This is the primary operator for OpenStack. It is a "meta" operator, meaning it serves to coordinate the other operators for OpenStack by watching and configuring their CustomResources (CRs). Additionally installing this operator will automatically install all required operator dependencies for installing/managing OpenStack.

Description

This project is built, modeled, and maintained with operator-sdk.

Getting Started

You’ll need a Kubernetes cluster to run against. You can use KIND to get a local cluster for testing, or run against a remote cluster. Note: Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster kubectl cluster-info shows).

Running on the cluster

  1. Install Instances of Custom Resources:

kubectl apply -f config/samples/
  1. Build and push your image to the location specified by IMG:

make docker-build docker-push IMG=<some-registry>/openstack-operator:tag
  1. Deploy the controller to the cluster with the image specified by IMG:

make deploy IMG=<some-registry>/openstack-operator:tag

Uninstall CRDs

To delete the CRDs from the cluster:

make uninstall

Undeploy controller

UnDeploy the controller to the cluster:

make undeploy

Building your own bundle, index images

The OpenStack operator uses multiple bundles to minimize the number of deployment artifacts we have in the OLM catalog while also providing enough space for our CRs (this is a big project). As such the build order for local bundles is a bit different than normal.

  1. Run make:bundle. This pins down dependencies to version used in the go.mod and and also string replaces the URL for any dependant bundles (storage, etc) that we will build below. Additionally a dependency.yaml is added to the generated bundle so that we require any dependencies. This sets the stage for everything below.

make bundle
  1. Run dep-bundle-build-push. This creates any dependency bundles required by this project. It builds and pushes them to a registry as this is required to be able to build the main bundle.

make dep-bundle-build-push
  1. Run bundle-build. This will execute podman to build the custom-bundle.Dockerfile.

make bundle-build
  1. Run bundle-push. This pushes the resulting bundle image to the registry.

make bundle-push
  1. Run catalog-build. At this point you can generate your index image so that it contains both of the above bundle images. Because we use dependencies in the openstack-operator’s main bundle it will automatically install the CSV contained in the dependant (storage, etc) bundle.

make catalog-build
  1. Run catalog-push. Push the catalog to your registry.

make catalog-push

Uninstall CRDs

To delete the CRDs from the cluster:

make uninstall

Undeploy controller

UnDeploy the controller to the cluster:

make undeploy

Custom Resources

Sub Resources

OpenStackClient

OpenStackClient is the Schema for the openstackclients API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OpenStackClientSpec

false

status

OpenStackClientStatus

false

OpenStackClientList

OpenStackClientList contains a list of OpenStackClient

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OpenStackClient

true

OpenStackClientSpec

OpenStackClientSpec defines the desired state of OpenStackClient

Field Description Scheme Required

containerImage

ContainerImage for the the OpenstackClient container (will be set to environmental default if empty)

string

true

OpenStackClientSpecCore

OpenStackClientSpecCore defines the desired state of OpenStackClient

Field Description Scheme Required

openStackConfigMap

OpenStackConfigMap is the name of the ConfigMap containing the clouds.yaml

*string

true

openStackConfigSecret

OpenStackConfigSecret is the name of the Secret containing the secure.yaml

*string

true

nodeSelector

NodeSelector to target subset of worker nodes

*map[string]string

false

OpenStackClientStatus

OpenStackClientStatus defines the observed state of OpenStackClient

Field Description Scheme Required

podName

PodName

string

false

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this object.

int64

false

BarbicanSection

BarbicanSection defines the desired state of Barbican service

Field Description Scheme Required

enabled

Enabled - Whether Barbican service should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Barbican Service

*barbicanv1.BarbicanSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

CACertConfig

CACertConfig defines details for ca cert configs

Field Description Scheme Required

duration

The requested duration (i.e. lifetime) of the Certificate. The Certificate will be renewed either 2/3 through its duration or renewBefore period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration

*metav1.Duration

true

renewBefore

How long before the currently issued certificate’s expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate’s duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration

*metav1.Duration

false

customIssuer

CustomIssuer - use pre-created issue for this CA. No CA and issure is being created the CA cert and chain needs to be added using the CaBundleSecretName.

*string

false

CertConfig

CertConfig defines details for cert configs

Field Description Scheme Required

duration

The requested duration (i.e. lifetime) of the Certificate. The Certificate will be renewed either 2/3 through its duration or renewBefore period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration

*metav1.Duration

true

renewBefore

How long before the currently issued certificate’s expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate’s duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration

*metav1.Duration

false

CertSection

CertSection defines details for CA config and its certs

Field Description Scheme Required

cert

Cert - defines details for cert config

CertConfig

true

ca

Ca - defines details for CA cert config

CACertConfig

true

CinderSection

CinderSection defines the desired state of Cinder service

Field Description Scheme Required

enabled

Enabled - Whether Cinder service should be deployed and managed

bool

true

template

Template - Overrides to use when creating Cinder Resources

*cinderv1.CinderSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

uniquePodNames

UniquePodNames - Use a unique prefix for cinder CRs to have unique pod names. Convenient to avoid podname (and thus hostname) collision between different deployments. Useful for CI jobs as well as preproduction and production environments that use the same storage backend, etc.

bool

true

DNSMasqSection

DNSMasqSection defines the desired state of DNSMasq service

Field Description Scheme Required

enabled

Enabled - Whether DNSMasq service should be deployed and managed

bool

true

template

Template - Overrides to use when creating the DNSMasq service

*networkv1.DNSMasqSpec

false

DesignateSection

DesignateSection defines the desired state of the Designate service

Field Description Scheme Required

enabled

Enabled - Whether the Designate service should be deployed and managed

bool

true

template

Template - Overrides to use when creating Designate Resources

*designatev1.DesignateSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

GaleraSection

GaleraSection defines the desired state of Galera services

Field Description Scheme Required

enabled

Enabled - Whether Galera services should be deployed and managed

bool

true

templates

Templates - Overrides to use when creating the Galera databases

*map[string]mariadbv1.GaleraSpecCore

false

GlanceSection

GlanceSection defines the desired state of Glance service

Field Description Scheme Required

enabled

Enabled - Whether Glance service should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Glance Service

*glancev1.GlanceSpecCore

false

apiOverrides

APIOverride, provides the ability to override the generated manifest of several child resources.

map[string]Override

false

uniquePodNames

UniquePodNames - Use a unique prefix for glance CRs to have unique pod names. Convenient to avoid podname (and thus hostname) collision between different deployments. Useful for CI jobs as well as preproduction and production environments that use the same storage backend, etc.

bool

true

HeatSection

HeatSection defines the desired state of Heat services

Field Description Scheme Required

enabled

Enabled - Whether Heat services should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Heat services

*heatv1.HeatSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

cnfAPIOverride

CnfAPIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

HorizonSection

HorizonSection defines the desired state of Horizon services

Field Description Scheme Required

enabled

Enabled - Whether Horizon services should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Horizon services

*horizonv1.HorizonSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

IronicSection

IronicSection defines the desired state of Ironic services

Field Description Scheme Required

enabled

Enabled - Whether Ironic services should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Ironic services

*ironicv1.IronicSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

inspectorOverride

InspectorOverride, provides the ability to override the generated manifest of several child resources.

Override

false

KeystoneSection

KeystoneSection defines the desired state of Keystone service

Field Description Scheme Required

enabled

Enabled - Whether Keystone service should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Keystone service

*keystonev1.KeystoneAPISpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

ManilaSection

ManilaSection defines the desired state of Manila service

Field Description Scheme Required

enabled

Enabled - Whether Manila service should be deployed and managed

bool

true

template

Template - Overrides to use when creating Manila Resources

*manilav1.ManilaSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

MemcachedSection

MemcachedSection defines the desired state of Memcached services

Field Description Scheme Required

enabled

Enabled - Whether Memcached services should be deployed and managed

bool

true

templates

Templates - Overrides to use when creating the Memcached databases

*map[string]memcachedv1.MemcachedSpecCore

false

NeutronSection

NeutronSection defines the desired state of Neutron service

Field Description Scheme Required

enabled

Enabled - Whether Neutron service should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Neutron Service

*neutronv1.NeutronAPISpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

NovaCellOverrideSpec

NovaCellOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

noVNCProxy

Override

false

NovaSection

NovaSection defines the desired state of Nova services

Field Description Scheme Required

enabled

Enabled - Whether Nova services should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Nova services

*novav1.NovaSpec

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

cellOverride

CellOverride, provides the ability to override the generated manifest of several child resources for a nova cell. cell0 never have compute nodes and therefore it won’t have a noVNCProxy deployed. Providing an override for cell0 noVNCProxy does not have an effect.

map[string]NovaCellOverrideSpec

false

OctaviaSection

OctaviaSection defines the desired state of the Octavia service

Field Description Scheme Required

enabled

Enabled - Whether the Octavia service should be deployed and managed

bool

true

template

Template - Overrides to use when creating Octavia Resources

*octaviav1.OctaviaSpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

OpenStackClientSection

OpenStackClientSection defines the desired state of the OpenStackClient

Field Description Scheme Required

template

Template - Overrides to use when creating the OpenStackClient Resource

v1beta1.OpenStackClientSpecCore

false

OpenStackControlPlane

OpenStackControlPlane is the Schema for the openstackcontrolplanes API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OpenStackControlPlaneSpec

false

status

OpenStackControlPlaneStatus

false

OpenStackControlPlaneList

OpenStackControlPlaneList contains a list of OpenStackControlPlane

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OpenStackControlPlane

true

OpenStackControlPlaneSpec

OpenStackControlPlaneSpec defines the desired state of OpenStackControlPlane

Field Description Scheme Required

secret

Secret - FIXME: make this optional

string

true

storageClass

StorageClass -

string

true

nodeSelector

NodeSelector to target subset of worker nodes running control plane services

map[string]string

false

tls

TLS - Parameters related to the TLS

TLSSection

true

dns

DNS - Parameters related to the DNSMasq service

DNSMasqSection

false

keystone

Keystone - Parameters related to the Keystone service

KeystoneSection

false

placement

Placement - Parameters related to the Placement service

PlacementSection

false

glance

Glance - Parameters related to the Glance service

GlanceSection

false

cinder

Cinder - Parameters related to the Cinder service

CinderSection

false

galera

Galera - Parameters related to the Galera services

GaleraSection

false

rabbitmq

Rabbitmq - Parameters related to the Rabbitmq service

RabbitmqSection

false

memcached

Memcached - Parameters related to the Memcached service

MemcachedSection

false

ovn

Ovn - Overrides to use when creating the OVN Services

OvnSection

false

neutron

Neutron - Overrides to use when creating the Neutron Service

NeutronSection

false

nova

Nova - Parameters related to the Nova services

NovaSection

false

heat

Heat - Parameters related to the Heat services

HeatSection

false

ironic

Ironic - Parameters related to the Ironic services

IronicSection

false

manila

Manila - Parameters related to the Manila service

ManilaSection

false

horizon

Horizon - Parameters related to the Horizon services

HorizonSection

false

telemetry

Telemetry - Parameters related to the OpenStack Telemetry services

TelemetrySection

false

swift

Swift - Parameters related to the Swift service

SwiftSection

false

octavia

Octavia - Parameters related to the Octavia service

OctaviaSection

false

designate

Designate - Parameters related to the Designate service

DesignateSection

false

barbican

Barbican - Parameters related to the Barbican service

BarbicanSection

false

redis

Redis - Parameters related to the Redis service

RedisSection

false

openstackclient

OpenStackClient - Parameters related to the OpenStackClient

OpenStackClientSection

false

extraMounts

ExtraMounts containing conf files and credentials that should be provided to the underlying operators. This struct can be defined in the top level CR and propagated to the underlying operators that accept it in their API (e.g., cinder/glance). However, if extraVolumes are specified within the single operator template Section, the globally defined ExtraMounts are ignored and overridden for the operator which has this section already.

[]OpenStackExtraVolMounts

false

OpenStackControlPlaneStatus

OpenStackControlPlaneStatus defines the observed state of OpenStackControlPlane

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

tls

TLS

TLSStatus

false

deployedVersion

DeployedVersion

*string

false

deployedOVNVersion

DeployedOVNVersion

*string

false

containerImages

ContainerImages

ContainerImages

false

observedGeneration

ObservedGeneration - the most recent generation observed for this object.

int64

false

OpenStackExtraVolMounts

OpenStackExtraVolMounts exposes additional parameters processed by the openstack-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

Override

Override to override the generated manifest of several child resources.

Field Description Scheme Required

route

Route overrides to use when creating the public service endpoint

*route.OverrideSpec

false

tls

TLS - overrides tls parameters for public endpoint

*TLSServiceOverride

false

OvnResources

OvnResources defines the desired state of OVN services

Field Description Scheme Required

ovnDBCluster

OVNDBCluster - Overrides to use when creating the OVNDBCluster services

map[string]ovnv1.OVNDBClusterSpecCore

false

ovnNorthd

OVNNorthd - Overrides to use when creating the OVNNorthd service

ovnv1.OVNNorthdSpecCore

false

ovnController

OVNController - Overrides to use when creating the OVNController service

ovnv1.OVNControllerSpecCore

false

OvnSection

OvnSection defines the desired state of OVN services

Field Description Scheme Required

enabled

Enabled - Whether OVN services should be deployed and managed

bool

true

template

Template - Overrides to use when creating the OVN services

*OvnResources

false

PlacementSection

PlacementSection defines the desired state of Placement service

Field Description Scheme Required

enabled

Enabled - Whether Placement service should be deployed and managed

bool

true

template

Template - Overrides to use when creating the Placement API

*placementv1.PlacementAPISpecCore

false

apiOverride

APIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

RabbitmqSection

RabbitmqSection defines the desired state of RabbitMQ service

Field Description Scheme Required

enabled

Enabled - Whether RabbitMQ services should be deployed and managed

bool

true

templates

Templates - Overrides to use when creating the Rabbitmq clusters

*map[string]RabbitmqTemplate

true

RabbitmqTemplate

RabbitmqTemplate definition

Field Description Scheme Required

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

RedisSection

RedisSection defines the desired state of the Redis service

Field Description Scheme Required

enabled

Enabled - Whether the Redis service should be deployed and managed

bool

true

templates

Templates - Overrides to use when creating the Redis Resources

*map[string]redisv1.RedisSpecCore

false

SwiftSection

SwiftSection defines the desired state of Swift service

Field Description Scheme Required

enabled

Enabled - Whether Swift service should be deployed and managed

bool

true

template

Template - Overrides to use when creating Swift Resources

*swiftv1.SwiftSpecCore

false

proxyOverride

ProxyOverride, provides the ability to override the generated manifest of several child resources.

Override

false

TLSCAStatus

TLSCAStatus defines the observed state of TLS

Field Description Scheme Required

name

string

true

expires

string

true

TLSIngressConfig

TLSIngressConfig defines the desired state of the TLS configuration for the ingress configuration (route)

Field Description Scheme Required

enabled

Enabled - Whether TLS should be enabled for endpoint type

bool

true

TLSPodLevelConfig

TLSPodLevelConfig defines the desired state of the TLS configuration for TLS termination at the pod level

Field Description Scheme Required

enabled

Enabled - Whether TLS should be enabled for endpoint type

bool

true

internal

Internal - default CA used for all OpenStackControlPlane and OpenStackDataplane endpoints, except OVN related CA and certs

CertSection

true

libvirt

Libvirt - CA used for libvirt/qemu services on OpenStackControlPlane and OpenStackDataplane

CertSection

true

ovn

Ovn - CA used for all OVN services on OpenStackControlPlane and OpenStackDataplane

CertSection

true

TLSSection

TLSSection defines the desired state of TLS configuration

Field Description Scheme Required

ingress

TLSIngressConfig

false

podLevel

TLSPodLevelConfig

false

TLSServiceOverride

TLSServiceOverride overrides tls parameters for public endpoint

Field Description Scheme Required

secretName

Name of a Secret in the same Namespace as the service, containing the server’s private key, public certificate and CA certificate for TLS. The Secret must store these as tls.key, tls.crt and ca.crt respectively.

string

false

TLSStatus

TLSStatus defines the observed state of TLS

Field Description Scheme Required

caList

[]TLSCAStatus

false

TelemetrySection

TelemetrySection defines the desired state of OpenStack Telemetry services

Field Description Scheme Required

enabled

Enabled - Whether OpenStack Telemetry services should be deployed and managed

bool

true

template

Template - Overrides to use when creating the OpenStack Telemetry services

*telemetryv1.TelemetrySpecCore

false

aodhApiOverride

AodhAPIOverride, provides the ability to override the generated manifest of several child resources.

Override

false

prometheusOverride

PrometheusOverride, provides the ability to override the generated manifest of several child resources.

Override

false

alertmanagerOverride

AlertmanagerOverride, provides the ability to override the generated manifest of several child resources.

Override

false

ContainerDefaults

ContainerDefaults - struct that contains container image default URLs for each service (internal use only)

Field Description Scheme Required

cinderVolumeImage

*string

false

manilaShareImage

*string

false

ContainerImages

ContainerImages - struct acts as the source of truth for container image URLs to be deployed

Field Description Scheme Required

octaviaApacheImage

*string

false

ceilometerProxyImage

*string

false

cinderVolumeImages

CinderVolumeImages custom Cinder Volume images for each backend (default Cinder volume image is stored default key)

map[string]*string

false

manilaShareImages

ManilaShareImages custom Manila Share images for each backend (default Manila share image is stored default key)

map[string]*string

false

ContainerTemplate

ContainerTemplate - struct that contains container image URLs for each service in OpenStackControlplane

Field Description Scheme Required

agentImage

*string

false

ansibleeeImage

*string

false

aodhAPIImage

*string

false

aodhEvaluatorImage

*string

false

aodhListenerImage

*string

false

aodhNotifierImage

*string

false

apacheImage

this is shared by BaremetalOperator, OctaviaOperator, and TelemetryOperator

*string

false

barbicanAPIImage

*string

false

barbicanKeystoneListenerImage

*string

false

barbicanWorkerImage

*string

false

ceilometerCentralImage

*string

false

ceilometerComputeImage

*string

false

ceilometerIpmiImage

*string

false

ceilometerNotificationImage

*string

false

ceilometerSgcoreImage

*string

false

cinderAPIImage

*string

false

cinderBackupImage

*string

false

cinderSchedulerImage

*string

false

designateAPIImage

*string

false

designateBackendbind9Image

*string

false

designateCentralImage

*string

false

designateMdnsImage

*string

false

designateProducerImage

*string

false

designateUnboundImage

*string

false

designateWorkerImage

*string

false

edpmFrrImage

*string

false

edpmIscsidImage

*string

false

edpmLogrotateCrondImage

*string

false

edpmMultipathdImage

*string

false

edpmNeutronDhcpAgentImage

*string

false

edpmNeutronMetadataAgentImage

*string

false

edpmNeutronOvnAgentImage

*string

false

edpmNeutronSriovAgentImage

*string

false

edpmOvnBgpAgentImage

*string

false

edpmNodeExporterImage

*string

false

edpmKeplerImage

*string

false

glanceAPIImage

*string

false

heatAPIImage

*string

false

heatCfnapiImage

*string

false

heatEngineImage

*string

false

horizonImage

*string

false

infraDnsmasqImage

*string

false

infraMemcachedImage

*string

false

infraRedisImage

*string

false

ironicAPIImage

*string

false

ironicConductorImage

*string

false

ironicInspectorImage

*string

false

ironicNeutronAgentImage

*string

false

ironicPxeImage

*string

false

ironicPythonAgentImage

*string

false

keystoneAPIImage

*string

false

manilaAPIImage

*string

false

manilaSchedulerImage

*string

false

mariadbImage

*string

false

neutronAPIImage

*string

false

novaAPIImage

*string

false

novaComputeImage

*string

false

novaConductorImage

*string

false

novaNovncImage

*string

false

novaSchedulerImage

*string

false

octaviaAPIImage

*string

false

octaviaHealthmanagerImage

*string

false

octaviaHousekeepingImage

*string

false

octaviaWorkerImage

*string

false

openstackClientImage

*string

false

osContainerImage

*string

false

ovnControllerImage

*string

false

ovnControllerOvsImage

*string

false

ovnNbDbclusterImage

*string

false

ovnNorthdImage

*string

false

ovnSbDbclusterImage

*string

false

placementAPIImage

*string

false

rabbitmqImage

*string

false

swiftAccountImage

*string

false

swiftContainerImage

*string

false

swiftObjectImage

*string

false

swiftProxyImage

*string

false

telemetryNodeExporterImage

*string

false

testTempestImage

*string

false

testTobikoImage

*string

false

testHorizontestImage

*string

false

testAnsibletestImage

*string

false

CustomContainerImages

CustomContainerImages - struct for custom container images

Field Description Scheme Required

cinderVolumeImages

map[string]*string

false

manilaShareImages

map[string]*string

false

OpenStackVersion

OpenStackVersion is the Schema for the openstackversionupdates API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OpenStackVersionSpec

false

status

OpenStackVersionStatus

false

OpenStackVersionList

OpenStackVersionList contains a list of OpenStackVersion

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OpenStackVersion

true

OpenStackVersionSpec

OpenStackVersionSpec - defines the desired state of OpenStackVersion

Field Description Scheme Required

targetVersion

TargetVersion is the version of OpenStack to install (based on the availableVersion in the OpenStackVersion CR status)

string

true

customContainerImages

CustomContainerImages is a list of containerImages to customize for deployment

CustomContainerImages

false

OpenStackVersionStatus

OpenStackVersionStatus defines the observed state of OpenStackVersion

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

deployedVersion

*string

false

availableVersion

*string

false

containerImages

This is the source of truth for the container images to be deployed.

