external port should be enabled. If is set to false, ports needs to be exposed via sidecar. Only for ArangoD members


.spec.syncworkers.indexMethod

Type: string [ref]

IndexMethod define group Indexing method

Possible Values:

  • "random" (default) - Pick random ID for member. Enforced on the Community Operator.
  • "ordered" - Use sequential number as Member ID, starting from 0. Enterprise Operator required.

.spec.syncworkers.initContainers.containers

Type: []core.Container [ref]

Containers contains list of containers

Links:


.spec.syncworkers.initContainers.mode

Type: string [ref]

Mode keep container replace mode


.spec.syncworkers.internalPort

Type: integer [ref]

InternalPort define port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.syncworkers.internalPortProtocol

Type: string [ref]

InternalPortProtocol define protocol of port used in internal communication, can be accessed over localhost via sidecar. Only for ArangoD members


.spec.syncworkers.labels

Type: object [ref]

Labels specified the labels added to Pods in this group.


.spec.syncworkers.labelsIgnoreList

Type: array [ref]

LabelsIgnoreList list regexp or plain definitions which labels should be ignored


.spec.syncworkers.labelsMode

Type: string [ref]

LabelsMode Define labels mode which should be use while overriding labels


.spec.syncworkers.maxCount

Type: integer [ref]

MaxCount specifies a maximum for the count of servers. If set, a specification is invalid if count > maxCount.


.spec.syncworkers.memoryReservation

Type: integer [ref]

MemoryReservation determines the system reservation of memory while calculating ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY value. If this field is set, ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY is reduced by a specified value in percent. Accepted Range <0, 50>. If the value is outside the accepted range, it is adjusted to the closest value.

Links:

Default Value: 0


.spec.syncworkers.minCount

Type: integer [ref]

MinCount specifies a minimum for the count of servers. If set, a specification is invalid if count < minCount.


.spec.syncworkers.nodeAffinity

Type: core.NodeAffinity [ref]

NodeAffinity specified additional nodeAffinity settings in ArangoDB Pod definitions

Links:


.spec.syncworkers.nodeSelector

Type: map[string]string [ref]

NodeSelector setting specifies a set of labels to be used as nodeSelector for Pods of this node.

Links:


.spec.syncworkers.numactl.args

Type: array [ref]

Args define list of the numactl process

Default Value: []


.spec.syncworkers.numactl.enabled

Type: boolean [ref]

Enabled define if numactl should be enabled

Default Value: false


.spec.syncworkers.numactl.path

Type: string [ref]

Path define numactl path within the container

Default Value: /usr/bin/numactl


.spec.syncworkers.overrideDetectedNumberOfCores

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES Container Environment Variable

OverrideDetectedNumberOfCores determines if number of cores should be overridden based on values in resources. If is set to true and Container CPU Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_NUMBER_OF_CORES to the value from the Container CPU Limits.

Links:

Default Value: true


.spec.syncworkers.overrideDetectedTotalMemory

Type: boolean [ref]

[!IMPORTANT] Values set by this feature override user-provided ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY Container Environment Variable

OverrideDetectedTotalMemory determines if memory should be overridden based on values in resources. If is set to true and Container Memory Limits are set, it sets Container Environment Variable ARANGODB_OVERRIDE_DETECTED_TOTAL_MEMORY to the value from the Container Memory Limits.

Links:

Default Value: true


.spec.syncworkers.podModes.network

Type: string [ref]


.spec.syncworkers.podModes.pid

Type: string [ref]


.spec.syncworkers.port

Type: integer [ref]

Port define Port used by member


.spec.syncworkers.priorityClassName

Type: string [ref]

PriorityClassName specifies a priority class name Will be forwarded to the pod spec.

Links:


.spec.syncworkers.probes.livenessProbeDisabled

Type: boolean [ref]

LivenessProbeDisabled if set to true, the operator does not generate a liveness probe for new pods belonging to this group

Default Value: false


.spec.syncworkers.probes.livenessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.syncworkers.probes.livenessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.syncworkers.probes.livenessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.syncworkers.probes.livenessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.syncworkers.probes.livenessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.syncworkers.probes.ReadinessProbeDisabled

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is deprecated, kept only for backward compatibility.

OldReadinessProbeDisabled if true readinessProbes are disabled


.spec.syncworkers.probes.readinessProbeDisabled

Type: boolean [ref]

ReadinessProbeDisabled override flag for probe disabled in good manner (lowercase) with backward compatibility


.spec.syncworkers.probes.readinessProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.syncworkers.probes.readinessProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.syncworkers.probes.readinessProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.syncworkers.probes.readinessProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.syncworkers.probes.readinessProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.syncworkers.probes.startupProbeDisabled

Type: boolean [ref]

StartupProbeDisabled if true startupProbes are disabled


.spec.syncworkers.probes.startupProbeSpec.failureThreshold

Type: integer [ref]

FailureThreshold when a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up. Giving up means restarting the container. Minimum value is 1.

