The name of the CassandraDatacenter to back up

The type of the backup: "full" or "differential"

The name of the CassandraDatacenter to back up

The type of the backup: "full" or "differential"

BackupSpec defines the MedusaBackup to be created for this job

CronSchedule is a cronjob format schedule for backups. Overrides any easier methods of defining the schedule

Specifics if this backup task can be run concurrently with other active backup tasks. Valid values are: - "Allow": allows multiple Tasks to run concurrently on Cassandra cluster - "Forbid" (default): only a single task is executed at once The "Allow" property is only valid if all the other active Tasks have "Allow" as well.

Disabled if set ensures this job is not scheduling anything

Specifies the type of operation to be performed

The name of the CassandraDatacenter to back up

The type of the backup: "full" or "differential"

LastExecution tells when the backup was last time taken. If empty, the backup has never been taken

NextSchedule indicates when the next backup is going to be done

StorageProperties defines the storage backend settings to use for the backups.

AWS Profile to use for authentication.

Age after which orphan sstables can be deleted from the storage backend. Protects from race conditions between purge and ongoing backups. Defaults to 10 days.

The name of the bucket to use for the backups.

Number of concurrent uploads. Helps maximizing the speed of uploads but puts more pressure on the network. Defaults to 0.

Type of credentials to use for authentication. Can be "role-based", "credential-based" or empty.

Host to connect to for the storage backend.

Maximum backup age that the purge process should observe.

Maximum number of backups to keep (used by the purge process). Default is unlimited.

File size over which cloud specific cli tools are used for transfer. Defaults to 100 MB.

Pod storage settings for the local storage provider

Port to connect to for the storage backend.

Name of the top level folder in the backup bucket. If empty, the cluster name will be used.

Region of the storage bucket. Defaults to "default".

Whether to use SSL for the storage backend.

When using SSL, whether to also verify the certificate.

The storage backend to use for the backups.

Kubernetes Secret that stores the key file for the storage provider’s API. If using 'local' storage, this value is ignored.

Max upload bandwidth in MB/s. Defaults to 50 MB/s.

Pod local storage access modes

Size of the pod’s storage in bytes. Defaults to 10 GB.

Storage class name to use for the pod’s storage.

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

message is a human readable message indicating details about the transition. This may be an empty string.

reason contains a programmatic identifier indicating the reason for the condition’s last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.

status of the condition, one of True, False, Unknown.

type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)

observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

The name of the MedusaBackup to restore.

Name of the Cassandra datacenter to perform the restore on.

A unique key that identifies the restore operation.

Message gives the reason why restore operation failed

Mapping between source and target nodes for a restore

Mapping between source and target nodes for a restore

Whether the restore is in-place or not

Defines the username and password that Medusa will use to authenticate CQL connections to Cassandra clusters. These credentials will be automatically turned into CQL roles by cass-operator when bootstrapping the datacenter, then passed to the Medusa instances, so that it can authenticate against nodes in the datacenter using CQL. The secret must be in the same namespace as Cassandra and must contain two keys: "username" and "password".

MedusaContainerImage is the image characteristics to use for Medusa containers. Leave nil to use a default image.

SecurityContext applied to the Medusa containers.

Provides all storage backend related properties for backups.

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

PullPolicy describes a policy for if/when to pull a container image

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled.

Whether this container has a read-only root filesystem. Default is false.

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options.

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

Added capabilities

Removed capabilities

Level is SELinux level label that applies to the container.

Role is a SELinux role label that applies to the container.

Type is a SELinux type label that applies to the container.

User is a SELinux user label that applies to the container.

type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must only be set if type is "Localhost".

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

GMSACredentialSpecName is the name of the GMSA credential spec to use.

HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

AWS Profile to use for authentication.

Age after which orphan sstables can be deleted from the storage backend. Protects from race conditions between purge and ongoing backups. Defaults to 10 days.

The name of the bucket to use for the backups.

Number of concurrent uploads. Helps maximizing the speed of uploads but puts more pressure on the network. Defaults to 1.

Host to connect to for the storage backend.

Maximum backup age that the purge process should observe.

Maximum number of backups to keep (used by the purge process). Default is unlimited.

File size over which cloud specific cli tools are used for transfer. Defaults to 100 MB.

Port to connect to for the storage backend.

Name of the top level folder in the backup bucket. If empty, the cluster name will be used.

Region of the storage bucket. Defaults to "default".

Whether to use SSL for the storage backend.

The storage backend to use for the backups.

Kubernetes Secret that stores the key file for the storage provider’s API. If using 'local' storage, this value is ignored.

Max upload bandwidth in MB/s. Defaults to 50 MB/s.

The name of the CassandraDatacenter to run the task on

Name of the backup. Will be necessary for operations such as verify or status.

Requested operation to perform.

Restore key to use for the prepare_restore operation.

Number of backups that were purged. Only populated for purge tasks.

Number of objects/files that were purged. Only populated for purge tasks.

Name of the pod that ran the task. Always populated.

Number of objects that couldn’t be deleted due to Medusa GC grace. Only populated for purge tasks.

Total size of purged files. Only populated for purge tasks.