ContainerImages

false

containerImageVersionDefaults

where we keep track of the container images for previous versions

map[string]*ContainerDefaults

false

observedGeneration

ObservedGeneration - the most recent generation observed for this object.

int64

false

Barbican

Barbican is the Schema for the barbicans API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

BarbicanSpec

false

status

BarbicanStatus

false

BarbicanList

BarbicanList contains a list of Barbican

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Barbican

true

BarbicanSpec

BarbicanSpec defines the desired state of Barbican

Field Description Scheme Required

barbicanAPI

BarbicanAPI - Spec definition for the API services of this Barbican deployment

BarbicanAPITemplate

true

barbicanWorker

BarbicanWorker - Spec definition for the Worker service of this Barbican deployment

BarbicanWorkerTemplate

true

barbicanKeystoneListener

BarbicanKeystoneListener - Spec definition for the KeystoneListener service of this Barbican deployment

BarbicanKeystoneListenerTemplate

true

BarbicanSpecBase

BarbicanSpecBase -

Field Description Scheme Required

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

nodeSelector

NodeSelector to target subset of worker nodes running this component. Setting here overrides any global NodeSelector settings within the Barbican CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

BarbicanSpecCore

BarbicanSpecCore defines the desired state of Barbican, for use with the OpenStackControlplane CR (no containerImages)

Field Description Scheme Required

barbicanAPI

BarbicanAPI - Spec definition for the API services of this Barbican deployment

BarbicanAPITemplateCore

true

barbicanWorker

BarbicanWorker - Spec definition for the Worker service of this Barbican deployment

BarbicanWorkerTemplateCore

true

barbicanKeystoneListener

BarbicanKeystoneListener - Spec definition for the KeystoneListener service of this Barbican deployment

BarbicanKeystoneListenerTemplateCore

true

BarbicanStatus

BarbicanStatus defines the observed state of Barbican

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

serviceID

ServiceID

string

false

conditions

Conditions

condition.Conditions

false

barbicanAPIReadyCount

ReadyCount of Barbican API instances

int32

false

barbicanWorkerReadyCount

ReadyCount of Barbican Worker instances

int32

false

barbicanKeystoneListenerReadyCount

ReadyCount of Barbican KeystoneListener instances

int32

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

databaseHostname

Barbican Database Hostname

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

BarbicanAPI

BarbicanAPI is the Schema for the barbicanapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

BarbicanAPISpec

false

status

BarbicanAPIStatus

false

BarbicanAPIList

BarbicanAPIList contains a list of BarbicanAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]BarbicanAPI

true

BarbicanAPISpec

BarbicanAPISpec defines the desired state of BarbicanAPI

Field Description Scheme Required

databaseHostname

DatabaseHostname - Barbican Database Hostname

string

true

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

BarbicanAPIStatus

BarbicanAPIStatus defines the observed state of BarbicanAPI

Field Description Scheme Required

readyCount

ReadyCount of barbican API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoint

API endpoint

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

databaseHostname

Barbican Database Hostname

string

false

BarbicanAPITemplate

BarbicanAPITemplate defines the input parameters for the Barbican API service

Field Description Scheme Required

containerImage

ContainerImage - Barbican Container Image URL (will be set to environmental default if empty)

string

true

BarbicanAPITemplateCore

BarbicanAPITemplateCore -

Field Description Scheme Required

enableSecureRBAC

EnableSecureRBAC - Enable Consistent and Secure RBAC policies

bool

true

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

BarbicanKeystoneListener

BarbicanKeystoneListener is the Schema for the barbicankeystonelistener API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

BarbicanKeystoneListenerSpec

false

status

BarbicanKeystoneListenerStatus

false

BarbicanKeystoneListenerList

BarbicanKeystoneListenerList contains a list of BarbicanKeystoneListener

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]BarbicanKeystoneListener

true

BarbicanKeystoneListenerSpec

BarbicanKeystoneListenerSpec defines the desired state of BarbicanKeystoneListener

Field Description Scheme Required

databaseHostname

string

true

transportURLSecret

string

false

tls

TLS - Parameters related to the TLS

tls.Ca

false

BarbicanKeystoneListenerStatus

BarbicanKeystoneListenerStatus defines the observed state of BarbicanKeystoneListener

Field Description Scheme Required

readyCount

INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file ReadyCount of barbican API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

databaseHostname

Barbican Database Hostname

string

false

BarbicanKeystoneListenerTemplate

BarbicanKeystoneListenerTemplate defines common Spec elements for the KeystoneListener process

Field Description Scheme Required

containerImage

ContainerImage - Barbican Container Image URL (will be set to environmental default if empty)

string

true

BarbicanWorker

BarbicanWorker is the Schema for the barbicanworkers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

BarbicanWorkerSpec

false

status

BarbicanWorkerStatus

false

BarbicanWorkerList

BarbicanWorkerList contains a list of BarbicanWorker

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]BarbicanWorker

true

BarbicanWorkerSpec

BarbicanWorkerSpec defines the desired state of BarbicanWorker

Field Description Scheme Required

databaseHostname

string

true

transportURLSecret

string

false

tls

TLS - Parameters related to the TLS

tls.Ca

false

BarbicanWorkerStatus

BarbicanWorkerStatus defines the observed state of BarbicanWorker

Field Description Scheme Required

readyCount

INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file ReadyCount of barbican API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

databaseHostname

Barbican Database Hostname

string

false

BarbicanWorkerTemplate

BarbicanWorkerTemplate defines common Spec elements for the Worker process

Field Description Scheme Required

containerImage

ContainerImage - Barbican Container Image URL (will be set to environmental default if empty)

string

true

BarbicanComponentTemplate

BarbicanComponentTemplate - Variables used by every sub-component of Barbican (e.g. API, Worker, Listener)

Field Description Scheme Required

nodeSelector

NodeSelector to target subset of worker nodes running this component. Setting here overrides any global NodeSelector settings within the Barbican CR.

*map[string]string

false

replicas

Replicas of Barbican API to run

*int32

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as a custom config file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc//.conf.d directory as a custom config file.

[]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

BarbicanTemplate

BarbicanTemplate defines common Spec elements for all Barbican components including the top level CR

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount CR name used for barbican DB, defaults to barbican

string

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Barbican

string

true

simpleCryptoBackendSecret

Secret containing the Key Encryption Key (KEK) used for the Simple Crypto backend

string

true

secret

Secret containing all passwords / keys needed

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

PasswordSelector

true

serviceAccount

ServiceAccount - service account name used internally to provide Barbican services the default SA name

string

true

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the barbican service user password from the Secret

string

true

simplecryptokek

string

true

Cinder

Cinder is the Schema for the cinders API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

CinderSpec

false

status

CinderStatus

false

CinderExtraVolMounts

CinderExtraVolMounts exposes additional parameters processed by the cinder-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

CinderList

CinderList contains a list of Cinder

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Cinder

true

CinderSpec

CinderSpec defines the desired state of Cinder

Field Description Scheme Required

cinderAPI

CinderAPI - Spec definition for the API service of this Cinder deployment

CinderAPITemplate

true

cinderScheduler

CinderScheduler - Spec definition for the Scheduler service of this Cinder deployment

CinderSchedulerTemplate

true

cinderBackup

CinderBackup - Spec definition for the Backup service of this Cinder deployment

CinderBackupTemplate

true

cinderVolumes

CinderVolumes - Map of chosen names to spec definitions for the Volume(s) service(s) of this Cinder deployment

map[string]CinderVolumeTemplate

false

CinderSpecBase

Field Description Scheme Required

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Cinder

string

true

memcachedInstance

Memcached instance name.

string

true

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

customServiceConfig

CustomServiceConfig - customize the service config for all Cinder services using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as a custom config file.

string

false

extraMounts

ExtraMounts containing conf files and credentials

[]CinderExtraVolMounts

false

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting NodeSelector here acts as a default value and can be overridden by service specific NodeSelector Settings.

*map[string]string

false

dbPurge

DBPurge parameters -

DBPurge

false

apiTimeout

APITimeout for HAProxy, Apache, and rpc_response_timeout

int

true

CinderSpecCore

CinderSpecCore the same as CinderSpec without ContainerImage references

Field Description Scheme Required

cinderAPI

CinderAPI - Spec definition for the API service of this Cinder deployment

CinderAPITemplateCore

true

cinderScheduler

CinderScheduler - Spec definition for the Scheduler service of this Cinder deployment

CinderSchedulerTemplateCore

true

cinderBackup

CinderBackup - Spec definition for the Backup service of this Cinder deployment

CinderBackupTemplateCore

true

cinderVolumes

CinderVolumes - Map of chosen names to spec definitions for the Volume(s) service(s) of this Cinder deployment

map[string]CinderVolumeTemplateCore

false

CinderStatus

CinderStatus defines the observed state of Cinder

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Cinder Database Hostname

string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

apiEndpoints

API endpoints

map[string]map[string]string

false

serviceIDs

ServiceIDs

map[string]string

false

cinderAPIReadyCount

ReadyCount of Cinder API instance

int32

true

cinderBackupReadyCount

ReadyCount of Cinder Backup instance

int32

true

cinderSchedulerReadyCount

ReadyCount of Cinder Scheduler instance

int32

true

cinderVolumesReadyCounts

ReadyCounts of Cinder Volume instances

map[string]int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is different than the spec generation, then the controller has not started processing the latest changes, and the status and its conditions are likely stale.

int64

false

DBPurge

DBPurge struct is used to model the parameters exposed to the Cinder cronJob

Field Description Scheme Required

age

Age is the DBPurgeAge parameter and indicates the number of days of purging DB records

int

true

schedule

Schedule defines the crontab format string to schedule the DBPurge cronJob

string

true

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

CinderAPI

CinderAPI is the Schema for the cinderapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

CinderAPISpec

false

status

CinderAPIStatus

false

CinderAPIList

CinderAPIList contains a list of CinderAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]CinderAPI

true

CinderAPISpec

CinderAPISpec defines the desired state of CinderAPI

Field Description Scheme Required

databaseHostname

DatabaseHostname - Cinder Database Hostname

string

true

transportURLSecret

Secret containing RabbitMq transport URL

string

true

extraMounts

ExtraMounts containing conf files and credentials

[]CinderExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide Cinder services the default SA name

string

true

CinderAPIStatus

CinderAPIStatus defines the observed state of CinderAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoints

API endpoints

map[string]map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Cinder API instances

int32

true

serviceIDs

ServiceIDs

map[string]string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is different than the spec generation, then the controller has not started processing the latest changes, and the status and its conditions are likely stale.

int64

false

CinderAPITemplate

CinderAPITemplate defines the input parameters for the Cinder API service

Field Description Scheme Required

containerImage

ContainerImage - Cinder Container Image URL (will be set to environmental default if empty)

string

true

CinderAPITemplateCore

CinderAPITemplate defines the input parameters for the Cinder API service

Field Description Scheme Required

replicas

Replicas - Cinder API Replicas

*int32

true

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

CinderBackup

CinderBackup is the Schema for the cinderbackups API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

CinderBackupSpec

false

status

CinderBackupStatus

false

CinderBackupList

CinderBackupList contains a list of CinderBackup

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]CinderBackup

true

CinderBackupSpec

CinderBackupSpec defines the desired state of CinderBackup

Field Description Scheme Required

databaseHostname

DatabaseHostname - Cinder Database Hostname

string

true

transportURLSecret

Secret containing RabbitMq transport URL

string

true

extraMounts

ExtraMounts containing conf files and credentials

[]CinderExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide Cinder services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

CinderBackupStatus

CinderBackupStatus defines the observed state of CinderBackup

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Cinder Backup instances

int32

true

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is different than the spec generation, then the controller has not started processing the latest changes, and the status and its conditions are likely stale.

int64

false

CinderBackupTemplate

CinderBackupTemplate defines the input parameters for the Cinder Backup service

Field Description Scheme Required

containerImage

ContainerImage - Cinder Container Image URL (will be set to environmental default if empty)

string

true

CinderBackupTemplateCore

CinderBackupTemplate defines the input parameters for the Cinder Backup service

Field Description Scheme Required

replicas

Replicas - Cinder Backup Replicas

*int32

true

CinderScheduler

CinderScheduler is the Schema for the cinderschedulers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

CinderSchedulerSpec

false

status

CinderSchedulerStatus

false

CinderSchedulerList

CinderSchedulerList contains a list of CinderScheduler

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]CinderScheduler

true

CinderSchedulerSpec

CinderSchedulerSpec defines the desired state of CinderScheduler

Field Description Scheme Required

databaseHostname

DatabaseHostname - Cinder Database Hostname

string

true

transportURLSecret

Secret containing RabbitMq transport URL

string

true

extraMounts

ExtraMounts containing conf files and credentials

[]CinderExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide Cinder services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

CinderSchedulerStatus

CinderSchedulerStatus defines the observed state of CinderScheduler

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Cinder Scheduler instances

int32

true

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is different than the spec generation, then the controller has not started processing the latest changes, and the status and its conditions are likely stale.

int64

false

CinderSchedulerTemplate

CinderSchedulerTemplate defines the input parameters for the Cinder Scheduler service

Field Description Scheme Required

containerImage

ContainerImage - Cinder Container Image URL (will be set to environmental default if empty)

string

true

CinderSchedulerTemplateCore

CinderSchedulerTemplate defines the input parameters for the Cinder Scheduler service

Field Description Scheme Required

replicas

Replicas - Cinder Scheduler Replicas

*int32

true

CinderVolume

CinderVolume is the Schema for the cindervolumes API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

CinderVolumeSpec

false

status

CinderVolumeStatus

false

CinderVolumeList

CinderVolumeList contains a list of CinderVolume

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]CinderVolume

true

CinderVolumeSpec

CinderVolumeSpec defines the desired state of CinderVolume

Field Description Scheme Required

databaseHostname

DatabaseHostname - Cinder Database Hostname

string

true

transportURLSecret

Secret containing RabbitMq transport URL

string

true

extraMounts

ExtraMounts containing conf files and credentials

[]CinderExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide Cinder services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

CinderVolumeStatus

CinderVolumeStatus defines the observed state of CinderVolume

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Cinder Volume instances

int32

true

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is different than the spec generation, then the controller has not started processing the latest changes, and the status and its conditions are likely stale.

int64

false

CinderVolumeTemplate

CinderVolumeTemplate defines the input parameters for the Cinder Volume service

Field Description Scheme Required

containerImage

ContainerImage - Cinder Container Image URL (will be set to environmental default if empty)

string

true

CinderVolumeTemplateCore

CinderVolumeTemplate defines the input parameters for the Cinder Volume service

Field Description Scheme Required

replicas

Replicas - Cinder Volume Replicas

*int32

true

CinderServiceTemplate

CinderServiceTemplate defines the input parameters that can be defined for a given Cinder service

Field Description Scheme Required

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Cinder CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as a custom config file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc//.conf.d directory as a custom config file.

[]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

CinderTemplate

CinderTemplate defines common input parameters used by all Cinder services

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in cinder

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount used for cinder DB, defaults to cinder

string

true

secret

Secret containing OpenStack password information

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

PasswordSelector

true

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the cinder service password from the Secret

string

true

DesignateServiceTemplate

DesignateServiceTemplate defines the input parameters that can be defined for a given Designate service

Field Description Scheme Required

containerImage

ContainerImage - Designate Container Image URL (will be set to environmental default if empty)

string

true

DesignateServiceTemplateCore

DesignateServiceTemplate defines the input parameters that can be defined for a given Designate service

Field Description Scheme Required

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Designate CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as a custom config file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc//.conf.d directory as a custom config file.

