Mission Control Custom Resource Definition (CRD)

missioncontrol.datastax.com/v1alpha1

Resource Types:

CqlConnectivity

CqlConnectivity describes how a datacenter of a MissionControlCluster is exposed to the outside of the Kubernetes cluster.

Name Type Description Required

apiVersion

string

missioncontrol.datastax.com.v1alpha1

true

kind

string

CqlConnectivity

true

metadata

object

Refer to the Kubernetes API documentation for the fields of the metadata field.

true

spec

object

false

status

object

false

CqlConnectivity.spec

Name Type Description Required

cassandraDatacenterRef

object

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

true

loadBalancers

object

CqlLoadBalancers exposes the datacenter via one or more LoadBalancer services.

false

CqlConnectivity.spec.cassandraDatacenterRef

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

CqlConnectivity.spec.loadBalancers

CqlLoadBalancers exposes the datacenter via one or more LoadBalancer services.

Name Type Description Required

size

integer

The number of services to create. This must be at least 1.

true

nativePort

integer

The port where the CQL native protocol is exposed on the service(s).

  • Default: 9042

false

podConfig

object

Common configuration for all LoadBalancer pods. This can be overridden by individual instances.

false

podConfigs

[]object

Additional configuration for each LoadBalancer pod. This is optional, the list can have fewer elements than the size, or contain empty objects for pods that don’t need specific configuration. If it is larger than the size, the extra elements will be ignored.

false

serviceConfig

object

Common configuration for all LoadBalancer services. This can be overridden by individual instances.

false

serviceConfigs

[]object

Additional configuration for each LoadBalancer service. This is optional, the list can have fewer elements than the size, or contain empty objects for services that don’t need specific configuration. If it is larger than the size, the extra elements will be ignored.

false

CqlConnectivity.spec.loadBalancers.podConfig

Common configuration for all LoadBalancer pods. This can be overridden by individual instances.

Name Type Description Required

affinity

object

Affinity is a group of affinity scheduling rules.

false

containerSecurityContext

object

SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.

false

podSecurityContext

object

PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.

false

resources

object

ResourceRequirements describes the compute resource requirements.

false

tolerations

[]object

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity

Affinity is a group of affinity scheduling rules.

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfig.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfig.containerSecurityContext

SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

CqlConnectivity.spec.loadBalancers.podConfig.containerSecurityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

CqlConnectivity.spec.loadBalancers.podConfig.containerSecurityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

CqlConnectivity.spec.loadBalancers.podConfig.containerSecurityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

CqlConnectivity.spec.loadBalancers.podConfig.containerSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

CqlConnectivity.spec.loadBalancers.podConfig.podSecurityContext

PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

CqlConnectivity.spec.loadBalancers.podConfig.podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

CqlConnectivity.spec.loadBalancers.podConfig.podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

CqlConnectivity.spec.loadBalancers.podConfig.podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

CqlConnectivity.spec.loadBalancers.podConfig.podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

CqlConnectivity.spec.loadBalancers.podConfig.resources

ResourceRequirements describes the compute resource requirements.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

CqlConnectivity.spec.loadBalancers.podConfig.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

CqlConnectivity.spec.loadBalancers.podConfig.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index]

CqlLoadBalancerPod controls settings for the cql-router pod that backs a LoadBalancer service.

Name Type Description Required

affinity

object

Affinity is a group of affinity scheduling rules.

false

containerSecurityContext

object

SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.

false

podSecurityContext

object

PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.

false

resources

object

ResourceRequirements describes the compute resource requirements.

false

tolerations

[]object

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity

Affinity is a group of affinity scheduling rules.

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].containerSecurityContext

SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].containerSecurityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].containerSecurityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].containerSecurityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].containerSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].podSecurityContext

PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

CqlConnectivity.spec.loadBalancers.podConfigs[index].podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].resources

ResourceRequirements describes the compute resource requirements.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

CqlConnectivity.spec.loadBalancers.podConfigs[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

CqlConnectivity.spec.loadBalancers.podConfigs[index].tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

CqlConnectivity.spec.loadBalancers.serviceConfig

Common configuration for all LoadBalancer services. This can be overridden by individual instances.

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

CqlConnectivity.spec.loadBalancers.serviceConfigs[index]

CqlLoadBalancerService describes an individual LoadBalancer service. Note: we don’t provide a dedicated field to specify the service IP, since the corresponding field in the Kubernetes API is deprecated. If you want to set the IP, use provider-specific annotations instead.

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

CqlConnectivity.status

Name Type Description Required

conditions

[]object

false

loadBalancerIps

[]string

If the strategy is "LoadBalancers", the IPs of the LoadBalancer services.

false

size

integer

If the strategy is "LoadBalancers", the current number of services that have been created.

false

strategy

string

The strategy that is currently being used.

false

CqlConnectivity.status.conditions[index]

Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example,

type FooStatus struct{
    // Represents the observations of a foo's current state.
    // Known .status.conditions.type are: "Available", "Progressing", and "Degraded"
    // +patchMergeKey=type
    // +patchStrategy=merge
    // +listType=map
    // +listMapKey=type
    Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
    // other fields
}
Name Type Description Required

lastTransitionTime

string

lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

  • Format: date-time

true

message

string

message is a human readable message indicating details about the transition. This may be an empty string.

true

reason

string

reason contains a programmatic identifier indicating the reason for the condition’s last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.

true

status

enum

status of the condition, one of True, False, Unknown.

  • Enum: True, False, Unknown

true

type

string

type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)

true

observedGeneration

integer

observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

  • Format: int64

  • Minimum: 0

false

DataApi

Name Type Description Required

apiVersion

string

missioncontrol.datastax.com.v1alpha1

true

kind

string

DataApi

true

metadata

object

Refer to the Kubernetes API documentation for the fields of the metadata field.

true

spec

object

DataApiSpec defines the desired state of DataApi

false

status

object

false

DataApi.spec

DataApiSpec defines the desired state of DataApi

Name Type Description Required

affinity

object

Affinity for the data api deployment

false

cassandraDatacenterRef

object

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

false

containerImage

object

Image coordinates for the data api container

false

containerSecurityContext

object

Security context settings for the data api container

false

driverConfig

string

Data Api Driver Config content

false

env

[]object

Environment variables to set in the data api container

false

podSecurityContext

object

Security context settings for the data api pod

false

replicas

integer

  • Format: int32

false

resources

object

Resource requirements for the data api container

false

serviceAccount

string

Service account to use for the data api deployment

false

services

object

false

tolerations

[]object

Tolerations for the data api deployment

false

DataApi.spec.affinity

Affinity for the data api deployment

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

DataApi.spec.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

DataApi.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

DataApi.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

DataApi.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

DataApi.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

DataApi.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

DataApi.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

DataApi.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

DataApi.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

DataApi.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.spec.cassandraDatacenterRef

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

DataApi.spec.containerImage

Image coordinates for the data api container

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

DataApi.spec.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

DataApi.spec.containerSecurityContext

Security context settings for the data api container

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

DataApi.spec.containerSecurityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

DataApi.spec.containerSecurityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

DataApi.spec.containerSecurityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

DataApi.spec.containerSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

DataApi.spec.env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

DataApi.spec.env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

DataApi.spec.env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

DataApi.spec.env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

DataApi.spec.env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

DataApi.spec.env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

DataApi.spec.podSecurityContext

Security context settings for the data api pod

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

DataApi.spec.podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

DataApi.spec.podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

DataApi.spec.podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

DataApi.spec.podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

DataApi.spec.resources

Resource requirements for the data api container

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

DataApi.spec.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

DataApi.spec.services

Name Type Description Required

clusterIP

object

false

nodePort

object

false

DataApi.spec.services.clusterIP

Name Type Description Required

port

integer

false

DataApi.spec.services.nodePort

Name Type Description Required

port

integer

false

DataApi.spec.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

DataApi.status

Name Type Description Required

conditions

[]object

false

error

string

Error is a human-readable message indicating an error condition

false

observedGeneration

integer

ObservedGeneration is the last observed generation of the DataApi by the owner operator

  • Format: int64

false

DataApi.status.conditions[index]

Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example,

type FooStatus struct{
    // Represents the observations of a foo's current state.
    // Known .status.conditions.type are: "Available", "Progressing", and "Degraded"
    // +patchMergeKey=type
    // +patchStrategy=merge
    // +listType=map
    // +listMapKey=type
    Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
    // other fields
}
Name Type Description Required

lastTransitionTime

string

lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

  • Format: date-time

true

message

string

message is a human readable message indicating details about the transition. This may be an empty string.

true

reason

string

reason contains a programmatic identifier indicating the reason for the condition’s last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.

true

status

enum

status of the condition, one of True, False, Unknown.

  • Enum: True, False, Unknown

true

type

string

type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)

true

observedGeneration

integer

observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

  • Format: int64

  • Minimum: 0

false

missioncontrol.datastax.com/v1beta2

Resource Types:

DataApi

Name Type Description Required

apiVersion

string

missioncontrol.datastax.com.v1beta2

true

kind

string

DataApi

true

metadata

object

Refer to the Kubernetes API documentation for the fields of the metadata field.

true

affinity

object

Affinity for the data api deployment

false

containerImage

object

Image coordinates for the data api container

false

containerSecurityContext

object

Security context settings for the data api container

false

driverConfig

string

Data Api Driver Config content

false

enabled

boolean

Enable the data api deployment for each DC

false

env

[]object

Environment variables to set in the data api container

false

podSecurityContext

object

Security context settings for the data api pod

false

port

integer

Data API port

  • Format: int32

  • Default: 8181

false

replicas

integer

Number of replicas for the data api deployment

  • Format: int32

false

resources

object

Resource requirements for the data api container

false

serviceAccount

string

Service account to use for the data api deployment

false

tolerations

[]object

Tolerations for the data api deployment

false

DataApi.affinity

Affinity for the data api deployment

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

DataApi.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

DataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

DataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

DataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

DataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

DataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

DataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

DataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

DataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

DataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

DataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

DataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

DataApi.containerImage

Image coordinates for the data api container

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

DataApi.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

DataApi.containerSecurityContext

Security context settings for the data api container

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

DataApi.containerSecurityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

DataApi.containerSecurityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

DataApi.containerSecurityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

DataApi.containerSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

DataApi.env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

DataApi.env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

DataApi.env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

DataApi.env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

DataApi.env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

DataApi.env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

DataApi.podSecurityContext

Security context settings for the data api pod

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

DataApi.podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

DataApi.podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

DataApi.podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

DataApi.podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

DataApi.resources

Resource requirements for the data api container

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

DataApi.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

DataApi.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster

MissionControlCluster is the Schema for the missioncontrolclusters API

Name Type Description Required

apiVersion

string

missioncontrol.datastax.com.v1beta2

true

kind

string

MissionControlCluster

true

metadata

object

Refer to the Kubernetes API documentation for the fields of the metadata field.

true

spec

object

MissionControlClusterSpec defines the desired state of MissionControlCluster.

false

status

object

MissionControlClusterStatus defines the observed state of MissionControlCluster.

false

MissionControlCluster.spec

MissionControlClusterSpec defines the desired state of MissionControlCluster.

Name Type Description Required

k8ssandra

object

Spec for the K8ssandraCluster that will be created as part of this MissionControlCluster.

true

createIssuer

boolean

When true, create a self signed issuer to sign all downstream certificates. If false, a custom issuerRef may be specified in the encryption.internodeEncyption.certs.certTemplate.issuerRef field.

  • Default: true

false

dataApi

object

Settings for enabling and configuring the Data API

false

encryption

object

  • Default: map[internodeEncryption:map[certs:map[createCerts:true] enabled:true]]

false

MissionControlCluster.spec.k8ssandra

Spec for the K8ssandraCluster that will be created as part of this MissionControlCluster.

Name Type Description Required

auth

boolean

Whether to enable authentication in this cluster. The default is true; it is highly recommended to always leave authentication turned on. When enabled, authentication will be enforced not only on Cassandra nodes, but also on Reaper, Medusa and Stargate nodes, if any.

  • Default: true

false

cassandra

object

Cassandra is a specification of the Cassandra cluster. This includes everything from the number of datacenters, the k8s cluster where each DC should be deployed, node affinity (via racks), individual C* node settings, JVM settings, and more.

false

externalDatacenters

[]string

During a migration the operator should alter keyspaces replication settings including the following external DCs. This avoids removing replicas from datacenters which are outside of the operator scope (not referenced in the CR). Replication settings changes will only apply to system_* keyspaces as well as reaper_db and data_endpoint_auth (Stargate).

false

medusa

object

Medusa defines the desired deployment characteristics for Medusa in this K8ssandraCluster. If this is non-nil, Medusa will be deployed in every Cassandra pod in this K8ssandraCluster.

false

reaper

object

Reaper defines the desired deployment characteristics for Reaper in this K8ssandraCluster. If this is non-nil, Reaper might be deployed on every Cassandra datacenter in this K8ssandraCluster, unless there is a Control Plane Reaper present. In that case, the K8ssandraCluster will get registered to it.

false

secretsProvider

enum

SecretsProvider defines whether the secrets used for credentials and certs will be backed by an external secret backend (e.g. vault). This moves the responsibility of generating and storing secrets from the operators to the user and will rely on a mutating webhook to inject the secrets into the necessary resources

  • Enum: internal, external

  • Default: internal

false

stargate

object

Stargate defines the desired deployment characteristics for Stargate in this K8ssandraCluster. If this is non-nil, Stargate will be deployed on every Cassandra datacenter in this K8ssandraCluster.

false

MissionControlCluster.spec.k8ssandra.cassandra

Cassandra is a specification of the Cassandra cluster. This includes everything from the number of datacenters, the k8s cluster where each DC should be deployed, node affinity (via racks), individual C* node settings, JVM settings, and more.

