diff --git a/api/v1alpha1/userconfig/service/alloydbomni/alloydbomni.go b/api/v1alpha1/userconfig/service/alloydbomni/alloydbomni.go new file mode 100644 index 00000000..590d1459 --- /dev/null +++ b/api/v1alpha1/userconfig/service/alloydbomni/alloydbomni.go @@ -0,0 +1,453 @@ +// Code generated by user config generator. DO NOT EDIT. +// +kubebuilder:object:generate=true + +package alloydbomniuserconfig + +// CIDR address block, either as a string, or in a dict with an optional description field +type IpFilter struct { + // +kubebuilder:validation:MaxLength=1024 + // Description for IP filter list entry + Description *string `groups:"create,update" json:"description,omitempty"` + + // +kubebuilder:validation:MaxLength=43 + // CIDR address block + Network string `groups:"create,update" json:"network"` +} + +// postgresql.conf configuration values +type Pg struct { + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=1 + // Specifies a fraction of the table size to add to autovacuum_analyze_threshold when deciding whether to trigger an ANALYZE. The default is 0.2 (20% of table size) + AutovacuumAnalyzeScaleFactor *float64 `groups:"create,update" json:"autovacuum_analyze_scale_factor,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. + AutovacuumAnalyzeThreshold *int `groups:"create,update" json:"autovacuum_analyze_threshold,omitempty"` + + // +kubebuilder:validation:Minimum=200000000 + // +kubebuilder:validation:Maximum=1500000000 + // Specifies the maximum age (in transactions) that a table's pg_class.relfrozenxid field can attain before a VACUUM operation is forced to prevent transaction ID wraparound within the table. Note that the system will launch autovacuum processes to prevent wraparound even when autovacuum is otherwise disabled. This parameter will cause the server to be restarted. + AutovacuumFreezeMaxAge *int `groups:"create,update" json:"autovacuum_freeze_max_age,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=20 + // Specifies the maximum number of autovacuum processes (other than the autovacuum launcher) that may be running at any one time. The default is three. This parameter can only be set at server start. + AutovacuumMaxWorkers *int `groups:"create,update" json:"autovacuum_max_workers,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=86400 + // Specifies the minimum delay between autovacuum runs on any given database. The delay is measured in seconds, and the default is one minute + AutovacuumNaptime *int `groups:"create,update" json:"autovacuum_naptime,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=100 + // Specifies the cost delay value that will be used in automatic VACUUM operations. If -1 is specified, the regular vacuum_cost_delay value will be used. The default value is 20 milliseconds + AutovacuumVacuumCostDelay *int `groups:"create,update" json:"autovacuum_vacuum_cost_delay,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=10000 + // Specifies the cost limit value that will be used in automatic VACUUM operations. If -1 is specified (which is the default), the regular vacuum_cost_limit value will be used. + AutovacuumVacuumCostLimit *int `groups:"create,update" json:"autovacuum_vacuum_cost_limit,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=1 + // Specifies a fraction of the table size to add to autovacuum_vacuum_threshold when deciding whether to trigger a VACUUM. The default is 0.2 (20% of table size) + AutovacuumVacuumScaleFactor *float64 `groups:"create,update" json:"autovacuum_vacuum_scale_factor,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // Specifies the minimum number of updated or deleted tuples needed to trigger a VACUUM in any one table. The default is 50 tuples + AutovacuumVacuumThreshold *int `groups:"create,update" json:"autovacuum_vacuum_threshold,omitempty"` + + // +kubebuilder:validation:Minimum=10 + // +kubebuilder:validation:Maximum=10000 + // Specifies the delay between activity rounds for the background writer in milliseconds. Default is 200. + BgwriterDelay *int `groups:"create,update" json:"bgwriter_delay,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2048 + // Whenever more than bgwriter_flush_after bytes have been written by the background writer, attempt to force the OS to issue these writes to the underlying storage. Specified in kilobytes, default is 512. Setting of 0 disables forced writeback. + BgwriterFlushAfter *int `groups:"create,update" json:"bgwriter_flush_after,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=1073741823 + // In each round, no more than this many buffers will be written by the background writer. Setting this to zero disables background writing. Default is 100. + BgwriterLruMaxpages *int `groups:"create,update" json:"bgwriter_lru_maxpages,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=10 + // The average recent need for new buffers is multiplied by bgwriter_lru_multiplier to arrive at an estimate of the number that will be needed during the next round, (up to bgwriter_lru_maxpages). 1.0 represents a “just in time” policy of writing exactly the number of buffers predicted to be needed. Larger values provide some cushion against spikes in demand, while smaller values intentionally leave writes to be done by server processes. The default is 2.0. + BgwriterLruMultiplier *float64 `groups:"create,update" json:"bgwriter_lru_multiplier,omitempty"` + + // +kubebuilder:validation:Minimum=500 + // +kubebuilder:validation:Maximum=1800000 + // This is the amount of time, in milliseconds, to wait on a lock before checking to see if there is a deadlock condition. + DeadlockTimeout *int `groups:"create,update" json:"deadlock_timeout,omitempty"` + + // +kubebuilder:validation:Enum="lz4";"pglz" + // Specifies the default TOAST compression method for values of compressible columns (the default is lz4). + DefaultToastCompression *string `groups:"create,update" json:"default_toast_compression,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=604800000 + // Time out sessions with open transactions after this number of milliseconds + IdleInTransactionSessionTimeout *int `groups:"create,update" json:"idle_in_transaction_session_timeout,omitempty"` + + // Controls system-wide use of Just-in-Time Compilation (JIT). + Jit *bool `groups:"create,update" json:"jit,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=2147483647 + // Causes each action executed by autovacuum to be logged if it ran for at least the specified number of milliseconds. Setting this to zero logs all autovacuum actions. Minus-one (the default) disables logging autovacuum actions. + LogAutovacuumMinDuration *int `groups:"create,update" json:"log_autovacuum_min_duration,omitempty"` + + // +kubebuilder:validation:Enum="DEFAULT";"TERSE";"VERBOSE" + // Controls the amount of detail written in the server log for each message that is logged. + LogErrorVerbosity *string `groups:"create,update" json:"log_error_verbosity,omitempty"` + + // +kubebuilder:validation:Enum="'%m [%p] %q[user=%u,db=%d,app=%a] '";"'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '";"'pid=%p,user=%u,db=%d,app=%a,client=%h '";"'pid=%p,user=%u,db=%d,app=%a,client=%h,txid=%x,qid=%Q '" + // Choose from one of the available log formats. + LogLinePrefix *string `groups:"create,update" json:"log_line_prefix,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=86400000 + // Log statements that take more than this number of milliseconds to run, -1 disables + LogMinDurationStatement *int `groups:"create,update" json:"log_min_duration_statement,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=2147483647 + // Log statements for each temporary file created larger than this number of kilobytes, -1 disables + LogTempFiles *int `groups:"create,update" json:"log_temp_files,omitempty"` + + // +kubebuilder:validation:Minimum=1000 + // +kubebuilder:validation:Maximum=4096 + // PostgreSQL maximum number of files that can be open per process + MaxFilesPerProcess *int `groups:"create,update" json:"max_files_per_process,omitempty"` + + // +kubebuilder:validation:Minimum=64 + // +kubebuilder:validation:Maximum=6400 + // PostgreSQL maximum locks per transaction + MaxLocksPerTransaction *int `groups:"create,update" json:"max_locks_per_transaction,omitempty"` + + // +kubebuilder:validation:Minimum=4 + // +kubebuilder:validation:Maximum=64 + // PostgreSQL maximum logical replication workers (taken from the pool of max_parallel_workers) + MaxLogicalReplicationWorkers *int `groups:"create,update" json:"max_logical_replication_workers,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=96 + // Sets the maximum number of workers that the system can support for parallel queries + MaxParallelWorkers *int `groups:"create,update" json:"max_parallel_workers,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=96 + // Sets the maximum number of workers that can be started by a single Gather or Gather Merge node + MaxParallelWorkersPerGather *int `groups:"create,update" json:"max_parallel_workers_per_gather,omitempty"` + + // +kubebuilder:validation:Minimum=64 + // +kubebuilder:validation:Maximum=5120 + // PostgreSQL maximum predicate locks per transaction + MaxPredLocksPerTransaction *int `groups:"create,update" json:"max_pred_locks_per_transaction,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=10000 + // PostgreSQL maximum prepared transactions + MaxPreparedTransactions *int `groups:"create,update" json:"max_prepared_transactions,omitempty"` + + // +kubebuilder:validation:Minimum=8 + // +kubebuilder:validation:Maximum=64 + // PostgreSQL maximum replication slots + MaxReplicationSlots *int `groups:"create,update" json:"max_replication_slots,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=2147483647 + // PostgreSQL maximum WAL size (MB) reserved for replication slots. Default is -1 (unlimited). wal_keep_size minimum WAL size setting takes precedence over this. + MaxSlotWalKeepSize *int `groups:"create,update" json:"max_slot_wal_keep_size,omitempty"` + + // +kubebuilder:validation:Minimum=2097152 + // +kubebuilder:validation:Maximum=6291456 + // Maximum depth of the stack in bytes + MaxStackDepth *int `groups:"create,update" json:"max_stack_depth,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=43200000 + // Max standby archive delay in milliseconds + MaxStandbyArchiveDelay *int `groups:"create,update" json:"max_standby_archive_delay,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=43200000 + // Max standby streaming delay in milliseconds + MaxStandbyStreamingDelay *int `groups:"create,update" json:"max_standby_streaming_delay,omitempty"` + + // +kubebuilder:validation:Minimum=20 + // +kubebuilder:validation:Maximum=64 + // PostgreSQL maximum WAL senders + MaxWalSenders *int `groups:"create,update" json:"max_wal_senders,omitempty"` + + // +kubebuilder:validation:Minimum=8 + // +kubebuilder:validation:Maximum=96 + // Sets the maximum number of background processes that the system can support + MaxWorkerProcesses *int `groups:"create,update" json:"max_worker_processes,omitempty"` + + // +kubebuilder:validation:Minimum=3600 + // +kubebuilder:validation:Maximum=604800 + // Sets the time interval to run pg_partman's scheduled tasks + PgPartmanBgwInterval *int `groups:"create,update" json:"pg_partman_bgw.interval,omitempty"` + + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:Pattern=`^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$` + // Controls which role to use for pg_partman's scheduled background tasks. + PgPartmanBgwRole *string `groups:"create,update" json:"pg_partman_bgw.role,omitempty"` + + // +kubebuilder:validation:Enum="all";"none";"top" + // Controls which statements are counted. Specify top to track top-level statements (those issued directly by clients), all to also track nested statements (such as statements invoked within functions), or none to disable statement statistics collection. The default value is top. + PgStatStatementsTrack *string `groups:"create,update" json:"pg_stat_statements.track,omitempty"` + + // +kubebuilder:validation:Minimum=-1 + // +kubebuilder:validation:Maximum=2147483647 + // PostgreSQL temporary file limit in KiB, -1 for unlimited + TempFileLimit *int `groups:"create,update" json:"temp_file_limit,omitempty"` + + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:Pattern=`^[\w/]*$` + // PostgreSQL service timezone + Timezone *string `groups:"create,update" json:"timezone,omitempty"` + + // +kubebuilder:validation:Minimum=1024 + // +kubebuilder:validation:Maximum=10240 + // Specifies the number of bytes reserved to track the currently executing command for each active session. + TrackActivityQuerySize *int `groups:"create,update" json:"track_activity_query_size,omitempty"` + + // +kubebuilder:validation:Enum="off";"on" + // Record commit time of transactions. + TrackCommitTimestamp *string `groups:"create,update" json:"track_commit_timestamp,omitempty"` + + // +kubebuilder:validation:Enum="all";"none";"pl" + // Enables tracking of function call counts and time used. + TrackFunctions *string `groups:"create,update" json:"track_functions,omitempty"` + + // +kubebuilder:validation:Enum="off";"on" + // Enables timing of database I/O calls. This parameter is off by default, because it will repeatedly query the operating system for the current time, which may cause significant overhead on some platforms. + TrackIoTiming *string `groups:"create,update" json:"track_io_timing,omitempty"` + + // Terminate replication connections that are inactive for longer than this amount of time, in milliseconds. Setting this value to zero disables the timeout. + WalSenderTimeout *int `groups:"create,update" json:"wal_sender_timeout,omitempty"` + + // +kubebuilder:validation:Minimum=10 + // +kubebuilder:validation:Maximum=200 + // WAL flush interval in milliseconds. Note that setting this value to lower than the default 200ms may negatively impact performance + WalWriterDelay *int `groups:"create,update" json:"wal_writer_delay,omitempty"` +} + +// PGBouncer connection pooling settings +type Pgbouncer struct { + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=86400 + // If the automatically created database pools have been unused this many seconds, they are freed. If 0 then timeout is disabled. [seconds] + AutodbIdleTimeout *int `groups:"create,update" json:"autodb_idle_timeout,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=2147483647 + // Do not allow more than this many server connections per database (regardless of user). Setting it to 0 means unlimited. + AutodbMaxDbConnections *int `groups:"create,update" json:"autodb_max_db_connections,omitempty"` + + // +kubebuilder:validation:Enum="session";"statement";"transaction" + // PGBouncer pool mode + AutodbPoolMode *string `groups:"create,update" json:"autodb_pool_mode,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=10000 + // If non-zero then create automatically a pool of that size per user when a pool doesn't exist. + AutodbPoolSize *int `groups:"create,update" json:"autodb_pool_size,omitempty"` + + // +kubebuilder:validation:MaxItems=32 + // List of parameters to ignore when given in startup packet + IgnoreStartupParameters []string `groups:"create,update" json:"ignore_startup_parameters,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=3000 + // PgBouncer tracks protocol-level named prepared statements related commands sent by the client in transaction and statement pooling modes when max_prepared_statements is set to a non-zero value. Setting it to 0 disables prepared statements. max_prepared_statements defaults to 100, and its maximum is 3000. + MaxPreparedStatements *int `groups:"create,update" json:"max_prepared_statements,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=10000 + // Add more server connections to pool if below this number. Improves behavior when usual load comes suddenly back after period of total inactivity. The value is effectively capped at the pool size. + MinPoolSize *int `groups:"create,update" json:"min_pool_size,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=86400 + // If a server connection has been idle more than this many seconds it will be dropped. If 0 then timeout is disabled. [seconds] + ServerIdleTimeout *int `groups:"create,update" json:"server_idle_timeout,omitempty"` + + // +kubebuilder:validation:Minimum=60 + // +kubebuilder:validation:Maximum=86400 + // The pooler will close an unused server connection that has been connected longer than this. [seconds] + ServerLifetime *int `groups:"create,update" json:"server_lifetime,omitempty"` + + // Run server_reset_query (DISCARD ALL) in all pooling modes + ServerResetQueryAlways *bool `groups:"create,update" json:"server_reset_query_always,omitempty"` +} + +// System-wide settings for pglookout. +type Pglookout struct { + // +kubebuilder:validation:Minimum=10 + // Number of seconds of master unavailability before triggering database failover to standby + MaxFailoverReplicationTimeLag *int `groups:"create,update" json:"max_failover_replication_time_lag,omitempty"` +} + +// Allow access to selected service ports from private networks +type PrivateAccess struct { + // Allow clients to connect to pg with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations + Pg *bool `groups:"create,update" json:"pg,omitempty"` + + // Allow clients to connect to pgbouncer with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations + Pgbouncer *bool `groups:"create,update" json:"pgbouncer,omitempty"` + + // Allow clients to connect to prometheus with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations + Prometheus *bool `groups:"create,update" json:"prometheus,omitempty"` +} + +// Allow access to selected service components through Privatelink +type PrivatelinkAccess struct { + // Enable pg + Pg *bool `groups:"create,update" json:"pg,omitempty"` + + // Enable pgbouncer + Pgbouncer *bool `groups:"create,update" json:"pgbouncer,omitempty"` + + // Enable prometheus + Prometheus *bool `groups:"create,update" json:"prometheus,omitempty"` +} + +// Allow access to selected service ports from the public Internet +type PublicAccess struct { + // Allow clients to connect to pg from the public internet for service nodes that are in a project VPC or another type of private network + Pg *bool `groups:"create,update" json:"pg,omitempty"` + + // Allow clients to connect to pgbouncer from the public internet for service nodes that are in a project VPC or another type of private network + Pgbouncer *bool `groups:"create,update" json:"pgbouncer,omitempty"` + + // Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network + Prometheus *bool `groups:"create,update" json:"prometheus,omitempty"` +} +type AlloydbomniUserConfig struct { + // +kubebuilder:validation:MaxItems=1 + // Additional Cloud Regions for Backup Replication + AdditionalBackupRegions []string `groups:"create,update" json:"additional_backup_regions,omitempty"` + + // +kubebuilder:validation:MinLength=8 + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:Pattern=`^[a-zA-Z0-9-_]+$` + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable" + // Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. + AdminPassword *string `groups:"create" json:"admin_password,omitempty"` + + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:Pattern=`^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$` + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable" + // Custom username for admin user. This must be set only when a new service is being created. + AdminUsername *string `groups:"create" json:"admin_username,omitempty"` + + // +kubebuilder:validation:Enum="15" + // PostgreSQL major version + AlloydbomniVersion *string `groups:"create,update" json:"alloydbomni_version,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=23 + // The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. + BackupHour *int `groups:"create,update" json:"backup_hour,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=59 + // The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. + BackupMinute *int `groups:"create,update" json:"backup_minute,omitempty"` + + // Register AAAA DNS records for the service, and allow IPv6 packets to service ports + EnableIpv6 *bool `groups:"create,update" json:"enable_ipv6,omitempty"` + + // Enables or disables the columnar engine. When enabled, it accelerates SQL query processing. + GoogleColumnarEngineEnabled *bool `groups:"create,update" json:"google_columnar_engine_enabled,omitempty"` + + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=50 + // Allocate the amount of RAM to store columnar data. + GoogleColumnarEngineMemorySizePercentage *int `groups:"create,update" json:"google_columnar_engine_memory_size_percentage,omitempty"` + + // +kubebuilder:validation:MaxItems=1024 + // Allow incoming connections from CIDR address block, e.g. '10.20.0.0/16' + IpFilter []*IpFilter `groups:"create,update" json:"ip_filter,omitempty"` + + // postgresql.conf configuration values + Pg *Pg `groups:"create,update" json:"pg,omitempty"` + + // Should the service which is being forked be a read replica (deprecated, use read_replica service integration instead). + PgReadReplica *bool `groups:"create,update" json:"pg_read_replica,omitempty"` + + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:Pattern=`^[a-z][-a-z0-9]{0,63}$|^$` + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable" + // Name of the PG Service from which to fork (deprecated, use service_to_fork_from). This has effect only when a new service is being created. + PgServiceToForkFrom *string `groups:"create" json:"pg_service_to_fork_from,omitempty"` + + // +kubebuilder:validation:Enum="15" + // PostgreSQL major version + PgVersion *string `groups:"create,update" json:"pg_version,omitempty"` + + // PGBouncer connection pooling settings + Pgbouncer *Pgbouncer `groups:"create,update" json:"pgbouncer,omitempty"` + + // System-wide settings for pglookout. + Pglookout *Pglookout `groups:"create,update" json:"pglookout,omitempty"` + + // Allow