UNCLASSIFIED

Skip to content

GitLab

Commit 12cd4b81 authored by Scott Stroud's avatar Scott Stroud
Browse files

Merge branch 'hardening_manifest' into '5.5.2' 

Migrate to hardening_manifest.yaml

See merge request dsop/confluent/confluent-component-operator/cp-operator-service-5.5.x!2
parents fdd8aba6 18e4fd4f
Pipeline #111014 passed with stage
in 7 seconds
Hide whitespace changes
Inline Side-by-side
Showing with 51 additions and 1692 deletions
Dockerfile
View file @ 12cd4b81
......@@ -5,28 +5,9 @@ ARG BASE_TAG=8.2
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
ARG IMAGE_VERSION='5.5.2'
ENV IMAGE_VERSION=${IMAGE_VERSION}
LABEL io.k8s.display-name="Confluent Operator" \
io.k8s.description="Kubernetes Controllers for deploying and managing Confluent Platform" \
io.k8s.display-name="Confluent Operator $IMAGE_VERSION" \
io.openshift.tags="confluent operator,confluent platform,event-streaming" \
name="Component Manager" \
maintainer="Confluent Platform <operator@confluent.io>" \
vendor="Confluent, Inc" \
version="$IMAGE_VERSION" \
release="$IMAGE_VERSION" \
summary="Confluent Operator for Confluent Platform" \
description="Kubernetes Controllers for deploying and managing Confluent Platform"
WORKDIR /opt/
COPY opt/licenses .
COPY opt/help.1 .
COPY opt/config/crds config/crds
RUN chmod -R ag+rw /opt /opt/config/crds
COPY opt/manager .
ADD --chown=1001:1001 cp-operator-service-5.5.x_opt.tar.gz /opt/
ENTRYPOINT ["/opt/manager"]
......
Jenkinsfile deleted 100644 → 0
View file @ fdd8aba6
@Library('DCCSCR@master') _
dccscrPipeline( version: "5.5.2" )
config/crds/cluster_v1alpha1_kafkacluster.yaml deleted 100644 → 0
View file @ fdd8aba6
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: kafkaclusters.cluster.confluent.com
spec:
group: cluster.confluent.com
names:
categories:
- all
kind: KafkaCluster
plural: kafkaclusters
shortNames:
- kafka
- broker
scope: Namespaced
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
authorization:
properties:
rbac:
properties:
ldap:
properties:
address:
type: string
authentication:
properties:
type:
enum:
- tls
- simple
type: string
required:
- type
type: object
configurations:
properties:
groupMemberAttribute:
type: string
groupMemberAttributePattern:
type: string
groupNameAttribute:
type: string
groupObjectClass:
type: string
groupSearchBase:
type: string
userMemberOfAttributePattern:
type: string
userNameAttribute:
type: string
userObjectClass:
type: string
userSearchBase:
type: string
required:
- userNameAttribute
- userObjectClass
type: object
required:
- authentication
- address
- configurations
type: object
mds:
properties:
https:
type: boolean
required:
- https
type: object
required:
- mds
- ldap
type: object
superUsers:
items:
type: string
type: array
type:
enum:
- rbac
- simple
type: string
required:
- type
type: object
configOverrides:
properties:
jvm:
items:
type: string
type: array
log4j:
items:
type: string
type: array
server:
items:
type: string
type: array
type: object
image:
pattern: .+:.+
type: string
initContainers:
items:
properties:
args:
items:
type: string
type: array
command:
items:
type: string
type: array
envVar:
type: object
image:
pattern: .+:.+
type: string
name:
type: string
required:
- name
- image
- command
type: object
type: array
internalKubDomain:
type: string
jvmConfig:
properties:
heapSize:
pattern: ^[0-9]+[M,GB,m,g]{1,2}$
type: string
required:
- heapSize
type: object
metricReporter:
properties:
bootstrapEndpoint:
pattern: .+:[0-9]+
type: string
internal:
type: boolean
publishMs:
format: int64
type: integer
replicationFactor:
exclusiveMinimum: true
format: int32
type: integer
tls:
properties:
authentication:
properties:
principalMappingRules:
items:
type: string
type: array
type:
enum:
- tls
- plain
type: string
required:
- type
type: object
enabled:
type: boolean
required:
- enabled
type: object
required:
- bootstrapEndpoint
- replicationFactor
type: object
network:
properties:
annotations:
type: object
bootstrapPrefix:
maxLength: 100
minLength: 1
pattern: ^[^.]+$
type: string
brokerPrefix:
maxLength: 100
minLength: 1
pattern: ^[^.]+$
type: string
domain:
maxLength: 200
minLength: 1
type: string
type:
enum:
- external
- internal
- route
type: string
required:
- domain
- type
type: object
options:
properties:
acl:
description: ACL enabled or disabled
type: boolean
enterprise:
description: check if using enterprise or non-enterprise image
type: boolean
supers:
pattern: ^(User:[^;]+;)*(User:[^;]+)?$
type: string