Default Value: 3


.spec.syncworkers.probes.startupProbeSpec.initialDelaySeconds

Type: integer [ref]

InitialDelaySeconds specifies number of seconds after the container has started before liveness or readiness probes are initiated. Minimum value is 0.

Default Value: 2


.spec.syncworkers.probes.startupProbeSpec.periodSeconds

Type: integer [ref]

PeriodSeconds How often (in seconds) to perform the probe. Minimum value is 1.

Default Value: 10


.spec.syncworkers.probes.startupProbeSpec.successThreshold

Type: integer [ref]

SuccessThreshold Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.

Default Value: 1


.spec.syncworkers.probes.startupProbeSpec.timeoutSeconds

Type: integer [ref]

TimeoutSeconds specifies number of seconds after which the probe times out Minimum value is 1.

Default Value: 2


.spec.syncworkers.pvcResizeMode

Type: string [ref]

VolumeResizeMode specified resize mode for PVCs and PVs

Possible Values:

  • "runtime" (default) - PVC will be resized in Pod runtime (EKS, GKE)
  • "rotate" - Pod will be shutdown and PVC will be resized (AKS)

.spec.syncworkers.resources

Type: core.ResourceRequirements [ref]

Resources holds resource requests & limits

Links:


.spec.syncworkers.schedulerName

Type: string [ref]

SchedulerName define scheduler name used for group


.spec.syncworkers.securityContext.addCapabilities

Type: []core.Capability [ref]

AddCapabilities add new capabilities to containers


.spec.syncworkers.securityContext.allowPrivilegeEscalation

Type: boolean [ref]

AllowPrivilegeEscalation Controls whether a process can gain more privileges than its parent process.


.spec.syncworkers.securityContext.dropAllCapabilities

Type: boolean [ref]

[!WARNING] DEPRECATED

This field is added for backward compatibility. Will be removed in 1.1.0.

DropAllCapabilities specifies if capabilities should be dropped for this pod containers


.spec.syncworkers.securityContext.fsGroup

Type: integer [ref]

FSGroup is a special supplemental group that applies to all containers in a pod.


.spec.syncworkers.securityContext.privileged

Type: boolean [ref]

Privileged If true, runs container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.


.spec.syncworkers.securityContext.readOnlyRootFilesystem

Type: boolean [ref]

ReadOnlyRootFilesystem if true, mounts the container’s root filesystem as read-only.


.spec.syncworkers.securityContext.runAsGroup

Type: integer [ref]

RunAsGroup is the GID to run the entrypoint of the container process.


.spec.syncworkers.securityContext.runAsNonRoot

Type: boolean [ref]

RunAsNonRoot if true, indicates that the container must run as a non-root user.


.spec.syncworkers.securityContext.runAsUser

Type: integer [ref]

RunAsUser is the UID to run the entrypoint of the container process.


.spec.syncworkers.securityContext.seccompProfile

Type: core.SeccompProfile [ref]

SeccompProfile defines a pod/container’s seccomp profile settings. Only one profile source may be set.

Links:


.spec.syncworkers.securityContext.seLinuxOptions

Type: core.SELinuxOptions [ref]

SELinuxOptions are the labels to be applied to the container

Links:


.spec.syncworkers.securityContext.supplementalGroups

Type: array [ref]

SupplementalGroups is a list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process.


.spec.syncworkers.securityContext.sysctls

Type: map[string]intstr.IntOrString [ref]

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Map Value can be String or Int

Links:

Example:

sysctls:
  "kernel.shm_rmid_forced": "0"
  "net.core.somaxconn": 1024
  "kernel.msgmax": "65536"

.spec.syncworkers.serviceAccountName

Type: string [ref]

ServiceAccountName setting specifies the serviceAccountName for the Pods created for each server of this group. If empty, it defaults to using the default service account. Using an alternative ServiceAccount is typically used to separate access rights. The ArangoDB deployments need some very minimal access rights. With the deployment of the operator, we grant the rights to ‘get’ all ‘pod’ resources. If you are using a different service account, please grant these rights to that service account.


.spec.syncworkers.shutdownDelay

Type: integer [ref]

ShutdownDelay define how long operator should delay finalizer removal after shutdown


.spec.syncworkers.shutdownMethod

Type: string [ref]

ShutdownMethod describe procedure of member shutdown taken by Operator


.spec.syncworkers.sidecarCoreNames

Type: array [ref]

SidecarCoreNames is a list of sidecar containers which must run in the pod. Some names (e.g.: “server”, “worker”) are reserved, and they don’t have any impact.