access to selected service ports from private networks + PrivateAccess *PrivateAccess `groups:"create,update" json:"private_access,omitempty"` + + // Allow access to selected service components through Privatelink + PrivatelinkAccess *PrivatelinkAccess `groups:"create,update" json:"privatelink_access,omitempty"` + + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:Pattern=`^[a-z][-a-z0-9]{0,63}$|^$` + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable" + // Name of another project to fork a service from. This has effect only when a new service is being created. + ProjectToForkFrom *string `groups:"create" json:"project_to_fork_from,omitempty"` + + // Allow access to selected service ports from the public Internet + PublicAccess *PublicAccess `groups:"create,update" json:"public_access,omitempty"` + + // +kubebuilder:validation:MaxLength=32 + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable" + // Recovery target time when forking a service. This has effect only when a new service is being created. + RecoveryTargetTime *string `groups:"create" json:"recovery_target_time,omitempty"` + + // Store logs for the service so that they are available in the HTTP API and console. + ServiceLog *bool `groups:"create,update" json:"service_log,omitempty"` + + // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:Pattern=`^[a-z][-a-z0-9]{0,63}$|^$` + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable" + // Name of another service to fork from. This has effect only when a new service is being created. + ServiceToForkFrom *string `groups:"create" json:"service_to_fork_from,omitempty"` + + // +kubebuilder:validation:Minimum=20 + // +kubebuilder:validation:Maximum=60 + // Percentage of total RAM that the database server uses for shared memory buffers. Valid range is 20-60 (float), which corresponds to 20% - 60%. This setting adjusts the shared_buffers configuration value. + SharedBuffersPercentage *float64 `groups:"create,update" json:"shared_buffers_percentage,omitempty"` + + // Use static public IP addresses + StaticIps *bool `groups:"create,update" json:"static_ips,omitempty"` + + // +kubebuilder:validation:Enum="off";"quorum" + // Synchronous replication type. Note that the service plan also needs to support synchronous replication. + SynchronousReplication *string `groups:"create,update" json:"synchronous_replication,omitempty"` + + // +kubebuilder:validation:Enum="aiven";"timescale" + // Variant of the PostgreSQL service, may affect the features that are exposed by default + Variant *string `groups:"create,update" json:"variant,omitempty"` + + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1024 + // Sets the maximum amount of memory to be used by a query operation (such as a sort or hash table) before writing to temporary disk files, in MB. Default is 1MB + 0.075% of total RAM (up to 32MB). + WorkMem *int `groups:"create,update" json:"work_mem,omitempty"` +} diff --git a/api/v1alpha1/userconfig/service/alloydbomni/zz_generated.deepcopy.go b/api/v1alpha1/userconfig/service/alloydbomni/zz_generated.deepcopy.go new file mode 100644 index 00000000..e67a0181 --- /dev/null +++ b/api/v1alpha1/userconfig/service/alloydbomni/zz_generated.deepcopy.go @@ -0,0 +1,613 @@ +//go:build !ignore_autogenerated + +// Copyright (c) 2024 Aiven, Helsinki, Finland. https://aiven.io/ + +// Code generated by controller-gen. DO NOT EDIT. + +package alloydbomniuserconfig + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AlloydbomniUserConfig) DeepCopyInto(out *AlloydbomniUserConfig) { + *out = *in + if in.AdditionalBackupRegions != nil { + in, out := &in.AdditionalBackupRegions, &out.AdditionalBackupRegions + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AdminPassword != nil { + in, out := &in.AdminPassword, &out.AdminPassword + *out = new(string) + **out = **in + } + if in.AdminUsername != nil { + in, out := &in.AdminUsername, &out.AdminUsername + *out = new(string) + **out = **in + } + if in.AlloydbomniVersion != nil { + in, out := &in.AlloydbomniVersion, &out.AlloydbomniVersion + *out = new(string) + **out = **in + } + if in.BackupHour != nil { + in, out := &in.BackupHour, &out.BackupHour + *out = new(int) + **out = **in + } + if in.BackupMinute != nil { + in, out := &in.BackupMinute, &out.BackupMinute + *out = new(int) + **out = **in + } + if in.EnableIpv6 != nil { + in, out := &in.EnableIpv6, &out.EnableIpv6 + *out = new(bool) + **out = **in + } + if in.GoogleColumnarEngineEnabled != nil { + in, out := &in.GoogleColumnarEngineEnabled, &out.GoogleColumnarEngineEnabled + *out = new(bool) + **out = **in + } + if in.GoogleColumnarEngineMemorySizePercentage != nil { + in, out := &in.GoogleColumnarEngineMemorySizePercentage, &out.GoogleColumnarEngineMemorySizePercentage + *out = new(int) + **out = **in + } + if in.IpFilter != nil { + in, out := &in.IpFilter, &out.IpFilter + *out = make([]*IpFilter, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(IpFilter) + (*in).DeepCopyInto(*out) + } + } + } + if in.Pg != nil { + in, out := &in.Pg, &out.Pg + *out = new(Pg) + (*in).DeepCopyInto(*out) + } + if in.PgReadReplica != nil { + in, out := &in.PgReadReplica, &out.PgReadReplica + *out = new(bool) + **out = **in + } + if in.PgServiceToForkFrom != nil { + in, out := &in.PgServiceToForkFrom, &out.PgServiceToForkFrom + *out = new(string) + **out = **in + } + if in.PgVersion != nil { + in, out := &in.PgVersion, &out.PgVersion + *out = new(string) + **out = **in + } + if in.Pgbouncer != nil { + in, out := &in.Pgbouncer, &out.Pgbouncer + *out = new(Pgbouncer) + (*in).DeepCopyInto(*out) + } + if in.Pglookout != nil { + in, out := &in.Pglookout, &out.Pglookout + *out = new(Pglookout) + (*in).DeepCopyInto(*out) + } + if in.PrivateAccess != nil { + in, out := &in.PrivateAccess, &out.PrivateAccess + *out = new(PrivateAccess) + (*in).DeepCopyInto(*out) + } + if in.PrivatelinkAccess != nil { + in, out := &in.PrivatelinkAccess, &out.PrivatelinkAccess + *out = new(PrivatelinkAccess) + (*in).DeepCopyInto(*out) + } + if in.ProjectToForkFrom != nil { + in, out := &in.ProjectToForkFrom, &out.ProjectToForkFrom + *out = new(string) + **out = **in + } + if in.PublicAccess != nil { + in, out := &in.PublicAccess, &out.PublicAccess + *out = new(PublicAccess) + (*in).DeepCopyInto(*out) + } + if in.RecoveryTargetTime != nil { + in, out := &in.RecoveryTargetTime, &out.RecoveryTargetTime + *out = new(string) + **out = **in + } + if in.ServiceLog != nil { + in, out := &in.ServiceLog, &out.ServiceLog + *out = new(bool) + **out = **in + } + if in.ServiceToForkFrom != nil { + in, out := &in.ServiceToForkFrom, &out.ServiceToForkFrom + *out = new(string) + **out = **in + } + if in.SharedBuffersPercentage != nil { + in, out := &in.SharedBuffersPercentage, &out.SharedBuffersPercentage + *out = new(float64) + **out = **in + } + if in.StaticIps != nil { + in, out := &in.StaticIps, &out.StaticIps + *out = new(bool) + **out = **in + } + if in.SynchronousReplication != nil { + in, out := &in.SynchronousReplication, &out.SynchronousReplication + *out = new(string) + **out = **in + } + if in.Variant != nil { + in, out := &in.Variant, &out.Variant + *out = new(string) + **out = **in + } + if in.WorkMem != nil { + in, out := &in.WorkMem, &out.WorkMem + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlloydbomniUserConfig. +func (in *AlloydbomniUserConfig) DeepCopy() *AlloydbomniUserConfig { + if in == nil { + return nil + } + out := new(AlloydbomniUserConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IpFilter) DeepCopyInto(out *IpFilter) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IpFilter. +func (in *IpFilter) DeepCopy() *IpFilter { + if in == nil { + return nil + } + out := new(IpFilter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Pg) DeepCopyInto(out *Pg) { + *out = *in + if in.AutovacuumAnalyzeScaleFactor != nil { + in, out := &in.AutovacuumAnalyzeScaleFactor, &out.AutovacuumAnalyzeScaleFactor + *out = new(float64) + **out = **in + } + if in.AutovacuumAnalyzeThreshold != nil { + in, out := &in.AutovacuumAnalyzeThreshold, &out.AutovacuumAnalyzeThreshold + *out = new(int) + **out = **in + } + if in.AutovacuumFreezeMaxAge != nil { + in, out := &in.AutovacuumFreezeMaxAge, &out.AutovacuumFreezeMaxAge + *out = new(int) + **out = **in + } + if in.AutovacuumMaxWorkers != nil { + in, out := &in.AutovacuumMaxWorkers, &out.AutovacuumMaxWorkers + *out = new(int) + **out = **in + } + if in.AutovacuumNaptime != nil { + in, out := &in.AutovacuumNaptime, &out.AutovacuumNaptime + *out = new(int) + **out = **in + } + if in.AutovacuumVacuumCostDelay != nil { + in, out := &in.AutovacuumVacuumCostDelay, &out.AutovacuumVacuumCostDelay + *out = new(int) + **out = **in + } + if in.AutovacuumVacuumCostLimit != nil { + in, out := &in.AutovacuumVacuumCostLimit, &out.AutovacuumVacuumCostLimit + *out = new(int) + **out = **in + } + if in.AutovacuumVacuumScaleFactor != nil { + in, out := &in.AutovacuumVacuumScaleFactor, &out.AutovacuumVacuumScaleFactor + *out = new(float64) + **out = **in + } + if in.AutovacuumVacuumThreshold != nil { + in, out := &in.AutovacuumVacuumThreshold, &out.AutovacuumVacuumThreshold + *out = new(int) + **out = **in + } + if in.BgwriterDelay != nil { + in, out := &in.BgwriterDelay, &out.BgwriterDelay + *out = new(int) + **out = **in + } + if in.BgwriterFlushAfter != nil { + in, out := &in.BgwriterFlushAfter, &out.BgwriterFlushAfter + *out = new(int) + **out = **in + } + if in.BgwriterLruMaxpages != nil { + in, out := &in.BgwriterLruMaxpages, &out.BgwriterLruMaxpages + *out = new(int) + **out = **in + } + if in.BgwriterLruMultiplier != nil { + in, out := &in.BgwriterLruMultiplier, &out.BgwriterLruMultiplier + *out = new(float64) + **out = **in + } + if in.DeadlockTimeout != nil { + in, out := &in.DeadlockTimeout, &out.DeadlockTimeout + *out = new(int) + **out = **in + } + if in.DefaultToastCompression != nil { + in, out := &in.DefaultToastCompression, &out.DefaultToastCompression + *out = new(string) + **out = **in + } + if in.IdleInTransactionSessionTimeout != nil { + in, out := &in.IdleInTransactionSessionTimeout, &out.IdleInTransactionSessionTimeout + *out = new(int) + **out = **in + } + if in.Jit != nil { + in, out := &in.Jit, &out.Jit + *out = new(bool) + **out = **in + } + if in.LogAutovacuumMinDuration != nil { + in, out := &in.LogAutovacuumMinDuration, &out.LogAutovacuumMinDuration + *out = new(int) + **out = **in + } + if in.LogErrorVerbosity != nil { + in, out := &in.LogErrorVerbosity, &out.LogErrorVerbosity + *out = new(string) + **out = **in + } + if in.LogLinePrefix != nil { + in, out := &in.LogLinePrefix, &out.LogLinePrefix + *out = new(string) + **out = **in + } + if in.LogMinDurationStatement != nil { + in, out := &in.LogMinDurationStatement, &out.LogMinDurationStatement + *out = new(int) + **out = **in + } + if in.LogTempFiles != nil { + in, out := &in.LogTempFiles, &out.LogTempFiles + *out = new(int) + **out = **in + } + if in.MaxFilesPerProcess != nil { + in, out := &in.MaxFilesPerProcess, &out.MaxFilesPerProcess + *out = new(int) + **out = **in + } + if in.MaxLocksPerTransaction != nil { + in, out := &in.MaxLocksPerTransaction, &out.MaxLocksPerTransaction + *out = new(int) + **out = **in + } + if in.MaxLogicalReplicationWorkers != nil { + in, out := &in.MaxLogicalReplicationWorkers, &out.MaxLogicalReplicationWorkers + *out = new(int) + **out = **in + } + if in.MaxParallelWorkers != nil { + in, out := &in.MaxParallelWorkers, &out.MaxParallelWorkers + *out = new(int) + **out = **in + } + if in.MaxParallelWorkersPerGather != nil { + in, out := &in.MaxParallelWorkersPerGather, &out.MaxParallelWorkersPerGather + *out = new(int) + **out = **in + } + if in.MaxPredLocksPerTransaction != nil { + in, out := &in.MaxPredLocksPerTransaction, &out.MaxPredLocksPerTransaction + *out = new(int) + **out = **in + } + if in.MaxPreparedTransactions != nil { + in, out := &in.MaxPreparedTransactions, &out.MaxPreparedTransactions + *out = new(int) + **out = **in + } + if in.MaxReplicationSlots != nil { + in, out := &in.MaxReplicationSlots, &out.MaxReplicationSlots + *out = new(int) + **out = **in + } + if in.MaxSlotWalKeepSize != nil { + in, out := &in.MaxSlotWalKeepSize, &out.MaxSlotWalKeepSize + *out = new(int) + **out = **in + } + if in.MaxStackDepth != nil { + in, out := &in.MaxStackDepth, &out.MaxStackDepth + *out = new(int) + **out = **in + } + if in.MaxStandbyArchiveDelay != nil { + in, out := &in.MaxStandbyArchiveDelay, &out.MaxStandbyArchiveDelay + *out = new(int) + **out = **in + } + if in.MaxStandbyStreamingDelay != nil { + in, out := &in.MaxStandbyStreamingDelay, &out.MaxStandbyStreamingDelay + *out = new(int) + **out = **in + } + if in.MaxWalSenders != nil { + in, out := &in.MaxWalSenders, &out.MaxWalSenders + *out = new(int) + **out = **in + } + if in.MaxWorkerProcesses != nil { + in, out := &in.MaxWorkerProcesses, &out.MaxWorkerProcesses + *out = new(int) + **out = **in + } + if in.PgPartmanBgwInterval != nil { + in, out := &in.PgPartmanBgwInterval, &out.PgPartmanBgwInterval + *out = new(int) + **out = **in + } + if in.PgPartmanBgwRole != nil { + in, out := &in.PgPartmanBgwRole, &out.PgPartmanBgwRole + *out = new(string) + **out = **in + } + if in.PgStatStatementsTrack != nil { + in, out := &in.PgStatStatementsTrack, &out.PgStatStatementsTrack + *out = new(string) + **out = **in + } + if in.TempFileLimit != nil { + in, out := &in.TempFileLimit, &out.TempFileLimit + *out = new(int) + **out = **in + } + if in.Timezone != nil { + in, out := &in.Timezone, &out.Timezone + *out = new(string) + **out = **in + } + if in.TrackActivityQuerySize != nil { + in, out := &in.TrackActivityQuerySize, &out.TrackActivityQuerySize + *out = new(int) + **out = **in + } + if in.TrackCommitTimestamp != nil { + in, out := &in.TrackCommitTimestamp, &out.TrackCommitTimestamp + *out = new(string) + **out = **in + } + if in.TrackFunctions != nil { + in, out := &in.TrackFunctions, &out.TrackFunctions + *out = new(string) + **out = **in + } + if in.TrackIoTiming != nil { + in, out := &in.TrackIoTiming, &out.TrackIoTiming + *out = new(string) + **out = **in + } + if in.WalSenderTimeout != nil { + in, out := &in.WalSenderTimeout, &out.WalSenderTimeout + *out = new(int) + **out = **in + } + if in.WalWriterDelay != nil { + in, out := &in.WalWriterDelay, &out.WalWriterDelay + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pg. +func (in *Pg) DeepCopy() *Pg { + if in == nil { + return nil + } + out := new(Pg) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Pgbouncer) DeepCopyInto(out *Pgbouncer) { + *out = *in + if in.AutodbIdleTimeout != nil { + in, out := &in.AutodbIdleTimeout, &out.AutodbIdleTimeout + *out = new(int) + **out = **in + } + if in.AutodbMaxDbConnections != nil { + in, out := &in.AutodbMaxDbConnections, &out.AutodbMaxDbConnections + *out = new(int) + **out = **in + } + if in.AutodbPoolMode != nil { + in, out := &in.AutodbPoolMode, &out.AutodbPoolMode + *out = new(string) + **out = **in + } + if in.AutodbPoolSize != nil { + in, out := &in.AutodbPoolSize, &out.AutodbPoolSize + *out = new(int) + **out = **in + } + if in.IgnoreStartupParameters != nil { + in, out := &in.IgnoreStartupParameters, &out.IgnoreStartupParameters + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.MaxPreparedStatements != nil { + in, out := &in.MaxPreparedStatements, &out.MaxPreparedStatements + *out = new(int) + **out = **in + } + if in.MinPoolSize != nil { + in, out := &in.MinPoolSize, &out.MinPoolSize + *out = new(int) + **out = **in + } + if in.ServerIdleTimeout != nil { + in, out := &in.ServerIdleTimeout, &out.ServerIdleTimeout + *out = new(int) + **out = **in + } + if in.ServerLifetime != nil { + in, out := &in.ServerLifetime, &out.ServerLifetime + *out = new(int) + **out = **in + } + if in.ServerResetQueryAlways != nil { + in, out := &in.ServerResetQueryAlways, &out.ServerResetQueryAlways + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pgbouncer. +func (in *Pgbouncer) DeepCopy() *Pgbouncer { + if in == nil { + return nil + } + out := new(Pgbouncer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Pglookout) DeepCopyInto(out *Pglookout) { + *out = *in + if in.MaxFailoverReplicationTimeLag != nil { + in, out := &in.MaxFailoverReplicationTimeLag, &out.MaxFailoverReplicationTimeLag + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pglookout. +func (in *Pglookout) DeepCopy() *Pglookout { + if in == nil { + return nil + } + out := new(Pglookout) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrivateAccess) DeepCopyInto(out *PrivateAccess) { + *out = *in + if in.Pg != nil { + in, out := &in.Pg, &out.Pg + *out = new(bool) + **out = **in + } + if in.Pgbouncer != nil { + in, out := &in.Pgbouncer, &out.Pgbouncer + *out = new(bool) + **out = **in + } + if in.Prometheus != nil { + in, out := &in.Prometheus, &out.Prometheus + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrivateAccess. +func (in *PrivateAccess) DeepCopy() *PrivateAccess { + if in == nil { + return nil + } + out := new(PrivateAccess) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrivatelinkAccess) DeepCopyInto(out *PrivatelinkAccess) { + *out = *in + if in.Pg != nil { + in, out := &in.Pg, &out.Pg + *out = new(bool) + **out = **in + } + if in.Pgbouncer != nil { + in, out := &in.Pgbouncer, &out.Pgbouncer + *out = new(bool) + **out = **in + } + if in.Prometheus != nil { + in, out := &in.Prometheus, &out.Prometheus + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrivatelinkAccess. +func (in *PrivatelinkAccess) DeepCopy() *PrivatelinkAccess { + if in == nil { + return nil + } + out := new(PrivatelinkAccess) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PublicAccess) DeepCopyInto(out *PublicAccess) { + *out = *in + if in.Pg != nil { + in, out := &in.Pg, &out.Pg + *out = new(bool) + **out = **in + } + if in.Pgbouncer != nil { + in, out := &in.Pgbouncer, &out.Pgbouncer + *out = new(bool) + **out = **in + } + if in.Prometheus != nil { + in, out := &in.Prometheus, &out.Prometheus + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PublicAccess. +func (in *PublicAccess) DeepCopy() *PublicAccess { + if in == nil { + return nil + } + out := new(PublicAccess) + in.DeepCopyInto(out) + return out +} diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index e4873e38..abc67f9e 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -34,6 +34,7 @@ import ( jolokia "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/integrationendpoints/jolokia" prometheus "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/integrationendpoints/prometheus" rsyslog "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/integrationendpoints/rsyslog" + alloydbomni "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/service/alloydbomni" cassandra "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/service/cassandra" clickhouse "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/service/clickhouse" flink "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/service/flink" @@ -46,6 +47,86 @@ import ( redis "github.com/aiven/aiven-operator/api/v1alpha1/userconfig/service/redis" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AlloyDBOmni) DeepCopyInto(out *AlloyDBOmni) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlloyDBOmni. +func (in *AlloyDBOmni) DeepCopy() *AlloyDBOmni { + if in == nil { + return nil + } + out := new(AlloyDBOmni) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AlloyDBOmni) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AlloyDBOmniList) DeepCopyInto(out *AlloyDBOmniList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AlloyDBOmni, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlloyDBOmniList. +func (in *AlloyDBOmniList) DeepCopy() *AlloyDBOmniList { + if in == nil { + return nil + } + out := new(AlloyDBOmniList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AlloyDBOmniList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AlloyDBOmniSpec) DeepCopyInto(out *AlloyDBOmniSpec) { + *out = *in + in.ServiceCommonSpec.DeepCopyInto(&out.ServiceCommonSpec) + if in.UserConfig != nil { + in, out := &in.UserConfig, &out.UserConfig + *out = new(alloydbomni.AlloydbomniUserConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlloyDBOmniSpec. +func (in *AlloyDBOmniSpec) DeepCopy() *AlloyDBOmniSpec { + if in == nil { + return nil + } + out := new(AlloyDBOmniSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthSecretRefField) DeepCopyInto(out *AuthSecretRefField) { *out = *in diff --git a/charts/aiven-operator-crds/templates/aiven.io_alloydbomnis.yaml b/charts/aiven-operator-crds/templates/aiven.io_alloydbomnis.yaml new file mode 100644 index 00000000..ea9f9315 --- /dev/null +++ b/charts/aiven-operator-crds/templates/aiven.io_alloydbomnis.yaml @@ -0,0 +1,1012 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: alloydbomnis.aiven.io +spec: + group: aiven.io + names: + kind: AlloyDBOmni + listKind: AlloyDBOmniList + plural: alloydbomnis + singular: alloydbomni + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + AlloyDBOmni is the Schema for the alloydbomni API. + Info "Exposes secret keys": `ALLOYDBOMNI_HOST`, `ALLOYDBOMNI_PORT`, `ALLOYDBOMNI_DATABASE`, `ALLOYDBOMNI_USER`, `ALLOYDBOMNI_PASSWORD`, `ALLOYDBOMNI_SSLMODE`, `ALLOYDBOMNI_DATABASE_URI` + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: + AlloyDBOmniSpec defines the desired state of AlloyDB Omni + instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: Secret configuration. + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + it is equal to the resource name + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + prefix: + description: |- + Prefix for the secret's keys. + Added "as is" without any transformations. + By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: |- + The disk space of the service, possible values depend on the service type, the cloud provider and the project. + Reducing will result in the service re-balancing. + The removal of this field does not change the value. + pattern: (?i)^[1-9][0-9]*(GiB|G)?$ + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Identifies the project this resource belongs to + maxLength: 63 + pattern: ^[a-zA-Z0-9_-]+$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: + properties: + email: + description: Email address. + pattern: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email + type: object + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: AlloyDBOmni specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + alloydbomni_version: + description: PostgreSQL major version + enum: + - "15" + type: string + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + google_columnar_engine_enabled: + description: + Enables or disables the columnar engine. When enabled, + it accelerates SQL query processing. + type: boolean + google_columnar_engine_memory_size_percentage: + description: Allocate the amount of RAM to store columnar data. + maximum: 50 + minimum: 0 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - DEFAULT + - TERSE + - VERBOSE + type: string + log_line_prefix: + description: Choose from one of the available log formats. + enum: + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'pid=%p,user=%u,db=%d,app=%a,client=%h,txid=%x,qid=%Q + '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - none + - top + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + pattern: ^[\w/]*$ + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - none + - pl + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 + pattern: ^[a-z][-a-z0-9]{0,63}$|^$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_version: + description: PostgreSQL major version + enum: + - "15" + type: string + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - statement + - transaction + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + max_prepared_statements: + description: + PgBouncer tracks protocol-level named prepared + statements related commands sent by the client in transaction + and statement pooling modes when max_prepared_statements + is set to a non-zero value. Setting it to 0 disables prepared + statements. max_prepared_statements defaults to 100, and + its maximum is 3000. + maximum: 3000 + minimum: 0 + type: integer + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + pattern: ^[a-z][-a-z0-9]{0,63}$|^$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + pattern: ^[a-z][-a-z0-9]{0,63}$|^$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - "off" + - quorum + type: string + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer + type: object + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator/templates/cluster_role.yaml b/charts/aiven-operator/templates/cluster_role.yaml index 5488d1f6..22f7645f 100644 --- a/charts/aiven-operator/templates/cluster_role.yaml +++ b/charts/aiven-operator/templates/cluster_role.yaml @@ -26,6 +26,34 @@ rules: - patch - update - watch + - apiGroups: + - aiven.io + resources: + - alloydbomnis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - alloydbomnis/finalizers + verbs: + - create + - get + - update + - apiGroups: + - aiven.io + resources: + - alloydbomnis/status + verbs: + - get + - patch + - update - apiGroups: - aiven.io resources: diff --git a/charts/aiven-operator/templates/mutating_webhook_configuration.yaml b/charts/aiven-operator/templates/mutating_webhook_configuration.yaml index 8f476f85..533f73b9 100644 --- a/charts/aiven-operator/templates/mutating_webhook_configuration.yaml +++ b/charts/aiven-operator/templates/mutating_webhook_configuration.yaml @@ -9,6 +9,27 @@ metadata: labels: {{- include "aiven-operator.labels" . | nindent 4 }} webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /mutate-aiven-io-v1alpha1-alloydbomni + failurePolicy: Fail + name: malloydbomni.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - alloydbomnis + sideEffects: None + {{- include "aiven-operator.webhookNamespaceSelector" . | indent 4 }} - admissionReviewVersions: - v1 clientConfig: diff --git a/charts/aiven-operator/templates/validating_webhook_configuration.yaml b/charts/aiven-operator/templates/validating_webhook_configuration.yaml index db5832ef..4957fa35 100644 --- a/charts/aiven-operator/templates/validating_webhook_configuration.yaml +++ b/charts/aiven-operator/templates/validating_webhook_configuration.yaml @@ -9,6 +9,28 @@ metadata: labels: {{- include "aiven-operator.labels" . | nindent 4 }} webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "aiven-operator.fullname" . }}-webhook-service + namespace: {{ include "aiven-operator.namespace" . }} + path: /validate-aiven-io-v1alpha1-alloydbomni + failurePolicy: Fail + name: valloydbomni.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - alloydbomnis + sideEffects: None + {{- include "aiven-operator.webhookNamespaceSelector" . | indent 4 }} - admissionReviewVersions: - v1 clientConfig: diff --git a/config/crd/bases/aiven.io_alloydbomnis.yaml b/config/crd/bases/aiven.io_alloydbomnis.yaml new file mode 100644 index 00000000..ea9f9315 --- /dev/null +++ b/config/crd/bases/aiven.io_alloydbomnis.yaml @@ -0,0 +1,1012 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: alloydbomnis.aiven.io +spec: + group: aiven.io + names: + kind: AlloyDBOmni + listKind: AlloyDBOmniList + plural: alloydbomnis + singular: alloydbomni + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + AlloyDBOmni is the Schema for the alloydbomni API. + Info "Exposes secret keys": `ALLOYDBOMNI_HOST`, `ALLOYDBOMNI_PORT`, `ALLOYDBOMNI_DATABASE`, `ALLOYDBOMNI_USER`, `ALLOYDBOMNI_PASSWORD`, `ALLOYDBOMNI_SSLMODE`, `ALLOYDBOMNI_DATABASE_URI` + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: + AlloyDBOmniSpec defines the desired state of AlloyDB Omni + instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: Secret configuration. + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + it is equal to the resource name + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + prefix: + description: |- + Prefix for the secret's keys. + Added "as is" without any transformations. + By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: |- + The disk space of the service, possible values depend on the service type, the cloud provider and the project. + Reducing will result in the service re-balancing. + The removal of this field does not change the value. + pattern: (?i)^[1-9][0-9]*(GiB|G)?$ + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Identifies the project this resource belongs to + maxLength: 63 + pattern: ^[a-zA-Z0-9_-]+$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: + properties: + email: + description: Email address. + pattern: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email + type: object + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: AlloyDBOmni specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + alloydbomni_version: + description: PostgreSQL major version + enum: + - "15" + type: string + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 + minimum: 0 + type: integer + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + google_columnar_engine_enabled: + description: + Enables or disables the columnar engine. When enabled, + it accelerates SQL query processing. + type: boolean + google_columnar_engine_memory_size_percentage: + description: Allocate the amount of RAM to store columnar data. + maximum: 50 + minimum: 0 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - DEFAULT + - TERSE + - VERBOSE + type: string + log_line_prefix: + description: Choose from one of the available log formats. + enum: + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'pid=%p,user=%u,db=%d,app=%a,client=%h,txid=%x,qid=%Q + '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - none + - top + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + pattern: ^[\w/]*$ + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - none + - pl + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 + pattern: ^[a-z][-a-z0-9]{0,63}$|^$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_version: + description: PostgreSQL major version + enum: + - "15" + type: string + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - statement + - transaction + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + max_prepared_statements: + description: + PgBouncer tracks protocol-level named prepared + statements related commands sent by the client in transaction + and statement pooling modes when max_prepared_statements + is set to a non-zero value. Setting it to 0 disables prepared + statements. max_prepared_statements defaults to 100, and + its maximum is 3000. + maximum: 3000 + minimum: 0 + type: integer + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + pattern: ^[a-z][-a-z0-9]{0,63}$|^$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + pattern: ^[a-z][-a-z0-9]{0,63}$|^$ + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - "off" + - quorum + type: string + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer + type: object + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index f49c6d12..ebf60618 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -34,6 +34,7 @@ resources: patchesStrategicMerge: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD + - patches/webhook_in_alloydbomnis.yaml - patches/webhook_in_clickhouses.yaml - patches/webhook_in_connectionpools.yaml - patches/webhook_in_databases.yaml @@ -58,6 +59,7 @@ patchesStrategicMerge: # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD + - patches/cainjection_in_alloydbomnis.yaml - patches/cainjection_in_clickhouses.yaml - patches/cainjection_in_connectionpools.yaml - patches/cainjection_in_databases.yaml diff --git a/config/crd/patches/cainjection_in_alloydbomnis.yaml b/config/crd/patches/cainjection_in_alloydbomnis.yaml new file mode 100644 index 00000000..d5b1e2da --- /dev/null +++ b/config/crd/patches/cainjection_in_alloydbomnis.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: alloydbomnis.aiven.io diff --git a/config/crd/patches/webhook_in_alloydbomnis.yaml b/config/crd/patches/webhook_in_alloydbomnis.yaml new file mode 100644 index 00000000..3e0a32f6 --- /dev/null +++ b/config/crd/patches/webhook_in_alloydbomnis.yaml @@ -0,0 +1,16 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: alloydbomnis.aiven.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + conversionReviewVersions: + - v1 diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index a187ebf6..4580df62 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -23,6 +23,34 @@ rules: - patch - update - watch + - apiGroups: + - aiven.io + resources: + - alloydbomnis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - alloydbomnis/finalizers + verbs: + - create + - get + - update + - apiGroups: + - aiven.io + resources: + - alloydbomnis/status + verbs: + - get + - patch + - update - apiGroups: - aiven.io resources: diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index 90621fa8..cac6fe5e 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -4,6 +4,26 @@ kind: MutatingWebhookConfiguration metadata: name: mutating-webhook-configuration webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-alloydbomni + failurePolicy: Fail + name: malloydbomni.