type: object
placement:
properties:
disableHostPort:
type: boolean
nodeAffinity:
properties:
key:
maxLength: 64
minLength: 1
type: string
values:
items:
type: string
maxItems: 20
minItems: 1
type: array
required:
- key
- values
type: object
rack:
properties:
topology:
type: string
type: object
type: object
podAnnotations:
type: object
podSecurityContext:
properties:
fsGroup:
format: int64
type: integer
randomUID:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
properties:
level:
type: string
role:
type: string
type:
type: string
user:
type: string
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
sysctls:
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
type: object
replicas:
exclusiveMinimum: true
format: int32
type: integer
resources:
properties:
limits:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
requests:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
storage:
items:
properties:
capacity:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
name:
enum:
- data
- data0
- log
- txnlog
maxLength: 10
minLength: 1
type: string
storageClassName:
type: string
type:
format: int32
type: integer
required:
- capacity
- name
type: object
minItems: 1
type: array
required:
- requests
- storage
type: object
terminationGracePeriodInSecond:
format: int64
minimum: 30
type: integer
tls:
properties:
authentication:
properties:
principalMappingRules:
items:
type: string
type: array
type:
enum:
- tls
- plain
type: string
required:
- type
type: object
enabled:
type: boolean
jmxAuthentication:
properties:
type:
enum:
- tls
type: string
required:
- type
type: object
jmxTLS:
type: boolean
required:
- enabled
type: object
zones:
items:
type: string
type: array
zookeeper:
properties:
endpoint:
pattern: .+:[0-9]+
type: string
required:
- endpoint
type: object
required:
- replicas
- image
- resources
- jvmConfig
- initContainers
type: object
status:
properties:
authenticationType:
type: string
bootstrapEndpoint:
type: string
brokerEndpoints:
type: object
brokerExternalListener:
type: string
brokerInternalListener:
type: string
clientAuthentication:
type: boolean
clusterName:
type: string
currentReplicas:
format: int32
type: integer
externalClient:
type: string
internalClient:
type: string
jmxPort:
format: int32
type: integer
jmxSecurityProtocol:
enum:
- tls
- mtls
type: string
jolokiaPort:
format: int32
type: integer
mdsEndpoint:
type: string
minIsr:
format: int32
type: integer
phase:
type: string
prometheusPort:
format: int32
type: integer
pscVersion:
type: string
readyReplicas:
format: int32
type: integer
reason:
type: string
replicas:
format: int32
type: integer
replicationFactor:
format: int32
type: integer
securityProtocol:
type: string
zookeeperConnect:
type: string
required:
- phase
- replicas
- currentReplicas
- readyReplicas
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
config/crds/cluster_v1alpha1_zookeepercluster.yaml deleted 100644 → 0
View file @ fdd8aba6
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: zookeeperclusters.cluster.confluent.com
spec:
group: cluster.confluent.com
names:
categories:
- all
kind: ZookeeperCluster
plural: zookeeperclusters
shortNames:
- zk
- zookeeper
scope: Namespaced
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
configOverrides:
properties:
jvm:
items:
type: string
type: array
log4j:
items:
type: string
type: array
server:
items:
type: string
type: array
type: object
image:
pattern: .+:.+
type: string
initContainers:
items:
properties:
args:
items:
type: string
type: array
command:
items:
type: string
type: array
envVar:
type: object
image:
pattern: .+:.+
type: string
name:
type: string
required:
- name
- image
- command
type: object
type: array
internalKubDomain:
type: string
jvmConfig:
properties:
heapSize:
pattern: ^[0-9]+[M,GB,m,g]{1,2}$
type: string
required:
- heapSize
type: object
placement:
properties:
disableHostPort:
type: boolean
nodeAffinity:
properties:
key:
maxLength: 64
minLength: 1
type: string
values:
items:
type: string
maxItems: 20
minItems: 1
type: array
required:
- key
- values
type: object
rack:
properties:
topology:
type: string
type: object
type: object
podAnnotations:
type: object
podSecurityContext:
properties:
fsGroup:
format: int64
type: integer
randomUID:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
properties:
level:
type: string
role:
type: string
type:
type: string
user:
type: string
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
sysctls:
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