.spec.syncworkers.sidecars

Type: []core.Container [ref]

Sidecars specifies a list of additional containers to be started

Links:


.spec.syncworkers.storageClassName

Type: string [ref]

[!WARNING] DEPRECATED

Use VolumeClaimTemplate instead.

StorageClassName specifies the classname for storage of the servers.


.spec.syncworkers.terminationGracePeriodSeconds

Type: integer [ref]

TerminationGracePeriodSeconds override default TerminationGracePeriodSeconds for pods - via silent rotation


.spec.syncworkers.tolerations

Type: []core.Toleration [ref]

Tolerations specifies the tolerations added to Pods in this group. By default, suitable tolerations are set for the following keys with the NoExecute effect:

  • node.kubernetes.io/not-ready
  • node.kubernetes.io/unreachable
  • node.alpha.kubernetes.io/unreachable (will be removed in future version) For more information on tolerations, consult the https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

Links:


.spec.syncworkers.volumeAllowShrink

Type: boolean [ref]

[!WARNING] DEPRECATED

Not used anymore

VolumeAllowShrink allows shrinking of the volume


.spec.syncworkers.volumeClaimTemplate

Type: core.PersistentVolumeClaim [ref]

VolumeClaimTemplate specifies a volumeClaimTemplate used by operator to create to volume claims for pods of this group. This setting is not available for group coordinators, syncmasters & syncworkers. The default value describes a volume with 8Gi storage, ReadWriteOnce access mode and volume mode set to PersistentVolumeFilesystem. If this field is not set and spec.<group>.resources.requests.storage is set, then a default volume claim with size as specified by spec.<group>.resources.requests.storage will be created. In that case storage and iops is not forwarded to the pods resource requirements.

Links:


.spec.syncworkers.volumeMounts

Type: []ServerGroupSpecVolumeMount [ref]

VolumeMounts define list of volume mounts mounted into server container

Links:


.spec.syncworkers.volumes[int].configMap

Type: core.ConfigMapVolumeSource [ref]

ConfigMap which should be mounted into pod

Links:


.spec.syncworkers.volumes[int].emptyDir

Type: core.EmptyDirVolumeSource [ref]

EmptyDir

Links:


.spec.syncworkers.volumes[int].hostPath

Type: core.HostPathVolumeSource [ref]

HostPath

Links:


.spec.syncworkers.volumes[int].name

Type: string [ref]

Name of volume


.spec.syncworkers.volumes[int].persistentVolumeClaim

Type: core.PersistentVolumeClaimVolumeSource [ref]

PersistentVolumeClaim

Links:


.spec.syncworkers.volumes[int].secret

Type: core.SecretVolumeSource [ref]

Secret which should be mounted into pod

Links:


.spec.timeouts.actions

Type: map[string]meta.Duration [ref]

Actions keep map of the actions timeouts.

Links:

Example:

actions:
  AddMember: 30m

.spec.timeouts.maintenanceGracePeriod

Type: integer [ref]

MaintenanceGracePeriod action timeout


.spec.timezone

Type: string [ref]

Timezone if specified, will set a timezone for deployment. Must be in format accepted by “tzdata”, e.g. America/New_York or Europe/London


.spec.tls.altNames

Type: []string [ref]

AltNames setting specifies a list of alternate names that will be added to all generated certificates. These names can be DNS names or email addresses. The default value is empty.


.spec.tls.caSecretName

Type: string [ref]

CASecretName setting specifies the name of a kubernetes Secret that contains a standard CA certificate + private key used to sign certificates for individual ArangoDB servers. When no name is specified, it defaults to <deployment-name>-ca. To disable authentication, set this value to None. If you specify a name of a Secret that does not exist, a self-signed CA certificate + key is created and stored in a Secret with given name. The specified Secret, must contain the following data fields:

  • ca.crt PEM encoded public key of the CA certificate
  • ca.key PEM encoded private key of the CA certificate

.spec.tls.mode

Type: string [ref]


.spec.tls.sni.mapping.<string>

Type: array [ref]


.spec.tls.ttl

Type: string [ref]

TTL setting specifies the time to live of all generated server certificates. When the server certificate is about to expire, it will be automatically replaced by a new one and the affected server will be restarted. Note: The time to live of the CA certificate (when created automatically) will be set to 10 years.

Default Value: "2160h" (about 3 months)


.spec.topology.enabled

Type: boolean [ref]


.spec.topology.label

Type: string [ref]


.spec.topology.zones

Type: integer [ref]


.spec.upgrade.autoUpgrade

Type: boolean [ref]

AutoUpgrade flag specifies if upgrade should be auto-injected, even if is not required (in case of stuck)

Default Value: false


.spec.upgrade.debugLog

Type: boolean [ref]

DebugLog flag specifies if containers running upgrade process should print more debugging information. This applies only to init containers.

Default Value: false