[]string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

DesignateTemplate

DesignateTemplate defines common input parameters used by all Designate services

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in designate

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect.

string

true

secret

Secret containing OpenStack password information for DesignatePassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

backendType

BackendType - Defines the backend service/configuration we are using, i.e. bind9, PowerDNS, BYO, etc.. Helps maintain a single init container/init.sh to do container setup

string

true

backendWorkerServerProtocol

BackendTypeProtocol - Defines the backend protocol to be used between the designate-worker & designate_mdns to/from the DNS server. Acceptable values are: "UDP", "TCP" Please Note: this MUST match what is in the /etc/designate.conf [service:worker]

string

true

backendMdnsServerProtocol

BackendTypeProtocol - Defines the backend protocol to be used between the designate-worker & designate_mdns to/from the DNS server. Acceptable values are: "UDP", "TCP" Please Note: this MUST match what is in the /etc/designate.conf [service:mdns]

string

true

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the designate service password from the Secret

string

true

Designate

Designate is the Schema for the designates API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateSpec

false

status

DesignateStatus

false

DesignateExtraVolMounts

DesignateExtraVolMounts exposes additional parameters processed by the designate-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

DesignateList

DesignateList contains a list of Designate

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Designate

true

DesignateSpec

DesignateAPISpec defines the desired state of DesignateAPI

Field Description Scheme Required

designateAPI

DesignateAPI - Spec definition for the API service of this Designate deployment

DesignateAPISpec

true

designateCentral

DesignateCentral - Spec definition for the Central service of this Designate deployment

DesignateCentralSpec

true

designateWorker

DesignateWorker - Spec definition for the Worker service of this Designate deployment

DesignateWorkerSpec

true

designateMdns

DesignateMdns - Spec definition for the Mdns service of this Designate deployment

DesignateMdnsSpec

true

designateProducer

DesignateProducer - Spec definition for the Producer service of this Designate deployment

DesignateProducerSpec

true

designateBackendbind9

DesignateBackendbind9 - Spec definition for the Backendbind9 service of this Designate deployment

DesignateBackendbind9Spec

true

designateUnbound

DesignateUnbound - Spec definition for the Unbound Resolver service of this Designate deployment

DesignateUnboundSpec

true

DesignateSpecBase

DesignateSpecBase -

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in designate

string

true

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect.

string

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Designate

string

true

secret

Secret containing OpenStack password information for designate AdminPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret

PasswordSelector

true

backendType

BackendType - Defines the backend service/configuration we are using, i.e. bind9, unhbound, PowerDNS, BYO, etc.. Helps maintain a single init container/init.sh to do container setup

string

true

backendWorkerServerProtocol

BackendTypeProtocol - Defines the backend protocol to be used between the designate-worker & designate_mdns to/from the DNS server. Acceptable values are: "UDP", "TCP" Please Note: this MUST match what is in the /etc/designate.conf [service:worker]

string

true

backendMdnsServerProtocol

BackendTypeProtocol - Defines the backend protocol to be used between the designate-worker & designate_mdns to/from the DNS server. Acceptable values are: "UDP", "TCP" Please Note: this MUST match what is in the /etc/designate.conf [service:mdns]

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

designateNetworkAttachment

DesignateNetworkAttachment is a NetworkAttachment resource name for the Designate Control Network

string

true

DesignateSpecCore

DesignateAPISpecCore - this version has no containerImage for use with the OpenStackControlplane

Field Description Scheme Required

designateAPI

DesignateAPI - Spec definition for the API service of this Designate deployment

DesignateAPISpecCore

true

designateCentral

DesignateCentral - Spec definition for the Central service of this Designate deployment

DesignateCentralSpecCore

true

designateWorker

DesignateWorker - Spec definition for the Worker service of this Designate deployment

DesignateWorkerSpecCore

true

designateMdns

DesignateMdns - Spec definition for the Mdns service of this Designate deployment

DesignateMdnsSpecCore

true

designateProducer

DesignateProducer - Spec definition for the Producer service of this Designate deployment

DesignateProducerSpecCore

true

designateBackendbind9

DesignateBackendbind9 - Spec definition for the Backendbind9 service of this Designate deployment

DesignateBackendbind9SpecCore

true

designateUnbound

DesignateUnbound - Spec definition for the Unbound Resolver service of this Designate deployment

DesignateUnboundSpecCore

true

DesignateStatus

DesignateStatus defines the observed state of Designate

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoint

API endpoint

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

designateAPIReadyCount

ReadyCount of Designate API instance

int32

false

designateCentralReadyCount

ReadyCount of Designate Central instance

int32

false

designateWorkerReadyCount

ReadyCount of Designate Worker instance

int32

false

designateMdnsReadyCount

ReadyCount of Designate Mdns instance

int32

false

designateProducerReadyCount

ReadyCount of Designate Producer instance

int32

false

designateBackendbind9ReadyCount

ReadyCount of Designate Backendbind9 instance

int32

false

designateUnboundReadyCount

ReadyCount of Designate Unbound instance

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

DesignateAPI

DesignateAPI is the Schema for the designateapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateAPISpec

false

status

DesignateAPIStatus

false

DesignateAPIList

DesignateAPIList contains a list of DesignateAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateAPI

true

DesignateAPISpecBase

DesignateAPISpecBase -

Field Description Scheme Required

replicas

Replicas - Designate API Replicas

*int32

true

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

DesignateAPIStatus

DesignateAPIStatus defines the observed state of DesignateAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoints

API endpoints

map[string]map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of designate API instances

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DesignateBackendbind9

DesignateBackendbind9 is the Schema for the designatebackendbind9

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateBackendbind9Spec

false

status

DesignateBackendbind9Status

false

DesignateBackendbind9List

DesignateBackendbind9List contains a list of DesignateBackendbind9

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateBackendbind9

true

DesignateBackendbind9SpecBase

DesignateBackendbind9SpecBase -

Field Description Scheme Required

replicas

Replicas - Designate Backendbind9 Replicas

*int32

true

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

customBindOptions

CustomBindOptions - custom bind9 options

[]string

false

controlNetworkName

ControlNetworkName - specify which network attachment is to be used for control, notifys and zone transfers.

string

true

storageClass

StorageClass

string

false

storageRequest

StorageRequest

string

true

DesignateBackendbind9Status

DesignateBackendbind9Status defines the observed state of DesignateBackendbind9

Field Description Scheme Required

readyCount

ReadyCount of designate backendbind9 instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DesignateCentral

DesignateCentral is the Schema for the designatecentral API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateCentralSpec

false

status

DesignateCentralStatus

false

DesignateCentralList

DesignateCentralList contains a list of DesignateCentral

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateCentral

true

DesignateCentralSpecBase

DesignateCentralSpecBase -

Field Description Scheme Required

replicas

Replicas - Designate Central Replicas

*int32

true

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

DesignateCentralStatus

DesignateCentralStatus defines the observed state of DesignateCentral

Field Description Scheme Required

readyCount

ReadyCount of designate central instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DesignateMdns

DesignateMdns is the Schema for the designatemdnses API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateMdnsSpec

false

status

DesignateMdnsStatus

false

DesignateMdnsList

DesignateMdnsList contains a list of DesignateMdns

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateMdns

true

DesignateMdnsSpecBase

DesignateMdnsSpecBase -

Field Description Scheme Required

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

DesignateMdnsStatus

DesignateMdnsStatus defines the observed state of DesignateMdns

Field Description Scheme Required

readyCount

ReadyCount of designate MDNS instances

int32

false

desiredNumberScheduled

DesiredNumberScheduled - total number of the nodes which should be running Daemon

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DesignateProducer

DesignateProducer is the Schema for the designateproducer API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateProducerSpec

false

status

DesignateProducerStatus

false

DesignateProducerList

DesignateProducerList contains a list of DesignateProducer

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateProducer

true

DesignateProducerSpecBase

DesignateProducerSpec defines the desired state of DesignateProducer

Field Description Scheme Required

replicas

Replicas - Designate Producer Replicas

*int32

true

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

DesignateProducerStatus

DesignateProducerStatus defines the observed state of DesignateProducer

Field Description Scheme Required

readyCount

ReadyCount of designate Producer instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DesignateUnbound

DesignateUnbound is the Schema for the designateworker API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateUnboundSpec

false

status

DesignateUnboundStatus

false

DesignateUnboundList

DesignateUnboundList contains a list of DesignateUnbound

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateUnbound

true

DesignateUnboundSpecBase

DesignateUnboundSpecBase -

Field Description Scheme Required

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

replicas

Replicas - Designate Unbound Replicas

*int32

true

DesignateUnboundStatus

DesignateUnboundStatus defines the observed state of DesignateUnbound

Field Description Scheme Required

readyCount

ReadyCount of designate central instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DesignateWorker

DesignateWorker is the Schema for the designateworker API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DesignateWorkerSpec

false

status

DesignateWorkerStatus

false

DesignateWorkerList

DesignateWorkerList contains a list of DesignateWorker

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DesignateWorker

true

DesignateWorkerSpecBase

DesignateWorkerSpecBase -

Field Description Scheme Required

replicas

Replicas - Designate Worker Replicas

*int32

true

databaseHostname

DatabaseHostname - Designate Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

serviceAccount

ServiceAccount - service account name used internally to provide Designate services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

DesignateWorkerStatus

DesignateWorkerStatus defines the observed state of DesignateWorker

Field Description Scheme Required

readyCount

ReadyCount of designate central instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

GlanceAPITemplate

GlanceAPITemplate defines the desired state of GlanceAPI

Field Description Scheme Required

replicas

Replicas of glance API to run

*int32

true

containerImage

Glance Container Image URL (will be set to environmental default if empty)

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc//.conf.d directory as a custom config file.

[]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

storage

Storage -

Storage

false

type

Type - represents the layout of the glanceAPI deployment.

string

false

tls

TLS - Parameters related to the TLS

tls.API

false

imageCache

ImageCache - It represents the struct to expose the ImageCache related parameters (size of the PVC and cronJob schedule)

ImageCache

false

apiTimeout

APITimeout for HAProxy and Apache defaults to GlanceSpecCore APITimeout

int

false

ImageCache

ImageCache - struct where the exposed imageCache params are defined

Field Description Scheme Required

size

Size - Local storage request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)

string

true

cleanerScheduler

Schedule defines the crontab format string to schedule the Cleaner cronJob

string

true

prunerScheduler

Schedule defines the crontab format string to schedule the Pruner cronJob

string

true

Storage

Storage -

Field Description Scheme Required

storageClass

StorageClass -

string

false

storageRequest

StorageRequest -

string

false

external

External -

bool

false

DBPurge

DBPurge struct is used to model the parameters exposed to the Glance API CronJob

Field Description Scheme Required

age

Age is the DBPurgeAge parameter and indicates the number of days of purging DB records

int

true

schedule

Schedule defines the crontab format string to schedule the DBPurge cronJob

string

true

Glance

Glance is the Schema for the glances API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

GlanceSpec

false

status

GlanceStatus

false

GlanceExtraVolMounts

GlanceExtraVolMounts exposes additional parameters processed by the glance-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

GlanceList

GlanceList contains a list of Glance

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Glance

true

GlanceSpec

GlanceSpec defines the desired state of Glance

Field Description Scheme Required

containerImage

Glance Container Image URL (will be set to environmental default if empty)

string

true

GlanceSpecCore

GlanceSpecCore defines the desired state of Glance

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in glance

string

true

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect.

string

true

memcachedInstance

Memcached instance name.

string

true

secret

Secret containing OpenStack password information for glance’s keystone password; no longer used for database password

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc//.conf.d directory as a custom config file.

[]string

false

storage

Storage -

Storage

false

glanceAPIs

GlanceAPIs - Spec definition for the API service of this Glance deployment

map[string]GlanceAPITemplate

true

extraMounts

ExtraMounts containing conf files and credentials

[]GlanceExtraVolMounts

false

quotas

Quotas is defined, per-tenant quotas are enforced according to the registered keystone limits

QuotaLimits

false

imageCache

ImageCache -

ImageCache

true

keystoneEndpoint

KeystoneEndpoint - indicates which glanceAPI should be registered in the keystone catalog, and it acts as a selector for the underlying glanceAPI(s) that can be specified by name

string

true

dbPurge

DBPurge parameters -

DBPurge

false

apiTimeout

Default APITimeout for HAProxy and Apache, defaults to 60 seconds

int

true

GlanceStatus

GlanceStatus defines the observed state of Glance

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoint

API endpoint

map[string]string

false

serviceID

ServiceID

string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Glance Database Hostname

string

false

glanceAPIReadyCounts

GlanceAPIReadyCounts -

map[string]int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the glance service password from the Secret

string

true

QuotaLimits

QuotaLimits - The parameters exposed to the top level glance CR that represents the limits we set in keystone

Field Description Scheme Required

imageSizeTotal

int

true

imageStageTotal

int

true

imageCountTotal

int

true

imageCountUpload

int

true

GlanceAPI

GlanceAPI is the Schema for the glanceapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

GlanceAPISpec

false

status

GlanceAPIStatus

false

GlanceAPIList

GlanceAPIList contains a list of GlanceAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]GlanceAPI

true

GlanceAPISpec

GlanceAPISpec defines the desired state of GlanceAPI

Field Description Scheme Required

apiType

string

true

serviceUser

ServiceUser - optional username used for this service to register in glance

string

true

serviceAccount

ServiceAccount - service account name used internally to provide GlanceAPI the default SA name

string

true

databaseHostname

DatabaseHostname - Glance Database Hostname

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect.

string

true

secret

Secret containing OpenStack password information for glance AdminPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

extraMounts

ExtraMounts containing conf files and credentials

[]GlanceExtraVolMounts

false

quota

QuotaEnforce if true, per-tenant quotas are enforced according to the registered keystone limits

bool

true

memcachedInstance

Memcached instance name.

string

true

GlanceAPIStatus

GlanceAPIStatus defines the observed state of GlanceAPI

Field Description Scheme Required

readyCount

ReadyCount of glance API instances

int32

true

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoint

API endpoint

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

domain

Domain is a parameter used by each glanceAPI replicas to setup a worker and set the worker_self_reference_url config option. It’s requierd when distributed image import is enabled and it enables pod to pod communication via the associated hostnames

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

HeatServiceTemplate

HeatServiceTemplate -

Field Description Scheme Required

replicas

Replicas -

*int32

true

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

nodeSelector

NodeSelector to target subset of worker nodes for running the service

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/heat/heat.conf.d directory as 02-custom-service.conf file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc/heat/heat.conf.d directory as a custom config file.

[]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

HeatTemplate

HeatTemplate -

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in heat

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount used for heat DB, defaults to heat.

string

true

secret

Secret containing OpenStack password information for heat HeatDatabasePassword, HeatPassword and HeatAuthEncryptionKey

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

PasswordSelector

PasswordSelector ..

Field Description Scheme Required

service

Service - Selector to get the heat service password from the Secret

string

true

authEncryptionKey

AuthEncryptionKey - Selector to get the heat auth encryption key from the Secret

string

true

stackDomainAdminPassword

StackDomainAdminPassword - Selector to get the heat stack domain admin password from the Secret

string

true

Heat

Heat is the Schema for the heats API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

HeatSpec

false

status

HeatStatus

false

HeatList

HeatList contains a list of Heat

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Heat

true

HeatSpec

HeatSpec defines the desired state of Heat

Field Description Scheme Required

heatAPI

HeatAPI - Spec definition for the API service of this Heat deployment

HeatAPITemplate

true

heatCfnAPI

HeatCfnAPI - Spec definition for the CfnAPI service of this Heat deployment

HeatCfnAPITemplate

true

heatEngine

HeatEngine - Spec definition for the Engine service of this Heat deployment

HeatEngineTemplate

true

HeatSpecBase

HeatSpec defines the desired state of Heat

Field Description Scheme Required

databaseInstance

MariaDB instance name. Right now required by the maridb-operator to get the credentials from the instance to create the DB. Might not be required in future.

string

true

memcachedInstance

Memcached instance name.

string

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Heat

string

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/heat/heat.conf.d directory as 01-custom.conf file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc/heat/heat.conf.d directory as a custom config file.

[]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

nodeSelector

NodeSelector to target subset of worker nodes for running the Heat services

*map[string]string

false

apiTimeout

APITimeout for Route and Apache

int

true

HeatSpecCore

HeatSpecCore defines the desired state of Heat, for use with OpenStackControlplane (no containerImages)

Field Description Scheme Required

heatAPI

HeatAPI - Spec definition for the API service of this Heat deployment

HeatAPITemplateCore

true

heatCfnAPI

HeatCfnAPI - Spec definition for the CfnAPI service of this Heat deployment

HeatCfnAPITemplateCore

true

heatEngine

HeatEngine - Spec definition for the Engine service of this Heat deployment

HeatEngineTemplateCore

true

HeatStatus

HeatStatus defines the observed state of Heat

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

databaseHostname

Heat Database Hostname

string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

heatApiReadyCount

ReadyCount of Heat API instance

int32

false

heatCfnApiReadyCount

ReadyCount of Heat CfnAPI instance

int32

false

heatEngineReadyCount

ReadyCount of Heat Engine instance

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

HeatAPI

HeatAPI …​

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

HeatAPISpec

false

status

HeatAPIStatus

false

HeatAPIList

HeatAPIList contains a list of HeatAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]HeatAPI

true

HeatAPISpec

HeatAPISpec defines the desired state of HeatAPI

Field Description Scheme Required

databaseHostname

DatabaseHostname - Heat Database Hostname

string

true

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Heat services the default SA name

string

true

HeatAPIStatus

HeatAPIStatus defines the observed state of HeatAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of HeatAPI instances

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

HeatAPITemplate

HeatAPITemplate defines the input parameters for the Heat API service

Field Description Scheme Required

containerImage

ContainerImage - Container Image URL

string

true

HeatAPITemplateCore

HeatAPITemplateCore -

Field Description Scheme Required

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

HeatCfnAPI

HeatCfnAPI …​

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

HeatCfnAPISpec

false

status

HeatCfnAPIStatus

false

HeatCfnAPIList

HeatCfnAPIList contains a list of HeatCfnAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]HeatCfnAPI

true

HeatCfnAPISpec

HeatCfnAPISpec defines the desired state of HeatCfnAPI

Field Description Scheme Required

databaseHostname

DatabaseHostname - Heat Database Hostname

string

true

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Heat services the default SA name

string

true

HeatCfnAPIStatus

HeatCfnAPIStatus defines the observed state of HeatCfnAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of HeatCfnAPI instances

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

HeatCfnAPITemplate

HeatCfnAPITemplate defines the input parameters for the Heat Cfn API service

Field Description Scheme Required

containerImage

ContainerImage - Container Image URL

string

true

HeatCfnAPITemplateCore

HeatCfnAPITemplateCore -

Field Description Scheme Required

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

HeatEngine

HeatEngine defined.

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

HeatEngineSpec

false

status

HeatEngineStatus

false

HeatEngineList

HeatEngineList contains a list of HeatEngine

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]HeatEngine

true

HeatEngineSpec

HeatEngineSpec defines the desired state of HeatEngine

Field Description Scheme Required

databaseHostname

DatabaseHostname - Heat Database Hostname

string

true

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Heat services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

HeatEngineStatus

HeatEngineStatus defines the observed state of HeatEngine

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of HeatEngine instances

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

HeatEngineTemplate

HeatEngineTemplate defines the input parameters for the Heat Engine service

Field Description Scheme Required

containerImage

ContainerImage - Container Image URL

string

true

HorizionOverrideSpec

HorizionOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster.

*service.RoutedOverrideSpec

false

Horizon

Horizon is the Schema for the horizons API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

HorizonSpec

false

status

HorizonStatus

false

HorizonExtraVolMounts

HorizonExtraVolMounts exposes additional parameters processed by the horizon-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

HorizonList

HorizonList contains a list of Horizon

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Horizon

true

HorizonSpec

HorizonSpec defines the desired state of Horizon

Field Description Scheme Required

containerImage

horizon Container Image URL

string

true

HorizonSpecCore

HorizonSpecBase -

Field Description Scheme Required

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

override

Override, provides the ability to override the generated manifest of several child resources.

HorizionOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.SimpleService

false

replicas

Replicas of horizon API to run

*int32

true

secret

Secret containing OpenStack password information for Horizon Secret Key

string

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/openstack-dashboard/local_settings.d directory as 9999_custom_settings.py file.

string

true

memcachedInstance

Memcached instance name.

string

true

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

extraMounts

ExtraMounts containing conf files

[]HorizonExtraVolMounts

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

HorizonStatus

HorizonStatus defines the observed state of Horizon

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

endpoint

Endpoint url to access OpenStack Dashboard

string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Horizon instances

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

IronicServiceTemplate

IronicServiceTemplate defines the common input parameters for Ironic services

Field Description Scheme Required

replicas

Replicas -

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Ironic CR

*map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

KeystoneEndpoints

KeystoneEndpoints defines keystone endpoint parameters for service

Field Description Scheme Required

internal

Internal endpoint URL

string

true

public

Public endpoint URL

string

true

PasswordSelector

PasswordSelector to identify the AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the ironic service password from the Secret

string

true

DHCPRange

DHCPRange to define address range for DHCP requestes

Field Description Scheme Required

name

Name - Name of the DHCPRange (used for tagging in dnsmasq)

string

false

cidr

Cidr - IP address prefix (CIDR) representing an IP network.

string

true

start

Start - Start of DHCP range

string

true

end

End - End of DHCP range

string

true

gateway

Gateway - IP address for the router

string

false

mtu

MTU - Maximum Transmission Unit

int

false

podIndex

PodIndex - Maps the DHCPRange to a specific statefulset pod index

int

false

Ironic

Ironic is the Schema for the ironics API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

IronicSpec

false

status

IronicStatus

false

IronicImages

IronicImages to specify container images required by all ironic services

Field Description Scheme Required

api

API - Ironic API Container Image (will be set to environmental default if empty)

string

true

conductor

Conductor - Ironic Conductor Container Image (will be set to environmental default if empty)

string

true

inspector

Inspector - Ironic Inspector Container Image (will be set to environmental default if empty)

string

true

neutronAgent

NeutronAgent - ML2 baremtal - Ironic Neutron Agent Image (will be set to environmental default if empty)

string

true

pxe

Pxe- Ironic DHCP/TFTP/HTTP Container Image URL (will be set to environmental default if empty)

string

true

ironicPythonAgent

IronicPythonAgent - Image containing the ironic-python-agent kernel and ramdisk

string

true

IronicList

IronicList contains a list of Ironic

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Ironic

true

IronicSpec

IronicSpec defines the desired state of Ironic

Field Description Scheme Required

images

Images - Container images for all ironic services

IronicImages

true

IronicSpecCore

IronicSpec defines the desired state of Ironic

Field Description Scheme Required

standalone

Whether to deploy a standalone Ironic.

bool

true

serviceUser

ServiceUser - optional username used for this service to register in ironic

string

true

databaseInstance

MariaDB instance name. Right now required by the maridb-operator to get the credentials from the instance to create the DB. Might not be required in future.

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount used for ironic DB, defaults to ironic.

string

true

secret

Secret containing OpenStack password information for ironic IronicPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

ironicAPI

IronicAPI - Spec definition for the API service of this Ironic deployment

IronicAPITemplate

true

ironicConductors

IronicConductors - Spec definitions for the conductor service of this Ironic deployment

[]IronicConductorTemplate

false

ironicInspector

IronicInspector - Spec definition for the inspector service of this Ironic deployment

IronicInspectorTemplate

true

ironicNeutronAgent

IronicNeutronAgent - Spec definition for the ML2 baremetal ironic-neutron-agent service of this Ironic deployment

IronicNeutronAgentTemplate

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Ironic

string

true

rpcTransport

RPC transport type - Which RPC transport implementation to use between conductor and API services. oslo to use oslo.messaging transport or json-rpc to use JSON RPC transport. NOTE -> ironic and ironic-inspector require oslo.messaging transport when not in standalone mode.

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting NodeSelector here acts as a default value and can be overridden by service specific NodeSelector Settings.

*map[string]string

false

storageClass

Storage class to host data. This is passed to IronicConductors unless storageClass is explicitly set for the conductor.

string

true

IronicStatus

IronicStatus defines the observed state of Ironic

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Ironic Database Hostname

string

false

apiEndpoints

API endpoint

map[string]map[string]string

false

ironicAPIReadyCount

ReadyCount of Ironic API instance

int32

false

ironicConductorReadyCount

ReadyCount of Ironic Conductor instance

map[string]int32

false

ironicInspectorReadyCount

ReadyCount of Ironic Inspector instance

int32

false

ironicNeutronAgentReadyCount

ReadyCount of Ironic Neutron Agent instance

int32

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

IronicAPI

IronicAPI is the Schema for the ironicapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

IronicAPISpec

false

status

IronicAPIStatus

false

IronicAPIList

IronicAPIList contains a list of IronicAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]IronicAPI

true

IronicAPISpec

IronicAPISpec defines the desired state of IronicAPI

Field Description Scheme Required

containerImage

ContainerImage - Ironic API Container Image

string

true

standalone

Whether to deploy a standalone Ironic.

bool

true

serviceUser

ServiceUser - optional username used for this service to register in ironic

string

true

secret

Secret containing OpenStack password information for AdminPassword

string

false

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

databaseHostname

DatabaseHostname - Ironic Database Hostname

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount used for ironic DB, defaults to ironic.

string

true

transportURLSecret

Secret containing RabbitMq transport URL

string

false

rpcTransport

RPC transport type - Which RPC transport implementation to use between conductor and API services. oslo to use oslo.messaging transport or json-rpc to use JSON RPC transport. NOTE -> ironic requires oslo.messaging transport when not in standalone mode.

string

true

keystoneEndpoints

KeystoneEndpoints - Internally used Keystone API endpoints

KeystoneEndpoints

true

IronicAPIStatus

IronicAPIStatus defines the observed state of IronicAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoints

API endpoint

map[string]map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of ironic API instances

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

IronicAPITemplate

IronicAPITemplate defines the input parameters for Ironic API service

Field Description Scheme Required

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

IronicConductor

IronicConductor is the Schema for the ironicconductors Conductor

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

IronicConductorSpec

false

status

IronicConductorStatus

false

IronicConductorList

IronicConductorList contains a list of IronicConductor

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]IronicConductor

true

IronicConductorSpec

IronicConductorSpec defines the desired state of IronicConductor

Field Description Scheme Required

containerImage

ContainerImage - Ironic Conductor Container Image

string

true

standalone

Whether to deploy a standalone Ironic.

bool

true

pxeContainerImage

PxeContainerImage - Ironic DHCP/TFTP/HTTP Container Image

string

true

ironicPythonAgentImage

IronicPythonAgentImage - Image containing the ironic-python-agent kernel and ramdisk

string

true

serviceUser

ServiceUser - optional username used for this service to register in ironic

string

true

secret

Secret containing OpenStack password information for AdminPassword

string

false

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

PasswordSelector

true

databaseHostname

DatabaseHostname - Ironic Database Hostname

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount used for ironic DB, defaults to ironic.

string

true

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

rpcTransport

RPC transport type - Which RPC transport implementation to use between conductor and API services. oslo to use oslo.messaging transport or json-rpc to use JSON RPC transport. NOTE -> ironic requires oslo.messaging transport when not in standalone mode.

string

true

keystoneEndpoints

KeystoneEndpoints - Internally used Keystone API endpoints

KeystoneEndpoints

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

IronicConductorStatus

IronicConductorStatus defines the observed state of IronicConductor

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of ironic Conductor instances

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

IronicConductorTemplate

IronicConductorTemplate defines the input parameters for Ironic Conductor service

Field Description Scheme Required

conductorGroup

ConductorGroup - Ironic Conductor conductor group.

string

true

storageClass

StorageClass

string

true

storageRequest

StorageRequest

string

true

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

provisionNetwork

ProvisionNetwork - Additional network to attach to expose boot DHCP, TFTP, HTTP services.

string

false

dhcpRanges

DHCPRanges - List of DHCP ranges to use for provisioning

[]DHCPRange

false

InspectorOverrideSpec

InspectorOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

IronicInspector

IronicInspector is the Schema for the IronicInspector

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

IronicInspectorSpec

false

status

IronicInspectorStatus

false

IronicInspectorList

IronicInspectorList contains a list of IronicInspector

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]IronicInspector

true

IronicInspectorPasswordSelector

IronicInspectorPasswordSelector to identify the AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the ironic-inspector service password from the Secret

string

true

IronicInspectorSpec

IronicInspectorSpec defines the desired state of IronicInspector

Field Description Scheme Required

standalone

Standalone - Whether to deploy a standalone Ironic Inspector.

bool

true

containerImage

ContainerImage - Ironic Inspector Container Image

string

true

pxeContainerImage

PxeContainerImage - Ironic Inspector DHCP/TFTP/HTTP Container Image

string

true

ironicPythonAgentImage

IronicPythonAgentImage - Image containing the ironic-python-agent kernel and ramdisk

string

true

databaseInstance

MariaDB instance name. Right now required by the maridb-operator to get the credentials from the instance to create the DB. Might not be required in future.

string

true

secret

Secret containing OpenStack password information for AdminPassword

string

false

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Ironic Inspector

string

true

rpcTransport

RPC transport type - Which RPC transport implementation to use between conductor and API services. oslo to use oslo.messaging transport or json-rpc to use JSON RPC transport. NOTE -> ironic-inspector requires oslo.messaging transport when not in standalone mode.

string

true

IronicInspectorStatus

IronicInspectorStatus defines the observed state of IronicInspector

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoints

API endpoint

map[string]map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

IronicInspector Database Hostname

string

false

readyCount

ReadyCount of Ironic Inspector instances

int32

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

IronicInspectorTemplate

IronicInspectorTemplate defines the input parameters for Ironic Inspector service

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in ironic-inspector

string

true

replicas

Replicas - Ironic Inspector Replicas

*int32

true

databaseAccount

DatabaseAccount - optional MariaDBAccount used for ironic DB, defaults to ironic-inspector. this is separate from the account used for ironic, as a MariaDBAccount can only refer to a single MariaDBDatabase and it appears that ironic inspector uses its own MariaDBDatabase.

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

IronicInspectorPasswordSelector

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Ironic CR

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

storageClass

StorageClass

string

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

inspectionNetwork

InspectionNetwork - Additional network to attach to expose boot DHCP, TFTP, HTTP services.

string

false

dhcpRanges

DHCPRanges - List of DHCP ranges to use for provisioning

[]DHCPRange

false

override

Override, provides the ability to override the generated manifest of several child resources.

InspectorOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

IronicNeutronAgent

IronicNeutronAgent is the Schema for the ML2 baremetal - ironic-neutron-agent agents

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

IronicNeutronAgentSpec

false

status

IronicNeutronAgentStatus

false

IronicNeutronAgentList

IronicNeutronAgentList contains a list of IronicConductor

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]IronicNeutronAgent

true

IronicNeutronAgentSpec

IronicNeutronAgentSpec defines the desired state of ML2 baremetal - ironic-neutron-agent agents

Field Description Scheme Required

containerImage

ContainerImage - ML2 baremtal - Ironic Neutron Agent Image

string

true

serviceUser

ServiceUser - optional username used for this service to register in ironic

string

true

secret

Secret containing OpenStack password information for IronicPassword

string

false

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

PasswordSelector

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

IronicNeutronAgentStatus

IronicNeutronAgentStatus defines the observed state of ML2 baremetal - ironic-neutron-agent

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of ironic Conductor instances

int32

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

IronicNeutronAgentTemplate

IronicNeutronAgentTemplate defines the input parameters for ML2 baremetal - ironic-neutron-agent agents

Field Description Scheme Required

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Ironic

string

true

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

HttpdCustomization

HttpdCustomization - customize the httpd service

Field Description Scheme Required

processNumber

ProcessNumber - Number of processes running in keystone API

*int32

true

KeystoneAPI

KeystoneAPI is the Schema for the keystoneapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

KeystoneAPISpec

false

status

KeystoneAPIStatus

false

KeystoneAPIList

KeystoneAPIList contains a list of KeystoneAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]KeystoneAPI

true

KeystoneAPISpec

Field Description Scheme Required

containerImage

Keystone Container Image URL (will be set to environmental default if empty)

string

true

KeystoneAPISpecCore

KeystoneAPISpec defines the desired state of KeystoneAPI

Field Description Scheme Required

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect.

string

true

memcachedInstance

Memcached instance name.

string

true

region

Region - optional region name for the keystone service

string

true

adminProject

AdminProject - admin project name

string

true

adminUser

AdminUser - admin user name

string

true

replicas

Replicas of keystone API to run

*int32

true

secret

Secret containing OpenStack password information for keystone AdminPassword

string

true

enableSecureRBAC

EnableSecureRBAC - Enable Consistent and Secure RBAC policies

bool

true

trustFlushArgs

TrustFlushArgs - Arguments added to keystone-manage trust_flush command

string

true

trustFlushSchedule

TrustFlushSchedule - Schedule to purge expired or soft-deleted trusts from database

string

true

trustFlushSuspend

TrustFlushSuspend - Suspend the cron job to purge trusts

bool

true

fernetRotationDays

FernetRotationDays - Rotate fernet token keys every X days

*int32

true

fernetMaxActiveKeys

FernetMaxActiveKeys - Maximum number of fernet token keys after rotation

*int32

true

passwordSelectors

PasswordSelectors - Selectors to identify the AdminUser password from the Secret

PasswordSelector

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

httpdCustomization

HttpdCustomization - customize the httpd service

HttpdCustomization

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Keystone

string

true

tls

TLS - Parameters related to the TLS

tls.API

false

KeystoneAPIStatus

KeystoneAPIStatus defines the observed state of KeystoneAPI

Field Description Scheme Required

readyCount

ReadyCount of keystone API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

apiEndpoints

API endpoint

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Keystone Database Hostname

string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes.

int64

false

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

admin

Admin - Selector to get the keystone Admin password from the Secret

string

true

KeystoneEndpoint

KeystoneEndpoint is the Schema for the keystoneendpoints API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

KeystoneEndpointSpec

false

status

KeystoneEndpointStatus

false

KeystoneEndpointList

KeystoneEndpointList contains a list of KeystoneEndpoint

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]KeystoneEndpoint

true

KeystoneEndpointSpec

KeystoneEndpointSpec defines the desired state of KeystoneEndpoint

Field Description Scheme Required

serviceName

ServiceName - Name of the service to create the endpoint for

string

true

endpoints

Endpoints - map with service api endpoint URLs with the endpoint type as index

map[string]string

true

KeystoneEndpointStatus

KeystoneEndpointStatus defines the observed state of KeystoneEndpoint

Field Description Scheme Required

endpointIDs

map[string]string

false

serviceID

string

false

conditions

Conditions

condition.Conditions

false

KeystoneService

KeystoneService is the Schema for the keystoneservices API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

KeystoneServiceSpec

false

status

KeystoneServiceStatus

false

KeystoneServiceList

KeystoneServiceList contains a list of KeystoneService

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]KeystoneService

true

KeystoneServiceSpec

KeystoneServiceSpec defines the desired state of KeystoneService

Field Description Scheme Required

serviceType

ServiceType - Type is the type of the service.

string

true

serviceName

ServiceName - Name of the service.

string

true

serviceDescription

ServiceDescription - Description for the service.

string

false

enabled

Enabled - whether or not the service is enabled.

bool

true

serviceUser

ServiceUser - optional username used for this service

string

true

secret

Secret containing OpenStack password information for the ServiceUser

string

true

passwordSelector

PasswordSelector - Selector to get the ServiceUser password from the Secret, e.g. PlacementPassword

string

true

KeystoneServiceStatus

KeystoneServiceStatus defines the observed state of KeystoneService

Field Description Scheme Required

serviceID

string

false

conditions

Conditions

condition.Conditions

false

ManilaServiceTemplate

ManilaServiceTemplate defines the input parameters that can be defined for a given Manila service

Field Description Scheme Required

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Manila CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory a custom config file.

string

false

customServiceConfigSecrets

CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc//.conf.d directory as a custom config file.

[]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

ManilaTemplate

ManilaTemplate defines common input parameters used by all Manila services

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in manila

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount CR name used for manila DB, defaults to manila

string

true

secret

Secret containing OpenStack password information for AdminPassword

string

false

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

PasswordSelector

false

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the manila service password from the Secret

string

false

DBPurge

DBPurge struct is used to model the parameters exposed to the Manila API CronJob

Field Description Scheme Required

age

Age is the DBPurgeAge parameter and indicates the number of days of purging DB records

int

true

schedule

Schedule defines the crontab format string to schedule the DBPurge cronJob

string

true

Manila

Manila is the Schema for the manilas API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

ManilaSpec

false

status

ManilaStatus

false

ManilaDebug

ManilaDebug contains flags related to multiple debug activities. See the individual comments for what this means for each flag.

Field Description Scheme Required

dbPurge

DBPurge increases log verbosity by executing the db_purge command with "--debug".

bool

false

ManilaExtraVolMounts

ManilaExtraVolMounts exposes additional parameters processed by the manila-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

ManilaList

ManilaList contains a list of Manila

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Manila

true

ManilaSpec

ManilaSpec defines the desired state of Manila

Field Description Scheme Required

manilaAPI

ManilaAPI - Spec definition for the API service of this Manila deployment

ManilaAPITemplate

true

manilaScheduler

ManilaScheduler - Spec definition for the Scheduler service of this Manila deployment

ManilaSchedulerTemplate

true

manilaShares

ManilaShares - Map of chosen names to spec definitions for the Share(s) service(s) of this Manila deployment

map[string]ManilaShareTemplate

false

ManilaSpecBase

ManilaSpecBase -

Field Description Scheme Required

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

false

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Manila

string

true

memcachedInstance

Memcached instance name.

string

true

debug

Debug - enable debug for different deploy stages. If an init container is used, it runs and the actual action pod gets started with sleep infinity

ManilaDebug

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

false

customServiceConfig

CustomServiceConfig - customize the service config for all Manila services using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory a custom config file.

string

false

extraMounts

ExtraMounts containing conf files and credentials

[]ManilaExtraVolMounts

false

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting NodeSelector here acts as a default value and can be overridden by service specific NodeSelector Settings.