type: object
replicas:
exclusiveMinimum: true
format: int32
type: integer
resources:
properties:
limits:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
requests:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
storage:
items:
properties:
capacity:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
name:
enum:
- data
- data0
- log
- txnlog
maxLength: 10
minLength: 1
type: string
storageClassName:
type: string
type:
format: int32
type: integer
required:
- capacity
- name
type: object
minItems: 1
type: array
required:
- requests
- storage
type: object
terminationGracePeriodInSecond:
format: int64
minimum: 30
type: integer
tls:
properties:
jmxAuthentication:
properties:
type:
enum:
- tls
type: string
required:
- type
type: object
jmxTLS:
type: boolean
type: object
zones:
items:
type: string
type: array
required:
- replicas
- image
- resources
- jvmConfig
- initContainers
type: object
status:
properties:
alternateEndpoint:
type: string
clusterName:
type: string
config:
type: object
currentReplicas:
format: int32
type: integer
endpoints:
type: string
jmxSecurityProtocol:
enum:
- tls
- mtls
type: string
phase:
type: string
readyReplicas:
format: int32
type: integer
reason:
type: string
replicas:
format: int32
type: integer
required:
- phase
- replicas
- currentReplicas
- readyReplicas
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
config/crds/operator/operator_v1_physicalstatefulcluster.yaml deleted 100644 → 0
View file @ fdd8aba6
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: physicalstatefulclusters.operator.confluent.cloud
spec:
group: operator.confluent.cloud
names:
kind: PhysicalStatefulCluster
plural: physicalstatefulclusters
shortNames:
- psc
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
status:
type: object
type: object
version: v1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
hardening_manifest.yaml 0 → 100644
View file @ 12cd4b81
---
apiVersion: v1
# The repository name in registry1, excluding /ironbank/
name: "confluent/confluent-component-operator/cp-operator-service-5.5.x"
# List of tags to push for the repository in registry1
# The most specific version should be the first tag and will be shown
# on ironbank.dsop.io
tags:
- "5.5.2"
- "5.5.x"
- "5.5"
# Build args passed to Dockerfile ARGs
args:
BASE_IMAGE: "redhat/openjdk/openjdk11"
BASE_TAG: "1.11"
# Docker image labels
labels:
org.opencontainers.image.title: "cp-operator-service-5.5.x"
org.opencontainers.image.description: "Confluent Operator service image"
org.opencontainers.image.licenses: "CONFLUENT ENTERPRISE LICENSE"
org.opencontainers.image.url: "https://docs.confluent.io/5.5.2/installation/operator/index.html"
org.opencontainers.image.vendor: "Confluent"
org.opencontainers.image.version: "5.5.2"
mil.dso.ironbank.image.keywords: "confluent,kafka,zookeeper,operator"
mil.dso.ironbank.image.type: "commercial"
mil.dso.ironbank.product.name: "Confluent Platform"
# List of resources to make available to the offline build context
resources:
- filename: cp-operator-service-5.5.x_opt.tar.gz
url: https://ironbank-files.s3.amazonaws.com/cp-operator-service-5.5.x_opt.tar.gz
validation:
type: sha256
value: bde77020e6dba84b8491c16f675d542c7d3ed718634d4c9d36310375ba7c9b09
# List of project maintainers
maintainers:
- name: "Scott Stroud"
username: "scottstroud"
email: "confluent-fed@confluent.io"
cht_member: false
- name: "Preston McGowan"
username: "preston.mcgowan"
email: "confluent-fed@confluent.io"
cht_member: false
opt/config/crds/cluster_v1alpha1_kafkacluster.yaml deleted 100644 → 0
View file @ fdd8aba6
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: kafkaclusters.cluster.confluent.com
spec:
group: cluster.confluent.com
names:
categories:
- all
kind: KafkaCluster
plural: kafkaclusters
shortNames:
- kafka
- broker
scope: Namespaced
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
authorization:
properties:
rbac:
properties:
ldap:
properties:
address:
type: string
authentication:
properties:
type:
enum:
- tls
- simple
type: string
required:
- type
type: object
configurations:
properties:
groupMemberAttribute:
type: string
groupMemberAttributePattern:
type: string
groupNameAttribute:
type: string
groupObjectClass:
type: string
groupSearchBase:
type: string
userMemberOfAttributePattern:
type: string
userNameAttribute:
type: string
userObjectClass:
type: string
userSearchBase:
type: string
required:
- userNameAttribute
- userObjectClass
type: object
required:
- authentication
