Supported Resource Types
The Operator supports the following resource types (known as Kind's):
KurrentDBKurrentDBBackupKurrentDBBackupSchedule
KurrentDB
This resource type is used to define a database deployment.
API
KurrentDBSpec
| Field | Required | Description |
|---|---|---|
replicas integer | Yes | Number of nodes in a database cluster. May be 1, 3, or, for standalone ReadOnly-Replicas, it may be 0. |
image string | Yes | KurrentDB container image URL |
resources ResourceRequirements | No | Database container resource limits and requests |
storage PersistentVolumeClaim | Yes | Persistent volume claim settings for the underlying data volume |
network KurrentDBNetwork | Yes | Defines the network configuration to use with the database |
configuration yaml | No | Additional configuration to use with the database, see below |
sourceBackup string | No | Backup name to restore a cluster from |
security KurrentDBSecurity | No | Security configuration to use for the database. This is optional, if not specified the cluster will be created without security enabled. |
licenseSecret SecretKeySelector | No | A secret that contains the Enterprise license for the database |
constraints KurrentDBConstraints | No | Scheduling constraints for the Kurrent DB pod. |
readOnlyReplias KurrentDBReadOnlyReplicasSpec | No | Read-only replica configuration the Kurrent DB Cluster. |
extraMetadata KurrentDBExtraMetadataSpec | No | Additional annotations and labels for child resources. |
quorumNodes string array | No | A list of endpoints (in host:port notation) to reach the quorum nodes when .Replicas is zero, see standalone ReadOnlyReplicas |
KurrentDBReadOnlyReplicasSpec
Other than replicas, each of the fields in KurrentDBReadOnlyReplicasSpec default to the corresponding values from the main KurrentDBSpec.
| Field | Required | Description |
|---|---|---|
replicas integer | No | Number of read-only replicas in the cluster. Defaults to zero. |
resources ResourceRequirements | No | Database container resource limits and requests. |
storage PersistentVolumeClaim | No | Persistent volume claim settings for the underlying data volume. |
configuration yaml | No | Additional configuration to use with the database. |
constraints KurrentDBConstraints | No | Scheduling constraints for the Kurrent DB pod. |
KurrentDBConstraints
| Field | Required | Description |
|---|---|---|
nodeSelector yaml | No | Identifies nodes that the Kurrent DB may consider during scheduling. |
affinity Affinity | No | The node affinity, pod affinity, and pod anti-affinity for scheduling the Kurrent DB pod. |
tolerations list of Toleration | No | The tolerations for scheduling the Kurrent DB pod. |
topologySpreadConstraints list of TopologySpreadConstraint | No | The topology spread constraints for scheduling the Kurrent DB pod. |
KurrentDBExtraMetadataSpec
| Field | Required | Description |
|---|---|---|
all ExtraMetadataSpec | No | Extra annotations and labels for all child resource types. |
configMaps ExtraMetadataSpec | No | Extra annotations and labels for ConfigMaps. |
statefulSets ExtraMetadataSpec | No | Extra annotations and labels for StatefulSets. |
pods ExtraMetadataSpec | No | Extra annotations and labels for Pods. |
persistentVolumeClaims ExtraMetadataSpec | No | Extra annotations and labels for PersistentVolumeClaims. |
headlessServices ExtraMetadataSpec | No | Extra annotations and labels for the per-cluster headless Services. |
headlessPodServices ExtraMetadataSpec | No | Extra annotations and labels for the per-pod headless Services. |
loadBalancers ExtraMetadataSpec | No | Extra annotations and labels for LoadBalancer-type Services. |
Note that select kinds of extra metadata support template expansion to allow multiple instances of a child resource to be distinguished from one another. In particular, ConfigMaps, StatefulSets, and HeadlessServices support "per-node-kind" template expansions:
{name}expands to KurrentDB.metadata.name{namespace}expands to KurretnDB.metadata.namespace{domain}expands to the KurrnetDBNetwork.domain{nodeTypeSuffix}expands to""for a primary node or"-replica"for a replica node
Additionally, HeadlessPodServices and LoadBalancers support "per-pod" template expansions:
{name}expands to KurrentDB.metadata.name{namespace}expands to KurretnDB.metadata.namespace{domain}expands to the KurrnetDBNetwork.domain{nodeTypeSuffix}expands to""for a primary node or"-replica"for a replica node{podName}expands to the name of the pod corresponding to the resource{podOrdinal}the ordinal assigned to the pod corresponding to the resource
Notably, Pods and PersistentVolumeClaims do not support any template expansions, due to how StatefulSets work.
ExtraMetadataSpec
| Field | Required | Description |
|---|---|---|
labels object | No | Extra labels for a resource. |
annotations object | No | Extra annotations for a resource. |
KurrentDBNetwork
| Field | Required | Description |
|---|---|---|
domain string | Yes | Domain used for external DNS e.g. advertised address exposed in the gossip state |
loadBalancer KurrentDBLoadBalancer | Yes | Defines a load balancer to use with the database |
fqdnTemplate string | No | The template string used to define the external advertised address of a node |
internodeTrafficStrategy string | No | How servers dial each other. One of "ServiceName" (default), "FQDN", or "SplitDNS". See details. |
clientTrafficStrategy string | No | How clients dial servers. One of "ServiceName" or "FQDN" (default). See details. |
splitDNSExtraRules list of DNSRule | No | Advanced configuration for when internodeTrafficStrategy is set to "SplitDNS". |
Note that fqdnTemplate supports the following expansions:
{name}expands to KurrentDB.metadata.name{namespace}expands to KurretnDB.metadata.namespace{domain}expands to the KurrnetDBNetwork.domain{nodeTypeSuffix}expands to""for a primary node or"-replica"for a replica node{podName}expands to the name of the pod
When fqdnTemplate is empty, it defaults to {podName}.{name}{nodeTypeSuffix}.{domain}.