Name Type Description Required

additionalSeeds

[]string

AdditionalSeeds specifies Cassandra node IPs for an existing datacenter. This is primarily intended for migrations from an existing Cassandra cluster that is not managed by k8ssandra-operator. Note that this property should NOT be used to set seeds for a DC that is or will be managed by k8ssandra-operator. k8ssandra-operator already manages seeds for DCs that it manages. If you have DNS set up such that you can resolve hostnames for the remote Cassandra cluster, then you can specify hostnames here; otherwise, use IP addresses.

false

cdc

object

CDC defines the desired state for CDC integrations. It can be used to feed mutation events from Cassandra into an Apache Pulsar cluster, from where they can be expored to external systems.

false

clientEncryptionStores

object

Client encryption stores which are used by Cassandra and Reaper.

false

clusterName

string

Override the Cassandra cluster name. If unspecified, the cluster name will be the same as the K8ssandraCluster CRD name.

false

config

object

CassandraConfig contains configuration settings that are applied to cassandra.yaml, dse.yaml and the various jvm*.options files.

false

containers

[]object

Containers defines containers to be deployed in each Cassandra pod. K8ssandra-operator and cass-operator will create their own containers, which can be referenced here to override specific settings, such as mounts or resources request/limits for example. Example: containers: - name: server-system-logger - name: custom-container image: busybox - name: cassandra

false

datacenterName

string

DatacenterName allows to override the name of the Cassandra datacenter. Kubernetes objects will be named after a sanitized version of it if set, and if not metadata.name. In Cassandra the DC name will be overridden by this value. It may generate some confusion as objects created for the DC will have a different name than the CasandraDatacenter object itself. This setting can create conflicts if multiple DCs coexist in the same namespace if metadata.name for a DC with no override is set to the same value as the override name of another DC. Use cautiously.

false

datacenters

[]object

Datacenters a list of the DCs in the cluster.

false

dseWorkloads

object

false

extraVolumes

object

Volumes defines additional volumes to be added to each Cassandra pod. If the volume uses a PersistentVolumeClaim, the PVC will be managed by the statefulset.

false

initContainers

[]object

InitContainers defines init-containers to be deployed in each Cassandra pod. K8ssandra-operator and cass-operator will create their own init-containers, which can be referenced here to control ordering or override specific settings such as mounts or resources request/limits for example. Only the name of the k8ssandra-operator/cass-operator init-containers is required, not their full definition which will be created by the operators. Example: initContainers: - name: server-config-init - name: custom-init-container image: busybox - name: medusa-restore Otherwise init-containers referenced here will be injected in first position

false

jmxInitContainerImage

object

Deprecated: JMX security is now based on CQL roles. We don’t need an init container to configure JMX authentication anymore. The value of this field will be ignored.

false

managementApiAuth

object

ManagementApiAuth defines the authentication settings for the management API in the Cassandra pods.

false

metadata

object

Struct to hold labels and annotations for the top-level Cassandra cluster definition.

false

mgmtAPIHeap

int or string

MgmtAPIHeap defines the amount of memory devoted to the management api heap.

false

networking

object

Networking enables host networking and configures a NodePort ports.

false

perNodeConfigInitContainerImage

string

The image to use in each Cassandra pod for the (short-lived) init container that merges global and perNodeConfig configuration. This is only useful when PerNodeConfigMapRef is set. The default is "mikefarah/yq:4".

  • Default: mikefarah/yq:4

false

podSecurityContext

object

PodSecurityContext defines the security context for the Cassandra pods.

false

racks

[]object

Racks is a list of named racks. Note that racks are used to create node affinity. //

false

readOnlyRootFilesystem

boolean

ReadOnlyRootFilesystem makes the cassandra container to be run with a read-only root filesystem. Currently only functional when used with the new k8ssandra-client config builder (Cassandra 4.1 and newer and HCD)

false

resources

object

Resources is the cpu and memory resources for the cassandra container.

false

serverEncryptionStores

object

Internode encryption stores which are used by Cassandra and Stargate.

false

serverImage

string

ServerImage is the image for the cassandra container. Note that this should be a management-api image. If left empty the operator will choose a default image based on ServerVersion.

false

serverType

enum

Server type: "cassandra" or "dse".

  • Enum: cassandra, dse, hcd

  • Default: cassandra

false

serverVersion

string

ServerVersion is the Cassandra or DSE version. The following versions are supported: - Cassandra: 3.11.X, 4.X.X and 5.X.X - DSE: 6.8.X, 7.x.x - HCD: 1.0.x

false

serviceAccount

string

The k8s service account to use for the Cassandra pods

false

softPodAntiAffinity

boolean

SoftPodAntiAffinity sets whether multiple Cassandra instances can be scheduled on the same node. This should normally be false to ensure cluster resilience but may be set true for test/dev scenarios to minimise the number of nodes required.

false

storageConfig

object

StorageConfig is the persistent storage requirements for each Cassandra pod. This includes everything under /var/lib/cassandra, namely the commit log and data directories.

false

superuserSecretRef

object

The reference to the superuser secret to use for Cassandra. If unspecified, a default secret will be generated with a random password; the generated secret name will be "<cluster_name>-superuser" where <cluster_name> is the K8ssandraCluster CRD name.

false

telemetry

object

Telemetry defines the desired state for telemetry resources in this datacenter. If telemetry configurations are defined, telemetry resources will be deployed to integrate with a user-provided monitoring solution (at present, only support for Prometheus is available).

false

tolerations

[]object

Tolerations applied to every Cassandra pod.

false

MissionControlCluster.spec.k8ssandra.cassandra.cdc

CDC defines the desired state for CDC integrations. It can be used to feed mutation events from Cassandra into an Apache Pulsar cluster, from where they can be expored to external systems.

Name Type Description Required

pulsarServiceUrl

string

true

cdcConcurrentProcessors

integer

false

cdcPollIntervalM

integer

false

cdcWorkingDir

string

false

errorCommitLogReprocessEnabled

boolean

false

pulsarAuthParams

string

false

pulsarAuthPluginClassName

string

false

pulsarBatchDelayInMs

integer

false

pulsarKeyBasedBatcher

boolean

false

pulsarMaxPendingMessages

integer

false

pulsarMaxPendingMessagesAcrossPartitions

integer

false

sslAllowInsecureConnection

string

false

sslCipherSuites

string

false

sslEnabledProtocols

string

false

sslHostnameVerificationEnable

string

false

sslKeystorePassword

string

false

sslKeystorePath

string

false

sslProvider

string

false

sslTruststorePassword

string

false

sslTruststorePath

string

false

sslTruststoreType

string

false

topicPrefix

string

false

MissionControlCluster.spec.k8ssandra.cassandra.clientEncryptionStores

Client encryption stores which are used by Cassandra and Reaper.

Name Type Description Required

keystoreSecretRef

object

ref to the secret that contains the keystore and optionally its password (which can also be specified through the keystorePasswordSecretRef field) if keys are not specified, "keystore" entry and a "keystore-password" entry will be used

true

truststoreSecretRef

object

ref to the secret that contains the truststore and optionally its password (which can also be specified through the truststorePasswordSecretRef field) if keys are not specified explicitly, "keystore" entry and a "keystore-password" entry will be used

true

keystorePasswordSecretRef

object

ref to the secret that contains the keystore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "keystore-password" entry will be used

false

truststorePasswordSecretRef

object

ref to the secret that contains the truststore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "truststore-password" entry will be used

false

MissionControlCluster.spec.k8ssandra.cassandra.clientEncryptionStores.keystoreSecretRef

ref to the secret that contains the keystore and optionally its password (which can also be specified through the keystorePasswordSecretRef field) if keys are not specified, "keystore" entry and a "keystore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.clientEncryptionStores.truststoreSecretRef

ref to the secret that contains the truststore and optionally its password (which can also be specified through the truststorePasswordSecretRef field) if keys are not specified explicitly, "keystore" entry and a "keystore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.clientEncryptionStores.keystorePasswordSecretRef

ref to the secret that contains the keystore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "keystore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.clientEncryptionStores.truststorePasswordSecretRef

ref to the secret that contains the truststore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "truststore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.config

CassandraConfig contains configuration settings that are applied to cassandra.yaml, dse.yaml and the various jvm*.options files.

Name Type Description Required

cassandraYaml

object

false

dseYaml

object

false

jvmOptions

object

false

MissionControlCluster.spec.k8ssandra.cassandra.config.jvmOptions

Name Type Description Required

additionalJvm11ServerOptions

[]string

Jvm11ServerOptions are additional options that will be passed on to the jvm11-server-options file.

false

additionalJvm8ServerOptions

[]string

Jvm8ServerOptions are additional options that will be passed on to the jvm8-server-options file.

false

additionalJvmServerOptions

[]string

JvmServerOptions are additional options that will be passed on to the jvm-server-options file.

false

additionalOptions

[]string

Additional, arbitrary JVM options which are written into the cassandra-env.sh file.

false

cassandra_available_processors

integer

Available CPU processors. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.available_processors.

false

cassandra_disable_auth_caches_remote_configuration

boolean

Disable remote configuration via JMX of auth caches. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.disable_auth_caches_remote_configuration.

false

cassandra_expiration_date_overflow_policy

string

Defines how to handle INSERT requests with TTL exceeding the maximum supported expiration date. Possible values include REJECT, CAP, CAP_NOWARN. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.expiration_date_overflow_policy.

false

cassandra_force_3_0_protocol_version

boolean

Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -Dcassandra.force_3_0_protocol_version=true.

false

cassandra_force_default_indexing_page_size

boolean

Disable dynamic calculation of the page size used when indexing an entire partition (during initial index build/rebuild). Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.force_default_indexing_page_size.

false

cassandra_max_hint_ttl_seconds

integer

Imposes an upper bound on hint lifetime below the normal min gc_grace_seconds. Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.maxHintTTL.

false

cassandra_metrics_reporter_config_file

string

Enable pluggable metrics reporter. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.metricsReporterConfigFile. TODO mountable directory

false

cassandra_ring_delay_ms

integer

Amount of time in milliseconds that a node waits before joining the ring. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.ring_delay_ms.

false

cassandra_triggers_directory

string

Default location for the trigger JARs. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.triggers_dir. TODO mountable directory

false

cassandra_write_survey

boolean

For testing new compaction and compression strategies. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.write_survey.

false

debug_disable_contended_annotations

boolean

Disable honoring user code @Contended annotations. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:-RestrictContended.

false

debug_enable_flight_recorder

boolean

Enable Flight Recorder (Use in production is subject to Oracle licensing). Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+FlightRecorder.

false

debug_listen_remote_debuggers

boolean

Listen for JVM remote debuggers on port 1414. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=1414".

false

debug_log_compilation

boolean

Make Cassandra JVM log internal method compilation (developers only). Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+LogCompilation.

false

debug_non_safepoints

boolean

Whether the compiler should generate the necessary metadata for the parts of the code not at safe points as well. For use with Flight Recorder. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+DebugNonSafepoints.

false

debug_preserve_frame_pointer

boolean

Preserve Frame Pointer. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+PreserveFramePointer.

false

debug_unlock_commercial_features

boolean

Unlock commercial features. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UnlockCommercialFeatures.

false

debug_unlock_diagnostic_vm_options

boolean

Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UnlockDiagnosticVMOptions.

false

gc

enum

The name of the garbage collector to use. Depending on the Cassandra version, not all values are supported: Cassandra 3.11 supports only G1GC and CMS; Cassandra 4.0 supports G1GC, ZGC, Shenandoah and Graal. This option will unlock the corresponding garbage collector with a default configuration; to further tune the GC settings, use the additional JVM options field. Use the special value Custom if you intend to use non-standard garbage collectors. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options.

  • Enum: G1GC, CMS, ZGC, Shenandoah, Graal, Custom

  • Default: G1GC

false

gc_cms_heap_size_young_generation

int or string

Disabled by default. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -Xmn.

false

gc_cms_initiating_occupancy_fraction

integer

Defaults to 75. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:CMSInitiatingOccupancyFraction.

  • Minimum: 0

  • Maximum: 100

false

gc_cms_max_tenuring_threshold

integer

Defaults to 1. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:MaxTenuringThreshold.

false

gc_cms_survivor_ratio

integer

Defaults to 8. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:SurvivorRatio.

false

gc_cms_wait_duration_ms

integer

Defaults to 10000. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:CMSWaitDuration.

false

gc_g1_conc_threads

integer

Concurrent GC Threads. Can only be used when G1 garbage collector is used. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:ConcGCThreads.

false

gc_g1_initiating_heap_occupancy_percent

integer

Initiating Heap Occupancy Percentage. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:InitiatingHeapOccupancyPercent.

  • Minimum: 0

  • Maximum: 100

false

gc_g1_max_gc_pause_ms

integer

G1GC Max GC Pause in milliseconds. Defaults to 500. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:MaxGCPauseMillis.

false

gc_g1_parallel_threads

integer

Parallel GC Threads. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:ParallelGCThreads.

false

gc_g1_rset_updating_pause_time_percent

integer

G1GC Updating Pause Time Percentage. Defaults to 5. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:G1RSetUpdatingPauseTimePercent.