*map[string]string

false

dbPurge

DBPurge parameters -

DBPurge

false

apiTimeout

APITimeout for HAProxy, Apache, and rpc_response_timeout

int

true

ManilaSpecCore

ManilaSpecCore defines the desired state of Manila. This version is used by OpenStackControlplane

Field Description Scheme Required

manilaAPI

ManilaAPI - Spec definition for the API service of this Manila deployment

ManilaAPITemplateCore

true

manilaScheduler

ManilaScheduler - Spec definition for the Scheduler service of this Manila deployment

ManilaSchedulerTemplateCore

true

manilaShares

ManilaShares - Map of chosen names to spec definitions for the Share(s) service(s) of this Manila deployment

map[string]ManilaShareTemplateCore

false

ManilaStatus

ManilaStatus defines the observed state of Manila

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Manila Database Hostname

string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

manilaAPIReadyCount

ReadyCount of Manila API instance

int32

false

manilaSchedulerReadyCount

ReadyCount of Manila Scheduler instance

int32

false

manilaSharesReadyCounts

ReadyCounts of Manila Share instances

map[string]int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

ManilaAPI

ManilaAPI is the Schema for the manilaapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

ManilaAPISpec

false

status

ManilaAPIStatus

false

ManilaAPIList

ManilaAPIList contains a list of ManilaAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]ManilaAPI

true

ManilaAPISpec

ManilaAPISpec defines the desired state of ManilaAPI

Field Description Scheme Required

databaseHostname

DatabaseHostname - Manila Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

extraMounts

ExtraMounts containing conf files and credentials

[]ManilaExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide the default SA name

string

true

ManilaAPIStatus

ManilaAPIStatus defines the observed state of ManilaAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Manila API instances

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

ManilaAPITemplate

ManilaAPITemplate defines the input parameter for the ManilaAPI service

Field Description Scheme Required

containerImage

ContainerImage - Manila API Container Image URL

string

true

ManilaAPITemplateCore

ManilaAPITemplateCore -

Field Description Scheme Required

replicas

Replicas - Manila API Replicas

*int32

true

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

ManilaScheduler

ManilaScheduler is the Schema for the manilaschedulers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

ManilaSchedulerSpec

false

status

ManilaSchedulerStatus

false

ManilaSchedulerList

ManilaSchedulerList contains a list of ManilaScheduler

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]ManilaScheduler

true

ManilaSchedulerSpec

ManilaSchedulerSpec defines the desired state of ManilaScheduler

Field Description Scheme Required

databaseHostname

DatabaseHostname - manila Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

extraMounts

ExtraMounts containing conf files and credentials

[]ManilaExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

ManilaSchedulerStatus

ManilaSchedulerStatus defines the observed state of ManilaScheduler

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of Manila Scheduler instances

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

ManilaSchedulerTemplate

ManilaSchedulerTemplate defines the input parameter for the ManilaScheduler service

Field Description Scheme Required

containerImage

ContainerImage - Manila API Container Image URL

string

true

ManilaSchedulerTemplateCore

ManilaSchedulerTemplateCore -

Field Description Scheme Required

replicas

Replicas - Manila API Replicas

*int32

true

ManilaShare

ManilaShare is the Schema for the manilashares API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

ManilaShareSpec

false

status

ManilaShareStatus

false

ManilaShareList

ManilaShareList contains a list of ManilaShare

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]ManilaShare

true

ManilaShareSpec

ManilaShareSpec defines the desired state of ManilaShare

Field Description Scheme Required

databaseHostname

DatabaseHostname - manila Database Hostname

string

false

transportURLSecret

Secret containing RabbitMq transport URL

string

false

extraMounts

ExtraMounts containing conf files and credentials

[]ManilaExtraVolMounts

false

serviceAccount

ServiceAccount - service account name used internally to provide the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

ManilaShareStatus

ManilaShareStatus defines the observed state of ManilaShare

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount of ManilaShare instances

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

ManilaShareTemplate

ManilaShareTemplate defines the input parameter for the ManilaShare service

Field Description Scheme Required

containerImage

ContainerImage - Manila API Container Image URL

string

true

ManilaShareTemplateCore

ManilaShareTemplateCore -

Field Description Scheme Required

replicas

Replicas - Manila API Replicas

*int32

true

Galera

Galera is the Schema for the galeras API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

GaleraSpec

false

status

GaleraStatus

false

GaleraAttributes

GaleraAttributes holds startup information for a Galera host

Field Description Scheme Required

uuid

UUID of the partition that is seen by the galera node

string

false

seqno

Last recorded replication sequence number in the DB

string

true

safe_to_bootstrap

This galera node can bootstrap a galera cluster

bool

false

no_grastate

This galera node has its state recovered from the DB

bool

false

gcomm

Gcomm URI used to connect to the galera cluster

string

false

containerID

Identifier of the container at the time the gcomm URI was injected

string

false

GaleraList

GaleraList contains a list of Galera

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Galera

true

GaleraSpec

GaleraSpec defines the desired state of Galera

Field Description Scheme Required

containerImage

Name of the galera container image to run (will be set to environmental default if empty)

string

true

GaleraSpecCore

GaleraSpec defines the desired state of Galera

Field Description Scheme Required

secret

Name of the secret to look for password keys

string

true

storageClass

Storage class to host the mariadb databases

string

true

storageRequest

Storage size allocated for the mariadb databases

string

true

replicas

Size of the galera cluster deployment

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

customServiceConfig

Customize config using this parameter to change service defaults, or overwrite rendered information using raw MariaDB config format. The content gets added to /etc/my.cnf.d/galera_custom.cnf

string

false

tls

TLS settings for MySQL service and internal Galera replication

tls.SimpleService

false

disableNonTLSListeners

When TLS is configured, only allow connections to the DB over TLS

bool

false

logToDisk

Log Galera pod’s output to disk

bool

true

GaleraStatus

GaleraStatus defines the observed state of Galera

Field Description Scheme Required

attributes

A map of database node attributes for each pod

map[string]GaleraAttributes

false

safeToBootstrap

Name of the node that can safely bootstrap a cluster

string

false

bootstrapped

Is the galera cluster currently running

bool

true

stopRequired

Does the galera cluster requires to be stopped globally

bool

true

clusterProperties

Map of properties that require full cluster restart if changed

map[string]string

false

hash

Map of hashes to track input changes

map[string]string

false

conditions

Deployment Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

MariaDBAccount

MariaDBAccount is the Schema for the mariadbaccounts API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

MariaDBAccountSpec

false

status

MariaDBAccountStatus

false

MariaDBAccountList

MariaDBAccountList contains a list of MariaDBAccount

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]MariaDBAccount

true

MariaDBAccountSpec

MariaDBAccountSpec defines the desired state of MariaDBAccount

Field Description Scheme Required

userName

UserName for new account

string

true

secret

Name of secret which contains DatabasePassword

string

true

requireTLS

Account must use TLS to connect to the database

bool

true

MariaDBAccountStatus

MariaDBAccountStatus defines the observed state of MariaDBAccount

Field Description Scheme Required

conditions

Deployment Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

MariaDBDatabase

MariaDBDatabase is the Schema for the mariadbdatabases API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

MariaDBDatabaseSpec

false

status

MariaDBDatabaseStatus

false

MariaDBDatabaseList

MariaDBDatabaseList contains a list of MariaDBDatabase

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]MariaDBDatabase

true

MariaDBDatabaseSpec

MariaDBDatabaseSpec defines the desired state of MariaDBDatabase

Field Description Scheme Required

secret

Name of secret which contains DatabasePassword (deprecated)

*string

false

name

Name of the database in MariaDB

string

false

defaultCharacterSet

Default character set for this database

string

false

defaultCollation

Default collation for this database

string

false

MariaDBDatabaseStatus

MariaDBDatabaseStatus defines the observed state of MariaDBDatabase

Field Description Scheme Required

conditions

Deployment Conditions

condition.Conditions

false

completed

bool

false

hash

Map of hashes to track e.g. job status

map[string]string

false

tlsSupport

Whether TLS is supported by the DB instance

bool

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

NeutronAPI

NeutronAPI is the Schema for the neutronapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NeutronAPISpec

false

status

NeutronAPIStatus

false

NeutronAPIList

NeutronAPIList contains a list of NeutronAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NeutronAPI

true

NeutronAPISpec

NeutronAPISpec defines the desired state of NeutronAPI

Field Description Scheme Required

containerImage

NeutronAPI Container Image URL (will be set to environmental default if empty)

string

true

NeutronAPISpecCore

NeutronAPISpecCore -

Field Description Scheme Required

apiTimeout

APITimeout for HAProxy, Apache

int

true

serviceUser

ServiceUser - optional username used for this service to register in neutron

string

true

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount CR name used for neutron DB, defaults to neutron

string

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Neutron

string

true

memcachedInstance

Memcached instance name.

string

true

replicas

Replicas of neutron API to run

*int32

true

secret

Secret containing OpenStack password information for NeutronPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the ServiceUser password from the Secret

PasswordSelector

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

corePlugin

CorePlugin - Neutron core plugin to use. Using "ml2" if not set.

string

true

ml2MechanismDrivers

Ml2MechanismDrivers - list of ml2 drivers to enable. Using {"ovn"} if not set.

[]string

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like policy.yaml

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

extraMounts

ExtraMounts containing conf files

[]NeutronExtraVolMounts

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

NeutronApiTLS

false

NeutronAPIStatus

NeutronAPIStatus defines the observed state of NeutronAPI

Field Description Scheme Required

readyCount

ReadyCount of neutron API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Neutron Database Hostname

string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NeutronApiTLS

Field Description Scheme Required

api

API tls type which encapsulates for API services

tls.APIService

false

ovn

Ovn GenericService - holds the secret for the OvnDb client cert

tls.GenericService

false

NeutronExtraVolMounts

NeutronExtraVolMounts exposes additional parameters processed by the neutron-operator and defines the common VolMounts structure provided by the main storage module

Field Description Scheme Required

name

string

false

region

string

false

extraVol

[]storage.VolMounts

true

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Database - Selector to get the neutron service password from the Secret

string

true

NovaCellImages

Field Description Scheme Required

conductorContainerImageURL

ConductorContainerImageURL

string

true

metadataContainerImageURL

MetadataContainerImageURL

string

true

novncproxyContainerImageURL

NoVNCContainerImageURL

string

true

computeContainerImageURL

NovaComputeContainerImageURL

string

true

NovaImages

Field Description Scheme Required

apiContainerImageURL

APIContainerImageURL

string

true

schedulerContainerImageURL

SchedulerContainerImageURL

string

true

NovaServiceBase

NovaServiceBase contains the fields that are needed for each nova service CRD

Field Description Scheme Required

containerImage

The service specific Container Image URL (will be set to environmental default if empty)

string

true

replicas

Replicas of the service to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the keystone service user password from the Secret

string

true

metadataSecret

MetadataSecret - the name of the field to get the metadata secret from the Secret

string

true

prefixMetadataCellsSecret

prefixMetadataCellsSecret - the prefix name of the field to get the metadata secret from the Secret for cells. Vale of metadata_proxy_shared_secret information for the nova-metadata service. This secret is shared between nova and neutron ovn-metadata inside selected cell and if this is not defined the global metadata_proxy_shared_secret secret will be used

string

true

Nova

Nova is the Schema for the nova API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaSpec

false

status

NovaStatus

false

NovaList

NovaList contains a list of Nova

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Nova

true

NovaSpecCore

NovaSpecCore defines the template for NovaSpec used in OpenStackControlPlane

Field Description Scheme Required

keystoneInstance

KeystoneInstance to name of the KeystoneAPI CR to select the Service instance used by the Nova services to authenticate.

string

true

apiDatabaseInstance

APIDatabaseInstance is the name of the MariaDB CR to select the DB Service instance used for the Nova API DB.

string

true

apiMessageBusInstance

APIMessageBusInstance is the name of the RabbitMqCluster CR to select the Message Bus Service instance used by the Nova top level services to communicate.

string

true

cellTemplates

Cells is a mapping of cell names to NovaCellTemplate objects defining the cells in the deployment. The "cell0" cell is a mandatory cell in every deployment. Moreover any real deployment needs at least one additional normal cell as "cell0" cannot have any computes.

map[string]NovaCellTemplate

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

apiDatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the API DB

string

true

secret

Secret is the name of the Secret instance containing password information for nova like the keystone service password and DB passwords

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser passwords from the Secret

PasswordSelector

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting NodeSelector here acts as a default value and can be overridden by service specific NodeSelector Settings.

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

apiServiceTemplate

APIServiceTemplate - define the nova-api service

NovaAPITemplate

true

schedulerServiceTemplate

SchedulerServiceTemplate- define the nova-scheduler service

NovaSchedulerTemplate

true

metadataServiceTemplate

MetadataServiceTemplate - defines the metadata service that is global for the deployment serving all the cells. Note that if you want to deploy metadata per cell then the metadata service should be disabled here and enabled in the cellTemplates instead.

NovaMetadataTemplate

true

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

NovaStatus

NovaStatus defines the observed state of Nova

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

apiServiceReadyCount

APIServiceReadyCount defines the number or replicas ready from nova-api

int32

false

schedulerServiceReadyCount

SchedulerServiceReadyCount defines the number or replicas ready from nova-scheduler

int32

false

metadataServiceReadyCount

MetadataReadyCount defines the number of replicas ready from nova-metadata service

int32

false

registeredCells

RegisteredCells is a map keyed by cell names that are registered in the nova_api database with a value that is the hash of the given cell configuration.

map[string]string

false

discoveredCells

DiscoveredCells is a map keyed by cell names that have discovered all kubernetes managed computes in cell value is a hash of config from all kubernetes managed computes in cell

map[string]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes.

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

NovaAPI

NovaAPI is the Schema for the novaapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaAPISpec

false

status

NovaAPIStatus

false

NovaAPIList

NovaAPIList contains a list of NovaAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaAPI

true

NovaAPISpec

NovaAPISpec defines the desired state of NovaAPI

Field Description Scheme Required

secret

Secret is the name of the Secret instance containing password information for the nova-api service. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

KeystoneAuthURL configures the keystone API endpoint to be used by the service for authentication and authorization

string

true

keystonePublicAuthURL

KeystonePublicAuthURL configures the public keystone API endpoint. This can be different from KeystoneAuthURL. The service uses this value to redirect unauthenticated users.

string

true

apiDatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the API DB

string

true

apiDatabaseHostname

APIDatabaseHostname - hostname to use when accessing the API DB

string

true

cell0DatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the cell0 DB

string

true

cell0DatabaseHostname

APIDatabaseHostname - hostname to use when accessing the cell0 DB

string

true

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

registeredCells

RegisteredCells is a map keyed by cell names that are registered in the nova_api database with a value that is the hash of the given cell configuration. This is used to detect when a new cell is added or an existing cell is reconfigured to trigger refresh of the in memory cell caches of the service.

map[string]string

true

tls

TLS - Parameters related to the TLS

tls.API

false

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like e.g. api-paste.ini or policy.yaml.

map[string]string

false

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

NovaAPIStatus

NovaAPIStatus defines the observed state of NovaAPI

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount defines the number of replicas ready from nova-api

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaAPITemplate

NovaAPITemplate defines the input parameters specified by the user to create a NovaAPI via higher level CRDs. NOTE(gibi): NovaAPITemplate has the same structure than NovaServiceBase BUT we want to default ContainerImage for the template, therefore the structs are duplicated.

Field Description Scheme Required

replicas

Replicas of the service to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like e.g. api-paste.ini or policy.yaml.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

NovaCell

NovaCell is the Schema for the novacells API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaCellSpec

false

status

NovaCellStatus

false

NovaCellDBPurge

NovaCellDBPurge defines the parameters for the DB archiving and purging cron job

Field Description Scheme Required

schedule

Schedule defines when to run the DB maintenance job in a cron format. By default it runs every midnight.

*string

true

archiveAge

ArchiveAge defines the minimum age of the records in days that can be moved to the shadow tables.

*int

true

purgeAge

PurgeAge defines the minimum age of the records in days that can be deleted from the shadow tables

*int

true

NovaCellList

NovaCellList contains a list of NovaCell

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaCell

true

NovaCellSpec

NovaCellSpec defines the desired state of NovaCell

Field Description Scheme Required

cellName

CellName is the name of the Nova Cell. The value "cell0" has a special meaning. The "cell0" Cell cannot have compute nodes associated and the conductor in this cell acts as the super conductor for all the cells in the deployment.

string

true

secret

Secret is the name of the Secret instance containing password information for the nova cell. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this services.

*map[string]string

false

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

KeystoneAuthURL - the URL that the service in the cell can use to talk to keystone

string

true

apiDatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the API DB

string

true

apiDatabaseHostname

APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0.

string

true

cellDatabaseAccount

CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB

string

true

cellDatabaseHostname

CellDatabaseHostname - hostname to use when accessing the cell DB

string

true

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

conductorServiceTemplate

ConductorServiceTemplate - defines the cell conductor deployment for the cell

NovaConductorTemplate

true

metadataServiceTemplate

MetadataServiceTemplate - defines the metadata service dedicated for the cell.

NovaMetadataTemplate

true

noVNCProxyServiceTemplate

NoVNCProxyServiceTemplate - defines the novncproxy service dedicated for the cell.

NovaNoVNCProxyTemplate

true

novaComputeTemplates

NovaComputeTemplates - map of nova computes template with selected drivers in format compute_name: compute_template. Key from map is arbitrary name for the compute. because of that there is a 20 character limit on the compute name.

map[string]NovaComputeTemplate

false

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

dbPurge

DBPurge defines the parameters for the DB archiving and purging cron job

NovaCellDBPurge

true

NovaCellStatus

NovaCellStatus defines the observed state of NovaCell

Field Description Scheme Required

hash

INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

conductorServiceReadyCount

ConductorServiceReadyCount defines the number of replicas ready from nova-conductor service in the cell

int32

false

metadataServiceReadyCount

MetadataServiceReadyCount defines the number of replicas ready from nova-metadata service in the cell

int32

false

noVNCProxyServiceReadyCount

NoVNCPRoxyServiceReadyCount defines the number of replicas ready from nova-novncproxy service in the cell

int32

false

novaComputesStatus

NovaComputesStatus is a map with format cell_name: NovaComputeCellStatus where NovaComputeCellStatus tell if compute with selected name deployed successfully and indicates if the compute is successfully mapped to the cell in the nova_api database. When a compute is removed from the Spec the operator will delete the related NovaCompute CR and then remove the compute from this Status field.

map[string]NovaComputeCellStatus

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaCellTemplate

NovaCellTemplate defines the input parameters specified by the user to create a NovaCell via higher level CRDs.

Field Description Scheme Required

cellDatabaseInstance

CellDatabaseInstance is the name of the MariaDB CR to select the DB Service instance used as the DB of this cell.

string

true

cellDatabaseAccount

CellDatabaseAccount - MariaDBAccount to use when accessing the give cell DB

string

true

cellMessageBusInstance

CellMessageBusInstance is the name of the RabbitMqCluster CR to select the Message Bus Service instance used by the nova services to communicate in this cell. For cell0 it is unused.

string

true

hasAPIAccess

HasAPIAccess defines if this Cell is configured to have access to the API DB and message bus.

bool

true

nodeSelector

NodeSelector to target subset of worker nodes running cell.

*map[string]string

false

conductorServiceTemplate

ConductorServiceTemplate - defines the cell conductor deployment for the cell.

NovaConductorTemplate

true

metadataServiceTemplate

MetadataServiceTemplate - defines the metadata service dedicated for the cell. Note that for cell0 metadata service should not be deployed. Also if metadata service needs to be deployed per cell here then it should not be enabled to be deployed on the top level via the Nova CR at the same time. By default Nova CR deploys the metadata service at the top level and disables it on the cell level.

NovaMetadataTemplate

true

noVNCProxyServiceTemplate

NoVNCProxyServiceTemplate - defines the novncproxy service dedicated for the cell. Note that for cell0 novncproxy should not be deployed so the enabled field of this template is defaulted to false in cell0 but defaulted to true in other cells.

NovaNoVNCProxyTemplate

true

novaComputeTemplates

NovaComputeTemplates - map of nova computes template with selected drivers in format compute_name: compute_template. Key from map is arbitrary name for the compute with a limit of 20 characters.

map[string]NovaComputeTemplate

false

memcachedInstance

MemcachedInstance is the name of the Memcached CR that the services in the cell will use. If defined then this takes precedence over Nova.Spec.MemcachedInstance for this cel

string

true

dbPurge

DBPurge defines the parameters for the DB archiving and purging cron job

NovaCellDBPurge

true

NovaCompute

NovaCompute is the Schema for the NovaCompute

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaComputeSpec

false

status

NovaComputeStatus

false

NovaComputeCellStatus

NovaComputeCellStatus defines state of NovaCompute in cell

Field Description Scheme Required

deployed

Deployed value: true means that the compute is deployed but can still be undiscovered

bool

true

errors

Errors value True means that during deployment, errors appear, and the user needs to check the compute for problems

bool

true

NovaComputeList

NovaComputeList contains a list of NovaCompute

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaCompute

true

NovaComputeSpec

NovaComputeSpec defines the desired state of NovaCompute

Field Description Scheme Required

cellName

CellName is the name of the Nova Cell this NovaCompute belongs to.

string

true

computeName

ComputeName - compute name.

string

true

secret

Secret is the name of the Secret instance containing password information for the NovaCompute service. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

computeDriver

ComputeDriver defines which driver to use for controlling virtualization

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like e.g. provider.yaml

map[string]string

false

NovaComputeStatus

NovaComputeStatus defines the observed state of NovaCompute

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount defines the number of replicas ready from NovaCompute

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaComputeTemplate

NovaComputeTemplate defines the input parameters specified by the user to create a NovaCompute via higher level CRDs.

Field Description Scheme Required

replicas

Replicas of the service to run. For ironic.IronicDriver the max replica is 1

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like e.g. provider.yaml

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

computeDriver

ComputeDriver - defines which driver to use for controlling virtualization

string

true

NovaConductor

NovaConductor is the Schema for the novaconductors API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaConductorSpec

false

status

NovaConductorStatus

false

NovaConductorList

NovaConductorList contains a list of NovaConductor

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaConductor

true

NovaConductorSpec

NovaConductorSpec defines the desired state of NovaConductor

Field Description Scheme Required

cellName

CellName is the name of the Nova Cell this conductor belongs to.

string

true

secret

Secret is the name of the Secret instance containing password information for the nova-conductor service. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

KeystoneAuthURL - the URL that the nova-conductor service can use to talk to keystone

string

true

apiDatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the API DB

string

true

apiDatabaseHostname

APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0.

string

true

cellDatabaseAccount

CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB

string

true

cellDatabaseHostname

NOTE(gibi): This should be Required, see notes in KeystoneAuthURL CellDatabaseHostname - hostname to use when accessing the cell DB

string

true

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

dbPurge

DBPurge defines the parameters for the DB archiving and purging cron job

NovaCellDBPurge

true

NovaConductorStatus

NovaConductorStatus defines the observed state of NovaConductor

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount defines the number of replicas ready from nova-conductor

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaConductorTemplate

NovaConductorTemplate defines the input parameters specified by the user to create a NovaConductor via higher level CRDs.

Field Description Scheme Required

replicas

Replicas of the service to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

MetadataOverrideSpec

MetadataOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster for internal communication.

*service.OverrideSpec

false

NovaMetadata

NovaMetadata is the Schema for the novametadata API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaMetadataSpec

false

status

NovaMetadataStatus

false

NovaMetadataList

NovaMetadataList contains a list of NovaMetadata

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaMetadata

true

NovaMetadataSpec

NovaMetadataSpec defines the desired state of NovaMetadata

Field Description Scheme Required

cellName

CellName is the name of the Nova Cell this metadata service belongs to. If not provided then the metadata serving every cells in the deployment

string

false

secret

Secret is the name of the Secret instance containing password information for the nova-conductor service. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

KeystoneAuthURL - the URL that the nova-metadata service can use to talk to keystone

string

true

apiDatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the API DB

string

true

apiDatabaseHostname

APIDatabaseHostname - hostname to use when accessing the API DB. This filed is Required if the CellName is not provided

string

true

cellDatabaseAccount

CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB

string

true

cellDatabaseHostname

CellDatabaseHostname - hostname to use when accessing the cell DB This is unused if CellName is not provided. But if it is provided then CellDatabaseHostName is also Required.

string

true

override

Override, provides the ability to override the generated manifest of several child resources.

MetadataOverrideSpec

false

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

registeredCells

RegisteredCells is a map keyed by cell names that are registered in the nova_api database with a value that is the hash of the given cell configuration. This is used to detect when a new cell is added or an existing cell is reconfigured to trigger refresh of the in memory cell caches of the service. This is empty for the case when nova-metadata runs within the cell.

map[string]string

false

tls

TLS - Parameters related to the TLS

tls.SimpleService

false

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like e.g. api-paste.ini.

map[string]string

false

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

NovaMetadataStatus

NovaMetadataStatus defines the observed state of NovaMetadata

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount defines the number of replicas ready from nova-metadata

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaMetadataTemplate

NovaMetadataTemplate defines the input parameters specified by the user to create a NovaMetadata via higher level CRDs.

Field Description Scheme Required

enabled

Enabled - Whether NovaMetadata services should be deployed and managed. If it is set to false then the related NovaMetadata CR will be deleted if exists and owned by a higher level nova CR (Nova or NovaCell). If it exist but not owned by a higher level nova CR then the NovaMetadata CR will not be touched. If it is set to true the a NovaMetadata CR will be created. If there is already a manually created NovaMetadata CR with the relevant name then this operator will not try to update that CR, instead the higher level nova CR will be in error state until the manually create NovaMetadata CR is deleted manually.

*bool

true

replicas

Replicas of the service to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like e.g. api-paste.ini.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

MetadataOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.SimpleService

false

NovaNoVNCProxy

NovaNoVNCProxy is the Schema for the novanovncproxies API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaNoVNCProxySpec

false

status

NovaNoVNCProxyStatus

false

NovaNoVNCProxyList

NovaNoVNCProxyList contains a list of NovaNoVNCProxy

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaNoVNCProxy

true

NovaNoVNCProxySpec

NovaNoVNCProxySpec defines the desired state of NovaNoVNCProxy

Field Description Scheme Required

cellName

CellName is the name of the Nova Cell this novncproxy belongs to.

string

true

secret

Secret is the name of the Secret instance containing password information for the nova-novncproxy service. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

KeystoneAuthURL - the URL that the nova-novncproxy service can use to talk to keystone

string

true

cellDatabaseAccount

CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB

string

true

cellDatabaseHostname

CellDatabaseHostname - hostname to use when accessing the cell DB

string

true

override

Override, provides the ability to override the generated manifest of several child resources.

VNCProxyOverrideSpec

false

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

tls

TLS - Parameters related to the TLS

TLSSection

true

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

NovaNoVNCProxyStatus

NovaNoVNCProxyStatus defines the observed state of NovaNoVNCProxy

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount defines the number of replicas ready from nova-novncproxy

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaNoVNCProxyTemplate

NovaNoVNCProxyTemplate defines the input parameters specified by the user to create a NovaNoVNCProxy via higher level CRDs.

Field Description Scheme Required

enabled

Enabled - Whether NovaNoVNCProxy services should be deployed and managed. If it is set to false then the related NovaNoVNCProxy CR will be deleted if exists and owned by the NovaCell. If it exist but not owned by the NovaCell then the NovaNoVNCProxy will not be touched. If it is set to true the a NovaNoVNCProxy CR will be created. If there is already a manually created NovaNoVNCProxy CR with the relevant name then the cell will not try to update that CR, instead the NovaCell be in error state until the manually create NovaNoVNCProxy CR is deleted by the operator.

*bool

true

replicas

Replicas of the service to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

VNCProxyOverrideSpec

false

tls

TLS - Parameters related to the TLS

TLSSection

true

TLSSection

TLSSection defines the desired state of TLS configuration

Field Description Scheme Required

service

Service - Cert secret used for the nova novnc service endpoint

tls.GenericService

false

vencrypt

Vencrypt - cert secret containing the x509 certificate to be presented to the VNC server. The CommonName field should match the primary hostname of the controller node. If using a HA deployment, the Organization field can also be configured to a value that is common across all console proxy instances in the deployment. https://docs.openstack.org/nova/latest/admin/remote-console-access.html#novnc-proxy-server-configuration

tls.GenericService

false

VNCProxyOverrideSpec

VNCProxyOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster.

*service.RoutedOverrideSpec

false

NovaScheduler

NovaScheduler is the Schema for the novaschedulers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NovaSchedulerSpec

false

status

NovaSchedulerStatus

false

NovaSchedulerList

NovaSchedulerList contains a list of NovaScheduler

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NovaScheduler

true

NovaSchedulerSpec

NovaSchedulerSpec defines the desired state of NovaScheduler

Field Description Scheme Required

secret

Secret is the name of the Secret instance containing password information for the nova-scheduler service. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR.

string

true

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

keystoneAuthURL

KeystoneAuthURL - the URL that the nova-scheduler service can use to talk to keystone

string

true

apiDatabaseAccount

APIDatabaseAccount - MariaDBAccount to use when accessing the API DB

string

true

apiDatabaseHostname

APIDatabaseHostname - hostname to use when accessing the API DB

string

true

cell0DatabaseAccount

Cell0DatabaseAccount - MariaDBAccount to use when accessing the cell0 DB

string

true

cell0DatabaseHostname

Cell0DatabaseHostname - hostname to use when accessing the cell0 DB

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Nova services the default SA name

string

true

registeredCells

RegisteredCells is a map keyed by cell names that are registered in the nova_api database with a value that is the hash of the given cell configuration. This is used to detect when a new cell is added or an existing cell is reconfigured to trigger refresh of the in memory cell caches of the service.

map[string]string

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

memcachedInstance

MemcachedInstance is the name of the Memcached CR that all nova service will use.

string

true

NovaSchedulerStatus

NovaSchedulerStatus defines the observed state of NovaScheduler

Field Description Scheme Required

hash

INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

readyCount

ReadyCount defines the number of replicas ready from nova-scheduler

int32

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

NovaSchedulerTemplate

NovaSchedulerTemplate defines the input parameters specified by the user to create a NovaScheduler via higher level CRDs.

Field Description Scheme Required

replicas

Replicas of the service to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR.

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

OctaviaAmphoraController

OctaviaAmphoraController is the Schema for the octaviaworkers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OctaviaAmphoraControllerSpec

false

status

OctaviaAmphoraControllerStatus

false

OctaviaAmphoraControllerList

OctaviaAmphoraControllerList contains a list of OctaviaWorker

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OctaviaAmphoraController

true

OctaviaAmphoraControllerSpec

OctaviaAmphoraControllerSpec defines common state for all Octavia Amphora Controllers

Field Description Scheme Required

containerImage

ContainerImage - Amphora Controller Container Image URL

string

false

OctaviaAmphoraControllerSpecCore

OctaviaAmphoraControllerSpecCore -

Field Description Scheme Required

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect for the main octavia database

string

true

persistenceDatabaseAccount

PersistenceDatabaseAccount - name of MariaDBAccount which will be used to connect for the persistence database

string

true

databaseHostname

DatabaseHostname - Octavia DB hostname

string

false

serviceUser

ServiceUser - service user name (TODO: beagles, do we need this at all)

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Octavia services the default SA name

string

true

role

Role - the role for the controller (one of worker, housekeeping, healthmanager)

string

true

secret

Secret containing OpenStack password information for octavia OctaviaDatabasePassword, AdminPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the AdminUser password from the Secret

PasswordSelector

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

tenantName

TenantName - the name of the OpenStack tenant that controls the Octavia resources

string

true

lbMgmtNetworkID

string

true

lbSecurityGroupID

string

true

amphoraCustomFlavors

AmphoraCustomFlavors - User-defined flavors for Octavia

[]OctaviaAmphoraFlavor

false

amphoraImageOwnerID

string

false

tls

TLS - Parameters related to the TLS

tls.Ca

false

octaviaProviderSubnetGateway

OctaviaProviderSubnetGateway -

string

true

octaviaProviderSubnetCIDR

OctaviaProviderSubnetCIDR -

string

true

octaviaProviderSubnetExtraCIDRs

OctaviaProviderSubnetExtraCIDRs -

[]string

false

OctaviaAmphoraControllerStatus

OctaviaAmphoraControllerStatus defines the observed state of the Octavia Amphora Controller

Field Description Scheme Required

readyCount

ReadyCount of Octavia Amphora Controllers

int32

false

desiredNumberScheduled

DesiredNumberScheduled - total number of the nodes which should be running Daemon

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachment status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

Octavia

Octavia is the Schema for the octavia API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OctaviaSpec

false

status

OctaviaStatus

false

OctaviaAmphoraFlavor

OctaviaAmphoraFlavor Settings for custom Amphora flavors

Field Description Scheme Required

name

string

true

description

string

true

VCPUs

int

true

RAM

int

true

disk

int

true

RxTxFactor

string

true

OctaviaLbMgmtNetworks

OctaviaLbMgmtNetworks Settings for Octavia management networks

Field Description Scheme Required

manageLbMgmtNetworks

ManageLbMgmtNetworks - when True, octavia-operator creates the Neutron resources needed for its Management Network

bool

true

createDefaultLbMgmtNetwork

CreateDefaultLbMgmtNetwork - when True, octavia-operator creates a Management Network for the default Availability Zone of the control plane. Can be set to false when deploying OpenStack in DCN mode.

bool

true

lbMgmtRouterGateway

LbMgmtRouterGateway is the IP address of the Octavia router on the Provider network, it’s optional and used only when the routing informations are not passed through the Network Attachment Definition

string

false

availabilityZones

Availability zones for the octavia management network resources

[]string

false

availabilityZoneCIDRs

AvailabilityZoneCIDRs are the CIDRs of each management network associated with an Availability Zone (ex: {"az":"172.34.0.0/24", …​})

map[string]string

false

OctaviaList

OctaviaList contains a list of Octavia

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Octavia

true

OctaviaSpec

OctaviaSpec defines the desired state of Octavia

Field Description Scheme Required

octaviaAPI

OctaviaAPI - Spec definition for the API service of the Octavia deployment

OctaviaAPISpec

true

octaviaHousekeeping

OctaviaHousekeeping - Spec definition for the Octavia Housekeeping agent for the Octavia deployment

OctaviaAmphoraControllerSpec

true

octaviaHealthManager

OctaviaHousekeeping - Spec definition for the Octavia Housekeeping agent for the Octavia deployment

OctaviaAmphoraControllerSpec

true

octaviaWorker

OctaviaHousekeeping - Spec definition for the Octavia Housekeeping agent for the Octavia deployment

OctaviaAmphoraControllerSpec

true

octaviaRsyslog

OctaviaRsyslog - Spec definition for the Octavia Rsyslog agent for the Octavia deployment

OctaviaRsyslogSpec

true

OctaviaSpecBase

OctaviaSpecBase -

Field Description Scheme Required

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect for the main octavia database

string

true

persistenceDatabaseAccount

PersistenceDatabaseAccount - name of MariaDBAccount which will be used to connect for the persistence database

string

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Octavia

string

true

serviceUser

ServiceUser - service user name

string

true

secret

Secret containing OpenStack password information for octavia’s keystone password; no longer used for database password

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

tenantName

TenantName - the name of the OpenStack tenant that controls the Octavia resources

string

true

lbMgmtNetwork

OctaviaLbMgmtNetworks

true

sshPubkey

LoadBalancerSSHPubKey - The name of the ConfigMap containing the pubilc key for connecting to the amphorae via SSH

string

false

sshPrivkeySecret

LoadBalancerSSHPrivKey - The name of the secret that will be used to store the private key for connecting to amphorae via SSH

string

false

amphoraCustomFlavors

AmphoraCustomFlavors - User-defined flavors for Octavia

[]OctaviaAmphoraFlavor

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

amphoraImageContainerImage

Octavia Container Image URL

string

true

apacheContainerImage

Apache Container Image URL

string

true

apiTimeout

Octavia API timeout

int

true

octaviaNetworkAttachment

OctaviaNetworkAttachment is a NetworkAttachment resource name for the Octavia Management Network

string

true

OctaviaSpecCore

OctaviaSpecCore - this version has no containerImages and is used by OpenStackControlplane

Field Description Scheme Required

octaviaAPI

OctaviaAPI - Spec definition for the API service of the Octavia deployment

OctaviaAPISpecCore

true

octaviaHousekeeping

OctaviaHousekeeping - Spec definition for the Octavia Housekeeping agent for the Octavia deployment

OctaviaAmphoraControllerSpecCore

true

octaviaHealthManager

OctaviaHousekeeping - Spec definition for the Octavia Housekeeping agent for the Octavia deployment

OctaviaAmphoraControllerSpecCore

true

octaviaWorker

OctaviaHousekeeping - Spec definition for the Octavia Housekeeping agent for the Octavia deployment

OctaviaAmphoraControllerSpecCore

true

octaviaRsyslog

OctaviaRsyslog - Spec definition for the Octavia Rsyslog agent for the Octavia deployment

OctaviaRsyslogSpecCore

true

OctaviaStatus

OctaviaStatus defines the observed state of Octavia

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Octavia Database Hostname

string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

apireadyCount

ReadyCount of octavia API instances

int32

false

workerreadyCount

ReadyCount of octavia Worker instances

int32

false

housekeepingreadyCount

ReadyCount of octavia Housekeeping instances

int32

false

healthmanagerreadyCount

ReadyCount of octavia HealthManager instances

int32

false

rsyslogreadyCount

ReadyCount of octavia Rsyslog instances

int32

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

database

Database - Selector to get the octavia Database user password from the Secret

string

false

service

Service - Selector to get the service user password from the Secret

string

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

OctaviaAPI

OctaviaAPI is the Schema for the octaviaapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OctaviaAPISpec

false

status

OctaviaAPIStatus

false

OctaviaAPIList

OctaviaAPIList contains a list of OctaviaAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OctaviaAPI

true

OctaviaAPISpec

OctaviaAPISpec defines the desired state of OctaviaAPI

Field Description Scheme Required

containerImage

Octavia Container Image URL

string

true

OctaviaAPISpecCore

OctaviaAPISpecCore -

Field Description Scheme Required

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect for the main octavia database

string

true

persistenceDatabaseAccount

PersistenceDatabaseAccount - name of MariaDBAccount which will be used to connect for the persistence database

string

true

databaseHostname

DatabaseHostname - Octavia DB hostname

string

false

serviceUser

ServiceUser - service user name

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Octavia services the default SA name

string

true

replicas

Replicas of octavia API to run

*int32

true

secret

Secret containing OpenStack password information for octavia OctaviaDatabasePassword, AdminPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

false

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

tls

TLS - Parameters related to the TLS

OctaviaApiTLS

false

apiTimeout

APITimeout for HAProxy and Apache defaults to OctaviaSpecCore APITimeout (seconds)

int

true

OctaviaAPIStatus

OctaviaAPIStatus defines the observed state of OctaviaAPI

Field Description Scheme Required

readyCount

ReadyCount of octavia API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachment status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

OctaviaApiTLS

Field Description Scheme Required

api

API tls type which encapsulates for API services

tls.APIService

false

ovn

Ovn GenericService - holds the secret for the OvnDb client cert

tls.GenericService

false

OctaviaRsyslog

OctaviaRsyslog is the Schema for the octaviaworkers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OctaviaRsyslogSpec

false

status

OctaviaRsyslogStatus

false

OctaviaRsyslogList

OctaviaRsyslogList contains a list of OctaviaWorker

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OctaviaRsyslog

true

OctaviaRsyslogSpec

OctaviaRsyslogSpec defines common state for all Octavia Amphora Controllers

Field Description Scheme Required

containerImage

ContainerImage - Amphora Controller Container Image URL

string

false

OctaviaRsyslogSpecCore

OctaviaRsyslogSpecCore -

Field Description Scheme Required

serviceUser

ServiceUser - service user name (TODO: beagles, do we need this at all)

string

true

serviceAccount

ServiceAccount - service account name used internally to provide Octavia services the default SA name

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

adminLogTargets

AdminLogTargets is a list of OctaviaRsyslogTarget, the admin logs are forwarded to those targets. Use only when forwarding to an external Rsyslog server.

[]OctaviaRsyslogTarget

false

tenantLogTargets

TenantLogTargets is a list of OctaviaRsyslogTarget, the tenant logs are forwarded to those targets. Use only when forwarding to an external Rsyslog server.