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - alloydbomnis + sideEffects: None - admissionReviewVersions: - v1 clientConfig: @@ -410,6 +430,27 @@ kind: ValidatingWebhookConfiguration metadata: name: validating-webhook-configuration webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-alloydbomni + failurePolicy: Fail + name: valloydbomni.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - alloydbomnis + sideEffects: None - admissionReviewVersions: - v1 clientConfig: diff --git a/docs/docs/api-reference/alloydbomni.md b/docs/docs/api-reference/alloydbomni.md new file mode 100644 index 00000000..2bda3106 --- /dev/null +++ b/docs/docs/api-reference/alloydbomni.md @@ -0,0 +1,284 @@ +--- +title: "AlloyDBOmni" +--- + +## AlloyDBOmni {: #AlloyDBOmni } + +AlloyDBOmni is the Schema for the alloydbomni API. + +!!! Info "Exposes secret keys" + + `ALLOYDBOMNI_HOST`, `ALLOYDBOMNI_PORT`, `ALLOYDBOMNI_DATABASE`, `ALLOYDBOMNI_USER`, `ALLOYDBOMNI_PASSWORD`, `ALLOYDBOMNI_SSLMODE`, `ALLOYDBOMNI_DATABASE_URI`. + +**Required** + +- [`apiVersion`](#apiVersion-property){: name='apiVersion-property'} (string). Value `aiven.io/v1alpha1`. +- [`kind`](#kind-property){: name='kind-property'} (string). Value `AlloyDBOmni`. +- [`metadata`](#metadata-property){: name='metadata-property'} (object). Data that identifies the object, including a `name` string and optional `namespace`. +- [`spec`](#spec-property){: name='spec-property'} (object). AlloyDBOmniSpec defines the desired state of AlloyDB Omni instance. See below for [nested schema](#spec). + +## spec {: #spec } + +_Appears on [`AlloyDBOmni`](#AlloyDBOmni)._ + +AlloyDBOmniSpec defines the desired state of AlloyDB Omni instance. + +**Required** + +- [`plan`](#spec.plan-property){: name='spec.plan-property'} (string, MaxLength: 128). Subscription plan. +- [`project`](#spec.project-property){: name='spec.project-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9_-]+$`, MaxLength: 63). Identifies the project this resource belongs to. + +**Optional** + +- [`authSecretRef`](#spec.authSecretRef-property){: name='spec.authSecretRef-property'} (object). Authentication reference to Aiven token in a secret. See below for [nested schema](#spec.authSecretRef). +- [`cloudName`](#spec.cloudName-property){: name='spec.cloudName-property'} (string, MaxLength: 256). Cloud the service runs in. +- [`connInfoSecretTarget`](#spec.connInfoSecretTarget-property){: name='spec.connInfoSecretTarget-property'} (object). Secret configuration. See below for [nested schema](#spec.connInfoSecretTarget). +- [`connInfoSecretTargetDisabled`](#spec.connInfoSecretTargetDisabled-property){: name='spec.connInfoSecretTargetDisabled-property'} (boolean, Immutable). When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation. +- [`disk_space`](#spec.disk_space-property){: name='spec.disk_space-property'} (string, Pattern: `(?i)^[1-9][0-9]*(GiB|G)?$`). The disk space of the service, possible values depend on the service type, the cloud provider and the project. +Reducing will result in the service re-balancing. +The removal of this field does not change the value. +- [`maintenanceWindowDow`](#spec.maintenanceWindowDow-property){: name='spec.maintenanceWindowDow-property'} (string, Enum: `monday`, `tuesday`, `wednesday`, `thursday`, `friday`, `saturday`, `sunday`). Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc. +- [`maintenanceWindowTime`](#spec.maintenanceWindowTime-property){: name='spec.maintenanceWindowTime-property'} (string, MaxLength: 8). Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format. +- [`projectVPCRef`](#spec.projectVPCRef-property){: name='spec.projectVPCRef-property'} (object). ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID automatically. See below for [nested schema](#spec.projectVPCRef). +- [`projectVpcId`](#spec.projectVpcId-property){: name='spec.projectVpcId-property'} (string, MaxLength: 36). Identifier of the VPC the service should be in, if any. +- [`serviceIntegrations`](#spec.serviceIntegrations-property){: name='spec.serviceIntegrations-property'} (array of objects, Immutable, MaxItems: 1). Service integrations to specify when creating a service. Not applied after initial service creation. See below for [nested schema](#spec.serviceIntegrations). +- [`tags`](#spec.tags-property){: name='spec.tags-property'} (object, AdditionalProperties: string). Tags are key-value pairs that allow you to categorize services. +- [`technicalEmails`](#spec.technicalEmails-property){: name='spec.technicalEmails-property'} (array of objects, MaxItems: 10). Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability. See below for [nested schema](#spec.technicalEmails). +- [`terminationProtection`](#spec.terminationProtection-property){: name='spec.terminationProtection-property'} (boolean). Prevent service from being deleted. It is recommended to have this enabled for all services. +- [`userConfig`](#spec.userConfig-property){: name='spec.userConfig-property'} (object). AlloyDBOmni specific user configuration options. See below for [nested schema](#spec.userConfig). + +## authSecretRef {: #spec.authSecretRef } + +_Appears on [`spec`](#spec)._ + +Authentication reference to Aiven token in a secret. + +**Required** + +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). + +## connInfoSecretTarget {: #spec.connInfoSecretTarget } + +_Appears on [`spec`](#spec)._ + +Secret configuration. + +**Required** + +- [`name`](#spec.connInfoSecretTarget.name-property){: name='spec.connInfoSecretTarget.name-property'} (string, Immutable). Name of the secret resource to be created. By default, it is equal to the resource name. + +**Optional** + +- [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. +- [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. +- [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. +Added "as is" without any transformations. +By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + +## projectVPCRef {: #spec.projectVPCRef } + +_Appears on [`spec`](#spec)._ + +ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID automatically. + +**Required** + +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). + +**Optional** + +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). + +## serviceIntegrations {: #spec.serviceIntegrations } + +_Appears on [`spec`](#spec)._ + +Service integrations to specify when creating a service. Not applied after initial service creation. + +**Required** + +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). + +## technicalEmails {: #spec.technicalEmails } + +_Appears on [`spec`](#spec)._ + +Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability. + +**Required** + +- [`email`](#spec.technicalEmails.email-property){: name='spec.technicalEmails.email-property'} (string). Email address. + +## userConfig {: #spec.userConfig } + +_Appears on [`spec`](#spec)._ + +AlloyDBOmni specific user configuration options. + +**Optional** + +- [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. +- [`alloydbomni_version`](#spec.userConfig.alloydbomni_version-property){: name='spec.userConfig.alloydbomni_version-property'} (string, Enum: `15`). PostgreSQL major version. +- [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. +- [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. +- [`enable_ipv6`](#spec.userConfig.enable_ipv6-property){: name='spec.userConfig.enable_ipv6-property'} (boolean). Register AAAA DNS records for the service, and allow IPv6 packets to service ports. +- [`google_columnar_engine_enabled`](#spec.userConfig.google_columnar_engine_enabled-property){: name='spec.userConfig.google_columnar_engine_enabled-property'} (boolean). Enables or disables the columnar engine. When enabled, it accelerates SQL query processing. +- [`google_columnar_engine_memory_size_percentage`](#spec.userConfig.google_columnar_engine_memory_size_percentage-property){: name='spec.userConfig.google_columnar_engine_memory_size_percentage-property'} (integer, Minimum: 0, Maximum: 50). Allocate the amount of RAM to store columnar data. +- [`ip_filter`](#spec.userConfig.ip_filter-property){: name='spec.userConfig.ip_filter-property'} (array of objects, MaxItems: 1024). Allow incoming connections from CIDR address block, e.g. `10.20.0.0/16`. See below for [nested schema](#spec.userConfig.ip_filter). +- [`pg`](#spec.userConfig.pg-property){: name='spec.userConfig.pg-property'} (object). postgresql.conf configuration values. See below for [nested schema](#spec.userConfig.pg). +- [`pg_read_replica`](#spec.userConfig.pg_read_replica-property){: name='spec.userConfig.pg_read_replica-property'} (boolean). Should the service which is being forked be a read replica (deprecated, use read_replica service integration instead). +- [`pg_service_to_fork_from`](#spec.userConfig.pg_service_to_fork_from-property){: name='spec.userConfig.pg_service_to_fork_from-property'} (string, Immutable, Pattern: `^[a-z][-a-z0-9]{0,63}$|^$`, MaxLength: 64). Name of the PG Service from which to fork (deprecated, use service_to_fork_from). This has effect only when a new service is being created. +- [`pg_version`](#spec.userConfig.pg_version-property){: name='spec.userConfig.pg_version-property'} (string, Enum: `15`). PostgreSQL major version. +- [`pgbouncer`](#spec.userConfig.pgbouncer-property){: name='spec.userConfig.pgbouncer-property'} (object). PGBouncer connection pooling settings. See below for [nested schema](#spec.userConfig.pgbouncer). +- [`pglookout`](#spec.userConfig.pglookout-property){: name='spec.userConfig.pglookout-property'} (object). System-wide settings for pglookout. See below for [nested schema](#spec.userConfig.pglookout). +- [`private_access`](#spec.userConfig.private_access-property){: name='spec.userConfig.private_access-property'} (object). Allow access to selected service ports from private networks. See below for [nested schema](#spec.userConfig.private_access). +- [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). +- [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, Pattern: `^[a-z][-a-z0-9]{0,63}$|^$`, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. +- [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). +- [`recovery_target_time`](#spec.userConfig.recovery_target_time-property){: name='spec.userConfig.recovery_target_time-property'} (string, Immutable, MaxLength: 32). Recovery target time when forking a service. This has effect only when a new service is being created. +- [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. +- [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, Pattern: `^[a-z][-a-z0-9]{0,63}$|^$`, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. +- [`shared_buffers_percentage`](#spec.userConfig.shared_buffers_percentage-property){: name='spec.userConfig.shared_buffers_percentage-property'} (number, Minimum: 20, Maximum: 60). Percentage of total RAM that the database server uses for shared memory buffers. Valid range is 20-60 (float), which corresponds to 20% - 60%. This setting adjusts the shared_buffers configuration value. +- [`static_ips`](#spec.userConfig.static_ips-property){: name='spec.userConfig.static_ips-property'} (boolean). Use static public IP addresses. +- [`synchronous_replication`](#spec.userConfig.synchronous_replication-property){: name='spec.userConfig.synchronous_replication-property'} (string, Enum: `off`, `quorum`). Synchronous replication type. Note that the service plan also needs to support synchronous replication. +- [`variant`](#spec.userConfig.variant-property){: name='spec.userConfig.variant-property'} (string, Enum: `aiven`, `timescale`). Variant of the PostgreSQL service, may affect the features that are exposed by default. +- [`work_mem`](#spec.userConfig.work_mem-property){: name='spec.userConfig.work_mem-property'} (integer, Minimum: 1, Maximum: 1024). Sets the maximum amount of memory to be used by a query operation (such as a sort or hash table) before writing to temporary disk files, in MB. Default is 1MB + 0.075% of total RAM (up to 32MB). + +### ip_filter {: #spec.userConfig.ip_filter } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +CIDR address block, either as a string, or in a dict with an optional description field. + +**Required** + +- [`network`](#spec.userConfig.ip_filter.network-property){: name='spec.userConfig.ip_filter.network-property'} (string, MaxLength: 43). CIDR address block. + +**Optional** + +- [`description`](#spec.userConfig.ip_filter.description-property){: name='spec.userConfig.ip_filter.description-property'} (string, MaxLength: 1024). Description for IP filter list entry. + +### pg {: #spec.userConfig.pg } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +postgresql.conf configuration values. + +**Optional** + +- [`autovacuum_analyze_scale_factor`](#spec.userConfig.pg.autovacuum_analyze_scale_factor-property){: name='spec.userConfig.pg.autovacuum_analyze_scale_factor-property'} (number, Minimum: 0, Maximum: 1). Specifies a fraction of the table size to add to autovacuum_analyze_threshold when deciding whether to trigger an ANALYZE. The default is 0.2 (20% of table size). +- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. +- [`autovacuum_freeze_max_age`](#spec.userConfig.pg.autovacuum_freeze_max_age-property){: name='spec.userConfig.pg.autovacuum_freeze_max_age-property'} (integer, Minimum: 200000000, Maximum: 1500000000). Specifies the maximum age (in transactions) that a table's pg_class.relfrozenxid field can attain before a VACUUM operation is forced to prevent transaction ID wraparound within the table. Note that the system will launch autovacuum processes to prevent wraparound even when autovacuum is otherwise disabled. This parameter will cause the server to be restarted. +- [`autovacuum_max_workers`](#spec.userConfig.pg.autovacuum_max_workers-property){: name='spec.userConfig.pg.autovacuum_max_workers-property'} (integer, Minimum: 1, Maximum: 20). Specifies the maximum number of autovacuum processes (other than the autovacuum launcher) that may be running at any one time. The default is three. This parameter can only be set at server start. +- [`autovacuum_naptime`](#spec.userConfig.pg.autovacuum_naptime-property){: name='spec.userConfig.pg.autovacuum_naptime-property'} (integer, Minimum: 1, Maximum: 86400). Specifies the minimum delay between autovacuum runs on any given database. The delay is measured in seconds, and the default is one minute. +- [`autovacuum_vacuum_cost_delay`](#spec.userConfig.pg.autovacuum_vacuum_cost_delay-property){: name='spec.userConfig.pg.autovacuum_vacuum_cost_delay-property'} (integer, Minimum: -1, Maximum: 100). Specifies the cost delay value that will be used in automatic VACUUM operations. If -1 is specified, the regular vacuum_cost_delay value will be used. The default value is 20 milliseconds. +- [`autovacuum_vacuum_cost_limit`](#spec.userConfig.pg.autovacuum_vacuum_cost_limit-property){: name='spec.userConfig.pg.autovacuum_vacuum_cost_limit-property'} (integer, Minimum: -1, Maximum: 10000). Specifies the cost limit value that will be used in automatic VACUUM operations. If -1 is specified (which is the default), the regular vacuum_cost_limit value will be used. +- [`autovacuum_vacuum_scale_factor`](#spec.userConfig.pg.autovacuum_vacuum_scale_factor-property){: name='spec.userConfig.pg.autovacuum_vacuum_scale_factor-property'} (number, Minimum: 0, Maximum: 1). Specifies a fraction of the table size to add to autovacuum_vacuum_threshold when deciding whether to trigger a VACUUM. The default is 0.2 (20% of table size). +- [`autovacuum_vacuum_threshold`](#spec.userConfig.pg.autovacuum_vacuum_threshold-property){: name='spec.userConfig.pg.autovacuum_vacuum_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of updated or deleted tuples needed to trigger a VACUUM in any one table. The default is 50 tuples. +- [`bgwriter_delay`](#spec.userConfig.pg.bgwriter_delay-property){: name='spec.userConfig.pg.bgwriter_delay-property'} (integer, Minimum: 10, Maximum: 10000). Specifies the delay between activity rounds for the background writer in milliseconds. Default is 200. +- [`bgwriter_flush_after`](#spec.userConfig.pg.bgwriter_flush_after-property){: name='spec.userConfig.pg.bgwriter_flush_after-property'} (integer, Minimum: 0, Maximum: 2048). Whenever more than bgwriter_flush_after bytes have been written by the background writer, attempt to force the OS to issue these writes to the underlying storage. Specified in kilobytes, default is 512. Setting of 0 disables forced writeback. +- [`bgwriter_lru_maxpages`](#spec.userConfig.pg.bgwriter_lru_maxpages-property){: name='spec.userConfig.pg.bgwriter_lru_maxpages-property'} (integer, Minimum: 0, Maximum: 1073741823). In each round, no more than this many buffers will be written by the background writer. Setting this to zero disables background writing. Default is 100. +- [`bgwriter_lru_multiplier`](#spec.userConfig.pg.bgwriter_lru_multiplier-property){: name='spec.userConfig.pg.bgwriter_lru_multiplier-property'} (number, Minimum: 0, Maximum: 10). The average recent need for new buffers is multiplied by bgwriter_lru_multiplier to arrive at an estimate of the number that will be needed during the next round, (up to bgwriter_lru_maxpages). 1.0 represents a “just in time” policy of writing exactly the number of buffers predicted to be needed. Larger values provide some cushion against spikes in demand, while smaller values intentionally leave writes to be done by server processes. The default is 2.0. +- [`deadlock_timeout`](#spec.userConfig.pg.deadlock_timeout-property){: name='spec.userConfig.pg.deadlock_timeout-property'} (integer, Minimum: 500, Maximum: 1800000). This is the amount of time, in milliseconds, to wait on a lock before checking to see if there is a deadlock condition. +- [`default_toast_compression`](#spec.userConfig.pg.default_toast_compression-property){: name='spec.userConfig.pg.default_toast_compression-property'} (string, Enum: `lz4`, `pglz`). Specifies the default TOAST compression method for values of compressible columns (the default is lz4). +- [`idle_in_transaction_session_timeout`](#spec.userConfig.pg.idle_in_transaction_session_timeout-property){: name='spec.userConfig.pg.idle_in_transaction_session_timeout-property'} (integer, Minimum: 0, Maximum: 604800000). Time out sessions with open transactions after this number of milliseconds. +- [`jit`](#spec.userConfig.pg.jit-property){: name='spec.userConfig.pg.jit-property'} (boolean). Controls system-wide use of Just-in-Time Compilation (JIT). +- [`log_autovacuum_min_duration`](#spec.userConfig.pg.log_autovacuum_min_duration-property){: name='spec.userConfig.pg.log_autovacuum_min_duration-property'} (integer, Minimum: -1, Maximum: 2147483647). Causes each action executed by autovacuum to be logged if it ran for at least the specified number of milliseconds. Setting this to zero logs all autovacuum actions. Minus-one (the default) disables logging autovacuum actions. +- [`log_error_verbosity`](#spec.userConfig.pg.log_error_verbosity-property){: name='spec.userConfig.pg.log_error_verbosity-property'} (string, Enum: `DEFAULT`, `TERSE`, `VERBOSE`). Controls the amount of detail written in the server log for each message that is logged. +- [`log_line_prefix`](#spec.userConfig.pg.log_line_prefix-property){: name='spec.userConfig.pg.log_line_prefix-property'} (string, Enum: `'%m [%p] %q[user=%u,db=%d,app=%a] '`, `'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '`, `'pid=%p,user=%u,db=%d,app=%a,client=%h '`, `'pid=%p,user=%u,db=%d,app=%a,client=%h,txid=%x,qid=%Q '`). Choose from one of the available log formats. +- [`log_min_duration_statement`](#spec.userConfig.pg.log_min_duration_statement-property){: name='spec.userConfig.pg.log_min_duration_statement-property'} (integer, Minimum: -1, Maximum: 86400000). Log statements that take more than this number of milliseconds to run, -1 disables. +- [`log_temp_files`](#spec.userConfig.pg.log_temp_files-property){: name='spec.userConfig.pg.log_temp_files-property'} (integer, Minimum: -1, Maximum: 2147483647). Log statements for each temporary file created larger than this number of kilobytes, -1 disables. +- [`max_files_per_process`](#spec.userConfig.pg.max_files_per_process-property){: name='spec.userConfig.pg.max_files_per_process-property'} (integer, Minimum: 1000, Maximum: 4096). PostgreSQL maximum number of files that can be open per process. +- [`max_locks_per_transaction`](#spec.userConfig.pg.max_locks_per_transaction-property){: name='spec.userConfig.pg.max_locks_per_transaction-property'} (integer, Minimum: 64, Maximum: 6400). PostgreSQL maximum locks per transaction. +- [`max_logical_replication_workers`](#spec.userConfig.pg.max_logical_replication_workers-property){: name='spec.userConfig.pg.max_logical_replication_workers-property'} (integer, Minimum: 4, Maximum: 64). PostgreSQL maximum logical replication workers (taken from the pool of max_parallel_workers). +- [`max_parallel_workers`](#spec.userConfig.pg.max_parallel_workers-property){: name='spec.userConfig.pg.max_parallel_workers-property'} (integer, Minimum: 0, Maximum: 96). Sets the maximum number of workers that the system can support for parallel queries. +- [`max_parallel_workers_per_gather`](#spec.userConfig.pg.max_parallel_workers_per_gather-property){: name='spec.userConfig.pg.max_parallel_workers_per_gather-property'} (integer, Minimum: 0, Maximum: 96). Sets the maximum number of workers that can be started by a single Gather or Gather Merge node. +- [`max_pred_locks_per_transaction`](#spec.userConfig.pg.max_pred_locks_per_transaction-property){: name='spec.userConfig.pg.max_pred_locks_per_transaction-property'} (integer, Minimum: 64, Maximum: 5120). PostgreSQL maximum predicate locks per transaction. +- [`max_prepared_transactions`](#spec.userConfig.pg.max_prepared_transactions-property){: name='spec.userConfig.pg.max_prepared_transactions-property'} (integer, Minimum: 0, Maximum: 10000). PostgreSQL maximum prepared transactions. +- [`max_replication_slots`](#spec.userConfig.pg.max_replication_slots-property){: name='spec.userConfig.pg.max_replication_slots-property'} (integer, Minimum: 8, Maximum: 64). PostgreSQL maximum replication slots. +- [`max_slot_wal_keep_size`](#spec.userConfig.pg.max_slot_wal_keep_size-property){: name='spec.userConfig.pg.max_slot_wal_keep_size-property'} (integer, Minimum: -1, Maximum: 2147483647). PostgreSQL maximum WAL size (MB) reserved for replication slots. Default is -1 (unlimited). wal_keep_size minimum WAL size setting takes precedence over this. +- [`max_stack_depth`](#spec.userConfig.pg.max_stack_depth-property){: name='spec.userConfig.pg.max_stack_depth-property'} (integer, Minimum: 2097152, Maximum: 6291456). Maximum depth of the stack in bytes. +- [`max_standby_archive_delay`](#spec.userConfig.pg.max_standby_archive_delay-property){: name='spec.userConfig.pg.max_standby_archive_delay-property'} (integer, Minimum: 1, Maximum: 43200000). Max standby archive delay in milliseconds. +- [`max_standby_streaming_delay`](#spec.userConfig.pg.max_standby_streaming_delay-property){: name='spec.userConfig.pg.max_standby_streaming_delay-property'} (integer, Minimum: 1, Maximum: 43200000). Max standby streaming delay in milliseconds. +- [`max_wal_senders`](#spec.userConfig.pg.max_wal_senders-property){: name='spec.userConfig.pg.max_wal_senders-property'} (integer, Minimum: 20, Maximum: 64). PostgreSQL maximum WAL senders. +- [`max_worker_processes`](#spec.userConfig.pg.max_worker_processes-property){: name='spec.userConfig.pg.max_worker_processes-property'} (integer, Minimum: 8, Maximum: 96). Sets the maximum number of background processes that the system can support. +- [`pg_partman_bgw.interval`](#spec.userConfig.pg.pg_partman_bgw.interval-property){: name='spec.userConfig.pg.pg_partman_bgw.interval-property'} (integer, Minimum: 3600, Maximum: 604800). Sets the time interval to run pg_partman's scheduled tasks. +- [`pg_partman_bgw.role`](#spec.userConfig.pg.pg_partman_bgw.role-property){: name='spec.userConfig.pg.pg_partman_bgw.role-property'} (string, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Controls which role to use for pg_partman's scheduled background tasks. +- [`pg_stat_statements.track`](#spec.userConfig.pg.pg_stat_statements.track-property){: name='spec.userConfig.pg.pg_stat_statements.track-property'} (string, Enum: `all`, `none`, `top`). Controls which statements are counted. Specify top to track top-level statements (those issued directly by clients), all to also track nested statements (such as statements invoked within functions), or none to disable statement statistics collection. The default value is top. +- [`temp_file_limit`](#spec.userConfig.pg.temp_file_limit-property){: name='spec.userConfig.pg.temp_file_limit-property'} (integer, Minimum: -1, Maximum: 2147483647). PostgreSQL temporary file limit in KiB, -1 for unlimited. +- [`timezone`](#spec.userConfig.pg.timezone-property){: name='spec.userConfig.pg.timezone-property'} (string, Pattern: `^[\w/]*$`, MaxLength: 64). PostgreSQL service timezone. +- [`track_activity_query_size`](#spec.userConfig.pg.track_activity_query_size-property){: name='spec.userConfig.pg.track_activity_query_size-property'} (integer, Minimum: 1024, Maximum: 10240). Specifies the number of bytes reserved to track the currently executing command for each active session. +- [`track_commit_timestamp`](#spec.userConfig.pg.track_commit_timestamp-property){: name='spec.userConfig.pg.track_commit_timestamp-property'} (string, Enum: `off`, `on`). Record commit time of transactions. +- [`track_functions`](#spec.userConfig.pg.track_functions-property){: name='spec.userConfig.pg.track_functions-property'} (string, Enum: `all`, `none`, `pl`). Enables tracking of function call counts and time used. +- [`track_io_timing`](#spec.userConfig.pg.track_io_timing-property){: name='spec.userConfig.pg.track_io_timing-property'} (string, Enum: `off`, `on`). Enables timing of database I/O calls. This parameter is off by default, because it will repeatedly query the operating system for the current time, which may cause significant overhead on some platforms. +- [`wal_sender_timeout`](#spec.userConfig.pg.wal_sender_timeout-property){: name='spec.userConfig.pg.wal_sender_timeout-property'} (integer). Terminate replication connections that are inactive for longer than this amount of time, in milliseconds. Setting this value to zero disables the timeout. +- [`wal_writer_delay`](#spec.userConfig.pg.wal_writer_delay-property){: name='spec.userConfig.pg.wal_writer_delay-property'} (integer, Minimum: 10, Maximum: 200). WAL flush interval in milliseconds. Note that setting this value to lower than the default 200ms may negatively impact performance. + +### pgbouncer {: #spec.userConfig.pgbouncer } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +PGBouncer connection pooling settings. + +**Optional** + +- [`autodb_idle_timeout`](#spec.userConfig.pgbouncer.autodb_idle_timeout-property){: name='spec.userConfig.pgbouncer.autodb_idle_timeout-property'} (integer, Minimum: 0, Maximum: 86400). If the automatically created database pools have been unused this many seconds, they are freed. If 0 then timeout is disabled. [seconds]. +- [`autodb_max_db_connections`](#spec.userConfig.pgbouncer.autodb_max_db_connections-property){: name='spec.userConfig.pgbouncer.autodb_max_db_connections-property'} (integer, Minimum: 0, Maximum: 2147483647). Do not allow more than this many server connections per database (regardless of user). Setting it to 0 means unlimited. +- [`autodb_pool_mode`](#spec.userConfig.pgbouncer.autodb_pool_mode-property){: name='spec.userConfig.pgbouncer.autodb_pool_mode-property'} (string, Enum: `session`, `statement`, `transaction`). PGBouncer pool mode. +- [`autodb_pool_size`](#spec.userConfig.pgbouncer.autodb_pool_size-property){: name='spec.userConfig.pgbouncer.autodb_pool_size-property'} (integer, Minimum: 0, Maximum: 10000). If non-zero then create automatically a pool of that size per user when a pool doesn't exist. +- [`ignore_startup_parameters`](#spec.userConfig.pgbouncer.ignore_startup_parameters-property){: name='spec.userConfig.pgbouncer.ignore_startup_parameters-property'} (array of strings, MaxItems: 32). List of parameters to ignore when given in startup packet. +- [`max_prepared_statements`](#spec.userConfig.pgbouncer.max_prepared_statements-property){: name='spec.userConfig.pgbouncer.max_prepared_statements-property'} (integer, Minimum: 0, Maximum: 3000). PgBouncer tracks protocol-level named prepared statements related commands sent by the client in transaction and statement pooling modes when max_prepared_statements is set to a non-zero value. Setting it to 0 disables prepared statements. max_prepared_statements defaults to 100, and its maximum is 3000. +- [`min_pool_size`](#spec.userConfig.pgbouncer.min_pool_size-property){: name='spec.userConfig.pgbouncer.min_pool_size-property'} (integer, Minimum: 0, Maximum: 10000). Add more server connections to pool if below this number. Improves behavior when usual load comes suddenly back after period of total inactivity. The value is effectively capped at the pool size. +- [`server_idle_timeout`](#spec.userConfig.pgbouncer.server_idle_timeout-property){: name='spec.userConfig.pgbouncer.server_idle_timeout-property'} (integer, Minimum: 0, Maximum: 86400). If a server connection has been idle more than this many seconds it will be dropped. If 0 then timeout is disabled. [seconds]. +- [`server_lifetime`](#spec.userConfig.pgbouncer.server_lifetime-property){: name='spec.userConfig.pgbouncer.server_lifetime-property'} (integer, Minimum: 60, Maximum: 86400). The pooler will close an unused server connection that has been connected longer than this. [seconds]. +- [`server_reset_query_always`](#spec.userConfig.pgbouncer.server_reset_query_always-property){: name='spec.userConfig.pgbouncer.server_reset_query_always-property'} (boolean). Run server_reset_query (DISCARD ALL) in all pooling modes. + +### pglookout {: #spec.userConfig.pglookout } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +System-wide settings for pglookout. + +**Required** + +- [`max_failover_replication_time_lag`](#spec.userConfig.pglookout.max_failover_replication_time_lag-property){: name='spec.userConfig.pglookout.max_failover_replication_time_lag-property'} (integer, Minimum: 10). Number of seconds of master unavailability before triggering database failover to standby. + +### private_access {: #spec.userConfig.private_access } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +Allow access to selected service ports from private networks. + +**Optional** + +- [`pg`](#spec.userConfig.private_access.pg-property){: name='spec.userConfig.private_access.pg-property'} (boolean). Allow clients to connect to pg with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations. +- [`pgbouncer`](#spec.userConfig.private_access.pgbouncer-property){: name='spec.userConfig.private_access.pgbouncer-property'} (boolean). Allow clients to connect to pgbouncer with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations. +- [`prometheus`](#spec.userConfig.private_access.prometheus-property){: name='spec.userConfig.private_access.prometheus-property'} (boolean). Allow clients to connect to prometheus with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations. + +### privatelink_access {: #spec.userConfig.privatelink_access } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +Allow access to selected service components through Privatelink. + +**Optional** + +- [`pg`](#spec.userConfig.privatelink_access.pg-property){: name='spec.userConfig.privatelink_access.pg-property'} (boolean). Enable pg. +- [`pgbouncer`](#spec.userConfig.privatelink_access.pgbouncer-property){: name='spec.userConfig.privatelink_access.pgbouncer-property'} (boolean). Enable pgbouncer. +- [`prometheus`](#spec.userConfig.privatelink_access.prometheus-property){: name='spec.userConfig.privatelink_access.prometheus-property'} (boolean). Enable prometheus. + +### public_access {: #spec.userConfig.public_access } + +_Appears on [`spec.userConfig`](#spec.userConfig)._ + +Allow access to selected service ports from the public Internet. + +**Optional** + +- [`pg`](#spec.userConfig.public_access.pg-property){: name='spec.userConfig.public_access.pg-property'} (boolean). Allow clients to connect to pg from the public internet for service nodes that are in a project VPC or another type of private network. +- [`pgbouncer`](#spec.userConfig.public_access.pgbouncer-property){: name='spec.userConfig.public_access.pgbouncer-property'} (boolean). Allow clients to connect to pgbouncer from the public internet for service nodes that are in a project VPC or another type of private network. +- [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network.