  • Minimum: 0

  • Maximum: 100

false

gc_print_application_stopped_time

boolean

Print GC Application Stopped Time. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintGCApplicationStoppedTime.

false

gc_print_date_stamps

boolean

Print GC Date Stamps. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintGCDateStamps.

false

gc_print_details

boolean

Print GC details. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintGCDetails.

false

gc_print_flss_statistics

boolean

Print FLSS Statistics. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:PrintFLSStatistics=1.

false

gc_print_heap

boolean

Print Heap at GC. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintHeapAtGC.

false

gc_print_log_file_size

int or string

Size of each log file. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:GCLogFileSize.

false

gc_print_number_of_log_files

integer

Number of GC log files. Disabled by default. Can only be used when the G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:NumberOfGCLogFiles.

false

gc_print_promotion_failure

boolean

Print promotion failure. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintPromotionFailure.

false

gc_print_tenuring_distribution

boolean

Print tenuring distribution. Defaults to false. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintTenuringDistribution.

false

gc_print_use_log_file

boolean

Whether to print GC logs to /var/log/cassandra/gc.log. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -Xloggc:/var/log/cassandra/gc.log.

false

gc_print_use_log_file_rotation

boolean

Use GC Log File Rotation. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+UseGCLogFileRotation.

false

heapNewGenSize

int or string

Deprecated. Use gc_cms_heap_size_young_generation instead. Valid for CMS garbage collector only + Cassandra 3.11.

false

heapSize

int or string

Deprecated. Use heap_initial_size and heap_max_size instead. If this field is defined, it applies to both max_heap_size and initial_heap_size.

false

heap_initial_size

int or string

Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Xms.

false

heap_max_size

int or string

Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Xmx.

false

jdk_allow_attach_self

boolean

Allow the current VM to attach to itself. Defaults to true. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -Djdk.attach.allowAttachSelf=true.

false

jmx_connection_type

string

Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Possible values for 3.11 include local-no-auth, remote-no-auth, and remote-dse-unified-auth. Defaults to local-no-auth. Possible values for 4.0 include local-no-auth, remote-no-auth. Defaults to local-no-auth.

false

jmx_port

integer

Disabled by default. Defaults to 7199. TODO Make Reaper aware of the JMX port if a non-default port is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options.

false

jmx_remote_ssl

boolean

Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Defaults to false. Valid only when JmxConnectionType is "remote-no-auth", "remote-dse-unified-auth".

false

jmx_remote_ssl_opts

string

Remote SSL options. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options.

false

jmx_remote_ssl_require_client_auth

boolean

Require Client Authentication for remote SSL? Defaults to false. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options.

false

netty_eventloop_maxpendingtasks

integer

Defaults to 65536. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dio.netty.eventLoop.maxPendingTasks.

false

netty_try_reflection_set_accessible

boolean

Netty setting io.netty.tryReflectionSetAccessible. Defaults to true. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -Dio.netty.tryReflectionSetAccessible=true.

false

nio_align_direct_memory

boolean

Align direct memory allocations on page boundaries. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dsun.nio.PageAlignDirectMemory=true.

false

nio_maxcachedbuffersize

int or string

Defaults to 1048576. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Djdk.nio.maxCachedBufferSize.

false

vm_always_pre_touch

boolean

Ensure all memory is faulted and zeroed on startup. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+AlwaysPreTouch.

false

vm_crash_on_out_of_memory_error

boolean

Disabled by default. Requires exit_on_out_of_memory_error to be disabled.. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+CrashOnOutOfMemoryError.

false

vm_disable_biased_locking

boolean

Disable biased locking to avoid biased lock revocation pauses. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:-UseBiasedLocking. Note: the Cass Config Builder option is named use_biased_locking, but setting it to true disables biased locking.

false

vm_disable_perf_shared_mem

boolean

Disable hsperfdata mmap’ed file. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+PerfDisableSharedMem.

false

vm_enable_assertions

boolean

Enable assertions. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -ea.

false

vm_enable_non_root_thread_priority

boolean

Enable lowering thread priority without being root on linux. See CASSANDRA-1181 for details. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:ThreadPriorityPolicy=42.

false

vm_enable_thread_priorities

boolean

Enable thread priorities. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UseThreadPriorities.

false

vm_exit_on_out_of_memory_error

boolean

Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+ExitOnOutOfMemoryError.

false

vm_guaranteed_safepoint_interval_ms

integer

Defaults to 300000 milliseconds. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:GuaranteedSafepointInterval.

false

vm_heap_dump_on_out_of_memory_error

boolean

Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+HeapDumpOnOutOfMemoryError.

false

vm_per_thread_stack_size

int or string

Per-thread stack size. Defaults to 256Ki. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Xss.

false

vm_prefer_ipv4

boolean

Prefer binding to IPv4 network interfaces. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Djava.net.preferIPv4Stack=true.

false

vm_print_heap_histogram_on_out_of_memory_error

boolean

Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.printHeapHistogramOnOutOfMemoryError.

false

vm_resize_tlab

boolean

Allow resizing of thread-local allocation blocks. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+ResizeTLAB.

false

vm_string_table_size

int or string

The size of interned string table. Larger sizes are beneficial to gossip. Defaults to 1000003. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:StringTableSize.

false

vm_use_numa

boolean

Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UseNUMA.

false

vm_use_tlab

boolean

Enable thread-local allocation blocks. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UseTLAB.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index]

A single application container that you want to run within a pod.

Name Type Description Required

name

string

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

true

args

[]string

Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

command

[]string

Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

env

[]object

List of environment variables to set in the container. Cannot be updated.

false

envFrom

[]object

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

false

image

string

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

false

imagePullPolicy

string

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

false

lifecycle

object

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

false

livenessProbe

object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

ports

[]object

List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.

false

readinessProbe

object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

resizePolicy

[]object

Resources resize policy for the container.

false

resources

object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

restartPolicy

string

RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod’s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.

false

securityContext

object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

false

startupProbe

object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

stdin

boolean

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

false

stdinOnce

boolean

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

false

terminationMessagePath

string

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

false

terminationMessagePolicy

string

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

false

tty

boolean

Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.

false

volumeDevices

[]object

volumeDevices is the list of block devices to be used by the container.

false

volumeMounts

[]object

Pod volumes to mount into the container’s filesystem. Cannot be updated.

false

workingDir

string

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].envFrom[index]

EnvFromSource represents the source of a set of ConfigMaps

Name Type Description Required

configMapRef

object

The ConfigMap to select from

false

prefix

string

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

false

secretRef

object

The Secret to select from

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].envFrom[index].configMapRef

The ConfigMap to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].envFrom[index].secretRef

The Secret to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

Name Type Description Required

postStart

object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

preStop

object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.postStart

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.postStart.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.postStart.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.postStart.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.postStart.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.postStart.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.preStop

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.preStop.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.preStop.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.preStop.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.preStop.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].lifecycle.preStop.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].livenessProbe

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].ports[index]

ContainerPort represents a network port in a single container.

Name Type Description Required

containerPort

integer

Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

  • Format: int32

true

hostIP

string

What host IP to bind the external port to.

false

hostPort

integer

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

  • Format: int32

false

name

string

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

false

protocol

string

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

  • Default: TCP

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].readinessProbe

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].resizePolicy[index]

ContainerResizePolicy represents resource resize policy for the container.

Name Type Description Required

resourceName

string

Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.

true

restartPolicy

string

Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].resources

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].securityContext

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].securityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].securityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].securityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].securityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].startupProbe

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].startupProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].startupProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].startupProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].startupProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].startupProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].volumeDevices[index]

volumeDevice describes a mapping of a raw block device within a container.

Name Type Description Required

devicePath

string

devicePath is the path inside of the container that the device will be mapped to.

true

name

string

name must match the name of a persistentVolumeClaim in the pod

true

MissionControlCluster.spec.k8ssandra.cassandra.containers[index].volumeMounts[index]

VolumeMount describes a mounting of a Volume within a container.

Name Type Description Required

mountPath

string

Path within the container at which the volume should be mounted. Must not contain ':'.

true

name

string

This must match the Name of a Volume.

true

mountPropagation

string

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.

false

readOnly

boolean

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.

false

subPath

string

Path within the volume from which the container’s volume should be mounted. Defaults to "" (volume’s root).

false

subPathExpr

string

Expanded path within the volume from which the container’s volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to "" (volume’s root). SubPathExpr and SubPath are mutually exclusive.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index]

Name Type Description Required

size

integer

Size is the number Cassandra pods to deploy in this datacenter. This number does not include Stargate instances.

  • Format: int32

  • Minimum: 1

true

cdc

object

CDC defines the desired state for CDC integrations. It can be used to feed mutation events from Cassandra into an Apache Pulsar cluster, from where they can be expored to external systems.

false

config

object

CassandraConfig contains configuration settings that are applied to cassandra.yaml, dse.yaml and the various jvm*.options files.

false

containers

[]object

Containers defines containers to be deployed in each Cassandra pod. K8ssandra-operator and cass-operator will create their own containers, which can be referenced here to override specific settings, such as mounts or resources request/limits for example. Example: containers: - name: server-system-logger - name: custom-container image: busybox - name: cassandra

false

datacenterName

string

DatacenterName allows to override the name of the Cassandra datacenter. Kubernetes objects will be named after a sanitized version of it if set, and if not metadata.name. In Cassandra the DC name will be overridden by this value. It may generate some confusion as objects created for the DC will have a different name than the CasandraDatacenter object itself. This setting can create conflicts if multiple DCs coexist in the same namespace if metadata.name for a DC with no override is set to the same value as the override name of another DC. Use cautiously.

false

dseWorkloads

object

false

extraVolumes

object

Volumes defines additional volumes to be added to each Cassandra pod. If the volume uses a PersistentVolumeClaim, the PVC will be managed by the statefulset.

false

initContainers

[]object

InitContainers defines init-containers to be deployed in each Cassandra pod. K8ssandra-operator and cass-operator will create their own init-containers, which can be referenced here to control ordering or override specific settings such as mounts or resources request/limits for example. Only the name of the k8ssandra-operator/cass-operator init-containers is required, not their full definition which will be created by the operators. Example: initContainers: - name: server-config-init - name: custom-init-container image: busybox - name: medusa-restore Otherwise init-containers referenced here will be injected in first position

false

jmxInitContainerImage

object

Deprecated: JMX security is now based on CQL roles. We don’t need an init container to configure JMX authentication anymore. The value of this field will be ignored.

false

k8sContext

string

false

managementApiAuth

object

ManagementApiAuth defines the authentication settings for the management API in the Cassandra pods.

false

metadata

object

false

mgmtAPIHeap

int or string

MgmtAPIHeap defines the amount of memory devoted to the management api heap.

false

networking

object

Networking enables host networking and configures a NodePort ports.

false

perNodeConfigInitContainerImage

string

The image to use in each Cassandra pod for the (short-lived) init container that merges global and perNodeConfig configuration. This is only useful when PerNodeConfigMapRef is set. The default is "mikefarah/yq:4".

  • Default: mikefarah/yq:4

false

perNodeConfigMapRef

object

PerNodeConfigMapRef is a reference to a ConfigMap that contains per-node configuration for this DC. The ConfigMap is expected to have entries in the following form: <pod-name>_<file-name>.yaml, where <pod-name> is the name of the pod and <file-name> is the name of a configuration file (typically, cassandra.yaml). The value of the entry is expected to be a YAML fragment that contains the per-node configuration for each pod. When the pod is started, the per-node ConfigMap is mounted and the contents of each entry corresponding to the pod are merged into their respective configuration files.

false

podSecurityContext

object

PodSecurityContext defines the security context for the Cassandra pods.

false

racks

[]object

Racks is a list of named racks. Note that racks are used to create node affinity. //

false

readOnlyRootFilesystem

boolean

ReadOnlyRootFilesystem makes the cassandra container to be run with a read-only root filesystem. Currently only functional when used with the new k8ssandra-client config builder (Cassandra 4.1 and newer and HCD)

false

resources

object

Resources is the cpu and memory resources for the cassandra container.

false

serverImage

string

ServerImage is the image for the cassandra container. Note that this should be a management-api image. If left empty the operator will choose a default image based on ServerVersion.

false

serverVersion

string

ServerVersion is the Cassandra or DSE version. The following versions are supported: - Cassandra: 3.11.X, 4.X.X and 5.X.X - DSE: 6.8.X, 7.x.x - HCD: 1.0.x

false

serviceAccount

string

The k8s service account to use for the Cassandra pods

false

softPodAntiAffinity

boolean

SoftPodAntiAffinity sets whether multiple Cassandra instances can be scheduled on the same node. This should normally be false to ensure cluster resilience but may be set true for test/dev scenarios to minimise the number of nodes required.

false

stargate

object

Stargate defines the desired deployment characteristics for Stargate in this datacenter. Leave nil to skip deploying Stargate in this datacenter.

false

stopped

boolean

Stopped means that the datacenter will be stopped. Use this for maintenance or for cost saving. A stopped CassandraDatacenter will have no running server pods, like using "stop" with traditional System V init scripts. Other Kubernetes resources will be left intact, and volumes will re-attach when the CassandraDatacenter workload is resumed.

  • Default: false

false

storageConfig

object

StorageConfig is the persistent storage requirements for each Cassandra pod. This includes everything under /var/lib/cassandra, namely the commit log and data directories.

false

telemetry

object

Telemetry defines the desired state for telemetry resources in this datacenter. If telemetry configurations are defined, telemetry resources will be deployed to integrate with a user-provided monitoring solution (at present, only support for Prometheus is available).

false

tolerations

[]object

Tolerations applied to every Cassandra pod.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].cdc

CDC defines the desired state for CDC integrations. It can be used to feed mutation events from Cassandra into an Apache Pulsar cluster, from where they can be expored to external systems.

Name Type Description Required

pulsarServiceUrl

string

true

cdcConcurrentProcessors

integer

false

cdcPollIntervalM

integer

false

cdcWorkingDir

string

false

errorCommitLogReprocessEnabled

boolean

false

pulsarAuthParams

string

false

pulsarAuthPluginClassName

string

false

pulsarBatchDelayInMs

integer

false

pulsarKeyBasedBatcher

boolean

false

pulsarMaxPendingMessages

integer

false

pulsarMaxPendingMessagesAcrossPartitions

integer

false

sslAllowInsecureConnection

string

false

sslCipherSuites

string

false

sslEnabledProtocols

string

false

sslHostnameVerificationEnable

string

false

sslKeystorePassword

string

false

sslKeystorePath

string

false

sslProvider

string

false

sslTruststorePassword

string

false

sslTruststorePath

string

false

sslTruststoreType

string

false

topicPrefix

string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].config

CassandraConfig contains configuration settings that are applied to cassandra.yaml, dse.yaml and the various jvm*.options files.

Name Type Description Required

cassandraYaml

object

false

dseYaml

object

false

jvmOptions

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].config.jvmOptions

Name Type Description Required

additionalJvm11ServerOptions

[]string

Jvm11ServerOptions are additional options that will be passed on to the jvm11-server-options file.

false

additionalJvm8ServerOptions

[]string

Jvm8ServerOptions are additional options that will be passed on to the jvm8-server-options file.

false

additionalJvmServerOptions

[]string

JvmServerOptions are additional options that will be passed on to the jvm-server-options file.

false

additionalOptions

[]string

Additional, arbitrary JVM options which are written into the cassandra-env.sh file.

false

cassandra_available_processors

integer

Available CPU processors. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.available_processors.

false

cassandra_disable_auth_caches_remote_configuration

boolean

Disable remote configuration via JMX of auth caches. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.disable_auth_caches_remote_configuration.

false

cassandra_expiration_date_overflow_policy

string

Defines how to handle INSERT requests with TTL exceeding the maximum supported expiration date. Possible values include REJECT, CAP, CAP_NOWARN. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.expiration_date_overflow_policy.

false

cassandra_force_3_0_protocol_version

boolean

Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -Dcassandra.force_3_0_protocol_version=true.

false

cassandra_force_default_indexing_page_size

boolean

Disable dynamic calculation of the page size used when indexing an entire partition (during initial index build/rebuild). Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.force_default_indexing_page_size.

false

cassandra_max_hint_ttl_seconds

integer

Imposes an upper bound on hint lifetime below the normal min gc_grace_seconds. Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.maxHintTTL.

false

cassandra_metrics_reporter_config_file

string

Enable pluggable metrics reporter. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.metricsReporterConfigFile. TODO mountable directory

false

cassandra_ring_delay_ms

integer

Amount of time in milliseconds that a node waits before joining the ring. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.ring_delay_ms.

false

cassandra_triggers_directory

string

Default location for the trigger JARs. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.triggers_dir. TODO mountable directory

false

cassandra_write_survey

boolean

For testing new compaction and compression strategies. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.write_survey.

false

debug_disable_contended_annotations

boolean

Disable honoring user code @Contended annotations. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:-RestrictContended.

false

debug_enable_flight_recorder

boolean

Enable Flight Recorder (Use in production is subject to Oracle licensing). Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+FlightRecorder.

false

debug_listen_remote_debuggers

boolean

Listen for JVM remote debuggers on port 1414. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=1414".

false

debug_log_compilation

boolean

Make Cassandra JVM log internal method compilation (developers only). Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+LogCompilation.

false

debug_non_safepoints

boolean

Whether the compiler should generate the necessary metadata for the parts of the code not at safe points as well. For use with Flight Recorder. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+DebugNonSafepoints.

false

debug_preserve_frame_pointer

boolean

Preserve Frame Pointer. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+PreserveFramePointer.

false

debug_unlock_commercial_features

boolean

Unlock commercial features. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UnlockCommercialFeatures.

false

debug_unlock_diagnostic_vm_options

boolean

Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UnlockDiagnosticVMOptions.

false

gc

enum

The name of the garbage collector to use. Depending on the Cassandra version, not all values are supported: Cassandra 3.11 supports only G1GC and CMS; Cassandra 4.0 supports G1GC, ZGC, Shenandoah and Graal. This option will unlock the corresponding garbage collector with a default configuration; to further tune the GC settings, use the additional JVM options field. Use the special value Custom if you intend to use non-standard garbage collectors. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options.

  • Enum: G1GC, CMS, ZGC, Shenandoah, Graal, Custom

  • Default: G1GC

false

gc_cms_heap_size_young_generation

int or string

Disabled by default. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -Xmn.

false

gc_cms_initiating_occupancy_fraction

integer

Defaults to 75. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:CMSInitiatingOccupancyFraction.

  • Minimum: 0

  • Maximum: 100

false

gc_cms_max_tenuring_threshold

integer

Defaults to 1. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:MaxTenuringThreshold.

false

gc_cms_survivor_ratio

integer

Defaults to 8. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:SurvivorRatio.

false

gc_cms_wait_duration_ms

integer

Defaults to 10000. Can only be used when CMS garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:CMSWaitDuration.

false

gc_g1_conc_threads

integer

Concurrent GC Threads. Can only be used when G1 garbage collector is used. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:ConcGCThreads.

false

gc_g1_initiating_heap_occupancy_percent

integer

Initiating Heap Occupancy Percentage. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:InitiatingHeapOccupancyPercent.

  • Minimum: 0

  • Maximum: 100

false

gc_g1_max_gc_pause_ms

integer

G1GC Max GC Pause in milliseconds. Defaults to 500. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:MaxGCPauseMillis.

false

gc_g1_parallel_threads

integer

Parallel GC Threads. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:ParallelGCThreads.

false

gc_g1_rset_updating_pause_time_percent

integer

G1GC Updating Pause Time Percentage. Defaults to 5. Can only be used when G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -XX:G1RSetUpdatingPauseTimePercent.

  • Minimum: 0

  • Maximum: 100

false

gc_print_application_stopped_time

boolean

Print GC Application Stopped Time. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintGCApplicationStoppedTime.

false

gc_print_date_stamps

boolean

Print GC Date Stamps. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintGCDateStamps.

false

gc_print_details

boolean

Print GC details. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintGCDetails.

false

gc_print_flss_statistics

boolean

Print FLSS Statistics. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:PrintFLSStatistics=1.

false

gc_print_heap

boolean

Print Heap at GC. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintHeapAtGC.

false

gc_print_log_file_size

int or string

Size of each log file. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:GCLogFileSize.

false

gc_print_number_of_log_files

integer

Number of GC log files. Disabled by default. Can only be used when the G1 garbage collector is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:NumberOfGCLogFiles.

false

gc_print_promotion_failure

boolean

Print promotion failure. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintPromotionFailure.

false

gc_print_tenuring_distribution

boolean

Print tenuring distribution. Defaults to false. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+PrintTenuringDistribution.

false

gc_print_use_log_file

boolean

Whether to print GC logs to /var/log/cassandra/gc.log. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -Xloggc:/var/log/cassandra/gc.log.

false

gc_print_use_log_file_rotation

boolean

Use GC Log File Rotation. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:+UseGCLogFileRotation.

false

heapNewGenSize

int or string

Deprecated. Use gc_cms_heap_size_young_generation instead. Valid for CMS garbage collector only + Cassandra 3.11.

false

heapSize

int or string

Deprecated. Use heap_initial_size and heap_max_size instead. If this field is defined, it applies to both max_heap_size and initial_heap_size.

false

heap_initial_size

int or string

Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Xms.

false

heap_max_size

int or string

Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Xmx.

false

jdk_allow_attach_self

boolean

Allow the current VM to attach to itself. Defaults to true. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -Djdk.attach.allowAttachSelf=true.

false

jmx_connection_type

string

Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Possible values for 3.11 include local-no-auth, remote-no-auth, and remote-dse-unified-auth. Defaults to local-no-auth. Possible values for 4.0 include local-no-auth, remote-no-auth. Defaults to local-no-auth.

false

jmx_port

integer

Disabled by default. Defaults to 7199. TODO Make Reaper aware of the JMX port if a non-default port is used. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options.

false

jmx_remote_ssl

boolean

Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Defaults to false. Valid only when JmxConnectionType is "remote-no-auth", "remote-dse-unified-auth".

false

jmx_remote_ssl_opts

string

Remote SSL options. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options.

false

jmx_remote_ssl_require_client_auth

boolean

Require Client Authentication for remote SSL? Defaults to false. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options.

false

netty_eventloop_maxpendingtasks

integer

Defaults to 65536. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dio.netty.eventLoop.maxPendingTasks.

false

netty_try_reflection_set_accessible

boolean

Netty setting io.netty.tryReflectionSetAccessible. Defaults to true. Cass Config Builder: supported for Cassandra 4.0 in jvm11-server.options. Corresponds to: -Dio.netty.tryReflectionSetAccessible=true.

false

nio_align_direct_memory

boolean

Align direct memory allocations on page boundaries. Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dsun.nio.PageAlignDirectMemory=true.

false

nio_maxcachedbuffersize

int or string

Defaults to 1048576. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Djdk.nio.maxCachedBufferSize.

false

vm_always_pre_touch

boolean

Ensure all memory is faulted and zeroed on startup. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+AlwaysPreTouch.

false

vm_crash_on_out_of_memory_error

boolean

Disabled by default. Requires exit_on_out_of_memory_error to be disabled.. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+CrashOnOutOfMemoryError.

false

vm_disable_biased_locking

boolean

Disable biased locking to avoid biased lock revocation pauses. Disabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:-UseBiasedLocking. Note: the Cass Config Builder option is named use_biased_locking, but setting it to true disables biased locking.

false

vm_disable_perf_shared_mem

boolean

Disable hsperfdata mmap’ed file. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+PerfDisableSharedMem.

false

vm_enable_assertions

boolean

Enable assertions. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -ea.

false

vm_enable_non_root_thread_priority

boolean

Enable lowering thread priority without being root on linux. See CASSANDRA-1181 for details. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Corresponds to: -XX:ThreadPriorityPolicy=42.

false

vm_enable_thread_priorities

boolean

Enable thread priorities. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UseThreadPriorities.

false

vm_exit_on_out_of_memory_error

boolean

Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+ExitOnOutOfMemoryError.

false

vm_guaranteed_safepoint_interval_ms

integer

Defaults to 300000 milliseconds. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:GuaranteedSafepointInterval.

false

vm_heap_dump_on_out_of_memory_error

boolean

Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+HeapDumpOnOutOfMemoryError.

false

vm_per_thread_stack_size

int or string

Per-thread stack size. Defaults to 256Ki. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Xss.

false

vm_prefer_ipv4

boolean

Prefer binding to IPv4 network interfaces. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Djava.net.preferIPv4Stack=true.

false

vm_print_heap_histogram_on_out_of_memory_error

boolean

Disabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -Dcassandra.printHeapHistogramOnOutOfMemoryError.

false

vm_resize_tlab

boolean

Allow resizing of thread-local allocation blocks. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+ResizeTLAB.

false

vm_string_table_size

int or string

The size of interned string table. Larger sizes are beneficial to gossip. Defaults to 1000003. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:StringTableSize.

false

vm_use_numa

boolean

Enabled by default. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UseNUMA.

false

vm_use_tlab

boolean

Enable thread-local allocation blocks. Enabled by default. Cass Config Builder: supported for Cassandra 3.11 in jvm.options. Cass Config Builder: supported for Cassandra 4.0 in jvm-server.options. Corresponds to: -XX:+UseTLAB.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index]

A single application container that you want to run within a pod.

Name Type Description Required

name

string

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

true

args

[]string

Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

command

[]string

Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

env

[]object

List of environment variables to set in the container. Cannot be updated.

false

envFrom

[]object

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

false

image

string

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

false

imagePullPolicy

string

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

false

lifecycle

object

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

false

livenessProbe

object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

ports

[]object

List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.

false

readinessProbe

object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

resizePolicy

[]object

Resources resize policy for the container.

false

resources

object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

restartPolicy

string

RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod’s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.

false

securityContext

object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

false

startupProbe

object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

stdin

boolean

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

false

stdinOnce

boolean

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

false

terminationMessagePath

string

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

false

terminationMessagePolicy

string

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

false

tty

boolean

Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.

false

volumeDevices

[]object

volumeDevices is the list of block devices to be used by the container.

false

volumeMounts

[]object

Pod volumes to mount into the container’s filesystem. Cannot be updated.

false

workingDir

string

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].envFrom[index]

EnvFromSource represents the source of a set of ConfigMaps

Name Type Description Required

configMapRef

object

The ConfigMap to select from

false

prefix

string

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

false

secretRef

object

The Secret to select from

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].envFrom[index].configMapRef

The ConfigMap to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].envFrom[index].secretRef

The Secret to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

Name Type Description Required

postStart

object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

preStop

object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.postStart

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.postStart.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.postStart.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.postStart.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.postStart.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.postStart.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.preStop

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.preStop.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.preStop.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.preStop.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.preStop.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].lifecycle.preStop.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].livenessProbe

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].ports[index]

ContainerPort represents a network port in a single container.

Name Type Description Required

containerPort

integer

Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

  • Format: int32

true

hostIP

string

What host IP to bind the external port to.

false

hostPort

integer

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

  • Format: int32

false

name

string

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

false

protocol

string

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

  • Default: TCP

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].readinessProbe

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].resizePolicy[index]

ContainerResizePolicy represents resource resize policy for the container.

Name Type Description Required

resourceName

string

Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.

true

restartPolicy

string

Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].resources

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].securityContext

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].securityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].securityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].securityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].securityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].startupProbe

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].startupProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].startupProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].startupProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].startupProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].startupProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].volumeDevices[index]

volumeDevice describes a mapping of a raw block device within a container.

Name Type Description Required

devicePath

string

devicePath is the path inside of the container that the device will be mapped to.

true

name

string

name must match the name of a persistentVolumeClaim in the pod

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].containers[index].volumeMounts[index]

VolumeMount describes a mounting of a Volume within a container.

Name Type Description Required

mountPath

string

Path within the container at which the volume should be mounted. Must not contain ':'.

true

name

string

This must match the Name of a Volume.

true

mountPropagation

string

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.

false

readOnly

boolean

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.

false

subPath

string

Path within the volume from which the container’s volume should be mounted. Defaults to "" (volume’s root).

false

subPathExpr

string

Expanded path within the volume from which the container’s volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to "" (volume’s root). SubPathExpr and SubPath are mutually exclusive.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].dseWorkloads

Name Type Description Required

analyticsEnabled

boolean

false

graphEnabled

boolean

false

searchEnabled

boolean

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes

Volumes defines additional volumes to be added to each Cassandra pod. If the volume uses a PersistentVolumeClaim, the PVC will be managed by the statefulset.

Name Type Description Required

pvcs

[]object

PVCs defines additional volumes to be added to each Cassandra pod and managed by the statefulset. Such volumes are automatically mounted by cass-operator into the cassandra containers.

false

volumes

[]object

Volumes defines volumes to be added to each Cassandra pod.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index]

AdditionalVolumes defines additional storage configurations

Name Type Description Required

mountPath

string

Mount path into cassandra container

true

name

string

Name of the pvc / volume

true

pvcSpec

object

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

false

volumeSource

object

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].pvcSpec

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].pvcSpec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].pvcSpec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].pvcSpec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].pvcSpec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].pvcSpec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

Name Type Description Required

awsElasticBlockStore

object

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

azureDisk

object

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

false

azureFile

object

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

false

cephfs

object

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

false

cinder

object

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

configMap

object

configMap represents a configMap that should populate this volume

false

csi

object

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

false

downwardAPI

object

downwardAPI represents downward API about the pod that should populate this volume

false

emptyDir

object

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

ephemeral

object

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

false

fc

object

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

false

flexVolume

object

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

false

flocker

object

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

false

gcePersistentDisk

object

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

gitRepo

object

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

false

glusterfs

object

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

false

hostPath

object

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

false

iscsi

object

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

false

nfs

object

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

persistentVolumeClaim

object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

false

photonPersistentDisk

object

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

false

portworxVolume

object

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

false

projected

object

projected items for all in one resources secrets, configmaps, and downward API

false

quobyte

object

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

false

rbd

object

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

false

scaleIO

object

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

false

secret

object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

storageos

object

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

false

vsphereVolume

object

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.awsElasticBlockStore

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

Name Type Description Required

volumeID

string

volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).

  • Format: int32

false

readOnly

boolean

readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.azureDisk

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

Name Type Description Required

diskName

string

diskName is the Name of the data disk in the blob storage

true

diskURI

string

diskURI is the URI of data disk in the blob storage

true

cachingMode

string

cachingMode is the Host Caching mode: None, Read Only, Read Write.

false

fsType

string

fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

kind

string

kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.azureFile

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

Name Type Description Required

secretName

string

secretName is the name of secret that contains Azure Storage Account Name and Key

true

shareName

string

shareName is the azure share Name

true

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.cephfs

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

Name Type Description Required

monitors

[]string

monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

true

path

string

path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretFile

string

secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretRef

object

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

user

string

user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.cephfs.secretRef

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.cinder

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

Name Type Description Required

volumeID

string

volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

secretRef

object

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.cinder.secretRef

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.configMap

configMap represents a configMap that should populate this volume

Name Type Description Required

defaultMode

integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.csi

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

Name Type Description Required

driver

string

driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

true

fsType

string

fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

false

nodePublishSecretRef

object

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

false

readOnly

boolean

readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

false

volumeAttributes

map[string]string

volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.csi.nodePublishSecretRef

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.downwardAPI

downwardAPI represents downward API about the pod that should populate this volume

Name Type Description Required

defaultMode

integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

Items is a list of downward API volume file

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.emptyDir

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

Name Type Description Required

medium

string

medium represents what type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

sizeLimit

int or string

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

Name Type Description Required

volumeClaimTemplate

object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Name Type Description Required

spec

object

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

true

metadata

object

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.fc

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine

false

lun

integer

lun is Optional: FC target lun number

  • Format: int32

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

targetWWNs

[]string

targetWWNs is Optional: FC target worldwide names (WWNs)

false

wwids

[]string

wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.flexVolume

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

Name Type Description Required

driver

string

driver is the name of the driver to use for this volume.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

false

options

map[string]string

options is Optional: this field holds extra command options if any.

false

readOnly

boolean

readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.flexVolume.secretRef

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.flocker

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

Name Type Description Required

datasetName

string

datasetName is Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated

false

datasetUUID

string

datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.gcePersistentDisk

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

Name Type Description Required

pdName

string

pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

true

fsType

string

fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

  • Format: int32

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.gitRepo

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

Name Type Description Required

repository

string

repository is the URL

true

directory

string

directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

false

revision

string

revision is the commit hash for the specified revision.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.glusterfs

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

Name Type Description Required

endpoints

string

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

path

string

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

readOnly

boolean

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.hostPath

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

Name Type Description Required

path

string

path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

true

type

string

type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.iscsi

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

Name Type Description Required

iqn

string

iqn is the target iSCSI Qualified Name.

true

lun

integer

lun represents iSCSI Target Lun number.

  • Format: int32

true

targetPortal

string

targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

true

chapAuthDiscovery

boolean

chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

false

chapAuthSession

boolean

chapAuthSession defines whether support iSCSI Session CHAP authentication

false

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine

false

initiatorName

string

initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

false

iscsiInterface

string

iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

false

portals

[]string

portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

false

secretRef

object

secretRef is the CHAP Secret for iSCSI target and initiator authentication

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.iscsi.secretRef

secretRef is the CHAP Secret for iSCSI target and initiator authentication

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.nfs

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Name Type Description Required

path

string

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

server

string

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

readOnly

boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.persistentVolumeClaim

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Name Type Description Required

claimName

string

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

true

readOnly

boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.photonPersistentDisk

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

Name Type Description Required

pdID

string

pdID is the ID that identifies Photon Controller persistent disk

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.portworxVolume

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

Name Type Description Required

volumeID

string

volumeID uniquely identifies a Portworx volume

true

fsType

string

fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected

projected items for all in one resources secrets, configmaps, and downward API

Name Type Description Required

defaultMode

integer

defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

sources

[]object

sources is the list of volume projections

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index]

Projection that may be projected along with other supported volume types

Name Type Description Required

clusterTrustBundle

object

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

false

configMap

object

configMap information about the configMap data to project

false

downwardAPI

object

downwardAPI information about the downwardAPI data to project

false

secret

object

secret information about the secret data to project

false

serviceAccountToken

object

serviceAccountToken is information about the serviceAccountToken data to project

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].clusterTrustBundle

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

Name Type Description Required

path

string

Relative path from the volume root to write the bundle.

true

labelSelector

object

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

false

name

string

Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.

false

optional

boolean

If true, don’t block pod startup if the referenced ClusterTrustBundle(s) aren’t available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.

false

signerName

string

Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].configMap

configMap information about the configMap data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI

downwardAPI information about the downwardAPI data to project

Name Type Description Required

items

[]object

Items is a list of DownwardAPIVolume file

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].secret

secret information about the secret data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional field specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.projected.sources[index].serviceAccountToken

serviceAccountToken is information about the serviceAccountToken data to project

Name Type Description Required

path

string

path is the path relative to the mount point of the file to project the token into.

true

audience

string

audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

false

expirationSeconds

integer

expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

  • Format: int64

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.quobyte

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

Name Type Description Required

registry

string

registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

true

volume

string

volume is a string that references an already created Quobyte volume by name.

true

group

string

group to map volume access to Default is no group

false

readOnly

boolean

readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

false

tenant

string

tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

false

user

string

user to map volume access to Defaults to serivceaccount user

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.rbd

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

Name Type Description Required

image

string

image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

monitors

[]string

monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine

false

keyring

string

keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

pool

string

pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

secretRef

object

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

user

string

user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.rbd.secretRef

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.scaleIO

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

Name Type Description Required

gateway

string

gateway is the host address of the ScaleIO API Gateway.

true

secretRef

object

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

true

system

string

system is the name of the storage system as configured in ScaleIO.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

false

protectionDomain

string

protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

sslEnabled

boolean

sslEnabled Flag enable/disable SSL communication with Gateway, default false

false

storageMode

string

storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

false

storagePool

string

storagePool is the ScaleIO Storage Pool associated with the protection domain.

false

volumeName

string

volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.scaleIO.secretRef

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.secret

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Name Type Description Required

defaultMode

integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

optional

boolean

optional field specify whether the Secret or its keys must be defined

false

secretName

string

secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.storageos

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

false

volumeName

string

volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

false

volumeNamespace

string

volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod’s namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.storageos.secretRef

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.pvcs[index].volumeSource.vsphereVolume

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

Name Type Description Required

volumePath

string

volumePath is the path that identifies vSphere volume vmdk

true

fsType

string

fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

storagePolicyID

string

storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

false

storagePolicyName

string

storagePolicyName is the storage Policy Based Management (SPBM) profile name.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index]

Volume represents a named volume in a pod that may be accessed by any container in the pod.

Name Type Description Required

name

string

name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

true

awsElasticBlockStore

object

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

azureDisk

object

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

false

azureFile

object

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

false

cephfs

object

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

false

cinder

object

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

configMap

object

configMap represents a configMap that should populate this volume

false

csi

object

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

false

downwardAPI

object

downwardAPI represents downward API about the pod that should populate this volume

false

emptyDir

object

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

ephemeral

object

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

false

fc

object

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

false

flexVolume

object

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

false

flocker

object

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

false

gcePersistentDisk

object

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

gitRepo

object

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

false

glusterfs

object

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

false

hostPath

object

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

false

iscsi

object

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

false

nfs

object

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

persistentVolumeClaim

object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

false

photonPersistentDisk

object

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

false

portworxVolume

object

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

false

projected

object

projected items for all in one resources secrets, configmaps, and downward API

false

quobyte

object

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

false

rbd

object

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

false

scaleIO

object

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

false

secret

object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

storageos

object

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

false

vsphereVolume

object

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].awsElasticBlockStore

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

Name Type Description Required

volumeID

string

volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).

  • Format: int32

false

readOnly

boolean

readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].azureDisk

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

Name Type Description Required

diskName

string

diskName is the Name of the data disk in the blob storage

true

diskURI

string

diskURI is the URI of data disk in the blob storage

true

cachingMode

string

cachingMode is the Host Caching mode: None, Read Only, Read Write.

false

fsType

string

fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

kind

string

kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].azureFile

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

Name Type Description Required

secretName

string

secretName is the name of secret that contains Azure Storage Account Name and Key

true

shareName

string

shareName is the azure share Name

true

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].cephfs

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

Name Type Description Required

monitors

[]string

monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

true

path

string

path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretFile

string

secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretRef

object

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

user

string

user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].cephfs.secretRef

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].cinder

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

Name Type Description Required

volumeID

string

volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

secretRef

object

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].cinder.secretRef

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].configMap

configMap represents a configMap that should populate this volume

Name Type Description Required

defaultMode

integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].csi

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

Name Type Description Required

driver

string

driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

true

fsType

string

fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

false

nodePublishSecretRef

object

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

false

readOnly

boolean

readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

false

volumeAttributes

map[string]string

volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].csi.nodePublishSecretRef

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].downwardAPI

downwardAPI represents downward API about the pod that should populate this volume

Name Type Description Required

defaultMode

integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

Items is a list of downward API volume file

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].emptyDir

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

Name Type Description Required

medium

string

medium represents what type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

sizeLimit

int or string

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

Name Type Description Required

volumeClaimTemplate

object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Name Type Description Required

spec

object

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

true

metadata

object

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].fc

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine

false

lun

integer

lun is Optional: FC target lun number

  • Format: int32

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

targetWWNs

[]string

targetWWNs is Optional: FC target worldwide names (WWNs)

false

wwids

[]string

wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].flexVolume

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

Name Type Description Required

driver

string

driver is the name of the driver to use for this volume.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

false

options

map[string]string

options is Optional: this field holds extra command options if any.

false

readOnly

boolean

readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].flexVolume.secretRef

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].flocker

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

Name Type Description Required

datasetName

string

datasetName is Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated

false

datasetUUID

string

datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].gcePersistentDisk

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

Name Type Description Required

pdName

string

pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

true

fsType

string

fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

  • Format: int32

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].gitRepo

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

Name Type Description Required

repository

string

repository is the URL

true

directory

string

directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

false

revision

string

revision is the commit hash for the specified revision.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].glusterfs

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

Name Type Description Required

endpoints

string

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

path

string

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

readOnly

boolean

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].hostPath

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

Name Type Description Required

path

string

path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

true

type

string

type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].iscsi

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

Name Type Description Required

iqn

string

iqn is the target iSCSI Qualified Name.

true

lun

integer

lun represents iSCSI Target Lun number.

  • Format: int32

true

targetPortal

string

targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

true

chapAuthDiscovery

boolean

chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

false

chapAuthSession

boolean

chapAuthSession defines whether support iSCSI Session CHAP authentication

false

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine

false

initiatorName

string

initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

false

iscsiInterface

string

iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

false

portals

[]string

portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

false

secretRef

object

secretRef is the CHAP Secret for iSCSI target and initiator authentication

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].iscsi.secretRef

secretRef is the CHAP Secret for iSCSI target and initiator authentication

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].nfs

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Name Type Description Required

path

string

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

server

string

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

readOnly

boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].persistentVolumeClaim

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Name Type Description Required

claimName

string

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

true

readOnly

boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].photonPersistentDisk

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

Name Type Description Required

pdID

string

pdID is the ID that identifies Photon Controller persistent disk

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].portworxVolume

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

Name Type Description Required

volumeID

string

volumeID uniquely identifies a Portworx volume

true

fsType

string

fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected

projected items for all in one resources secrets, configmaps, and downward API

Name Type Description Required

defaultMode

integer

defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

sources

[]object

sources is the list of volume projections

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index]

Projection that may be projected along with other supported volume types

Name Type Description Required

clusterTrustBundle

object

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

false

configMap

object

configMap information about the configMap data to project

false

downwardAPI

object

downwardAPI information about the downwardAPI data to project

false

secret

object

secret information about the secret data to project

false

serviceAccountToken

object

serviceAccountToken is information about the serviceAccountToken data to project

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].clusterTrustBundle

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

Name Type Description Required

path

string

Relative path from the volume root to write the bundle.

true

labelSelector

object

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

false

name

string

Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.

false

optional

boolean

If true, don’t block pod startup if the referenced ClusterTrustBundle(s) aren’t available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.

false

signerName

string

Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].clusterTrustBundle.labelSelector

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].clusterTrustBundle.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].configMap

configMap information about the configMap data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].downwardAPI

downwardAPI information about the downwardAPI data to project

Name Type Description Required

items

[]object

Items is a list of DownwardAPIVolume file

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].secret

secret information about the secret data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional field specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].projected.sources[index].serviceAccountToken

serviceAccountToken is information about the serviceAccountToken data to project

Name Type Description Required

path

string

path is the path relative to the mount point of the file to project the token into.

true

audience

string

audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

false

expirationSeconds

integer

expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

  • Format: int64

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].quobyte

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

Name Type Description Required

registry

string

registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

true

volume

string

volume is a string that references an already created Quobyte volume by name.

true

group

string

group to map volume access to Default is no group

false

readOnly

boolean

readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

false

tenant

string

tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

false

user

string

user to map volume access to Defaults to serivceaccount user

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].rbd

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

Name Type Description Required

image

string

image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

monitors

[]string

monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine

false

keyring

string

keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

pool

string

pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

secretRef

object

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

user

string

user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].rbd.secretRef

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].scaleIO

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

Name Type Description Required

gateway

string

gateway is the host address of the ScaleIO API Gateway.

true

secretRef

object

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

true

system

string

system is the name of the storage system as configured in ScaleIO.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

false

protectionDomain

string

protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

sslEnabled

boolean

sslEnabled Flag enable/disable SSL communication with Gateway, default false

false

storageMode

string

storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

false

storagePool

string

storagePool is the ScaleIO Storage Pool associated with the protection domain.

false

volumeName

string

volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].scaleIO.secretRef

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].secret

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Name Type Description Required

defaultMode

integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

optional

boolean

optional field specify whether the Secret or its keys must be defined

false

secretName

string

secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].storageos

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

false

volumeName

string

volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

false

volumeNamespace

string

volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod’s namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].storageos.secretRef

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].extraVolumes.volumes[index].vsphereVolume

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

Name Type Description Required

volumePath

string

volumePath is the path that identifies vSphere volume vmdk

true

fsType

string

fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

storagePolicyID

string

storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

false

storagePolicyName

string

storagePolicyName is the storage Policy Based Management (SPBM) profile name.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index]

A single application container that you want to run within a pod.

Name Type Description Required

name

string

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

true

args

[]string

Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

command

[]string

Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

env

[]object

List of environment variables to set in the container. Cannot be updated.

false

envFrom

[]object

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

false

image

string

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

false

imagePullPolicy

string

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

false

lifecycle

object

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

false

livenessProbe

object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

ports

[]object

List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.

false

readinessProbe

object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

resizePolicy

[]object

Resources resize policy for the container.

false

resources

object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

restartPolicy

string

RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod’s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.

false

securityContext

object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

false

startupProbe

object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

stdin

boolean

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

false

stdinOnce

boolean

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

false

terminationMessagePath

string

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

false

terminationMessagePolicy

string

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

false

tty

boolean

Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.

false

volumeDevices

[]object

volumeDevices is the list of block devices to be used by the container.

false

volumeMounts

[]object

Pod volumes to mount into the container’s filesystem. Cannot be updated.

false

workingDir

string

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].envFrom[index]

EnvFromSource represents the source of a set of ConfigMaps

Name Type Description Required

configMapRef

object

The ConfigMap to select from

false

prefix

string

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

false

secretRef

object

The Secret to select from

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].envFrom[index].configMapRef

The ConfigMap to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].envFrom[index].secretRef

The Secret to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

Name Type Description Required

postStart

object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

preStop

object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.postStart

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.postStart.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.postStart.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.postStart.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.postStart.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.postStart.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.preStop

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.preStop.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.preStop.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.preStop.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.preStop.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].lifecycle.preStop.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].livenessProbe

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].ports[index]

ContainerPort represents a network port in a single container.

Name Type Description Required

containerPort

integer

Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

  • Format: int32

true

hostIP

string

What host IP to bind the external port to.

false

hostPort

integer

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

  • Format: int32

false

name

string

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

false

protocol

string

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

  • Default: TCP

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].readinessProbe

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].resizePolicy[index]

ContainerResizePolicy represents resource resize policy for the container.

Name Type Description Required

resourceName

string

Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.

true

restartPolicy

string

Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].resources

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].securityContext

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].securityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].securityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].securityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].securityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].startupProbe

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].startupProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].startupProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].startupProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].startupProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].startupProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].volumeDevices[index]

volumeDevice describes a mapping of a raw block device within a container.

Name Type Description Required

devicePath

string

devicePath is the path inside of the container that the device will be mapped to.

true

name

string

name must match the name of a persistentVolumeClaim in the pod

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].initContainers[index].volumeMounts[index]

VolumeMount describes a mounting of a Volume within a container.

Name Type Description Required

mountPath

string

Path within the container at which the volume should be mounted. Must not contain ':'.

true

name

string

This must match the Name of a Volume.

true

mountPropagation

string

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.

false

readOnly

boolean

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.

false

subPath

string

Path within the volume from which the container’s volume should be mounted. Defaults to "" (volume’s root).

false

subPathExpr

string

Expanded path within the volume from which the container’s volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to "" (volume’s root). SubPathExpr and SubPath are mutually exclusive.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].jmxInitContainerImage

Deprecated: JMX security is now based on CQL roles. We don’t need an init container to configure JMX authentication anymore. The value of this field will be ignored.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].jmxInitContainerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].managementApiAuth

ManagementApiAuth defines the authentication settings for the management API in the Cassandra pods.

Name Type Description Required

insecure

object

false

manual

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].managementApiAuth.manual

Name Type Description Required

clientSecretName

string

true

serverSecretName

string

true

skipSecretValidation

boolean

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata

Name Type Description Required

name

string

true

annotations

map[string]string

false

commonAnnotations

map[string]string

annotations that will be applied to all components created by the CRD

false

commonLabels

map[string]string

labels that will be applied to all components created by the CRD

false

labels

map[string]string

false

namespace

string

false

pods

object

labels/annotations for the pod components

false

services

object

labels/annotations for all of the CassandraDatacenter service components

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.pods

labels/annotations for the pod components

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.services

labels/annotations for all of the CassandraDatacenter service components

Name Type Description Required

additionalSeedService

object

false

allPodsService

object

false

dcService

object

false

nodePortService

object

false

seedService

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.services.additionalSeedService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.services.allPodsService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.services.dcService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.services.nodePortService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].metadata.services.seedService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].networking

Networking enables host networking and configures a NodePort ports.

Name Type Description Required

hostNetwork

boolean

false

nodePort

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].networking.nodePort

Name Type Description Required

internode

integer

false

internodeSSL

integer

false

native

integer

false

nativeSSL

integer

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].perNodeConfigMapRef

PerNodeConfigMapRef is a reference to a ConfigMap that contains per-node configuration for this DC. The ConfigMap is expected to have entries in the following form: <pod-name>_<file-name>.yaml, where <pod-name> is the name of the pod and <file-name> is the name of a configuration file (typically, cassandra.yaml). The value of the entry is expected to be a YAML fragment that contains the per-node configuration for each pod. When the pod is started, the per-node ConfigMap is mounted and the contents of each entry corresponding to the pod are merged into their respective configuration files.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].podSecurityContext

PodSecurityContext defines the security context for the Cassandra pods.

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index]

Rack …​

Name Type Description Required

name

string

The rack name

true

affinity

object

Affinity rules to set for this rack only. Merged with values from PodTemplateSpec Affinity as well as NodeAffinityLabels. If you wish to override all the default PodAntiAffinity rules, set allowMultipleWorkers to true, otherwise defaults are applied and then these Affinity settings are merged.

false

nodeAffinityLabels

map[string]string

NodeAffinityLabels to pin the rack, using node affinity

false

zone

string

Deprecated. Use nodeAffinityLabels instead. DeprecatedZone name to pin the rack, using node affinity

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity

Affinity rules to set for this rack only. Merged with values from PodTemplateSpec Affinity as well as NodeAffinityLabels. If you wish to override all the default PodAntiAffinity rules, set allowMultipleWorkers to true, otherwise defaults are applied and then these Affinity settings are merged.

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].resources

Resources is the cpu and memory resources for the cassandra container.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate

Stargate defines the desired deployment characteristics for Stargate in this datacenter. Leave nil to skip deploying Stargate in this datacenter.

Name Type Description Required

size

integer

Size is the number of Stargate instances to deploy in each datacenter. They will be spread evenly across racks.

  • Format: int32

  • Default: 1

  • Minimum: 1

true

affinity

object

Affinity is the affinity to apply to all the Stargate pods. Leave nil to let the controller reuse the same affinity rules used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity

false

allowStargateOnDataNodes

boolean

AllowStargateOnDataNodes allows Stargate pods to be scheduled on a worker node already hosting data pods for this datacenter. The default is false, which means that Stargate pods will be scheduled on separate worker nodes. Note: if the datacenter pods have HostNetwork:true, then the Stargate pods will inherit of it, in which case it is possible that Stargate nodes won’t be allowed to sit on data nodes even if this property is set to true, because of port conflicts on the same IP address.

  • Default: false

false

authOptions

object

Authentication options.

false

cassandraConfigMapRef

object

CassandraConfigMapRef is a reference to a ConfigMap that holds Cassandra configuration. The map should have a key named cassandra_yaml.

false

containerImage

object

ContainerImage is the image characteristics to use for Stargate containers. Leave nil to use a default image.

  • Default: map[repository:stargateio tag:v1.0.77]

false

heapSize

int or string

HeapSize sets the JVM heap size to use for Stargate. If no Resources are specified, this value will also be used to set a default memory request and limit for the Stargate pods: these will be set to HeapSize x2 and x4, respectively.

  • Default: 256Mi

false

livenessProbe

object

LivenessProbe sets the Stargate liveness probe. Leave nil to use defaults.

false

metadata

object

labels and annotations for Stargate resources

false

nodeSelector

map[string]string

NodeSelector is an optional map of label keys and values to restrict the scheduling of Stargate nodes to workers with matching labels. Leave nil to let the controller reuse the same node selectors used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector

false

racks

[]object

Racks allow customizing Stargate characteristics for specific racks in the datacenter.

false

readinessProbe

object

ReadinessProbe sets the Stargate readiness probe. Leave nil to use defaults.

false

resources

object

Resources is the Kubernetes resource requests and limits to apply, per Stargate pod. Leave nil to use defaults.

false

secretsProvider

enum

SecretsProvider defines whether the secrets used for credentials and certs will be backed by an external secret backend. This moves the responsibility of generating and storing secrets from the operators to the user and will rely on a mutating webhook to inject the secrets into the necessary resources

  • Enum: internal, external

  • Default: internal

false

serviceAccount

string

ServiceAccount is the service account name to use for Stargate pods.

  • Default: default

false

telemetry

object

Telemetry defines the desired telemetry integrations to deploy targeting the Stargate pods for all DCs in this cluster (unless overridden by DC specific settings)

false

tolerations

[]object

Tolerations are tolerations to apply to the Stargate pods. Leave nil to let the controller reuse the same tolerations used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity

Affinity is the affinity to apply to all the Stargate pods. Leave nil to let the controller reuse the same affinity rules used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.authOptions

Authentication options.

Name Type Description Required

apiAuthMethod

enum

The method to use for authenticating requests to the Stargate APIs. Stargate currently has two authentication / authorization methods: - Table: table-based; - JWT: JSON web token (JWT)-based. The methods are mutually exclusive. The default method is Table.

  • Enum: Table, JWT

  • Default: Table

false

providerUrl

string

Required when using JWT authentication method, ignored otherwise.

false

tokenTtlSeconds

integer

The time-to-live in seconds of an API authentication token. Valid only for the Table authentication method. By default, the token persists for 30 minutes with a sliding window. Each use of the token to authenticate resets the 30-minute window. A token created and used after 29 minutes will authenticate a request, but if 31 minutes passes before use, the token will no longer exist. Default is 1800 seconds (30 minutes).

  • Minimum: 1

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.cassandraConfigMapRef

CassandraConfigMapRef is a reference to a ConfigMap that holds Cassandra configuration. The map should have a key named cassandra_yaml.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.containerImage

ContainerImage is the image characteristics to use for Stargate containers. Leave nil to use a default image.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.livenessProbe

LivenessProbe sets the Stargate liveness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.metadata

labels and annotations for Stargate resources

Name Type Description Required

annotations

map[string]string

false

commonLabels

map[string]string

labels/annotations that will be applied to all components created by the CRD

false

labels

map[string]string

false

pods

object

labels/annotations for the pod components

false

service

object

labels/annotations for the service component

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.metadata.pods

labels/annotations for the pod components

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.metadata.service

labels/annotations for the service component

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index]

StargateRackTemplate defines custom rules for Stargate pods in a given rack. These rules will be merged with rules defined at datacenter level in a StargateDatacenterTemplate; rack-level rules have precedence over datacenter-level ones.

Name Type Description Required

name

string

Name is the rack name. It must correspond to an existing rack name in the CassandraDatacenter resource where Stargate is being deployed, otherwise it will be ignored.

true

affinity

object

Affinity is the affinity to apply to all the Stargate pods. Leave nil to let the controller reuse the same affinity rules used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity

false

allowStargateOnDataNodes

boolean

AllowStargateOnDataNodes allows Stargate pods to be scheduled on a worker node already hosting data pods for this datacenter. The default is false, which means that Stargate pods will be scheduled on separate worker nodes. Note: if the datacenter pods have HostNetwork:true, then the Stargate pods will inherit of it, in which case it is possible that Stargate nodes won’t be allowed to sit on data nodes even if this property is set to true, because of port conflicts on the same IP address.

  • Default: false

false

authOptions

object

Authentication options.

false

cassandraConfigMapRef

object

CassandraConfigMapRef is a reference to a ConfigMap that holds Cassandra configuration. The map should have a key named cassandra_yaml.

false

containerImage

object

ContainerImage is the image characteristics to use for Stargate containers. Leave nil to use a default image.

  • Default: map[repository:stargateio tag:v1.0.77]

false

heapSize

int or string

HeapSize sets the JVM heap size to use for Stargate. If no Resources are specified, this value will also be used to set a default memory request and limit for the Stargate pods: these will be set to HeapSize x2 and x4, respectively.

  • Default: 256Mi

false

livenessProbe

object

LivenessProbe sets the Stargate liveness probe. Leave nil to use defaults.

false

metadata

object

labels and annotations for Stargate resources

false

nodeSelector

map[string]string

NodeSelector is an optional map of label keys and values to restrict the scheduling of Stargate nodes to workers with matching labels. Leave nil to let the controller reuse the same node selectors used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector

false

readinessProbe

object

ReadinessProbe sets the Stargate readiness probe. Leave nil to use defaults.

false

resources

object

Resources is the Kubernetes resource requests and limits to apply, per Stargate pod. Leave nil to use defaults.

false

secretsProvider

enum

SecretsProvider defines whether the secrets used for credentials and certs will be backed by an external secret backend. This moves the responsibility of generating and storing secrets from the operators to the user and will rely on a mutating webhook to inject the secrets into the necessary resources

  • Enum: internal, external

  • Default: internal

false

serviceAccount

string

ServiceAccount is the service account name to use for Stargate pods.

  • Default: default

false

telemetry

object

Telemetry defines the desired telemetry integrations to deploy targeting the Stargate pods for all DCs in this cluster (unless overridden by DC specific settings)

false

tolerations

[]object

Tolerations are tolerations to apply to the Stargate pods. Leave nil to let the controller reuse the same tolerations used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity

Affinity is the affinity to apply to all the Stargate pods. Leave nil to let the controller reuse the same affinity rules used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].authOptions

Authentication options.

Name Type Description Required

apiAuthMethod

enum

The method to use for authenticating requests to the Stargate APIs. Stargate currently has two authentication / authorization methods: - Table: table-based; - JWT: JSON web token (JWT)-based. The methods are mutually exclusive. The default method is Table.

  • Enum: Table, JWT

  • Default: Table

false

providerUrl

string

Required when using JWT authentication method, ignored otherwise.

false

tokenTtlSeconds

integer

The time-to-live in seconds of an API authentication token. Valid only for the Table authentication method. By default, the token persists for 30 minutes with a sliding window. Each use of the token to authenticate resets the 30-minute window. A token created and used after 29 minutes will authenticate a request, but if 31 minutes passes before use, the token will no longer exist. Default is 1800 seconds (30 minutes).

  • Minimum: 1

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].cassandraConfigMapRef

CassandraConfigMapRef is a reference to a ConfigMap that holds Cassandra configuration. The map should have a key named cassandra_yaml.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].containerImage

ContainerImage is the image characteristics to use for Stargate containers. Leave nil to use a default image.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].livenessProbe

LivenessProbe sets the Stargate liveness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].metadata

labels and annotations for Stargate resources

Name Type Description Required

annotations

map[string]string

false

commonLabels

map[string]string

labels/annotations that will be applied to all components created by the CRD

false

labels

map[string]string

false

pods

object

labels/annotations for the pod components

false

service

object

labels/annotations for the service component

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].metadata.pods

labels/annotations for the pod components

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].metadata.service

labels/annotations for the service component

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].readinessProbe

ReadinessProbe sets the Stargate readiness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].resources

Resources is the Kubernetes resource requests and limits to apply, per Stargate pod. Leave nil to use defaults.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry

Telemetry defines the desired telemetry integrations to deploy targeting the Stargate pods for all DCs in this cluster (unless overridden by DC specific settings)

Name Type Description Required

cassandra

object

false

mcac

object

false

prometheus

object

false

vector

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.cassandra

Name Type Description Required

endpoint

object

false

relabels

[]object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.cassandra.endpoint

Name Type Description Required

address

string

false

port

string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.cassandra.relabels[index]

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Name Type Description Required

action

enum

Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.

  • Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase

  • Default: replace

false

modulus

integer

Modulus to take of the hash of the source label values.

  • Format: int64

false

regex

string

Regular expression against which the extracted value is matched. Default is '(.*)'

false

replacement

string

Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'

false

separator

string

Separator placed between concatenated source label values. default is ';'.

false

sourceLabels

[]string

The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.

false

targetLabel

string

Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.mcac

Name Type Description Required

enabled

boolean

enabled sets whether MCAC (legacy metrics endpoint) is enabled. This is considered true by default.

false

metricFilters

[]string

MetricFilters allows passing filters to MCAC in order to reduce the amount of extracted metrics. Not setting this field will result in the default filters being used: - "deny:org.apache.cassandra.metrics.Table" - "deny:org.apache.cassandra.metrics.table" - "allow:org.apache.cassandra.metrics.table.live_ss_table_count" - "allow:org.apache.cassandra.metrics.Table.LiveSSTableCount" - "allow:org.apache.cassandra.metrics.table.live_disk_space_used" - "allow:org.apache.cassandra.metrics.table.LiveDiskSpaceUsed" - "allow:org.apache.cassandra.metrics.Table.Pending" - "allow:org.apache.cassandra.metrics.Table.Memtable" - "allow:org.apache.cassandra.metrics.Table.Compaction" - "allow:org.apache.cassandra.metrics.table.read" - "allow:org.apache.cassandra.metrics.table.write" - "allow:org.apache.cassandra.metrics.table.range" - "allow:org.apache.cassandra.metrics.table.coordinator" - "allow:org.apache.cassandra.metrics.table.dropped_mutations" Setting it to an empty list will result in all metrics being extracted.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.prometheus

Name Type Description Required

commonLabels

map[string]string

CommonLabels are applied to all serviceMonitors created.

false

enabled

boolean

Enable the creation of Prometheus serviceMonitors for this resource (Cassandra or Stargate).

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector

Name Type Description Required

components

object

false

enabled

boolean

Enabled enables the Vector agent for this resource (Cassandra, Reaper or Stargate). Enabling the vector agent will inject a sidecar container into the pod.

false

image

string

Image is the name of the Vector image to use. If not set, the default image will be used. kube:default="timberio/vector:0.26.0-alpine"

false

resources

object

Resources is the resource requirements for the Vector agent.

false

scrapeInterval

string

ScrapeInterval is the interval at which the Vector agent will scrape the metrics endpoint. Use values like 30s, 1m, 5m. kube:default=30s

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector.components

Name Type Description Required

sinks

[]object

Sinks is the list of sinks to use for the Vector agent.

false

sources

[]object

Sources is the list of sources to use for the Vector agent.

false

transforms

[]object

Transforms is the list of transforms to use for the Vector agent.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector.components.sinks[index]

Name Type Description Required

name

string

Name is the name of the sink.

true

type

string

Type is the type of the sink.

true

config

string

Config is the configuration for the sink.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector.components.sources[index]

Name Type Description Required

name

string

Name is the name of the source.

true

type

string

Type is the type of the source.

true

config

string

Config is the configuration for the source.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector.components.transforms[index]

Name Type Description Required

name

string

Name is the name of the transform.

true

type

string

Type is the type of the transform.

true

config

string

Config is the configuration for the transform.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector.resources

Resources is the resource requirements for the Vector agent.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].telemetry.vector.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.racks[index].tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.readinessProbe

ReadinessProbe sets the Stargate readiness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.resources

Resources is the Kubernetes resource requests and limits to apply, per Stargate pod. Leave nil to use defaults.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry

Telemetry defines the desired telemetry integrations to deploy targeting the Stargate pods for all DCs in this cluster (unless overridden by DC specific settings)

Name Type Description Required

cassandra

object

false

mcac

object

false

prometheus

object

false

vector

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.cassandra

Name Type Description Required

endpoint

object

false

relabels

[]object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.cassandra.endpoint

Name Type Description Required

address

string

false

port

string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.cassandra.relabels[index]

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Name Type Description Required

action

enum

Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.

  • Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase

  • Default: replace

false

modulus

integer

Modulus to take of the hash of the source label values.

  • Format: int64

false

regex

string

Regular expression against which the extracted value is matched. Default is '(.*)'

false

replacement

string

Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'

false

separator

string

Separator placed between concatenated source label values. default is ';'.

false

sourceLabels

[]string

The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.

false

targetLabel

string

Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.mcac

Name Type Description Required

enabled

boolean

enabled sets whether MCAC (legacy metrics endpoint) is enabled. This is considered true by default.

false

metricFilters

[]string

MetricFilters allows passing filters to MCAC in order to reduce the amount of extracted metrics. Not setting this field will result in the default filters being used: - "deny:org.apache.cassandra.metrics.Table" - "deny:org.apache.cassandra.metrics.table" - "allow:org.apache.cassandra.metrics.table.live_ss_table_count" - "allow:org.apache.cassandra.metrics.Table.LiveSSTableCount" - "allow:org.apache.cassandra.metrics.table.live_disk_space_used" - "allow:org.apache.cassandra.metrics.table.LiveDiskSpaceUsed" - "allow:org.apache.cassandra.metrics.Table.Pending" - "allow:org.apache.cassandra.metrics.Table.Memtable" - "allow:org.apache.cassandra.metrics.Table.Compaction" - "allow:org.apache.cassandra.metrics.table.read" - "allow:org.apache.cassandra.metrics.table.write" - "allow:org.apache.cassandra.metrics.table.range" - "allow:org.apache.cassandra.metrics.table.coordinator" - "allow:org.apache.cassandra.metrics.table.dropped_mutations" Setting it to an empty list will result in all metrics being extracted.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.prometheus

Name Type Description Required

commonLabels

map[string]string

CommonLabels are applied to all serviceMonitors created.

false

enabled

boolean

Enable the creation of Prometheus serviceMonitors for this resource (Cassandra or Stargate).

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector

Name Type Description Required

components

object

false

enabled

boolean

Enabled enables the Vector agent for this resource (Cassandra, Reaper or Stargate). Enabling the vector agent will inject a sidecar container into the pod.

false

image

string

Image is the name of the Vector image to use. If not set, the default image will be used. kube:default="timberio/vector:0.26.0-alpine"

false

resources

object

Resources is the resource requirements for the Vector agent.

false

scrapeInterval

string

ScrapeInterval is the interval at which the Vector agent will scrape the metrics endpoint. Use values like 30s, 1m, 5m. kube:default=30s

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector.components

Name Type Description Required

sinks

[]object

Sinks is the list of sinks to use for the Vector agent.

false

sources

[]object

Sources is the list of sources to use for the Vector agent.

false

transforms

[]object

Transforms is the list of transforms to use for the Vector agent.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector.components.sinks[index]

Name Type Description Required

name

string

Name is the name of the sink.

true

type

string

Type is the type of the sink.

true

config

string

Config is the configuration for the sink.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector.components.sources[index]

Name Type Description Required

name

string

Name is the name of the source.

true

type

string

Type is the type of the source.

true

config

string

Config is the configuration for the source.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector.components.transforms[index]

Name Type Description Required

name

string

Name is the name of the transform.

true

type

string

Type is the type of the transform.

true

config

string

Config is the configuration for the transform.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector.resources

Resources is the resource requirements for the Vector agent.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.telemetry.vector.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].stargate.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig

StorageConfig is the persistent storage requirements for each Cassandra pod. This includes everything under /var/lib/cassandra, namely the commit log and data directories.

Name Type Description Required

additionalVolumes

[]object

false

cassandraDataVolumeClaimSpec

object

PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index]

AdditionalVolumes defines additional storage configurations

Name Type Description Required

mountPath

string

Mount path into cassandra container

true

name

string

Name of the pvc / volume

true

pvcSpec

object

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

false

volumeSource

object

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].pvcSpec

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].pvcSpec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].pvcSpec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].pvcSpec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].pvcSpec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].pvcSpec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

Name Type Description Required

awsElasticBlockStore

object

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

azureDisk

object

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

false

azureFile

object

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

false

cephfs

object

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

false

cinder

object

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

configMap

object

configMap represents a configMap that should populate this volume

false

csi

object

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

false

downwardAPI

object

downwardAPI represents downward API about the pod that should populate this volume

false

emptyDir

object

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

ephemeral

object

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

false

fc

object

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

false

flexVolume

object

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

false

flocker

object

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

false

gcePersistentDisk

object

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

gitRepo

object

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

false

glusterfs

object

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

false

hostPath

object

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

false

iscsi

object

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

false

nfs

object

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

persistentVolumeClaim

object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

false

photonPersistentDisk

object

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

false

portworxVolume

object

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

false

projected

object

projected items for all in one resources secrets, configmaps, and downward API

false

quobyte

object

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

false

rbd

object

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

false

scaleIO

object

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

false

secret

object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

storageos

object

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

false

vsphereVolume

object

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.awsElasticBlockStore

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

Name Type Description Required

volumeID

string

volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).