[]OctaviaRsyslogTarget

false

OctaviaRsyslogStatus

OctaviaRsyslogStatus defines the observed state of the Octavia Amphora Controller

Field Description Scheme Required

readyCount

ReadyCount of Octavia Amphora Controllers

int32

false

desiredNumberScheduled

DesiredNumberScheduled - total number of the nodes which should be running Daemon

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachment status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

OctaviaRsyslogTarget

Field Description Scheme Required

host

string

true

port

int

true

protocol

string

true

CPUCountReq

CPUCountReq defines a specific hardware request for CPU core count

Field Description Scheme Required

count

int

false

exactMatch

If ExactMatch == false, actual count > Count will match

bool

false

CPUMhzReq

CPUMhzReq defines a specific hardware request for CPU clock speed

Field Description Scheme Required

mhz

int

false

exactMatch

If ExactMatch == false, actual mhz > Mhz will match

bool

false

CPUReqs

CPUReqs defines specific CPU hardware requests

Field Description Scheme Required

arch

Arch is a scalar (string) because it wouldn’t make sense to give it an "exact-match" option Can be either "x86_64" or "ppc64le" if included

string

false

countReq

CPUCountReq

false

mhzReq

CPUMhzReq

false

DiskGbReq

DiskGbReq defines a specific hardware request for disk size

Field Description Scheme Required

gb

int

false

exactMatch

If ExactMatch == false, actual GB > Gb will match

bool

false

DiskReqs

DiskReqs defines specific disk hardware requests

Field Description Scheme Required

gbReq

DiskGbReq

false

ssdReq

SSD is scalar (bool) because it wouldn’t make sense to give it an "exact-match" option

DiskSSDReq

false

DiskSSDReq

DiskSSDReq defines a specific hardware request for disk of type SSD (true) or rotational (false)

Field Description Scheme Required

ssd

bool

false

exactMatch

We only actually care about SSD flag if it is true or ExactMatch is set to true. This second flag is necessary as SSD’s bool zero-value (false) is indistinguishable from it being explicitly set to false

bool

false

HardwareReqs

HardwareReqs defines request hardware attributes for the BaremetalHost replicas

Field Description Scheme Required

cpuReqs

CPUReqs

false

memReqs

MemReqs

false

diskReqs

DiskReqs

false

HostStatus

HostStatus represents the IPStatus and provisioning state + deployment information

Field Description Scheme Required

provisioningState

ProvisioningState

true

annotatedForDeletion

Host annotated for deletion

bool

true

userDataSecretName

string

true

networkDataSecretName

string

true

IPStatus

IPStatus represents the hostname and IP info for a specific host

Field Description Scheme Required

hostname

string

true

bmhRef

string

true

ipAddresses

map[string]string

true

InstanceSpec

InstanceSpec Instance specific attributes

Field Description Scheme Required

bmhLabelSelector

BmhLabelSelector allows for the selection of a particular BaremetalHost based on arbitrary labels

map[string]string

false

ctlPlaneIP

CtlPlaneIP - Control Plane IP in CIDR notation

string

false

userData

UserData - Host User Data

*corev1.SecretReference

false

networkData

NetworkData - Host Network Data

*corev1.SecretReference

false

MemGbReq

MemGbReq defines a specific hardware request for memory size

Field Description Scheme Required

gb

int

false

exactMatch

If ExactMatch == false, actual GB > Gb will match

bool

false

MemReqs

MemReqs defines specific memory hardware requests

Field Description Scheme Required

gbReq

MemGbReq

false

OpenStackBaremetalSet

OpenStackBaremetalSet is the Schema for the openstackbaremetalsets API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OpenStackBaremetalSetSpec

false

status

OpenStackBaremetalSetStatus

false

OpenStackBaremetalSetList

OpenStackBaremetalSetList contains a list of OpenStackBaremetalSet

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OpenStackBaremetalSet

true

OpenStackBaremetalSetSpec

OpenStackBaremetalSetSpec defines the desired state of OpenStackBaremetalSet

Field Description Scheme Required

baremetalHosts

BaremetalHosts - Map of hostname to Instance Spec for all nodes to provision

map[string]InstanceSpec

false

osImage

OSImage - OS qcow2 image Name

string

false

osContainerImageUrl

OSContainerImageURL - Container image URL for init with the OS qcow2 image (osImage)

string

false

apacheImageUrl

ApacheImageURL - Container image URL for the main container that serves the downloaded OS qcow2 image (osImage)

string

false

agentImageUrl

AgentImageURL - Container image URL for the sidecar container that discovers provisioning network IPs

string

false

automatedCleaningMode

When set to disabled, automated cleaning will be avoided during provisioning and deprovisioning.

AutomatedCleaningMode

false

provisionServerName

ProvisionServerName - Optional. Existing OpenStackProvisionServer to use, else one would be created.

string

false

provisionServerNodeSelector

ProvisonServerNodeSelector to target subset of worker nodes running provision server

map[string]string

false

provisioningInterface

ProvisioningInterface - Optional. If not provided along with ProvisionServerName, it would be discovered from CBO. This is the provisioning interface on the OCP masters/workers.

string

false

deploymentSSHSecret

DeploymentSSHSecret - Name of secret holding the cloud-admin ssh keys

string

true

ctlplaneInterface

CtlplaneInterface - Interface on the provisioned nodes to use for ctlplane network

string

true

ctlplaneGateway

CtlplaneGateway - IP of gateway for ctrlplane network (TODO: acquire this is another manner?)

string

false

ctlplaneNetmask

CtlplaneNetmask - Netmask to use for ctlplane network (TODO: acquire this is another manner?)

string

false

bmhNamespace

BmhNamespace Namespace to look for BaremetalHosts(default: openshift-machine-api)

string

false

bmhLabelSelector

BmhLabelSelector allows for a sub-selection of BaremetalHosts based on arbitrary labels

map[string]string

false

hardwareReqs

Hardware requests for sub-selection of BaremetalHosts with certain hardware specs

HardwareReqs

false

passwordSecret

PasswordSecret the name of the secret used to optionally set the root pwd by adding NodeRootPassword: to the secret data

*corev1.SecretReference

false

cloudUserName

CloudUser to be configured for remote access

string

true

domainName

DomainName is the domain name that will be set on the underlying Metal3 BaremetalHosts (TODO: acquire this is another manner?)

string

false

bootstrapDns

BootstrapDNS - initial DNS nameserver values to set on the BaremetalHosts when they are provisioned. Note that subsequent deployment will overwrite these values

[]string

false

dnsSearchDomains

DNSSearchDomains - initial DNS nameserver values to set on the BaremetalHosts when they are provisioned. Note that subsequent deployment will overwrite these values

[]string

false

OpenStackBaremetalSetStatus

OpenStackBaremetalSetStatus defines the observed state of OpenStackBaremetalSet

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

baremetalHosts

BaremetalHosts that are being processed or have been processed for this OpenStackBaremetalSet

map[string]HostStatus

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

OpenStackProvisionServer

OpenStackProvisionServer used to serve custom images for baremetal provisioning with Metal3

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OpenStackProvisionServerSpec

false

status

OpenStackProvisionServerStatus

false

OpenStackProvisionServerDefaults

OpenStackProvisionServerDefaults -

Field Description Scheme Required

OSContainerImageURL

string

false

AgentImageURL

string

false

ApacheImageURL

string

false

OSImage

string

false

OpenStackProvisionServerList

OpenStackProvisionServerList contains a list of OpenStackProvisionServer

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OpenStackProvisionServer

true

OpenStackProvisionServerSpec

OpenStackProvisionServerSpec defines the desired state of OpenStackProvisionServer

Field Description Scheme Required

port

Port - The port on which the Apache server should listen

int32

true

interface

Interface - An optional interface to use instead of the cluster’s default provisioning interface (if any)

string

false

osImage

OSImage - OS qcow2 image (compressed as gz, or uncompressed)

string

true

osImageDir

OSImageDir - Directory on the container which holds the OS qcow2 image and checksum

*string

true

osContainerImageUrl

OSContainerImageURL - Container image URL for init with the OS qcow2 image (osImage)

string

true

apacheImageUrl

ApacheImageURL - Container image URL for the main container that serves the downloaded OS qcow2 image (osImage)

string

true

agentImageUrl

AgentImageURL - Container image URL for the sidecar container that discovers provisioning network IPs

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this provision server

map[string]string

false

resources

Resources - Compute Resources required by this provision server (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

OpenStackProvisionServerStatus

OpenStackProvisionServerStatus defines the observed state of OpenStackProvisionServer

Field Description Scheme Required

readyCount

ReadyCount of provision server Apache instances

int32

false

conditions

Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

provisionIp

IP of the provisioning interface on the node running the ProvisionServer pod

string

false

localImageUrl

URL of provisioning image on underlying Apache web server

string

false

osImageChecksumFilename

Filename of OSImage checksum

string

false

osImageChecksumType

OSImage checksum type

metal3v1.ChecksumType

false

localImageChecksumUrl

URL of provisioning image checksum on underlying Apache web server

string

false

OVNController

OVNController is the Schema for the ovncontrollers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OVNControllerSpec

false

status

OVNControllerStatus

false

OVNControllerList

OVNControllerList contains a list of OVNController

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OVNController

true

OVNControllerSpec

OVNControllerSpec defines the desired state of OVNController

Field Description Scheme Required

ovsContainerImage

Image used for the ovsdb-server and ovs-vswitchd containers (will be set to environmental default if empty)

string

true

ovnContainerImage

Image used for the ovn-controller container (will be set to environmental default if empty)

string

true

OVNControllerSpecCore

OVNControllerSpecCore -

Field Description Scheme Required

external-ids

OVSExternalIDs

true

nicMappings

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

networkAttachment

NetworkAttachment is a NetworkAttachment resource name to expose the service to the given network. If specified the IP address of this network is used as the OVNEncapIP.

string

true

tls

TLS - Parameters related to TLS

tls.SimpleService

false

OVNControllerStatus

OVNControllerStatus defines the observed state of OVNController

Field Description Scheme Required

numberReady

NumberReady of the OVNController instances

int32

false

ovsNumberReady

ovsNumberReady of ovs instances

int32

false

desiredNumberScheduled

DesiredNumberScheduled - total number of the nodes which should be running Daemon

int32

false

conditions

Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes.

int64

false

OVSExternalIDs

OVSExternalIDs is a set of configuration options for OVS external-ids table

Field Description Scheme Required

system-id

string

false

ovn-bridge

string

false

ovn-encap-type

string

false

availability-zones

[]string

false

enable-chassis-as-gateway

*bool

true

OVNDBCluster

OVNDBCluster is the Schema for the ovndbclusters API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OVNDBClusterSpec

false

status

OVNDBClusterStatus

false

OVNDBClusterList

OVNDBClusterList contains a list of OVNDBCluster

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OVNDBCluster

true

OVNDBClusterOverrideSpec

OVNDBClusterOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster.

*service.OverrideSpec

false

OVNDBClusterSpec

OVNDBClusterSpec defines the desired state of OVNDBCluster

Field Description Scheme Required

containerImage

ContainerImage - Container Image URL (will be set to environmental default if empty)

string

true

OVNDBClusterSpecCore

OVNDBClusterSpecCore -

Field Description Scheme Required

dbType

DBType - NB or SB

string

true

replicas

Replicas of OVN DBCluster to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

logLevel

LogLevel - Set log level info, dbg, emer etc

string

false

electionTimer

OVN Northbound and Southbound RAFT db election timer to use on db creation (in milliseconds)

int32

true

inactivityProbe

Probe interval for the OVSDB session (in milliseconds)

int32

true

probeIntervalToActive

Active probe interval from standby to active ovsdb-server remote

int32

true

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

storageClass

StorageClass

string

false

storageRequest

StorageRequest

string

true

networkAttachment

NetworkAttachment is a NetworkAttachment resource name to expose the service to the given network. If specified the IP address of this network is used as the dbAddress connection.

string

true

tls

TLS - Parameters related to TLS

tls.SimpleService

false

override

Override, provides the ability to override the generated manifest of several child resources.

OVNDBClusterOverrideSpec

false

OVNDBClusterStatus

OVNDBClusterStatus defines the observed state of OVNDBCluster

Field Description Scheme Required

readyCount

ReadyCount of OVN DBCluster instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

dbAddress

DBAddress - DB IP address used by external nodes

string

false

internalDbAddress

InternalDBAddress - DB IP address used by other Pods in the cluster

string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes.

int64

false

OVNNorthd

OVNNorthd is the Schema for the ovnnorthds API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

OVNNorthdSpec

false

status

OVNNorthdStatus

false

OVNNorthdList

OVNNorthdList contains a list of OVNNorthd

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]OVNNorthd

true

OVNNorthdSpec

OVNNorthdSpec defines the desired state of OVNNorthd

Field Description Scheme Required

containerImage

ContainerImage - Container Image URL (will be set to environmental default if empty)

string

true

OVNNorthdSpecCore

OVNNorthdSpecCore -

Field Description Scheme Required

replicas

Replicas of OVN Northd to run

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

logLevel

LogLevel - Set log level info, dbg, emer etc

string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

tls

TLS - Parameters related to TLS

tls.SimpleService

false

nThreads

NThreads sets number of threads used for building logical flows

*int32

true

OVNNorthdStatus

OVNNorthdStatus defines the observed state of OVNNorthd

Field Description Scheme Required

readyCount

ReadyCount of OVN Northd instances

int32

false

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes.

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

PasswordSelector

PasswordSelector to identify the DB and AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the service user password from the Secret

string

true

PlacementAPI

PlacementAPI is the Schema for the placementapis API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

PlacementAPISpec

false

status

PlacementAPIStatus

false

PlacementAPIList

PlacementAPIList contains a list of PlacementAPI

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]PlacementAPI

true

PlacementAPISpec

PlacementAPISpec defines the desired state of PlacementAPI

Field Description Scheme Required

containerImage

PlacementAPI Container Image URL (will be set to environmental default if empty)

string

true

PlacementAPISpecCore

PlacementAPISpecCore -

Field Description Scheme Required

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - name of MariaDBAccount which will be used to connect.

string

true

replicas

Replicas of placement API to run

*int32

true

secret

Secret containing OpenStack password information for placement PlacementPassword

string

true

passwordSelectors

PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret

PasswordSelector

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

true

defaultConfigOverwrite

DefaultConfigOverwrite - interface to overwrite default config files like policy.yaml.

map[string]string

false

resources

Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

corev1.ResourceRequirements

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

tls

TLS - Parameters related to the TLS

tls.API

false

PlacementAPIStatus

PlacementAPIStatus defines the observed state of PlacementAPI

Field Description Scheme Required

readyCount

ReadyCount of placement API instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

databaseHostname

Placement Database Hostname

string

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes.

int64

false

Swift

Swift is the Schema for the swifts API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

SwiftSpec

false

status

SwiftStatus

false

SwiftList

SwiftList contains a list of Swift

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Swift

true

SwiftSpec

SwiftSpec defines the desired state of Swift

Field Description Scheme Required

swiftRing

SwiftRing - Spec definition for the Ring service of this Swift deployment

SwiftRingSpec

true

swiftStorage

SwiftStorage - Spec definition for the Storage service of this Swift deployment

SwiftStorageSpec

true

swiftProxy

SwiftProxy - Spec definition for the Proxy service of this Swift deployment

SwiftProxySpec

true

SwiftSpecBase

SwiftSpecBase -

Field Description Scheme Required

storageClass

Storage class. This is passed to SwiftStorage unless storageClass is explicitly set for the SwiftStorage.

string

true

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

memcachedInstance

Memcached instance name.

string

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

SwiftSpecCore

SwiftSpecCore defines the desired state of Swift (this version is used by OpenStackControlplane)

Field Description Scheme Required

swiftRing

SwiftRing - Spec definition for the Ring service of this Swift deployment

SwiftRingSpecCore

true

swiftStorage

SwiftStorage - Spec definition for the Storage service of this Swift deployment

SwiftStorageSpecCore

true

swiftProxy

SwiftProxy - Spec definition for the Proxy service of this Swift deployment

SwiftProxySpecCore

true

SwiftStatus

SwiftStatus defines the observed state of Swift

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

PasswordSelector

PasswordSelector to identify the AdminUser password from the Secret

Field Description Scheme Required

service

Service - Selector to get the Swift service password from the Secret

string

true

ProxyOverrideSpec

ProxyOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

SwiftProxy

SwiftProxy is the Schema for the swiftproxies API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

SwiftProxySpec

false

status

SwiftProxyStatus

false

SwiftProxyList

SwiftProxyList contains a list of SwiftProxy

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]SwiftProxy

true

SwiftProxySpec

SwiftProxySpec defines the desired state of SwiftProxy

Field Description Scheme Required

containerImageProxy

Swift Proxy Container Image URL

string

true

SwiftProxySpecCore

SwiftProxySpecCore -

Field Description Scheme Required

replicas

Replicas of Swift Proxy

*int32

true

serviceUser

ServiceUser - optional username used for this service to register in Swift

string

true

secret

Secret containing OpenStack password information for Swift service user password

string

true

passwordSelectors

PasswordSelector - Selector to choose the Swift user password from the Secret

PasswordSelector

true

override

Override, provides the ability to override the generated manifest of several child resources.

ProxyOverrideSpec

false

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

memcachedInstance

Memcached instance name.

string

true

rabbitMqClusterName

RabbitMQ instance name to request a transportURL for Ceilometer middleware

string

true

tls

TLS - Parameters related to the TLS

tls.API

false

defaultConfigOverwrite

DefaultConfigOverwrite - can be used to add additionalfiles. Those get added to the service config dir in /etc/-conf.d

map[string]string

false

encryptionEnabled

Encrypts new objects at rest

bool

true

ceilometerEnabled

Enables ceilometer in the swift proxy and creates required resources

bool

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

SwiftProxyStatus

SwiftProxyStatus defines the observed state of SwiftProxy

Field Description Scheme Required

readyCount

ReadyCount of SwiftProxy instances

int32

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

hash

Map of hashes to track e.g. job status

map[string]string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

SwiftDisk

Field Description Scheme Required

device

string

true

path

string

true

weight

int32

true

region

int32

true

zone

int32

true

SwiftRing

SwiftRing is the Schema for the swiftrings API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

SwiftRingSpec

false

status

SwiftRingStatus

false

SwiftRingList

SwiftRingList contains a list of SwiftRing

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]SwiftRing

true

SwiftRingSpec

SwiftRingSpec defines the desired state of SwiftRing

Field Description Scheme Required

containerImage

Image URL for Swift proxy service

string

true

SwiftRingSpecCore

SwiftRingSpec defines the desired state of SwiftRing

Field Description Scheme Required

ringReplicas

Number of Swift data replicas (=copies)

*int64

true

partPower

Partition power of the Swift rings

*int64

true

minPartHours

Minimum number of hours to restrict moving a partition more than once

*int64

true

tls

TLS - Parameters related to the TLS

tls.Ca

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

SwiftRingStatus

SwiftRingStatus defines the observed state of SwiftRing

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

SwiftStorage

SwiftStorage is the Schema for the swiftstorages API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

SwiftStorageSpec

false

status

SwiftStorageStatus

false

SwiftStorageList

SwiftStorageList contains a list of SwiftStorage

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]SwiftStorage

true

SwiftStorageSpec

SwiftStorageSpec defines the desired state of SwiftStorage

Field Description Scheme Required

containerImageAccount

Image URL for Swift account service

string

true

containerImageContainer

Image URL for Swift container service

string

true

containerImageObject

Image URL for Swift object service

string

true

containerImageProxy

Image URL for Swift proxy service

string

true

SwiftStorageSpecCore

SwiftStorageSpecCore -

Field Description Scheme Required

replicas

*int32

true

storageClass

Name of StorageClass to use for Swift PVs

string

true

storageRequest

Minimum size for Swift PVs

string

true

networkAttachments

NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network

[]string

false

memcachedInstance

Memcached instance name.

string

true

containerSharderEnabled

If the container sharder daemon is enabled.

bool

true

defaultConfigOverwrite

DefaultConfigOverwrite - can be used to add additionalfiles. Those get added to the service config dir in /etc/-conf.d

map[string]string

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

SwiftStorageStatus

SwiftStorageStatus defines the observed state of SwiftStorage

Field Description Scheme Required

readyCount

ReadyCount of SwiftStorage instances

int32

false

conditions

Conditions

condition.Conditions

false

networkAttachments

NetworkAttachments status of the deployment pods

map[string][]string

false

hash

Map of hashes to track e.g. job status

map[string]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

APIOverrideSpec

APIOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster. The key must be the endpoint type (public, internal)

map[service.Endpoint]service.RoutedOverrideSpec

false

Aodh

Aodh defines the aodh component spec

Field Description Scheme Required

apiImage

string

true

evaluatorImage

string

true

notifierImage

string

true

listenerImage

string

true

AodhCore

Aodh defines the aodh component spec

Field Description Scheme Required

apiTimeout

APITimeout for Route and Apache

int

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Aodh

string

false

databaseInstance

MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future

string

true

databaseAccount

DatabaseAccount - optional MariaDBAccount CR name used for aodh DB, defaults to aodh

string

true

passwordSelector

PasswordSelectors - Selectors to identify the service from the Secret

PasswordsSelector

false

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

secret

Secret containing OpenStack password information for aodh

string

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

networkAttachmentDefinitions

NetworkAttachmentDefinitions list of network attachment definitions the service pod gets attached to

[]string

false

override

Override, provides the ability to override the generated manifest of several child resources.

APIOverrideSpec

false

preserveJobs

PreserveJobs - do not delete jobs after they finished e.g. to check logs

bool

true

memcachedInstance

Memcached instance name.

string

true

tls

TLS - Parameters related to the TLS

tls.API

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

Autoscaling

Autoscaling is the Schema for the autoscalings API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

AutoscalingSpec

false

status

AutoscalingStatus

false

AutoscalingList

AutoscalingList contains a list of Autoscaling

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Autoscaling

true

AutoscalingSpec

AutoscalingSpec defines the desired state of Autoscaling

Field Description Scheme Required

aodh

Aodh spec

Aodh

false

AutoscalingSpecBase

AutoscalingSpecBase -

Field Description Scheme Required

prometheusHost

Host of user deployed prometheus

string

false

prometheusPort

Port of user deployed prometheus

int32

false

prometheusTLSCaCertSecret

If defined, specifies which CA certificate to use for user deployed prometheus

*corev1.SecretKeySelector

false

heatInstance

Heat instance name.

string

true

AutoscalingSpecCore

AutoscalingSpecCore defines the desired state of Autoscaling (this version is used by the OpenStackControlplane no image parameters)

Field Description Scheme Required

aodh

Aodh spec

AodhCore

false

AutoscalingStatus

AutoscalingStatus defines the observed state of Autoscaling

Field Description Scheme Required

readyCount

ReadyCount of autoscaling instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

networks

Networks in addtion to the cluster network, the service is attached to

[]string

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

databaseHostname

DatabaseHostname - Hostname for the database

string

false

prometheusHostname

PrometheusHost - Hostname for prometheus used for autoscaling

string

false

prometheusPort

PrometheusPort - Port for prometheus used for autoscaling

int32

false

prometheusTLS

PrometheusTLS - Determines if TLS should be used for accessing prometheus

bool

false

apiEndpoint

API endpoint

map[string]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

Ceilometer

Ceilometer is the Schema for the ceilometers API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

CeilometerSpec

false

status

CeilometerStatus

false

ksmStatus

KSMStatus

false

CeilometerList

CeilometerList contains a list of Ceilometer

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Ceilometer

true

CeilometerSpec

CeilometerSpec defines the desired state of Ceilometer

Field Description Scheme Required

centralImage

string

true

notificationImage

string

true

sgCoreImage

string

true

computeImage

string

true

ipmiImage

string

true

proxyImage

string

true

ksmImage

string

true

CeilometerSpecCore

CeilometerSpecCore defines the desired state of Ceilometer. This version is used by the OpenStackControlplane (no image parameters)

Field Description Scheme Required

apiTimeout

APITimeout for Apache

int

true

rabbitMqClusterName

RabbitMQ instance name Needed to request a transportURL that is created and used in Telemetry

string

false

passwordSelector

PasswordSelectors - Selectors to identify the service from the Secret

PasswordsSelector

false

serviceUser

ServiceUser - optional username used for this service to register in keystone

string

true

secret

Secret containing OpenStack password information for ceilometer

string

true

customServiceConfig

CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file.

string

false

defaultConfigOverwrite

ConfigOverwrite - interface to overwrite default config files like e.g. logging.conf or policy.json. But can also be used to add additional files. Those get added to the service config dir in /etc/.

map[string]string

false

networkAttachmentDefinitions

NetworkAttachmentDefinitions list of network attachment definitions the service pod gets attached to

[]string

false

tls

TLS - Parameters related to the TLS

tls.SimpleService

false

ksmTls

KSMTLS - Parameters related to the TLS for kube-state-metrics

tls.SimpleService

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

CeilometerStatus

CeilometerStatus defines the observed state of Ceilometer

Field Description Scheme Required

readyCount

ReadyCount of ceilometer instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

transportURLSecret

TransportURLSecret - Secret containing RabbitMQ transportURL

string

false

networks

Networks in addtion to the cluster network, the service is attached to

[]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

KSMStatus

KSMStatus defines the observed state of kube-state-metrics

Field Description Scheme Required

readyCount

ReadyCount of ksm instances

int32

false

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

Logging

Logging is the Schema for the loggings API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

LoggingSpec

false

status

LoggingStatus

false

LoggingList

LoggingList contains a list of Logging

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Logging

true

LoggingSpec

LoggingSpec defines the desired state of Logging

Field Description Scheme Required

port

Port is the port where the service will listen on

int32

true

targetPort

TargetPort is the port where the logging syslog receiver is listening

int

true

cloNamespace

CLONamespace points to the namespace where the cluster-logging-operator is deployed

string

true

annotations

Annotations is a way to configure certain LoadBalancers, like MetalLB

map[string]string

true

rsyslogRetries

The number of retries rsyslog will attempt before abandoning

int32

true

rsyslogQueueType

The type of the local queue of logs

string

true

rsyslogQueueSize

The size of the local queue of logs

int32

true

LoggingStatus

LoggingStatus defines the observed state of Logging

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

MetricStorage

MetricStorage is the Schema for the metricstorages API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

MetricStorageSpec

false

status

MetricStorageStatus

false

MetricStorageList

MetricStorageList contains a list of MetricStorage

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]MetricStorage

true

MetricStorageSpec

MetricStorageSpec defines the desired state of MetricStorage

Field Description Scheme Required

dashboardsEnabled

DashboardsEnabled allows to enable or disable dashboards and related artifacts

bool

true

dataplaneNetwork

DataplaneNetwork defines the network that will be used to scrape dataplane node_exporter endpoints

*infranetworkv1.NetNameStr

true

monitoringStack

MonitoringStack allows to define a metric storage with options supported by Red Hat

*MonitoringStack

false

customMonitoringStack

CustomMonitoringStack allows to deploy a custom monitoring stack when the options in "MonitoringStack" aren’t enough

*obov1.MonitoringStackSpec

false

prometheusTls

TLS - Parameters related to the TLS

tls.SimpleService

false

MetricStorageStatus

MetricStorageStatus defines the observed state of MetricStorage

Field Description Scheme Required

conditions

condition.Conditions

false

prometheusTLSPatched

bool

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

MonitoringStack

MonitoringStack defines the options for a Red Hat supported metric storage

Field Description Scheme Required

alertingEnabled

AlertingEnabled allows to enable or disable alertmanager

bool

true

scrapeInterval

ScrapeInterval sets the interval between scrapes

string

true

storage

Storage allows to define options for how to store metrics

Storage

true

PersistentStorage

PersistentStorage defines storage options used for persistent storage

Field Description Scheme Required

pvcStorageRequest

PvcStorageRequest The amount of storage to request in PVC

string

true

pvcStorageSelector

PvcStorageSelector The Label selector to specify in PVCs

metav1.LabelSelector

false

pvcStorageClass

PvcStorageClass The storage class to use for storing metrics

string

false

Storage

Storage defines the options used for storage of metrics

Field Description Scheme Required

strategy

Strategy to use for storage. Can be "persistent", "ephemeral" or empty, in which case a COO default is used

string

true

retention

Retention time for metrics

string

true

persistent

Used to specify the options of persistent storage when strategy = "persistent"

*PersistentStorage

false

AutoscalingSection

AutoscalingSection defines the desired state of the autoscaling service

Field Description Scheme Required

enabled

Enabled - Whether OpenStack autoscaling service should be deployed and managed

*bool

true

AutoscalingSectionCore

AutoscalingSectionCore defines the desired state of the autoscaling service

Field Description Scheme Required

enabled

Enabled - Whether OpenStack autoscaling service should be deployed and managed

*bool

true

CeilometerSection

CeilometerSection defines the desired state of the ceilometer service

Field Description Scheme Required

enabled

Enabled - Whether OpenStack Ceilometer service should be deployed and managed

*bool

true

CeilometerSectionCore

CeilometerSectionCore defines the desired state of the ceilometer service

Field Description Scheme Required

enabled

Enabled - Whether OpenStack Ceilometer service should be deployed and managed

*bool

true

LoggingSection

LoggingSection defines the desired state of the logging service

Field Description Scheme Required

enabled

Enabled - Whether OpenStack logging service should be deployed and managed

*bool

true

MetricStorageSection

MetricStorageSection defines the desired state of the MetricStorage

Field Description Scheme Required

enabled

Enabled - Whether a MetricStorage should be deployed and managed

*bool

true

PasswordsSelector

PasswordsSelector to identify the Service password from the Secret

Field Description Scheme Required

ceilometerService

CeilometerService - Selector to get the ceilometer service password from the Secret

string

true

aodhService

AodhService - Selector to get the aodh service password from the Secret

string

true

Telemetry

Telemetry is the Schema for the telemetry API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

TelemetrySpec

false

status

TelemetryStatus

false

TelemetryList

TelemetryList contains a list of Telemetry

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Telemetry

true

TelemetrySpec

TelemetrySpec defines the desired state of Telemetry

Field Description Scheme Required

autoscaling

Autoscaling - Parameters related to the autoscaling service

AutoscalingSection

false

ceilometer

Ceilometer - Parameters related to the ceilometer service

CeilometerSection

false

TelemetrySpecBase

TelemetrySpecBase -

Field Description Scheme Required

metricStorage

MetricStorage - Parameters related to the metricStorage

MetricStorageSection

false

logging

Logging - Parameters related to the logging

LoggingSection

false

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

TelemetrySpecCore

TelemetrySpecCore defines the desired state of Telemetry. This version has no image parameters and is used by OpenStackControlplane

Field Description Scheme Required

autoscaling

Autoscaling - Parameters related to the autoscaling service

AutoscalingSectionCore

false

ceilometer

Ceilometer - Parameters related to the ceilometer service

CeilometerSectionCore

false

TelemetryStatus

TelemetryStatus defines the observed state of Telemetry

Field Description Scheme Required

hash

Map of hashes to track e.g. job status

map[string]string

false

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

Memcached

Memcached is the Schema for the memcacheds API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

MemcachedSpec

false

status

MemcachedStatus

false

MemcachedList

MemcachedList contains a list of Memcached

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Memcached

true

MemcachedSpec

MemcachedSpec defines the desired state of Memcached

Field Description Scheme Required

containerImage

Name of the memcached container image to run (will be set to environmental default if empty)

string

true

MemcachedSpecCore

MemcachedSpecCore - this version is used by the OpenStackControlplane CR (no container images)

Field Description Scheme Required

replicas

Size of the memcached cluster

*int32

true

nodeSelector

NodeSelector to target subset of worker nodes running this service

*map[string]string

false

tls

TLS settings for memcached service

tls.SimpleService

false

MemcachedStatus

MemcachedStatus defines the observed state of Memcached

Field Description Scheme Required

hash

Map of hashes to track input changes

map[string]string

false

readyCount

ReadyCount of Memcached instances

int32

false

conditions

Conditions

condition.Conditions

false

serverList

ServerList - List of memcached endpoints without inet(6) prefix

[]string

false

serverListWithInet

ServerListWithInet - List of memcached endpoints with inet(6) prefix

[]string

false

tlsSupport

Whether TLS is supported by the memcached instance

bool

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DNSData

DNSData is the Schema for the dnsdata API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DNSDataSpec

false

status

DNSDataStatus

false

DNSDataList

DNSDataList contains a list of DNSData

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DNSData

true

DNSDataSpec

DNSDataSpec defines the desired state of DNSData

Field Description Scheme Required

hosts

[]DNSHost

false

dnsDataLabelSelectorValue

Value of the DNSDataLabelSelector to set on the created configmaps containing hosts information

string

true

DNSDataStatus

DNSDataStatus defines the observed state of DNSData

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

hash

Map of the dns data configmap

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

DNSHost

DNSHost holds the mapping between IP and hostnames that will be added to dnsmasq hosts file.

Field Description Scheme Required

ip

IP address of the host file entry.

string

true

hostnames

Hostnames for the IP address.

[]string

true

DNSMasq

DNSMasq is the Schema for the dnsmasqs API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

DNSMasqSpec

false

status

DNSMasqStatus

false

DNSMasqList

DNSMasqList contains a list of DNSMasq

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]DNSMasq

true

DNSMasqOption

DNSMasqOption defines allowed options for dnsmasq

Field Description Scheme Required

key

string

true

values

[]string

true

DNSMasqOverrideSpec

DNSMasqOverrideSpec to override the generated manifest of several child resources.

Field Description Scheme Required

service

Override configuration for the Service created to serve traffic to the cluster.

*service.OverrideSpec

false

DNSMasqSpec

DNSMasqSpec defines the desired state of DNSMasq

Field Description Scheme Required

containerImage

DNSMasq Container Image URL

string

true

DNSMasqSpecCore

DNSMasqSpecCore - this version is used by the OpenStackControlplane CR (no container images)

Field Description Scheme Required

replicas

Replicas - DNSMasq Replicas

*int32

true

options

Options allows to customize the dnsmasq instance

[]DNSMasqOption

false

nodeSelector

NodeSelector to target subset of worker nodes running this service. Setting NodeSelector here acts as a default value and can be overridden by service specific NodeSelector Settings.

*map[string]string

false

dnsDataLabelSelectorValue

Value of the DNSDataLabelSelectorKey which was set on the configmaps containing hosts information

string

true

override

Override, provides the ability to override the generated manifest of several child resources.

DNSMasqOverrideSpec

false

DNSMasqStatus

DNSMasqStatus defines the observed state of DNSMasq

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

hash

Map of hashes to track e.g. job status

map[string]string

false

readyCount

ReadyCount of dnsmasq deployment

int32

false

dnsAddresses

DNSServer Addresses

[]string

false

dnsClusterAddresses

DNSServer Cluster Addresses

[]string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

IPSet

IPSet is the Schema for the ipsets API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

IPSetSpec

false

status

IPSetStatus

false

IPSetList

IPSetList contains a list of IPSet

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]IPSet

true

IPSetNetwork

IPSetNetwork Type

Field Description Scheme Required

name

Network Name

NetNameStr

true

subnetName

Subnet Name

NetNameStr

true

fixedIP

Fixed Ip

*string

false

defaultRoute

Use gateway from subnet as default route. There can only be one default route defined per IPSet.

*bool

false

IPSetReservation

IPSetReservation defines reservation status per requested network

Field Description Scheme Required

network

Network name

NetNameStr

true

subnet

Subnet name

NetNameStr

true

address

Address contains the IP address

string

true

mtu

MTU of the network

int

false

cidr

Cidr the cidr to use for this network

string

false

vlan

Vlan ID

*int

false

gateway

Gateway optional gateway for the network

*string

false

routes

Routes, list of networks that should be routed via network gateway.

[]Route

false

dnsDomain

DNSDomain of the subnet

string

true

serviceNetwork

ServiceNetwork mapping

ServiceNetNameStr

true

IPSetSpec

IPSetSpec defines the desired state of IPSet

Field Description Scheme Required

immutable

Immutable, if true the validation webhook will block any update to the Spec, except of Spec.Immutable. This allows the caller to add safety mechanism to the object. If a change is required to the object, an extra update needs to be done to make updates possible.

bool

true

networks

Networks used to request IPs for

[]IPSetNetwork

true

IPSetStatus

IPSetStatus defines the observed state of IPSet

Field Description Scheme Required

reservations

Reservation

[]IPSetReservation

false

conditions

Conditions

condition.Conditions

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false

AllocationRange

AllocationRange definition

Field Description Scheme Required

start

Start IP for the AllocationRange

string

true

end

End IP for the AllocationRange

string

true

NetConfig

NetConfig is the Schema for the netconfigs API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

NetConfigSpec

false

status

NetConfigStatus

false

NetConfigList

NetConfigList contains a list of NetConfig

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]NetConfig

true

NetConfigSpec

NetConfigSpec defines the desired state of NetConfig

Field Description Scheme Required

networks

Networks, list of all networks of the deployment

[]Network

true

Network

Network definition

Field Description Scheme Required

name

Name of the network, e.g. External, InternalApi, …​

NetNameStr

true

dnsDomain

DNSDomain name of the Network

string

true

mtu

MTU of the network

int

true

subnets

Subnets of the network

[]Subnet

true

serviceNetwork

Service network mapping

ServiceNetNameStr

false

Route

Route definition

Field Description Scheme Required

destination

Destination, network CIDR

string

true

nexthop

Nexthop, gateway for the destination

string

true

Subnet

Subnet definition

Field Description Scheme Required

name

Name of the subnet

NetNameStr

true

cidr

Cidr the cidr to use for this network

string

true

dnsDomain

DNSDomain name of the subnet, allows to overwrite the DNSDomain of the Network

*string

false

vlan

Vlan ID

*int

false

allocationRanges

AllocationRanges a list of AllocationRange for assignment. Allocation will start from first range, first address.

[]AllocationRange

true

excludeAddresses

ExcludeAddresses a set of IPs that should be excluded from used as reservation, for both dynamic and static via IPSet FixedIP parameter

[]string

false

gateway

Gateway optional gateway for the network

*string

false

routes

Routes, list of networks that should be routed via network gateway.

[]Route

false

IPAddress

IPAddress -

Field Description Scheme Required

network

Network name

NetNameStr

true

subnet

Subnet name

NetNameStr

true

address

Address contains the IP address

string

true

Reservation

Reservation is the Schema for the reservations API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

ReservationSpec

false

status

ReservationStatus

false

ReservationList

ReservationList contains a list of Reservation

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]Reservation

true

ReservationSpec

ReservationSpec defines the desired state of Reservation

Field Description Scheme Required

ipSetRef

IPSetRef points to the IPSet object the IPs were created for.

corev1.ObjectReference

true

reservation

Reservation, map (index network name) with reservation

map[string]IPAddress

true

TransportURL

TransportURL is the Schema for the transporturls API

Field Description Scheme Required

metadata

metav1.ObjectMeta

false

spec

TransportURLSpec

false

status

TransportURLStatus

false

TransportURLList

TransportURLList contains a list of TransportURL

Field Description Scheme Required

metadata

metav1.ListMeta

false

items

[]TransportURL

true

TransportURLSpec

TransportURLSpec defines the desired state of TransportURL

Field Description Scheme Required

rabbitmqClusterName

RabbitmqClusterName the name of the Rabbitmq cluster which to configure the transport URL

string

true

TransportURLStatus

TransportURLStatus defines the observed state of TransportURL

Field Description Scheme Required

conditions

Conditions

condition.Conditions

false

secretName

SecretName - name of the secret containing the rabbitmq transport URL

string

false

observedGeneration

ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the opentack-operator in the top-level CR (e.g. the ContainerImage)

int64

false