- address
- configurations
type: object
mds:
properties:
https:
type: boolean
required:
- https
type: object
required:
- mds
- ldap
type: object
superUsers:
items:
type: string
type: array
type:
enum:
- rbac
- simple
type: string
required:
- type
type: object
configOverrides:
properties:
jvm:
items:
type: string
type: array
log4j:
items:
type: string
type: array
server:
items:
type: string
type: array
type: object
image:
pattern: .+:.+
type: string
initContainers:
items:
properties:
args:
items:
type: string
type: array
command:
items:
type: string
type: array
envVar:
type: object
image:
pattern: .+:.+
type: string
name:
type: string
required:
- name
- image
- command
type: object
type: array
internalKubDomain:
type: string
jvmConfig:
properties:
heapSize:
pattern: ^[0-9]+[M,GB,m,g]{1,2}$
type: string
required:
- heapSize
type: object
metricReporter:
properties:
bootstrapEndpoint:
pattern: .+:[0-9]+
type: string
internal:
type: boolean
publishMs:
format: int64
type: integer
replicationFactor:
exclusiveMinimum: true
format: int32
type: integer
tls:
properties:
authentication:
properties:
principalMappingRules:
items:
type: string
type: array
type:
enum:
- tls
- plain
type: string
required:
- type
type: object
enabled:
type: boolean
required:
- enabled
type: object
required:
- bootstrapEndpoint
- replicationFactor
type: object
network:
properties:
annotations:
type: object
bootstrapPrefix:
maxLength: 100
minLength: 1
pattern: ^[^.]+$
type: string
brokerPrefix:
maxLength: 100
minLength: 1
pattern: ^[^.]+$
type: string
domain:
maxLength: 200
minLength: 1
type: string
type:
enum:
- external
- internal
- route
type: string
required:
- domain
- type
type: object
options:
properties:
acl:
description: ACL enabled or disabled
type: boolean
enterprise:
description: check if using enterprise or non-enterprise image
type: boolean
supers:
pattern: ^(User:[^;]+;)*(User:[^;]+)?$
type: string
type: object
placement:
properties:
disableHostPort:
type: boolean
nodeAffinity:
properties:
key:
maxLength: 64
minLength: 1
type: string
values:
items:
type: string
maxItems: 20
minItems: 1
type: array
required:
- key
- values
type: object
rack:
properties:
topology:
type: string
type: object
type: object
podAnnotations:
type: object
podSecurityContext:
properties:
fsGroup:
format: int64
type: integer
randomUID:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
properties:
level:
type: string
role:
type: string
type:
type: string
user:
type: string
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
sysctls:
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
type: object
replicas:
exclusiveMinimum: true
format: int32
type: integer
resources:
properties:
limits:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
requests:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
storage:
items:
properties:
capacity:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
name:
enum:
- data
- data0
- log
- txnlog
maxLength: 10
minLength: 1
type: string
storageClassName:
type: string
type:
format: int32
type: integer
required:
- capacity
- name
type: object
minItems: 1
type: array
required:
- requests
- storage
type: object
terminationGracePeriodInSecond:
format: int64
minimum: 30
type: integer
tls:
properties:
authentication:
properties:
principalMappingRules:
items:
type: string
type: array
type:
enum:
- tls
- plain
type: string
required:
- type
type: object
enabled:
type: boolean
jmxAuthentication:
properties:
type:
enum:
- tls
type: string
required:
- type
type: object
jmxTLS:
type: boolean
required:
- enabled
type: object
zones:
items:
type: string
type: array
zookeeper:
properties:
endpoint:
pattern: .+:[0-9]+
type: string
required:
- endpoint
type: object
required:
- replicas
- image
- resources
- jvmConfig
- initContainers
type: object
status:
properties:
authenticationType:
type: string
bootstrapEndpoint:
type: string
brokerEndpoints:
type: object
brokerExternalListener:
type: string
brokerInternalListener:
type: string
clientAuthentication:
type: boolean
clusterName:
type: string
currentReplicas:
format: int32
type: integer
externalClient:
type: string
internalClient:
type: string
jmxPort:
format: int32
type: integer
jmxSecurityProtocol:
enum:
- tls
- mtls
type: string
jolokiaPort:
format: int32
type: integer
mdsEndpoint:
type: string
minIsr:
format: int32
type: integer
phase:
type: string
prometheusPort:
format: int32
type: integer
pscVersion:
type: string
readyReplicas:
format: int32
type: integer
reason:
type: string
replicas:
format: int32
type: integer
replicationFactor:
format: int32
type: integer
securityProtocol:
type: string
zookeeperConnect:
type: string
required:
- phase
- replicas
- currentReplicas
- readyReplicas
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
opt/config/crds/cluster_v1alpha1_zookeepercluster.yaml deleted 100644 → 0
View file @ fdd8aba6
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: zookeeperclusters.cluster.confluent.com
spec:
group: cluster.confluent.com
names:
categories:
- all
kind: ZookeeperCluster
plural: zookeeperclusters
shortNames:
- zk
- zookeeper
scope: Namespaced
subresources:
scale:
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
configOverrides:
properties:
jvm:
items:
type: string
type: array
log4j:
items:
type: string
type: array
server:
items:
type: string
type: array
type: object
image:
pattern: .+:.+
type: string
initContainers:
items:
properties:
args:
items:
type: string
type: array
command:
items:
type: string
type: array
envVar:
type: object
image:
pattern: .+:.+
type: string
name:
type: string
required:
- name
- image
- command
type: object
type: array
internalKubDomain:
type: string
jvmConfig:
properties:
heapSize:
pattern: ^[0-9]+[M,GB,m,g]{1,2}$
type: string
required:
- heapSize
type: object
placement:
properties:
disableHostPort:
type: boolean
nodeAffinity:
properties:
key:
maxLength: 64
minLength: 1
type: string
values:
items:
type: string
maxItems: 20
minItems: 1
type: array
required:
- key
- values
type: object
rack:
properties:
topology:
type: string
type: object
type: object
podAnnotations:
type: object
podSecurityContext:
properties:
fsGroup:
format: int64
type: integer
randomUID:
type: boolean
runAsGroup:
format: int64
type: integer
runAsNonRoot:
type: boolean
runAsUser:
format: int64
type: integer
seLinuxOptions:
properties:
level:
type: string
role:
type: string
type:
type: string
user:
type: string
type: object
supplementalGroups:
items:
format: int64
type: integer
type: array
sysctls:
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
type: object
replicas:
exclusiveMinimum: true
format: int32
type: integer
resources:
properties:
limits:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
requests:
properties:
cpu:
pattern: ^[0-9\.]+[m]?$
type: string
memory:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
required:
- cpu
- memory
type: object
storage:
items:
properties:
capacity:
pattern: ^[0-9]+[E,P,T,G,M,K,Ei,Pi,Ti,Gi,Mi,Ki]{1,2}$
type: string
name:
enum:
- data
- data0
- log
- txnlog
maxLength: 10
minLength: 1
type: string
storageClassName:
type: string
type:
format: int32
type: integer
required:
- capacity
- name
type: object
minItems: 1
type: array
required:
- requests
- storage
type: object
terminationGracePeriodInSecond:
format: int64
minimum: 30
type: integer
tls:
properties:
jmxAuthentication:
properties:
type:
enum:
- tls
type: string
required:
- type
type: object
jmxTLS:
type: boolean
type: object
zones:
items:
type: string
type: array
required:
- replicas
- image
- resources
- jvmConfig
- initContainers
type: object
status:
properties:
alternateEndpoint:
type: string
clusterName:
type: string
config:
type: object
currentReplicas:
format: int32
type: integer
endpoints:
type: string
jmxSecurityProtocol:
enum:
- tls
- mtls
type: string
phase:
type: string
readyReplicas:
format: int32
type: integer
reason:
type: string
replicas:
format: int32
type: integer
required:
- phase
- replicas
- currentReplicas
- readyReplicas
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
opt/config/crds/operator/operator_v1_physicalstatefulcluster.yaml deleted 100644 → 0
View file @ fdd8aba6
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: physicalstatefulclusters.operator.confluent.cloud
spec:
group: operator.confluent.cloud
names:
kind: PhysicalStatefulCluster
plural: physicalstatefulclusters
shortNames:
- psc
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
status:
type: object
type: object
version: v1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
opt/help.1 deleted 100644 → 0
View file @ fdd8aba6
This image is a part of the Confluent Platform deployment in the Openshift/Kubernetes.
Information on how to use and configure this image is available at https://docs.confluent.io.
For more information, please contact operator@confluent.io.
opt/licenses/confluent.txt deleted 100644 → 0
View file @ fdd8aba6
Copyright 2019 Confluent, Inc.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED