Package v1alpha1 contains API Schema definitions for the v1alpha1 API group
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#affinity-v1-core.
Appears in:
AffinityConfig defines policies to schedule Pods in Nodes.
Appears in:
Agent is a sidecar agent that co-operates with mariadb-enterprise-operator.
Appears in:
Backup is the Schema for the backups API. It is used to define backup jobs and its storage.
Underlying type: string
BackupContentType defines the backup content type.
Appears in:
BackupSpec defines the desired state of Backup
Appears in:
BackupStagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed.
Appears in:
BackupStorage defines the final storage for backups.
Appears in:
BasicAuth refers to the basic authentication mechanism utilized for establishing a connection from the operator to the agent.
Appears in:
BootstrapFrom defines a source to bootstrap MariaDB from.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#csivolumesource-v1-core.
Appears in:
Underlying type: string
CleanupPolicy defines the behavior for cleaning up a resource.
Appears in:
Underlying type: string
CompressAlgorithm defines the compression algorithm for a Backup resource.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapkeyselector-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#configmapvolumesource-v1-core.
Appears in:
Connection is the Schema for the connections API. It is used to configure connection strings for the applications connecting to MariaDB.
ConnectionSpec defines the desired state of Connection
Appears in:
ConnectionTemplate defines a template to customize Connection objects.
Appears in:
Container object definition.
Appears in:
ContainerTemplate defines a template to configure Container objects.
Appears in:
Underlying type: string
CooperativeMonitoring enables coordination between multiple MaxScale instances running monitors. See: https://mariadb.com/docs/server/architecture/components/maxscale/monitors/mariadbmon/use-cooperative-locking-ha-maxscale-mariadb-monitor/
Appears in:
CronJobTemplate defines parameters for configuring CronJob objects.
Appears in:
Database is the Schema for the databases API. It is used to define a logical database as if you were running a 'CREATE DATABASE' statement.
DatabaseSpec defines the desired state of Database
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#emptydirvolumesource-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envfromsource-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#envvarsource-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#execaction-v1-core.
Appears in:
Exporter defines a metrics exporter container.
Appears in:
ExternalMariaDB is the Schema for the external MariaDBs API. It is used to define external MariaDB server.
ExternalMariaDBSpec defines the desired state of an External MariaDB
Appears in:
Galera allows you to enable multi-master HA via Galera in your MariaDB cluster.
Appears in:
GaleraConfig defines storage options for the Galera configuration files.
Appears in:
GaleraInitJob defines a Job used to be used to initialize the Galera cluster.
Appears in:
GaleraRecovery is the recovery process performed by the operator whenever the Galera cluster is not healthy. More info: https://galeracluster.com/library/documentation/crash-recovery.html.
Appears in:
GaleraRecoveryJob defines a Job used to be used to recover the Galera cluster.
Appears in:
GaleraSpec is the Galera desired state specification.
Appears in:
GeneratedSecretKeyRef defines a reference to a Secret that can be automatically generated by mariadb-enterprise-operator if needed.
Appears in:
Grant is the Schema for the grants API. It is used to define grants as if you were running a 'GRANT' statement.
GrantSpec defines the desired state of Grant
Appears in:
Underlying type: string
Gtid indicates which Global Transaction ID (GTID) position mode should be used when connecting a replica to the master. See: https://mariadb.com/kb/en/gtid/#using-current_pos-vs-slave_pos.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#httpgetaction-v1-core.
Appears in:
HealthCheck defines intervals for performing health checks.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#hostpathvolumesource-v1-core
Appears in:
InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
Appears in:
Job defines a Job used to be used with MariaDB.
Appears in:
JobContainerTemplate defines a template to configure Container objects that run in a Job.
Appears in:
JobPodTemplate defines a template to configure Container objects that run in a Job.
Appears in:
KubernetesAuth refers to the Kubernetes authentication mechanism utilized for establishing a connection from the operator to the agent. The agent validates the legitimacy of the service account token provided as an Authorization header by creating a TokenReview resource.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselectorrequirement-v1-meta
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core.
Appears in:
MariaDB is the Schema for the mariadbs API. It is used to define MariaDB clusters.
MariaDBMaxScaleSpec defines a reduced version of MaxScale to be used with the current MariaDB.
Appears in:
MariaDBRef is a reference to a MariaDB object.
Appears in:
MariaDBSpec defines the desired state of MariaDB
Appears in:
MariadbMetrics defines the metrics for a MariaDB.
Appears in:
MaxScale is the Schema for the maxscales API. It is used to define MaxScale clusters.
MaxScaleAdmin configures the admin REST API and GUI.
Appears in:
MaxScaleAuth defines the credentials required for MaxScale to connect to MariaDB.
Appears in:
MaxScaleConfig defines the MaxScale configuration.
Appears in:
MaxScaleConfigSync defines how the config changes are replicated across replicas.
Appears in:
MaxScaleListener defines how the MaxScale server will listen for connections.
Appears in:
MaxScaleMetrics defines the metrics for a Maxscale.
Appears in:
MaxScaleMonitor monitors MariaDB server instances
Appears in:
MaxScalePodTemplate defines a template for MaxScale Pods.
Appears in:
MaxScaleServer defines a MariaDB server to forward traffic to.
Appears in:
Services define how the traffic is forwarded to the MariaDB servers.
Appears in:
MaxScaleSpec defines the desired state of MaxScale.
Appears in:
TLS defines the PKI to be used with MaxScale.
Appears in:
Metadata defines the metadata to added to resources.
Appears in:
Underlying type: string
MonitorModule defines the type of monitor module
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nfsvolumesource-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeaffinity-v1-core
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselector-v1-core
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorrequirement-v1-core
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#nodeselectorterm-v1-core
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectfieldselector-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#objectreference-v1-core.
Appears in:
PasswordPlugin defines the password plugin and its arguments.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimspec-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#persistentvolumeclaimvolumesource-v1-core.
Appears in:
PhysicalBackup is the Schema for the physicalbackups API. It is used to define physical backup jobs and its storage.
PhysicalBackupPodTemplate defines a template to configure Container objects that run in a PhysicalBackup.
Appears in:
PhysicalBackupSchedule defines when the PhysicalBackup will be taken.
Appears in:
PhysicalBackupSpec defines the desired state of PhysicalBackup.
Appears in:
PhysicalBackupStorage defines the storage for physical backups.
Appears in:
PhysicalBackupVolumeSnapshot defines parameters for the VolumeSnapshots used as physical backups.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podaffinityterm-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podantiaffinity-v1-core.
Appears in:
PodDisruptionBudget is the Pod availability bundget for a MariaDB
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#podsecuritycontext-v1-core
Appears in:
PodTemplate defines a template to configure Container objects.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#preferredschedulingterm-v1-core
Appears in:
PrimaryGalera is the Galera configuration for the primary node.
Appears in:
PrimaryReplication is the replication configuration and operation parameters for the primary.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#probe-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#probe-v1-core.
Appears in:
ReplicaBootstrapFrom defines the sources for bootstrapping new relicas.
Appears in:
ReplicaRecovery defines how the replicas should be recovered after they enter an error state.
Appears in:
ReplicaReplication is the replication configuration and operation parameters for the replicas.
Appears in:
Replication defines replication configuration for a MariaDB cluster.
Appears in:
ReplicationSpec is the replication desired state.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#resourcerequirements-v1-core.
Appears in:
Restore is the Schema for the restores API. It is used to define restore jobs and its restoration source.
RestoreSource defines a source for restoring a logical backup.
Appears in:
RestoreSpec defines the desired state of restore
Appears in:
Appears in:
SQLTemplate defines a template to customize SQL objects.
Appears in:
Underlying type: string
SST is the Snapshot State Transfer used when new Pods join the cluster. More info: https://galeracluster.com/library/documentation/sst.html.
Appears in:
Schedule contains parameters to define a schedule
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretkeyselector-v1-core.
Appears in:
SecretTemplate defines a template to customize Secret objects.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#secretvolumesource-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#securitycontext-v1-core.
Appears in:
ServiceMonitor defines a prometheus ServiceMonitor object.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#serviceport-v1-core
Appears in:
Underlying type: string
ServiceRouter defines the type of service router.
Appears in:
ServiceTemplate defines a template to customize Service objects.
Appears in:
SqlJob is the Schema for the sqljobs API. It is used to run sql scripts as jobs.
SqlJobSpec defines the desired state of SqlJob
Appears in:
Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volume-v1-core.
Appears in:
SuspendTemplate indicates whether the current resource should be suspended or not.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#tcpsocketaction-v1-core.
Appears in:
TLS defines the PKI to be used with MariaDB.
Appears in:
TLSConfig defines parameters to configure a certificate.
Appears in:
TLSRequirements specifies TLS requirements for the user to connect. See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls.
Appears in:
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#topologyspreadconstraint-v1-core.
Appears in:
TypedLocalObjectReference is a reference to a specific object type.
Appears in:
UpdateStrategy defines how a MariaDB resource is updated.
Appears in:
Underlying type: string
UpdateType defines the type of update for a MariaDB resource.
Appears in:
User is the Schema for the users API. It is used to define grants as if you were running a 'CREATE USER' statement.
UserSpec defines the desired state of User
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volume-v1-core.
Appears in:
VolumeClaimTemplate defines a template to customize PVC objects.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volumemount-v1-core.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#volume-v1-core.
Appears in:
Underlying type: string
WaitPoint defines whether the transaction should wait for ACK before committing to the storage engine. More info: https://mariadb.com/kb/en/semisynchronous-replication/#rpl_semi_sync_master_wait_point.
Appears in:
Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#weightedpodaffinityterm-v1-core.
Appears in:
envFrom array
EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container.
volumeMounts array
VolumeMounts to be used in the Container.
livenessProbe
LivenessProbe to be used in the Container.
readinessProbe
ReadinessProbe to be used in the Container.
startupProbe
StartupProbe to be used in the Container.
resources
Resources describes the compute resource requirements.
securityContext
SecurityContext holds security configuration that will be applied to a container.
image string
Image name to be used by the MariaDB instances. The supported format is <image>:<tag>.
imagePullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
Enum: [Always Never IfNotPresent]
port integer
Port where the agent will be listening for API connections.
probePort integer
Port where the agent will be listening for probe connections.
kubernetesAuth
KubernetesAuth to be used by the agent container
basicAuth
BasicAuth to be used by the agent container
gracefulShutdownTimeout
GracefulShutdownTimeout is the time we give to the agent container in order to gracefully terminate in-flight requests.
spec
podMetadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
successfulJobsHistoryLimit integer
SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed.
Minimum: 0
failedJobsHistoryLimit integer
FailedJobsHistoryLimit defines the maximum number of failed Jobs to be displayed.
Minimum: 0
timeZone string
TimeZone defines the timezone associated with the cron expression.
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
compression
Compression algorithm to be used in the Backup.
Enum: [none bzip2 gzip]
stagingStorage
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Backup Job is scheduled. The staging area gets cleaned up after each backup is completed, consider this for sizing it appropriately.
storage
Storage defines the final storage for backups.
Required: {}
schedule
Schedule defines when the Backup will be taken.
maxRetention
MaxRetention defines the retention policy for backups. Old backups will be cleaned up by the Backup Job. It defaults to 30 days.
databases string array
Databases defines the logical databases to be backed up. If not provided, all databases are backed up.
ignoreGlobalPriv boolean
IgnoreGlobalPriv indicates to ignore the mysql.global_priv in backups. If not provided, it will default to true when the referred MariaDB instance has Galera enabled and otherwise to false.
logLevel string
LogLevel to be used n the Backup Job. It defaults to 'info'.
info
backoffLimit integer
BackoffLimit defines the maximum number of attempts to successfully take a Backup.
restartPolicy
RestartPolicy to be added to the Backup Pod.
OnFailure
Enum: [Always OnFailure Never]
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
s3
S3 defines the configuration to restore backups from a S3 compatible storage. This field takes precedence over the Volume source.
volume
Volume is a Kubernetes Volume object that contains a backup.
targetRecoveryTime
TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective. It is used to determine the closest restoration source in time.
stagingStorage
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Job is scheduled.
restoreJob
RestoreJob defines additional properties for the Job used to perform the restoration.
volumeAttributes object (keys:string, values:string)
nodePublishSecretRef
spec
params object (keys:string, values:string)
Params to be used in the Connection.
serviceName string
ServiceName to be used in the Connection.
port integer
Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener.
mariaDbRef
MariaDBRef is a reference to the MariaDB to connect to. Either MariaDBRef or MaxScaleRef must be provided.
maxScaleRef
MaxScaleRef is a reference to the MaxScale to connect to. Either MariaDBRef or MaxScaleRef must be provided.
username string
Username to use for configuring the Connection.
Required: {}
passwordSecretKeyRef
PasswordSecretKeyRef is a reference to the password to use for configuring the Connection. Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
tlsClientCertSecretRef
TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health. Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. If not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the client certificate.
host string
Host to connect to. If not provided, it defaults to the MariaDB host or to the MaxScale host.
database string
Database to use when configuring the Connection.
params object (keys:string, values:string)
Params to be used in the Connection.
serviceName string
ServiceName to be used in the Connection.
port integer
Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener.
command string array
Command to be used in the Container.
args string array
Args to be used in the Container.
env array
Env represents the environment variables to be injected in a container.
volumeMounts array
VolumeMounts to be used in the Container.
resources
Resources describes the compute resource requirements.
envFrom array
EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container.
volumeMounts array
VolumeMounts to be used in the Container.
livenessProbe
LivenessProbe to be used in the Container.
readinessProbe
ReadinessProbe to be used in the Container.
startupProbe
StartupProbe to be used in the Container.
resources
Resources describes the compute resource requirements.
securityContext
SecurityContext holds security configuration that will be applied to a container.
spec
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
characterSet string
CharacterSet to use in the Database.
utf8
collate string
Collate to use in the Database.
utf8_general_ci
name string
Name overrides the default Database name provided by metadata.name.
MaxLength: 80
args string array
Args to be used in the Container.
port integer
Port where the exporter will be listening for connections.
resources
Resources describes the compute resource requirements.
podMetadata
PodMetadata defines extra metadata for the Pod.
securityContext
SecurityContext holds container-level security attributes.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
spec
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
host string
Hostname of the external MariaDB.
Required: {}
port integer
Port of the external MariaDB.
3306
username string
Username is the username to connect to the external MariaDB.
Required: {}
passwordSecretKeyRef
PasswordSecretKeyRef is a reference to the password to connect to the external MariaDB.
tls
TLS defines the PKI to be used with the external MariaDB.
connection
Connection defines a template to configure a Connection for the external MariaDB.
galeraLibPath string
GaleraLibPath is a path inside the MariaDB image to the wsrep provider plugin. It is defaulted if not provided. More info: https://galeracluster.com/library/documentation/mysql-wsrep-options.html#wsrep-provider.
replicaThreads integer
ReplicaThreads is the number of replica threads used to apply Galera write sets in parallel. More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_slave_threads.
providerOptions object (keys:string, values:string)
ProviderOptions is map of Galera configuration parameters. More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_provider_options.
agent
Agent is a sidecar agent that co-operates with mariadb-enterprise-operator.
recovery
GaleraRecovery is the recovery process performed by the operator whenever the Galera cluster is not healthy. More info: https://galeracluster.com/library/documentation/crash-recovery.html.
initContainer
InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
initJob
InitJob defines a Job that co-operates with mariadb-enterprise-operator by performing initialization tasks.
config
GaleraConfig defines storage options for the Galera configuration files.
clusterName string
ClusterName is the name of the cluster to be used in the Galera config file.
enabled boolean
Enabled is a flag to enable Galera.
clusterHealthyTimeout
ClusterHealthyTimeout represents the duration at which a Galera cluster, that consistently failed health checks, is considered unhealthy, and consequently the Galera recovery process will be initiated by the operator.
clusterBootstrapTimeout
ClusterBootstrapTimeout is the time limit for bootstrapping a cluster. Once this timeout is reached, the Galera recovery state is reset and a new cluster bootstrap will be attempted.
clusterUpscaleTimeout
ClusterUpscaleTimeout represents the maximum duration for upscaling the cluster's StatefulSet during the recovery process.
clusterDownscaleTimeout
ClusterDownscaleTimeout represents the maximum duration for downscaling the cluster's StatefulSet during the recovery process.
podRecoveryTimeout
PodRecoveryTimeout is the time limit for recevorying the sequence of a Pod during the cluster recovery.
podSyncTimeout
PodSyncTimeout is the time limit for a Pod to join the cluster after having performed a cluster bootstrap during the cluster recovery.
forceClusterBootstrapInPod string
ForceClusterBootstrapInPod allows you to manually initiate the bootstrap process in a specific Pod. IMPORTANT: Use this option only in exceptional circumstances. Not selecting the Pod with the highest sequence number may result in data loss. IMPORTANT: Ensure you unset this field after completing the bootstrap to allow the operator to choose the appropriate Pod to bootstrap from in an event of cluster recovery.
job
Job defines a Job that co-operates with mariadb-enterprise-operator by performing the Galera cluster recovery .
galeraLibPath string
GaleraLibPath is a path inside the MariaDB image to the wsrep provider plugin. It is defaulted if not provided. More info: https://galeracluster.com/library/documentation/mysql-wsrep-options.html#wsrep-provider.
replicaThreads integer
ReplicaThreads is the number of replica threads used to apply Galera write sets in parallel. More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_slave_threads.
providerOptions object (keys:string, values:string)
ProviderOptions is map of Galera configuration parameters. More info: https://mariadb.com/kb/en/galera-cluster-system-variables/#wsrep_provider_options.
agent
Agent is a sidecar agent that co-operates with mariadb-enterprise-operator.
recovery
GaleraRecovery is the recovery process performed by the operator whenever the Galera cluster is not healthy. More info: https://galeracluster.com/library/documentation/crash-recovery.html.
initContainer
InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
initJob
InitJob defines a Job that co-operates with mariadb-enterprise-operator by performing initialization tasks.
config
GaleraConfig defines storage options for the Galera configuration files.
clusterName string
ClusterName is the name of the cluster to be used in the Galera config file.
spec
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
privileges string array
Privileges to use in the Grant.
MinItems: 1 Required: {}
database string
Database to use in the Grant.
*
table string
Table to use in the Grant.
*
username string
Username to use in the Grant.
Required: {}
host string
Host to use in the Grant. It can be localhost, an IP or '%'.
grantOption boolean
GrantOption to use in the Grant.
false
scheme
envFrom array
EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container.
volumeMounts array
VolumeMounts to be used in the Container.
livenessProbe
LivenessProbe to be used in the Container.
readinessProbe
ReadinessProbe to be used in the Container.
startupProbe
StartupProbe to be used in the Container.
resources
Resources describes the compute resource requirements.
securityContext
SecurityContext holds security configuration that will be applied to a container.
image string
Image name to be used by the MariaDB instances. The supported format is <image>:<tag>.
Required: {}
imagePullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
Enum: [Always Never IfNotPresent]
tolerations array
Tolerations to be used in the Pod.
resources
Resources describes the compute resource requirements.
args string array
Args to be used in the Container.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
spec
services array
Services define how the traffic is forwarded to the MariaDB servers.
monitor
Monitor monitors MariaDB server instances.
admin
Admin configures the admin REST API and GUI.
config
Config defines the MaxScale configuration.
auth
Auth defines the credentials required for MaxScale to connect to MariaDB.
metrics
Metrics configures metrics and how to scrape them.
tls
TLS defines the PKI to be used with MaxScale.
connection
Connection provides a template to define the Connection for MaxScale.
replicas integer
Replicas indicates the number of desired instances.
podDisruptionBudget
PodDisruptionBudget defines the budget for replica availability.
updateStrategy
UpdateStrategy defines the update strategy for the StatefulSet object.
kubernetesService
KubernetesService defines a template for a Kubernetes Service object to connect to MaxScale.
guiKubernetesService
GuiKubernetesService define a template for a Kubernetes Service object to connect to MaxScale's GUI.
requeueInterval
RequeueInterval is used to perform requeue reconciliations.
waitForIt boolean
WaitForIt indicates whether the controller using this reference should wait for MariaDB to be ready.
true
envFrom array
EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container.
volumeMounts array
VolumeMounts to be used in the Container.
livenessProbe
LivenessProbe to be used in the Container.
readinessProbe
ReadinessProbe to be used in the Container.
startupProbe
StartupProbe to be used in the Container.
resources
Resources describes the compute resource requirements.
securityContext
SecurityContext holds security configuration that will be applied to a container.
podMetadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
initContainers array
InitContainers to be used in the Pod.
sidecarContainers array
SidecarContainers to be used in the Pod.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
volumes array
Volumes to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
topologySpreadConstraints array
TopologySpreadConstraints to be used in the Pod.
suspend boolean
Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
false
image string
Image name to be used by the MariaDB instances. The supported format is <image>:<tag>.
Only MariaDB official images are supported.
imagePullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
Enum: [Always Never IfNotPresent]
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
rootPasswordSecretKeyRef
RootPasswordSecretKeyRef is a reference to a Secret key containing the root password.
rootEmptyPassword boolean
RootEmptyPassword indicates if the root password should be empty. Don't use this feature in production, it is only intended for development and test environments.
database string
Database is the name of the initial Database.
username string
Username is the initial username to be created by the operator once MariaDB is ready. The initial User will have ALL PRIVILEGES in the initial Database.
passwordSecretKeyRef
PasswordSecretKeyRef is a reference to a Secret that contains the password to be used by the initial User. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
passwordHashSecretKeyRef
PasswordHashSecretKeyRef is a reference to the password hash to be used by the initial User. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash. It requires the 'skip-strict-password-validation' option to be set. See: https://mariadb.com/docs/server/ref/mdb/cli/mariadbd/strict-password-validation/.
passwordPlugin
PasswordPlugin is a reference to the password plugin and arguments to be used by the initial User. It requires the 'skip-strict-password-validation' option to be set. See: https://mariadb.com/docs/server/ref/mdb/cli/mariadbd/strict-password-validation/.
myCnf string
MyCnf allows to specify the my.cnf file mounted by Mariadb. Updating this field will trigger an update to the Mariadb resource.
myCnfConfigMapKeyRef
MyCnfConfigMapKeyRef is a reference to the my.cnf config file provided via a ConfigMap. If not provided, it will be defaulted with a reference to a ConfigMap containing the MyCnf field. If the referred ConfigMap is labeled with "enterprise.mariadb.com/watch", an update to the Mariadb resource will be triggered when the ConfigMap is updated.
timeZone string
TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded.
bootstrapFrom
BootstrapFrom defines a source to bootstrap from.
storage
Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB.
metrics
Metrics configures metrics and how to scrape them.
tls
TLS defines the PKI to be used with MariaDB.
replication
Replication configures high availability via replication. This feature is still in alpha, use Galera if you are looking for a more production-ready HA.
galera
Galera configures high availability via Galera.
maxScaleRef
MaxScaleRef is a reference to a MaxScale resource to be used with the current MariaDB. Providing this field implies delegating high availability tasks such as primary failover to MaxScale.
maxScale
MaxScale is the MaxScale specification that defines the MaxScale resource to be used with the current MariaDB. When enabling this field, MaxScaleRef is automatically set.
replicas integer
Replicas indicates the number of desired instances.
1
replicasAllowEvenNumber boolean
disables the validation check for an odd number of replicas.
false
port integer
Port where the instances will be listening for connections.
3306
servicePorts array
ServicePorts is the list of additional named ports to be added to the Services created by the operator.
podDisruptionBudget
PodDisruptionBudget defines the budget for replica availability.
updateStrategy
UpdateStrategy defines how a MariaDB resource is updated.
service
Service defines a template to configure the general Service object. The network traffic of this Service will be routed to all Pods.
connection
Connection defines a template to configure the general Connection object. This Connection provides the initial User access to the initial Database. It will make use of the Service to route network traffic to all Pods.
primaryService
PrimaryService defines a template to configure the primary Service object. The network traffic of this Service will be routed to the primary Pod.
primaryConnection
PrimaryConnection defines a template to configure the primary Connection object. This Connection provides the initial User access to the initial Database. It will make use of the PrimaryService to route network traffic to the primary Pod.
secondaryService
SecondaryService defines a template to configure the secondary Service object. The network traffic of this Service will be routed to the secondary Pods.
secondaryConnection
SecondaryConnection defines a template to configure the secondary Connection object. This Connection provides the initial User access to the initial Database. It will make use of the SecondaryService to route network traffic to the secondary Pods.
username string
Username is the username of the monitoring user used by the exporter.
passwordSecretKeyRef
PasswordSecretKeyRef is a reference to the password of the monitoring user used by the exporter. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
spec
deleteDefaultAdmin boolean
DeleteDefaultAdmin determines whether the default admin user should be deleted after the initial configuration. If not provided, it defaults to true.
metricsUsername string
MetricsUsername is an metrics username to call the REST API. It is defaulted if metrics are enabled.
metricsPasswordSecretKeyRef
MetricsPasswordSecretKeyRef is Secret key reference to the metrics password to call the admib REST API. It is defaulted if metrics are enabled.
clientUsername string
ClientUsername is the user to connect to MaxScale. It is defaulted if not provided.
clientPasswordSecretKeyRef
ClientPasswordSecretKeyRef is Secret key reference to the password to connect to MaxScale. It is defaulted if not provided. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
clientMaxConnections integer
ClientMaxConnections defines the maximum number of connections that the client can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas.
serverUsername string
ServerUsername is the user used by MaxScale to connect to MariaDB server. It is defaulted if not provided.
serverPasswordSecretKeyRef
ServerPasswordSecretKeyRef is Secret key reference to the password used by MaxScale to connect to MariaDB server. It is defaulted if not provided. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
serverMaxConnections integer
ServerMaxConnections defines the maximum number of connections that the server can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas.
monitorUsername string
MonitorUsername is the user used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided.
monitorPasswordSecretKeyRef
MonitorPasswordSecretKeyRef is Secret key reference to the password used by MaxScale monitor to connect to MariaDB server. It is defaulted if not provided. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
monitorMaxConnections integer
MonitorMaxConnections defines the maximum number of connections that the monitor can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas.
syncUsername string
MonitoSyncUsernamerUsername is the user used by MaxScale config sync to connect to MariaDB server. It is defaulted when HA is enabled.
syncPasswordSecretKeyRef
SyncPasswordSecretKeyRef is Secret key reference to the password used by MaxScale config to connect to MariaDB server. It is defaulted when HA is enabled. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
syncMaxConnections integer
SyncMaxConnections defines the maximum number of connections that the sync can establish. If HA is enabled, make sure to increase this value, as more MaxScale replicas implies more connections. It defaults to 30 times the number of MaxScale replicas.
protocol string
Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol.
params object (keys:string, values:string)
Params defines extra parameters to pass to the listener. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#listener_1.
interval
Interval used to monitor MariaDB servers. It is defaulted if not provided.
cooperativeMonitoring
CooperativeMonitoring enables coordination between multiple MaxScale instances running monitors. It is defaulted when HA is enabled.
Enum: [majority_of_all majority_of_running]
params object (keys:string, values:string)
Params defines extra parameters to pass to the monitor. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/. Monitor specific parameter are also supported: https://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters. https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
topologySpreadConstraints array
TopologySpreadConstraints to be used in the Pod.
protocol string
Protocol is the MaxScale protocol to use when communicating with this MariaDB server. If not provided, it defaults to MariaDBBackend.
maintenance boolean
Maintenance indicates whether the server is in maintenance mode.
params object (keys:string, values:string)
Params defines extra parameters to pass to the server. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#server_1.
listener
MaxScaleListener defines how the MaxScale server will listen for connections.
Required: {}
params object (keys:string, values:string)
Params defines extra parameters to pass to the service. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#service_1. Router specific parameter are also supported: https://mariadb.com/kb/en/mariadb-maxscale-2308-readwritesplit/#configuration. https://mariadb.com/kb/en/mariadb-maxscale-2308-readconnroute/#configuration.
envFrom array
EnvFrom represents the references (via ConfigMap and Secrets) to environment variables to be injected in the container.
volumeMounts array
VolumeMounts to be used in the Container.
livenessProbe
LivenessProbe to be used in the Container.
readinessProbe
ReadinessProbe to be used in the Container.
startupProbe
StartupProbe to be used in the Container.
resources
Resources describes the compute resource requirements.
securityContext
SecurityContext holds security configuration that will be applied to a container.
podMetadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
topologySpreadConstraints array
TopologySpreadConstraints to be used in the Pod.
suspend boolean
Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
false
mariaDbRef
MariaDBRef is a reference to the MariaDB that MaxScale points to. It is used to initialize the servers field.
primaryServer string
PrimaryServer specifies the desired primary server. Setting this field triggers a switchover operation in MaxScale to the desired server. This option is only valid when using monitors that support switchover, currently limited to the MariaDB monitor.
servers array
Servers are the MariaDB servers to forward traffic to. It is required if 'spec.mariaDbRef' is not provided.
image string
Image name to be used by the MaxScale instances. The supported format is <image>:<tag>.
Only MaxScale official images are supported.
imagePullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
Enum: [Always Never IfNotPresent]
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
services array
Services define how the traffic is forwarded to the MariaDB servers. It is defaulted if not provided.
monitor
Monitor monitors MariaDB server instances. It is required if 'spec.mariaDbRef' is not provided.
admin
Admin configures the admin REST API and GUI.
config
Config defines the MaxScale configuration.
auth
Auth defines the credentials required for MaxScale to connect to MariaDB.
metrics
Metrics configures metrics and how to scrape them.
tls
TLS defines the PKI to be used with MaxScale.
connection
Connection provides a template to define the Connection for MaxScale.
replicas integer
Replicas indicates the number of desired instances.
1
podDisruptionBudget
PodDisruptionBudget defines the budget for replica availability.
updateStrategy
UpdateStrategy defines the update strategy for the StatefulSet object.
kubernetesService
KubernetesService defines a template for a Kubernetes Service object to connect to MaxScale.
guiKubernetesService
GuiKubernetesService defines a template for a Kubernetes Service object to connect to MaxScale's GUI.
requeueInterval
RequeueInterval is used to perform requeue reconciliations. If not defined, it defaults to 10s.
adminCASecretRef
AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the server certificate.
adminCertSecretRef
AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI.
adminCertIssuerRef
AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with adminCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef.
adminCertConfig
AdminCertConfig allows configuring the admin certificates, either issued by the operator or cert-manager. If not set, the default settings will be used.
listenerCASecretRef
ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the listener certificate.
listenerCertSecretRef
ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners.
listenerCertIssuerRef
ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with listenerCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef.
listenerCertConfig
ListenerCertConfig allows configuring the listener certificates, either issued by the operator or cert-manager. If not set, the default settings will be used.
serverCASecretRef
ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. The Secret should contain a 'ca.crt' key in order to establish trust. If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle.
serverCertSecretRef
ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef).
verifyPeerCertificate boolean
VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA. It is disabled by default.
verifyPeerHost boolean
VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host. It is disabled by default.
replicationSSLEnabled boolean
ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration. It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled. If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well.
storageClassName string
spec
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
podMetadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
compression
Compression algorithm to be used in the Backup.
Enum: [none bzip2 gzip]
stagingStorage
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the PhysicalBackup Job is scheduled. The staging area gets cleaned up after each backup is completed, consider this for sizing it appropriately.
storage
Storage defines the final storage for backups.
Required: {}
schedule
Schedule defines when the PhysicalBackup will be taken.
maxRetention
MaxRetention defines the retention policy for backups. Old backups will be cleaned up by the Backup Job. It defaults to 30 days.
timeout
Timeout defines the maximum duration of a PhysicalBackup job or snapshot. If this duration is exceeded, the job or snapshot is considered expired and is deleted by the operator. A new job or snapshot will then be created according to the schedule. It defaults to 1 hour.
podAffinity boolean
PodAffinity indicates whether the Jobs should run in the same Node as the MariaDB Pods to be able to attach the PVC. It defaults to true.
backoffLimit integer
BackoffLimit defines the maximum number of attempts to successfully take a PhysicalBackup.
restartPolicy
RestartPolicy to be added to the PhysicalBackup Pod.
OnFailure
Enum: [Always OnFailure Never]
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
successfulJobsHistoryLimit integer
SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed. It defaults to 5.
Minimum: 0
volumeSnapshot
VolumeSnapshot is a Kubernetes VolumeSnapshot specification.
runAsNonRoot boolean
supplementalGroups integer array
fsGroup integer
fsGroupChangePolicy
seccompProfile
appArmorProfile
sidecarContainers array
SidecarContainers to be used in the Pod.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
volumes array
Volumes to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
topologySpreadConstraints array
TopologySpreadConstraints to be used in the Pod.
initialDelaySeconds integer
timeoutSeconds integer
periodSeconds integer
successThreshold integer
failureThreshold integer
maxLagSeconds integer
MaxLagSeconds is the maximum number of seconds that replicas are allowed to lag behind the primary. If a replica exceeds this threshold, it is marked as not ready and read queries will no longer be forwarded to it. If not provided, it defaults to 0, which means that replicas are not allowed to lag behind the primary (recommended). Lagged replicas will not be taken into account as candidates for the new primary during failover, and they will block other operations, such as switchover and upgrade. This field is not taken into account by MaxScale, you can define the maximum lag as router parameters. See: https://mariadb.com/docs/maxscale/reference/maxscale-routers/maxscale-readwritesplit#max_replication_lag.
syncTimeout
SyncTimeout defines the timeout for the synchronization phase during switchover and failover operations. During switchover, all replicas must be synced with the current primary before promoting the new primary. During failover, the new primary must be synced before being promoted as primary. This implies processing all the events in the relay log. When the timeout is reached, the operator restarts the operation from the beginning. It defaults to 10s. See: https://mariadb.com/docs/server/reference/sql-functions/secondary-functions/miscellaneous-functions/master_gtid_wait
bootstrapFrom
ReplicaBootstrapFrom defines the data sources used to bootstrap new replicas. This will be used as part of the scaling out and recovery operations, when new replicas are created. If not provided, scale out and recovery operations will return an error.
recovery
ReplicaRecovery defines how the replicas should be recovered after they enter an error state. This process deletes data from faulty replicas and recreates them using the source defined in the bootstrapFrom field. It is disabled by default, and it requires the bootstrapFrom field to be set.
semiSyncEnabled boolean
SemiSyncEnabled determines whether semi-synchronous replication is enabled. Semi-synchronous replication requires that at least one replica should have sent an ACK to the primary node before committing the transaction back to the client. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication It is enabled by default
semiSyncAckTimeout
SemiSyncAckTimeout for the replica to acknowledge transactions to the primary. It requires semi-synchronous replication to be enabled. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication#rpl_semi_sync_master_timeout
semiSyncWaitPoint
SemiSyncWaitPoint determines whether the transaction should wait for an ACK after having synced the binlog (AfterSync) or after having committed to the storage engine (AfterCommit, the default). It requires semi-synchronous replication to be enabled. See: https://mariadb.com/kb/en/semisynchronous-replication/#rpl_semi_sync_master_wait_point.
Enum: [AfterSync AfterCommit]
syncBinlog integer
SyncBinlog indicates after how many events the binary log is synchronized to the disk. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/replication-and-binary-log-system-variables#sync_binlog
initContainer
InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
agent
Agent is a sidecar agent that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
standaloneProbes boolean
StandaloneProbes indicates whether to use the default non-HA startup and liveness probes. It is disabled by default
enabled boolean
Enabled is a flag to enable replication.
semiSyncEnabled boolean
SemiSyncEnabled determines whether semi-synchronous replication is enabled. Semi-synchronous replication requires that at least one replica should have sent an ACK to the primary node before committing the transaction back to the client. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication It is enabled by default
semiSyncAckTimeout
SemiSyncAckTimeout for the replica to acknowledge transactions to the primary. It requires semi-synchronous replication to be enabled. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/semisynchronous-replication#rpl_semi_sync_master_timeout
semiSyncWaitPoint
SemiSyncWaitPoint determines whether the transaction should wait for an ACK after having synced the binlog (AfterSync) or after having committed to the storage engine (AfterCommit, the default). It requires semi-synchronous replication to be enabled. See: https://mariadb.com/kb/en/semisynchronous-replication/#rpl_semi_sync_master_wait_point.
Enum: [AfterSync AfterCommit]
syncBinlog integer
SyncBinlog indicates after how many events the binary log is synchronized to the disk. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/replication-and-binary-log-system-variables#sync_binlog
initContainer
InitContainer is an init container that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
agent
Agent is a sidecar agent that runs in the MariaDB Pod and co-operates with mariadb-enterprise-operator.
standaloneProbes boolean
StandaloneProbes indicates whether to use the default non-HA startup and liveness probes. It is disabled by default
spec
targetRecoveryTime
TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective. It is used to determine the closest restoration source in time.
stagingStorage
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Restore Job is scheduled.
podMetadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
backupRef
BackupRef is a reference to a Backup object. It has priority over S3 and Volume.
s3
S3 defines the configuration to restore backups from a S3 compatible storage. It has priority over Volume.
volume
Volume is a Kubernetes Volume object that contains a backup.
targetRecoveryTime
TargetRecoveryTime is a RFC3339 (1970-01-01T00:00:00Z) date and time that defines the point in time recovery objective. It is used to determine the closest restoration source in time.
stagingStorage
StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed. It defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Restore Job is scheduled.
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
database string
Database defines the logical database to be restored. If not provided, all databases available in the backup are restored. IMPORTANT: The database must previously exist.
logLevel string
LogLevel to be used n the Backup Job. It defaults to 'info'.
info
backoffLimit integer
BackoffLimit defines the maximum number of attempts to successfully perform a Backup.
5
restartPolicy
RestartPolicy to be added to the Backup Job.
OnFailure
Enum: [Always OnFailure Never]
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
prefix string
Prefix indicates a folder/subfolder in the bucket. For example: mariadb/ or mariadb/backups. A trailing slash '/' is added if not provided.
accessKeyIdSecretKeyRef
AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id.
secretAccessKeySecretKeyRef
AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key.
sessionTokenSecretKeyRef
SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token.
tls
TLS provides the configuration required to establish TLS connections with S3.
usernameKey string
UsernameKey to be used in the Secret.
passwordKey string
PasswordKey to be used in the Secret.
hostKey string
HostKey to be used in the Secret.
portKey string
PortKey to be used in the Secret.
databaseKey string
DatabaseKey to be used in the Secret.
runAsGroup integer
runAsNonRoot boolean
readOnlyRootFilesystem boolean
allowPrivilegeEscalation boolean
scrapeTimeout string
ScrapeTimeout defines the timeout for scraping metrics.
loadBalancerSourceRanges string array
LoadBalancerSourceRanges Service field.
externalTrafficPolicy
ExternalTrafficPolicy Service field.
sessionAffinity
SessionAffinity Service field.
allocateLoadBalancerNodePorts boolean
AllocateLoadBalancerNodePorts Service field.
spec
podMetadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
serviceAccountName string
ServiceAccountName is the name of the ServiceAccount to be used by the Pods.
affinity
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
tolerations array
Tolerations to be used in the Pod.
priorityClassName string
PriorityClassName to be used in the Pod.
successfulJobsHistoryLimit integer
SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed.
Minimum: 0
failedJobsHistoryLimit integer
FailedJobsHistoryLimit defines the maximum number of failed Jobs to be displayed.
Minimum: 0
timeZone string
TimeZone defines the timezone associated with the cron expression.
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
schedule
Schedule defines when the SqlJob will be executed.
username string
Username to be impersonated when executing the SqlJob.
Required: {}
passwordSecretKeyRef
UserPasswordSecretKeyRef is a reference to the impersonated user's password to be used when executing the SqlJob.
Required: {}
tlsCASecretRef
TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob. If not provided, the CA bundle provided by the referred MariaDB is used.
tlsClientCertSecretRef
TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob. If not provided, the client certificate provided by the referred MariaDB is used.
database string
Username to be used when executing the SqlJob.
dependsOn array
DependsOn defines dependencies with other SqlJob objectecs.
sql string
Sql is the script to be executed by the SqlJob.
sqlConfigMapKeyRef
SqlConfigMapKeyRef is a reference to a ConfigMap containing the Sql script. It is defaulted to a ConfigMap with the contents of the Sql field.
backoffLimit integer
BackoffLimit defines the maximum number of attempts to successfully execute a SqlJob.
5
restartPolicy
RestartPolicy to be added to the SqlJob Pod.
OnFailure
Enum: [Always OnFailure Never]
inheritMetadata
InheritMetadata defines the metadata to be inherited by children resources.
resizeInUseVolumes boolean
ResizeInUseVolumes indicates whether the PVCs can be resized. The 'StorageClassName' used should have 'allowVolumeExpansion' set to 'true' to allow resizing. It defaults to true.
waitForVolumeResize boolean
WaitForVolumeResize indicates whether to wait for the PVCs to be resized before marking the MariaDB object as ready. This will block other operations such as cluster recovery while the resize is in progress. It defaults to true.
volumeClaimTemplate
VolumeClaimTemplate provides a template to define the PVCs.
hostPath
persistentVolumeClaim
serverCASecretRef
ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided. If not provided, a self-signed CA will be provisioned to issue the server certificate.
serverCertSecretRef
ServerCertSecretRef is a reference to a TLS Secret containing the server certificate. It is mutually exclusive with serverCertIssuerRef.
serverCertIssuerRef
ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with serverCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef.
serverCertConfig
ServerCertConfig allows configuring the server certificates, either issued by the operator or cert-manager. If not set, the default settings will be used.
clientCASecretRef
ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates. One of: - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. - Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided. If not provided, a self-signed CA will be provisioned to issue the client certificate.
clientCertSecretRef
ClientCertSecretRef is a reference to a TLS Secret containing the client certificate. It is mutually exclusive with clientCertIssuerRef.
clientCertIssuerRef
ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster. It is mutually exclusive with clientCertSecretRef. By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef.
clientCertConfig
ClientCertConfig allows configuring the client certificates, either issued by the operator or cert-manager. If not set, the default settings will be used.
galeraSSTEnabled boolean
GaleraSSTEnabled determines whether Galera SST connections should use TLS. It disabled by default.
galeraServerSSLMode string
GaleraServerSSLMode defines the server SSL mode for a Galera Enterprise cluster. This field is only supported and applicable for Galera Enterprise >= 10.6 instances. Refer to the MariaDB Enterprise docs for more detail: https://mariadb.com/docs/galera-cluster/galera-security/mariadb-enterprise-cluster-security#wsrep-tls-modes
Enum: [PROVIDER SERVER SERVER_X509]
galeraClientSSLMode string
GaleraClientSSLMode defines the client SSL mode for a Galera Enterprise cluster. This field is only supported and applicable for Galera Enterprise >= 10.6 instances. Refer to the MariaDB Enterprise docs for more detail: https://mariadb.com/docs/galera-cluster/galera-security/mariadb-enterprise-cluster-security#sst-tls-modes
Enum: [DISABLED REQUIRED VERIFY_CA VERIFY_IDENTITY]
privateKeySize integer
PrivateKeyAlgorithm is the key size to be used for the CA and leaf certificate private keys. Supported values: ECDSA(256, 384, 521), RSA(2048, 3072, 4096)
subject string
Subject indicates that the TLS certificate provided by the user must have a specific subject.
labelSelector
minDomains integer
nodeAffinityPolicy
nodeTaintsPolicy
matchLabelKeys string array
spec
mariaDbRef
MariaDBRef is a reference to a MariaDB object.
Required: {}
passwordSecretKeyRef
PasswordSecretKeyRef is a reference to the password to be used by the User. If not provided, the account will be locked and the password will expire. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password.
passwordHashSecretKeyRef
PasswordHashSecretKeyRef is a reference to the password hash to be used by the User. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash. It requires the 'skip-strict-password-validation' option to be set. See: https://mariadb.com/docs/server/ref/mdb/cli/mariadbd/strict-password-validation/.
passwordPlugin
PasswordPlugin is a reference to the password plugin and arguments to be used by the User. It requires the 'skip-strict-password-validation' option to be set. See: https://mariadb.com/docs/server/ref/mdb/cli/mariadbd/strict-password-validation/.
require
Require specifies TLS requirements for the user to connect. See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls.
maxUserConnections integer
MaxUserConnections defines the maximum number of simultaneous connections that the User can establish.
10
name string
Name overrides the default name provided by metadata.name.
MaxLength: 80
host string
Host related to the User.
MaxLength: 255
csi
hostPath
persistentVolumeClaim
secret
configMap
storageClassName string
metadata
Refer to Kubernetes API documentation for fields of metadata.
subPath string
hostPath
persistentVolumeClaim
secret
configMap
podAntiAffinity PodAntiAffinity
nodeAffinity NodeAffinity
podAntiAffinity PodAntiAffinity
nodeAffinity NodeAffinity
antiAffinityEnabled boolean
AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods.
command string array
Command to be used in the Container.
args string array
Args to be used in the Container.
env EnvVar array
Env represents the environment variables to be injected in a container.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
Backup
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
Logical
BackupContentTypeLogical represents a logical backup created using mariadb-dump.
Physical
BackupContentTypePhysical represents a physical backup created using mariadb-backup.
args string array
Args to be used in the Container.
resources ResourceRequirements
Resources describes the compute resource requirements.
securityContext SecurityContext
SecurityContext holds security configuration that will be applied to a container.
persistentVolumeClaim PersistentVolumeClaimSpec
PersistentVolumeClaim is a Kubernetes PVC specification.
volume StorageVolumeSource
Volume is a Kubernetes volume specification.
s3 S3
S3 defines the configuration to store backups in a S3 compatible storage.
persistentVolumeClaim PersistentVolumeClaimSpec
PersistentVolumeClaim is a Kubernetes PVC specification.
volume StorageVolumeSource
Volume is a Kubernetes volume specification.
enabled boolean
Enabled is a flag to enable BasicAuth
username string
Username to be used for basic authentication
passwordSecretKeyRef GeneratedSecretKeyRef
PasswordSecretKeyRef to be used for basic authentication
backupRef TypedLocalObjectReference
BackupRef is reference to a backup object. If the Kind is not specified, a logical Backup is assumed. This field takes precedence over S3 and Volume sources.
volumeSnapshotRef LocalObjectReference
VolumeSnapshotRef is a reference to a VolumeSnapshot object. This field takes precedence over S3 and Volume sources.
backupContentType BackupContentType
BackupContentType is the backup content type available in the source to bootstrap from. It is inferred based on the BackupRef and VolumeSnapshotRef fields. If inference is not possible, it defaults to Logical. Set this field explicitly when using physical backups from S3 or Volume sources.
driver string
readOnly boolean
fsType string
Skip
CleanupPolicySkip indicates that the resource will NOT be deleted from the database after the CR is deleted.
Delete
CleanupPolicyDelete indicates that the resource will be deleted from the database after the CR is deleted.
none
No compression
bzip2
Bzip2 compression. Good compression ratio, but slower compression/decompression speed compared to gzip.
gzip
Gzip compression. Good compression/decompression speed, but worse compression ratio compared to bzip2.
name string
key string
name string
defaultMode integer
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
Connection
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
secretName string
SecretName to be used in the Connection.
secretTemplate SecretTemplate
SecretTemplate to be used in the Connection.
healthCheck HealthCheck
HealthCheck to be used in the Connection.
secretName string
SecretName to be used in the Connection.
secretTemplate SecretTemplate
SecretTemplate to be used in the Connection.
healthCheck HealthCheck
HealthCheck to be used in the Connection.
name string
Name to be given to the container.
image string
Image name to be used by the container. The supported format is <image>:<tag>.
Required: {}
imagePullPolicy PullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
command string array
Command to be used in the Container.
args string array
Args to be used in the Container.
env EnvVar array
Env represents the environment variables to be injected in a container.
majority_of_all
CooperativeMonitoringMajorityOfAll requires a lock from the majority of the MariaDB servers, even the ones that are down.
majority_of_running
CooperativeMonitoringMajorityOfRunning requires a lock from the majority of the MariaDB servers.
successfulJobsHistoryLimit integer
SuccessfulJobsHistoryLimit defines the maximum number of successful Jobs to be displayed.
Minimum: 0
failedJobsHistoryLimit integer
FailedJobsHistoryLimit defines the maximum number of failed Jobs to be displayed.
Minimum: 0
timeZone string
TimeZone defines the timezone associated with the cron expression.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
Database
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
requeueInterval Duration
RequeueInterval is used to perform requeue reconciliations.
retryInterval Duration
RetryInterval is the interval used to perform retries.
cleanupPolicy CleanupPolicy
CleanupPolicy defines the behavior for cleaning up a SQL resource.
medium StorageMedium
sizeLimit Quantity
prefix string
configMapRef LocalObjectReference
secretRef LocalObjectReference
name string
Name of the environment variable. Must be a C_IDENTIFIER.
value string
valueFrom EnvVarSource
fieldRef ObjectFieldSelector
configMapKeyRef ConfigMapKeySelector
secretKeyRef SecretKeySelector
command string array
image string
Image name to be used as metrics exporter. The supported format is <image>:<tag>.
imagePullPolicy PullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
Enum: [Always Never IfNotPresent]
imagePullSecrets LocalObjectReference array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
ExternalMariaDB
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
image string
Image name to be used to perform operations on the external MariaDB, for example, for taking backups.
The supported format is <image>:<tag>. Only MariaDB official images are supported.
If not provided, the MariaDB image version be inferred by the operator in runtime. The default MariaDB image will be used in this case,
imagePullPolicy PullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
Enum: [Always Never IfNotPresent]
imagePullSecrets LocalObjectReference array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
primary PrimaryGalera
Primary is the Galera configuration for the primary node.
sst SST
SST is the Snapshot State Transfer used when new Pods join the cluster. More info: https://galeracluster.com/library/documentation/sst.html.
Enum: [rsync mariabackup mysqldump]
availableWhenDonor boolean
AvailableWhenDonor indicates whether a donor node should be responding to queries. It defaults to false.
reuseStorageVolume boolean
ReuseStorageVolume indicates that storage volume used by MariaDB should be reused to store the Galera configuration files. It defaults to false, which implies that a dedicated volume for the Galera configuration files is provisioned.
volumeClaimTemplate VolumeClaimTemplate
VolumeClaimTemplate is a template for the PVC that will contain the Galera configuration files shared between the InitContainer, Agent and MariaDB.
metadata Metadata
Refer to Kubernetes API documentation for fields of metadata.
resources ResourceRequirements
Resources describes the compute resource requirements.
enabled boolean
Enabled is a flag to enable GaleraRecovery.
minClusterSize IntOrString
MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is initiated. It defaults to '1' replica, and it is highly recommendeded to keep this value at '1' in most cases. If set to more than one replica, the cluster recovery process may restart the healthy replicas as well.
clusterMonitorInterval Duration
ClusterMonitorInterval represents the interval used to monitor the Galera cluster health.
metadata Metadata
Refer to Kubernetes API documentation for fields of metadata.
resources ResourceRequirements
Resources describes the compute resource requirements.
podAffinity boolean
PodAffinity indicates whether the recovery Jobs should run in the same Node as the MariaDB Pods. It defaults to true.
primary PrimaryGalera
Primary is the Galera configuration for the primary node.
sst SST
SST is the Snapshot State Transfer used when new Pods join the cluster. More info: https://galeracluster.com/library/documentation/sst.html.
Enum: [rsync mariabackup mysqldump]
availableWhenDonor boolean
AvailableWhenDonor indicates whether a donor node should be responding to queries. It defaults to false.
name string
key string
generate boolean
Generate indicates whether the Secret should be generated if the Secret referenced is not present.
false
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
Grant
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
requeueInterval Duration
RequeueInterval is used to perform requeue reconciliations.
retryInterval Duration
RetryInterval is the interval used to perform retries.
cleanupPolicy CleanupPolicy
CleanupPolicy defines the behavior for cleaning up a SQL resource.
CurrentPos
GtidCurrentPos indicates the union of gtid_binlog_pos and gtid_slave_pos will be used when replicating from master.
SlavePos
GtidSlavePos indicates that gtid_slave_pos will be used when replicating from master.
path string
port IntOrString
host string
interval Duration
Interval used to perform health checks.
retryInterval Duration
RetryInterval is the interval used to perform health check retries.
path string
type string
command string array
Command to be used in the Container.
args string array
Args to be used in the Container.
env EnvVar array
Env represents the environment variables to be injected in a container.
metadata Metadata
Refer to Kubernetes API documentation for fields of metadata.
affinity AffinityConfig
Affinity to be used in the Pod.
nodeSelector object (keys:string, values:string)
NodeSelector to be used in the Pod.
args string array
Args to be used in the Container.
resources ResourceRequirements
Resources describes the compute resource requirements.
securityContext SecurityContext
SecurityContext holds security configuration that will be applied to a container.
podMetadata Metadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets LocalObjectReference array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext PodSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
enabled boolean
Enabled is a flag to enable KubernetesAuth
authDelegatorRoleName string
AuthDelegatorRoleName is the name of the ClusterRoleBinding that is associated with the "system:auth-delegator" ClusterRole. It is necessary for creating TokenReview objects in order for the agent to validate the service account token.
matchLabels object (keys:string, values:string)
matchExpressions LabelSelectorRequirement array
key string
operator LabelSelectorOperator
values string array
name string
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
MariaDB
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
enabled boolean
Enabled is a flag to enable a MaxScale instance to be used with the current MariaDB.
image string
Image name to be used by the MaxScale instances. The supported format is <image>:<tag>.
Only MariaDB official images are supported.
imagePullPolicy PullPolicy
ImagePullPolicy is the image pull policy. One of Always, Never or IfNotPresent. If not defined, it defaults to IfNotPresent.
name string
namespace string
kind string
Kind of the referent.
command string array
Command to be used in the Container.
args string array
Args to be used in the Container.
env EnvVar array
Env represents the environment variables to be injected in a container.
enabled boolean
Enabled is a flag to enable Metrics
exporter Exporter
Exporter defines the metrics exporter container.
serviceMonitor ServiceMonitor
ServiceMonitor defines the ServiceMonior object.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
MaxScale
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
port integer
Port where the admin REST API and GUI will be exposed.
guiEnabled boolean
GuiEnabled indicates whether the admin GUI should be enabled.
generate boolean
Generate defies whether the operator should generate users and grants for MaxScale to work. It only supports MariaDBs specified via spec.mariaDbRef.
adminUsername string
AdminUsername is an admin username to call the admin REST API. It is defaulted if not provided.
adminPasswordSecretKeyRef GeneratedSecretKeyRef
AdminPasswordSecretKeyRef is Secret key reference to the admin password to call the admin REST API. It is defaulted if not provided.
params object (keys:string, values:string)
Params is a key value pair of parameters to be used in the MaxScale static configuration file. Any parameter supported by MaxScale may be specified here. See reference: https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-maxscale-configuration-guide/#global-settings.
volumeClaimTemplate VolumeClaimTemplate
VolumeClaimTemplate provides a template to define the PVCs for storing MaxScale runtime configuration files. It is defaulted if not provided.
sync MaxScaleConfigSync
Sync defines how to replicate configuration across MaxScale replicas. It is defaulted when HA is enabled.
database string
Database is the MariaDB logical database where the 'maxscale_config' table will be created in order to persist and synchronize config changes. If not provided, it defaults to 'mysql'.
interval Duration
Interval defines the config synchronization interval. It is defaulted if not provided.
timeout Duration
Interval defines the config synchronization timeout. It is defaulted if not provided.
suspend boolean
Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
false
name string
Name is the identifier of the listener. It is defaulted if not provided
port integer
Port is the network port where the MaxScale server will listen.
enabled boolean
Enabled is a flag to enable Metrics
exporter Exporter
Exporter defines the metrics exporter container.
serviceMonitor ServiceMonitor
ServiceMonitor defines the ServiceMonior object.
suspend boolean
Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
false
name string
Name is the identifier of the monitor. It is defaulted if not provided.
module MonitorModule
Module is the module to use to monitor MariaDB servers. It is mandatory when no MariaDB reference is provided.
podMetadata Metadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets LocalObjectReference array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext PodSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
name string
Name is the identifier of the MariaDB server.
Required: {}
address string
Address is the network address of the MariaDB server.
Required: {}
port integer
Port is the network port of the MariaDB server. If not provided, it defaults to 3306.
suspend boolean
Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
false
name string
Name is the identifier of the MaxScale service.
Required: {}
router ServiceRouter
Router is the type of router to use.
command string array
Command to be used in the Container.
args string array
Args to be used in the Container.
env EnvVar array
Env represents the environment variables to be injected in a container.
enabled boolean
Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance. It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced.
adminVersions string array
Versions specifies the supported TLS versions in the MaxScale REST API. By default, the MaxScale's default supported versions are used. See: https://mariadb.com/kb/en/mariadb-maxscale-25-mariadb-maxscale-configuration-guide/#admin_ssl_version
items:Enum: [TLSv10 TLSv11 TLSv12 TLSv13 MAX]
serverVersions string array
ServerVersions specifies the supported TLS versions in both the servers and listeners managed by this MaxScale instance. By default, the MaxScale's default supported versions are used. See: https://mariadb.com/kb/en/mariadb-maxscale-25-mariadb-maxscale-configuration-guide/#ssl_version.
labels object (keys:string, values:string)
Labels to be added to children resources.
annotations object (keys:string, values:string)
Annotations to be added to children resources.
mariadbmon
MonitorModuleMariadb is a monitor to be used with MariaDB servers.
galeramon
MonitorModuleGalera is a monitor to be used with Galera servers.
server string
path string
readOnly boolean
requiredDuringSchedulingIgnoredDuringExecution NodeSelector
preferredDuringSchedulingIgnoredDuringExecution PreferredSchedulingTerm array
nodeSelectorTerms NodeSelectorTerm array
key string
operator NodeSelectorOperator
values string array
matchExpressions NodeSelectorRequirement array
matchFields NodeSelectorRequirement array
apiVersion string
fieldPath string
name string
namespace string
pluginNameSecretKeyRef SecretKeySelector
PluginNameSecretKeyRef is a reference to the authentication plugin to be used by the User. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin.
pluginArgSecretKeyRef SecretKeySelector
PluginArgSecretKeyRef is a reference to the arguments to be provided to the authentication plugin for the User. If the referred Secret is labeled with "enterprise.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin arguments.
accessModes PersistentVolumeAccessMode array
selector LabelSelector
resources VolumeResourceRequirements
claimName string
readOnly boolean
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
PhysicalBackup
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
podMetadata Metadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets LocalObjectReference array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
podSecurityContext PodSecurityContext
SecurityContext holds pod-level security attributes and common container settings.
cron string
Cron is a cron expression that defines the schedule.
suspend boolean
Suspend defines whether the schedule is active or not.
false
immediate boolean
Immediate indicates whether the first backup should be taken immediately after creating the PhysicalBackup.
args string array
Args to be used in the Container.
resources ResourceRequirements
Resources describes the compute resource requirements.
securityContext SecurityContext
SecurityContext holds security configuration that will be applied to a container.
s3 S3
S3 defines the configuration to store backups in a S3 compatible storage.
persistentVolumeClaim PersistentVolumeClaimSpec
PersistentVolumeClaim is a Kubernetes PVC specification.
volume StorageVolumeSource
Volume is a Kubernetes volume specification.
metadata Metadata
Refer to Kubernetes API documentation for fields of metadata.
volumeSnapshotClassName string
VolumeSnapshotClassName is the VolumeSnapshot class to be used to take snapshots.
Required: {}
labelSelector LabelSelector
topologyKey string
requiredDuringSchedulingIgnoredDuringExecution PodAffinityTerm array
preferredDuringSchedulingIgnoredDuringExecution WeightedPodAffinityTerm array
minAvailable IntOrString
MinAvailable defines the number of minimum available Pods.
maxUnavailable IntOrString
MaxUnavailable defines the number of maximum unavailable Pods.
seLinuxOptions SELinuxOptions
runAsUser integer
runAsGroup integer
podMetadata Metadata
PodMetadata defines extra metadata for the Pod.
imagePullSecrets LocalObjectReference array
ImagePullSecrets is the list of pull Secrets to be used to pull the image.
initContainers Container array
InitContainers to be used in the Pod.
weight integer
preference NodeSelectorTerm
podIndex integer
PodIndex is the StatefulSet index of the primary node. The user may change this field to perform a manual switchover.
autoFailover boolean
AutoFailover indicates whether the operator should automatically update PodIndex to perform an automatic primary failover.
podIndex integer
PodIndex is the StatefulSet index of the primary node. The user may change this field to perform a manual switchover.
autoFailover boolean
AutoFailover indicates whether the operator should automatically update PodIndex to perform an automatic primary failover. It is enabled by default.
autoFailoverDelay Duration
AutoFailoverDelay indicates the duration before performing an automatic primary failover. By default, no extra delay is added.
exec ExecAction
httpGet HTTPGetAction
tcpSocket TCPSocketAction
exec ExecAction
httpGet HTTPGetAction
tcpSocket TCPSocketAction
physicalBackupTemplateRef LocalObjectReference
PhysicalBackupTemplateRef is a reference to a PhysicalBackup object that will be used as template to create a new PhysicalBackup object used synchronize the data from an up to date replica to the new replica to be bootstrapped.
Required: {}
restoreJob Job
RestoreJob defines additional properties for the Job used to perform the restoration.
enabled boolean
Enabled is a flag to enable replica recovery.
Required: {}
errorDurationThreshold Duration
ErrorDurationThreshold defines the time duration after which, if a replica continues to report errors, the operator will initiate the recovery process for that replica. This threshold applies only to error codes not identified as recoverable by the operator. Errors identified as recoverable will trigger the recovery process immediately. It defaults to 5 minutes.
replPasswordSecretKeyRef GeneratedSecretKeyRef
ReplPasswordSecretKeyRef provides a reference to the Secret to use as password for the replication user. By default, a random password will be generated.
gtid Gtid
Gtid indicates which Global Transaction ID (GTID) position mode should be used when connecting a replica to the master. By default, CurrentPos is used. See: https://mariadb.com/docs/server/reference/sql-statements/administrative-sql-statements/replication-statements/change-master-to#master_use_gtid.
Enum: [CurrentPos SlavePos]
connectionRetrySeconds integer
ConnectionRetrySeconds is the number of seconds that the replica will wait between connection retries. See: https://mariadb.com/docs/server/reference/sql-statements/administrative-sql-statements/replication-statements/change-master-to#master_connect_retry.
primary PrimaryReplication
Primary is the replication configuration for the primary node.
replica ReplicaReplication
ReplicaReplication is the replication configuration for the replica nodes.
gtidStrictMode boolean
GtidStrictMode determines whether the GTID strict mode is enabled. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/gtid#gtid_strict_mode. It is enabled by default.
primary PrimaryReplication
Primary is the replication configuration for the primary node.
replica ReplicaReplication
ReplicaReplication is the replication configuration for the replica nodes.
gtidStrictMode boolean
GtidStrictMode determines whether the GTID strict mode is enabled. See: https://mariadb.com/docs/server/ha-and-performance/standard-replication/gtid#gtid_strict_mode. It is enabled by default.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
Restore
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
backupRef LocalObjectReference
BackupRef is a reference to a Backup object. It has priority over S3 and Volume.
s3 S3
S3 defines the configuration to restore backups from a S3 compatible storage. It has priority over Volume.
volume StorageVolumeSource
Volume is a Kubernetes Volume object that contains a backup.
args string array
Args to be used in the Container.
resources ResourceRequirements
Resources describes the compute resource requirements.
securityContext SecurityContext
SecurityContext holds security configuration that will be applied to a container.
bucket string
Bucket is the name Name of the bucket to store backups.
Required: {}
endpoint string
Endpoint is the S3 API endpoint without scheme.
Required: {}
region string
Region is the S3 region name to use.
requeueInterval Duration
RequeueInterval is used to perform requeue reconciliations.
retryInterval Duration
RetryInterval is the interval used to perform retries.
cleanupPolicy CleanupPolicy
CleanupPolicy defines the behavior for cleaning up a SQL resource.
rsync
SSTRsync is an SST based on rsync.
mariabackup
SSTMariaBackup is an SST based on mariabackup. It is the recommended SST.
mysqldump
SSTMysqldump is an SST based on mysqldump.
cron string
Cron is a cron expression that defines the schedule.
Required: {}
suspend boolean
Suspend defines whether the schedule is active or not.
false
name string
key string
metadata Metadata
Refer to Kubernetes API documentation for fields of metadata.
key string
Key to be used in the Secret.
format string
Format to be used in the Secret.
secretName string
defaultMode integer
capabilities Capabilities
privileged boolean
runAsUser integer
prometheusRelease string
PrometheusRelease is the release label to add to the ServiceMonitor object.
jobLabel string
JobLabel to add to the ServiceMonitor object.
interval string
Interval for scraping metrics.
name string
port integer
readwritesplit
ServiceRouterReadWriteSplit splits the load based on the queries. Write queries are performed on master and read queries on the replicas.
readconnroute
ServiceRouterReadConnRoute splits the load based on the connections. Each connection is assigned to a server.
type ServiceType
Type is the Service type. One of ClusterIP, NodePort or LoadBalancer. If not defined, it defaults to ClusterIP.
ClusterIP
Enum: [ClusterIP NodePort LoadBalancer]
metadata Metadata
Refer to Kubernetes API documentation for fields of metadata.
loadBalancerIP string
LoadBalancerIP Service field.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
SqlJob
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
args string array
Args to be used in the Container.
resources ResourceRequirements
Resources describes the compute resource requirements.
securityContext SecurityContext
SecurityContext holds security configuration that will be applied to a container.
ephemeral boolean
Ephemeral indicates whether to use ephemeral storage in the PVCs. It is only compatible with non HA MariaDBs.
size Quantity
Size of the PVCs to be mounted by MariaDB. Required if not provided in 'VolumeClaimTemplate'. It supersedes the storage size specified in 'VolumeClaimTemplate'.
storageClassName string
StorageClassName to be used to provision the PVCS. It supersedes the 'StorageClassName' specified in 'VolumeClaimTemplate'. If not provided, the default 'StorageClass' configured in the cluster is used.
emptyDir EmptyDirVolumeSource
nfs NFSVolumeSource
csi CSIVolumeSource
suspend boolean
Suspend indicates whether the current resource should be suspended or not. This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities.
false
port IntOrString
host string
enabled boolean
Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance. It is enabled by default.
required boolean
Required specifies whether TLS must be enforced for all connections. User TLS requirements take precedence over this. It disabled by default.
versions string array
Versions specifies the supported TLS versions for this MariaDB instance. By default, the MariaDB's default supported versions are used. See: https://mariadb.com/kb/en/ssltls-system-variables/#tls_version.
caLifetime Duration
CALifetime defines the CA certificate validity.
certLifetime Duration
CertLifetime defines the certificate validity.
privateKeyAlgorithm string
PrivateKeyAlgorithm is the algorithm to be used for the CA and leaf certificate private keys. One of: ECDSA or RSA
ssl boolean
SSL indicates that the user must connect via TLS.
x509 boolean
X509 indicates that the user must provide a valid x509 certificate to connect.
issuer string
Issuer indicates that the TLS certificate provided by the user must be issued by a specific issuer.
enabled boolean
Enabled is a flag to enable TLS.
caSecretKeyRef SecretKeySelector
CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3. By default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.
maxSkew integer
topologyKey string
whenUnsatisfiable UnsatisfiableConstraintAction
name string
Name of the referent.
kind string
Kind of the referent.
type UpdateType
Type defines the type of updates. One of ReplicasFirstPrimaryLast, RollingUpdate or OnDelete. If not defined, it defaults to ReplicasFirstPrimaryLast.
ReplicasFirstPrimaryLast
Enum: [ReplicasFirstPrimaryLast RollingUpdate OnDelete Never]
rollingUpdate RollingUpdateStatefulSetStrategy
RollingUpdate defines parameters for the RollingUpdate type.
autoUpdateDataPlane boolean
AutoUpdateDataPlane indicates whether the Galera data-plane version (agent and init containers) should be automatically updated based on the operator version. It defaults to false. Updating the operator will trigger updates on all the MariaDB instances that have this flag set to true. Thus, it is recommended to progressively set this flag after having updated the operator.
ReplicasFirstPrimaryLast
ReplicasFirstPrimaryLastUpdateType indicates that the update will be applied to all replica Pods first and later on to the primary Pod. The updates are applied one by one waiting until each Pod passes the readiness probe i.e. the Pod gets synced and it is ready to receive traffic.
RollingUpdate
RollingUpdateUpdateType indicates that the update will be applied by the StatefulSet controller using the RollingUpdate strategy. This strategy is unaware of the roles that the Pod have (primary or replica) and it will perform the update following the StatefulSet ordinal, from higher to lower.
OnDelete
OnDeleteUpdateType indicates that the update will be applied by the StatefulSet controller using the OnDelete strategy. The update will be done when the Pods get manually deleted by the user.
Never
NeverUpdateType indicates that the StatefulSet will never be updated. This can be used to roll out updates progressively to a fleet of instances.
apiVersion string
enterprise.mariadb.com/v1alpha1
kind string
User
metadata ObjectMeta
Refer to Kubernetes API documentation for fields of metadata.
requeueInterval Duration
RequeueInterval is used to perform requeue reconciliations.
retryInterval Duration
RetryInterval is the interval used to perform retries.
cleanupPolicy CleanupPolicy
CleanupPolicy defines the behavior for cleaning up a SQL resource.
name string
emptyDir EmptyDirVolumeSource
nfs NFSVolumeSource
accessModes PersistentVolumeAccessMode array
selector LabelSelector
resources VolumeResourceRequirements
name string
This must match the Name of a Volume.
readOnly boolean
mountPath string
emptyDir EmptyDirVolumeSource
nfs NFSVolumeSource
csi CSIVolumeSource
AfterSync
WaitPointAfterSync indicates that the primary waits for the replica ACK before committing the transaction to the storage engine. It trades off performance for consistency.
AfterCommit
WaitPointAfterCommit indicates that the primary commits the transaction to the storage engine and waits for the replica ACK afterwards. It trades off consistency for performance.
weight integer
podAffinityTerm PodAffinityTerm
Enum: [Logical Physical]
Enum: [Always Never IfNotPresent]
Enum: [Skip Delete]
Enum: [Skip Delete]
Enum: [Always Never IfNotPresent]
Required: {}
Enum: [readwritesplit readconnroute] Required: {}
items:Enum: [TLSv10 TLSv11 TLSv12 TLSv13 MAX]
Enum: [Skip Delete]
items:Enum: [TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3]
Enum: [ECDSA RSA]
Enum: [Skip Delete]