DNSRule
| Field | Required | Description |
|---|---|---|
host string | Yes | A host name that should be intercepted. |
result string | Yes | An IP address to return, or another hostname to look up for the final IP address. |
regex boolean | No | Whether host and result should be treated as regex patterns. Defaults to false. |
Note that when regex is true, the regex support is provided by the go standard regex library, and referencing captured groups differs from some other regex implementations. For example, to redirect lookups matching the pattern
<podname>.my-db.my-namespace.svc.cluster.local
to
<podname>.my-domain.com
you could use the following dns rule:
host: ([a-z0-9-]*)\.my-db\.my-namespace\.svc\.cluster\.local
result: ${1}.my-domain.com
regex: trueKurrentDBLoadBalancer
| Field | Required | Description |
|---|---|---|
enabled boolean | Yes | Determines if a load balancer should be deployed for each node |
allowedIps string array | No | List of IP ranges allowed by the load balancer (default will allow all access) |
KurrentDBSecurity
| Field | Required | Description |
|---|---|---|
certificateReservedNodeCommonName string | No | Common name for the TLS certificate (this maps directly to the database property CertificateReservedNodeCommonName) |
certificateAuthoritySecret CertificateSecret | No | Secret containing the CA TLS certificate. |
certificateSecret CertificateSecret | Yes | Secret containing the TLS certificate to use. |
certificateSubjectName string | No | Deprecated field. The value of this field is always ignored. |
CertificateSecret
| Field | Required | Description |
|---|---|---|
name string | Yes | Name of the secret holding the certificate details |
keyName string | Yes | Key within the secret containing the TLS certificate |
privateKeyName string | No | Key within the secret containing the TLS certificate private key |
KurrentDBBackup
This resource type is used to define a backup for an existing database deployment.
Important
Resources of this type must be created within the same namespace as the target database cluster to backup.
API
KurrentDBBackupSpec
| Field | Required | Description |
|---|---|---|
clusterName string | Yes | Name of the source database cluster |
nodeName string | No | Specific node name within the database cluster to use as the backup. If unspecified, the leader is used. |
volumeSnapshotClassName string | Yes | The name of the underlying volume snapshot class to use. |
extraMetadata KurrentDBBackupExtraMetadataSpec | No | Additional annotations and labels for child resources. |
ttl string | No | A time-to-live for this backup. If unspecified, the TTL is treated as infinite. |
The format of the ttl may be in years (y), weeks (w), days (d), hours (h), or seconds (s), or a combination like 1d12h
KurrentDBBackupExtraMetadataSpec
| Field | Required | Description |
|---|---|---|
| All ExtraMetadataSpec | No | Extra annotations and labels for all child resource types (currently only VolumeSnapshots). |
| VolumeSnapshots ExtraMetadataSpec | No | Extra annotations and labels for VolumeSnapshots. |
KurrentDBBackupSchedule
This resource type is used to define a schedule for creating database backups and retention policies.
KurrentDBBackupScheduleSpec
| Field | Required | Description |
|---|---|---|
schedule string | Yes | A CronJob-style schedule. See Writing a CronJob Spec. |
timeZone string | No | A timezone specification. Defaults to Etc/UTC. |
template KurrentDBBackup | Yes | A KurrentDBBackup template. |
keep integer | No | The maximum of complete backups this schedule will accumulate before it prunes the oldes ones. If unset, there is no limit. |
suspend boolean | No |
Note that the only metadata allowed in template.metadata is name, labels, and annotations. If name is provided, it will be extended with an index like my-name-1 when creating backups, otherwise created backups will be based on the name of the schedule resource.
Configuring Kurrent DB
The KurrentDB.spec.configuration yaml field may contain any valid configuration values for Kurrent DB. However, some values may be unnecessary, as the Operator provides some defaults, while other values may be ignored, as the Operator may override them.
The Operator-defined default configuration values, which may be overridden by the user's KurrentDB.spec.configuration are:
| Default Field | Default Value |
|---|---|
| DisableLogFile | true |
| EnableAtomPubOverHTTP | true |
| Insecure | false |
| PrepareTimeoutMs | 3000 |
| CommitTimeoutMs | 3000 |
| GossipIntervalMs | 2000 |
| GossipTimeoutMs | 5000 |
| LeaderElectionTimeoutMs | 2000 |
| ReplicationHeartbeatInterval | 1000 |
| ReplicationHeartbeatTimeout | 2500 |
| NodeHeartbeatInterval | 1000 |
| NodeHeartbeatTimeout | 2500 |
The Operator-managed configuration values, which take precedence over the user's KurrentDB.spec.configuration, are:
| Managed Field | Value |
|---|---|
| Db | hard-coded volume mount point |
| Index | hard-coded volume mount point |
| Log | hard-coded volume mount point |
| Insecure | true if KurrentDB.spec.security.certificateSecret is empty |
| DiscoverViaDns | false (GossipSeed is used instead) |
| AllowAnonymousEndpointAccess | true |
| AllowUnknownOptions | true |
| NodeIp | 0.0.0.0 (to accept traffic from outside pod) |
| ReplicationIp | 0.0.0.0 (to accept traffic from outside pod) |
| NodeHostAdvertiseAs | Derived from pod name |
| ReplicationHostAdvertiseAs | Derived from pod name |
| AdveritseHostToClientAs | Derived from KurrentDB.spec.newtork.fqdnTemplate |
| ClusterSize | Derived from KurrentDB.spec.replicas |
| GossipSeed | Derived from pod list |
| ReadOnlyReplica | Automatically set for ReadOnlyReplica pods |