  • Format: int32

false

readOnly

boolean

readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.azureDisk

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

Name Type Description Required

diskName

string

diskName is the Name of the data disk in the blob storage

true

diskURI

string

diskURI is the URI of data disk in the blob storage

true

cachingMode

string

cachingMode is the Host Caching mode: None, Read Only, Read Write.

false

fsType

string

fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

kind

string

kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.azureFile

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

Name Type Description Required

secretName

string

secretName is the name of secret that contains Azure Storage Account Name and Key

true

shareName

string

shareName is the azure share Name

true

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.cephfs

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

Name Type Description Required

monitors

[]string

monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

true

path

string

path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretFile

string

secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretRef

object

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

user

string

user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.cephfs.secretRef

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.cinder

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

Name Type Description Required

volumeID

string

volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

secretRef

object

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.cinder.secretRef

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.configMap

configMap represents a configMap that should populate this volume

Name Type Description Required

defaultMode

integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.csi

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

Name Type Description Required

driver

string

driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

true

fsType

string

fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

false

nodePublishSecretRef

object

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

false

readOnly

boolean

readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

false

volumeAttributes

map[string]string

volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.csi.nodePublishSecretRef

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.downwardAPI

downwardAPI represents downward API about the pod that should populate this volume

Name Type Description Required

defaultMode

integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

Items is a list of downward API volume file

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.emptyDir

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

Name Type Description Required

medium

string

medium represents what type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

sizeLimit

int or string

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

Name Type Description Required

volumeClaimTemplate

object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Name Type Description Required

spec

object

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

true

metadata

object

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.fc

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine

false

lun

integer

lun is Optional: FC target lun number

  • Format: int32

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

targetWWNs

[]string

targetWWNs is Optional: FC target worldwide names (WWNs)

false

wwids

[]string

wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.flexVolume

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

Name Type Description Required

driver

string

driver is the name of the driver to use for this volume.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

false

options

map[string]string

options is Optional: this field holds extra command options if any.

false

readOnly

boolean

readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.flexVolume.secretRef

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.flocker

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

Name Type Description Required

datasetName

string

datasetName is Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated

false

datasetUUID

string

datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.gcePersistentDisk

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

Name Type Description Required

pdName

string

pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

true

fsType

string

fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

  • Format: int32

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.gitRepo

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

Name Type Description Required

repository

string

repository is the URL

true

directory

string

directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

false

revision

string

revision is the commit hash for the specified revision.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.glusterfs

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

Name Type Description Required

endpoints

string

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

path

string

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

readOnly

boolean

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.hostPath

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

Name Type Description Required

path

string

path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

true

type

string

type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.iscsi

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

Name Type Description Required

iqn

string

iqn is the target iSCSI Qualified Name.

true

lun

integer

lun represents iSCSI Target Lun number.

  • Format: int32

true

targetPortal

string

targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

true

chapAuthDiscovery

boolean

chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

false

chapAuthSession

boolean

chapAuthSession defines whether support iSCSI Session CHAP authentication

false

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine

false

initiatorName

string

initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

false

iscsiInterface

string

iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

false

portals

[]string

portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

false

secretRef

object

secretRef is the CHAP Secret for iSCSI target and initiator authentication

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.iscsi.secretRef

secretRef is the CHAP Secret for iSCSI target and initiator authentication

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.nfs

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Name Type Description Required

path

string

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

server

string

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

readOnly

boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.persistentVolumeClaim

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Name Type Description Required

claimName

string

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

true

readOnly

boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.photonPersistentDisk

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

Name Type Description Required

pdID

string

pdID is the ID that identifies Photon Controller persistent disk

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.portworxVolume

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

Name Type Description Required

volumeID

string

volumeID uniquely identifies a Portworx volume

true

fsType

string

fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected

projected items for all in one resources secrets, configmaps, and downward API

Name Type Description Required

defaultMode

integer

defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

sources

[]object

sources is the list of volume projections

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index]

Projection that may be projected along with other supported volume types

Name Type Description Required

clusterTrustBundle

object

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

false

configMap

object

configMap information about the configMap data to project

false

downwardAPI

object

downwardAPI information about the downwardAPI data to project

false

secret

object

secret information about the secret data to project

false

serviceAccountToken

object

serviceAccountToken is information about the serviceAccountToken data to project

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].clusterTrustBundle

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

Name Type Description Required

path

string

Relative path from the volume root to write the bundle.

true

labelSelector

object

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

false

name

string

Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.

false

optional

boolean

If true, don’t block pod startup if the referenced ClusterTrustBundle(s) aren’t available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.

false

signerName

string

Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].configMap

configMap information about the configMap data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI

downwardAPI information about the downwardAPI data to project

Name Type Description Required

items

[]object

Items is a list of DownwardAPIVolume file

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].secret

secret information about the secret data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional field specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].serviceAccountToken

serviceAccountToken is information about the serviceAccountToken data to project

Name Type Description Required

path

string

path is the path relative to the mount point of the file to project the token into.

true

audience

string

audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

false

expirationSeconds

integer

expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

  • Format: int64

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.quobyte

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

Name Type Description Required

registry

string

registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

true

volume

string

volume is a string that references an already created Quobyte volume by name.

true

group

string

group to map volume access to Default is no group

false

readOnly

boolean

readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

false

tenant

string

tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

false

user

string

user to map volume access to Defaults to serivceaccount user

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.rbd

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

Name Type Description Required

image

string

image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

monitors

[]string

monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine

false

keyring

string

keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

pool

string

pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

secretRef

object

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

user

string

user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.rbd.secretRef

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.scaleIO

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

Name Type Description Required

gateway

string

gateway is the host address of the ScaleIO API Gateway.

true

secretRef

object

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

true

system

string

system is the name of the storage system as configured in ScaleIO.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

false

protectionDomain

string

protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

sslEnabled

boolean

sslEnabled Flag enable/disable SSL communication with Gateway, default false

false

storageMode

string

storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

false

storagePool

string

storagePool is the ScaleIO Storage Pool associated with the protection domain.

false

volumeName

string

volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.scaleIO.secretRef

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.secret

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Name Type Description Required

defaultMode

integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

optional

boolean

optional field specify whether the Secret or its keys must be defined

false

secretName

string

secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.storageos

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

false

volumeName

string

volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

false

volumeNamespace

string

volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod’s namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.storageos.secretRef

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.additionalVolumes[index].volumeSource.vsphereVolume

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

Name Type Description Required

volumePath

string

volumePath is the path that identifies vSphere volume vmdk

true

fsType

string

fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

storagePolicyID

string

storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

false

storagePolicyName

string

storagePolicyName is the storage Policy Based Management (SPBM) profile name.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.cassandraDataVolumeClaimSpec

PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.cassandraDataVolumeClaimSpec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.cassandraDataVolumeClaimSpec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.cassandraDataVolumeClaimSpec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.cassandraDataVolumeClaimSpec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].storageConfig.cassandraDataVolumeClaimSpec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry

Telemetry defines the desired state for telemetry resources in this datacenter. If telemetry configurations are defined, telemetry resources will be deployed to integrate with a user-provided monitoring solution (at present, only support for Prometheus is available).

Name Type Description Required

cassandra

object

false

mcac

object

false

prometheus

object

false

vector

object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.cassandra

Name Type Description Required

endpoint

object

false

relabels

[]object

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.cassandra.endpoint

Name Type Description Required

address

string

false

port

string

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.cassandra.relabels[index]

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Name Type Description Required

action

enum

Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.

  • Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase

  • Default: replace

false

modulus

integer

Modulus to take of the hash of the source label values.

  • Format: int64

false

regex

string

Regular expression against which the extracted value is matched. Default is '(.*)'

false

replacement

string

Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'

false

separator

string

Separator placed between concatenated source label values. default is ';'.

false

sourceLabels

[]string

The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.

false

targetLabel

string

Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.mcac

Name Type Description Required

enabled

boolean

enabled sets whether MCAC (legacy metrics endpoint) is enabled. This is considered true by default.

false

metricFilters

[]string

MetricFilters allows passing filters to MCAC in order to reduce the amount of extracted metrics. Not setting this field will result in the default filters being used: - "deny:org.apache.cassandra.metrics.Table" - "deny:org.apache.cassandra.metrics.table" - "allow:org.apache.cassandra.metrics.table.live_ss_table_count" - "allow:org.apache.cassandra.metrics.Table.LiveSSTableCount" - "allow:org.apache.cassandra.metrics.table.live_disk_space_used" - "allow:org.apache.cassandra.metrics.table.LiveDiskSpaceUsed" - "allow:org.apache.cassandra.metrics.Table.Pending" - "allow:org.apache.cassandra.metrics.Table.Memtable" - "allow:org.apache.cassandra.metrics.Table.Compaction" - "allow:org.apache.cassandra.metrics.table.read" - "allow:org.apache.cassandra.metrics.table.write" - "allow:org.apache.cassandra.metrics.table.range" - "allow:org.apache.cassandra.metrics.table.coordinator" - "allow:org.apache.cassandra.metrics.table.dropped_mutations" Setting it to an empty list will result in all metrics being extracted.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.prometheus

Name Type Description Required

commonLabels

map[string]string

CommonLabels are applied to all serviceMonitors created.

false

enabled

boolean

Enable the creation of Prometheus serviceMonitors for this resource (Cassandra or Stargate).

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector

Name Type Description Required

components

object

false

enabled

boolean

Enabled enables the Vector agent for this resource (Cassandra, Reaper or Stargate). Enabling the vector agent will inject a sidecar container into the pod.

false

image

string

Image is the name of the Vector image to use. If not set, the default image will be used. kube:default="timberio/vector:0.26.0-alpine"

false

resources

object

Resources is the resource requirements for the Vector agent.

false

scrapeInterval

string

ScrapeInterval is the interval at which the Vector agent will scrape the metrics endpoint. Use values like 30s, 1m, 5m. kube:default=30s

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector.components

Name Type Description Required

sinks

[]object

Sinks is the list of sinks to use for the Vector agent.

false

sources

[]object

Sources is the list of sources to use for the Vector agent.

false

transforms

[]object

Transforms is the list of transforms to use for the Vector agent.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector.components.sinks[index]

Name Type Description Required

name

string

Name is the name of the sink.

true

type

string

Type is the type of the sink.

true

config

string

Config is the configuration for the sink.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector.components.sources[index]

Name Type Description Required

name

string

Name is the name of the source.

true

type

string

Type is the type of the source.

true

config

string

Config is the configuration for the source.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector.components.transforms[index]

Name Type Description Required

name

string

Name is the name of the transform.

true

type

string

Type is the type of the transform.

true

config

string

Config is the configuration for the transform.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector.resources

Resources is the resource requirements for the Vector agent.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].telemetry.vector.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.datacenters[index].tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.k8ssandra.cassandra.dseWorkloads

Name Type Description Required

analyticsEnabled

boolean

false

graphEnabled

boolean

false

searchEnabled

boolean

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes

Volumes defines additional volumes to be added to each Cassandra pod. If the volume uses a PersistentVolumeClaim, the PVC will be managed by the statefulset.

Name Type Description Required

pvcs

[]object

PVCs defines additional volumes to be added to each Cassandra pod and managed by the statefulset. Such volumes are automatically mounted by cass-operator into the cassandra containers.

false

volumes

[]object

Volumes defines volumes to be added to each Cassandra pod.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index]

AdditionalVolumes defines additional storage configurations

Name Type Description Required

mountPath

string

Mount path into cassandra container

true

name

string

Name of the pvc / volume

true

pvcSpec

object

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

false

volumeSource

object

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].pvcSpec

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].pvcSpec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].pvcSpec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].pvcSpec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].pvcSpec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].pvcSpec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

Name Type Description Required

awsElasticBlockStore

object

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

azureDisk

object

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

false

azureFile

object

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

false

cephfs

object

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

false

cinder

object

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

configMap

object

configMap represents a configMap that should populate this volume

false

csi

object

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

false

downwardAPI

object

downwardAPI represents downward API about the pod that should populate this volume

false

emptyDir

object

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

ephemeral

object

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

false

fc

object

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

false

flexVolume

object

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

false

flocker

object

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

false

gcePersistentDisk

object

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

gitRepo

object

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

false

glusterfs

object

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

false

hostPath

object

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

false

iscsi

object

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

false

nfs

object

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

persistentVolumeClaim

object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

false

photonPersistentDisk

object

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

false

portworxVolume

object

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

false

projected

object

projected items for all in one resources secrets, configmaps, and downward API

false

quobyte

object

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

false

rbd

object

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

false

scaleIO

object

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

false

secret

object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

storageos

object

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

false

vsphereVolume

object

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.awsElasticBlockStore

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

Name Type Description Required

volumeID

string

volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).

  • Format: int32

false

readOnly

boolean

readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.azureDisk

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

Name Type Description Required

diskName

string

diskName is the Name of the data disk in the blob storage

true

diskURI

string

diskURI is the URI of data disk in the blob storage

true

cachingMode

string

cachingMode is the Host Caching mode: None, Read Only, Read Write.

false

fsType

string

fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

kind

string

kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.azureFile

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

Name Type Description Required

secretName

string

secretName is the name of secret that contains Azure Storage Account Name and Key

true

shareName

string

shareName is the azure share Name

true

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.cephfs

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

Name Type Description Required

monitors

[]string

monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

true

path

string

path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretFile

string

secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretRef

object

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

user

string

user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.cephfs.secretRef

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.cinder

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

Name Type Description Required

volumeID

string

volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

secretRef

object

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.cinder.secretRef

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.configMap

configMap represents a configMap that should populate this volume

Name Type Description Required

defaultMode

integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.csi

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

Name Type Description Required

driver

string

driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

true

fsType

string

fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

false

nodePublishSecretRef

object

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

false

readOnly

boolean

readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

false

volumeAttributes

map[string]string

volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.csi.nodePublishSecretRef

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.downwardAPI

downwardAPI represents downward API about the pod that should populate this volume

Name Type Description Required

defaultMode

integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

Items is a list of downward API volume file

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.emptyDir

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

Name Type Description Required

medium

string

medium represents what type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

sizeLimit

int or string

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

Name Type Description Required

volumeClaimTemplate

object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Name Type Description Required

spec

object

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

true

metadata

object

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.fc

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine

false

lun

integer

lun is Optional: FC target lun number

  • Format: int32

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

targetWWNs

[]string

targetWWNs is Optional: FC target worldwide names (WWNs)

false

wwids

[]string

wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.flexVolume

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

Name Type Description Required

driver

string

driver is the name of the driver to use for this volume.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

false

options

map[string]string

options is Optional: this field holds extra command options if any.

false

readOnly

boolean

readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.flexVolume.secretRef

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.flocker

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

Name Type Description Required

datasetName

string

datasetName is Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated

false

datasetUUID

string

datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.gcePersistentDisk

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

Name Type Description Required

pdName

string

pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

true

fsType

string

fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

  • Format: int32

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.gitRepo

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

Name Type Description Required

repository

string

repository is the URL

true

directory

string

directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

false

revision

string

revision is the commit hash for the specified revision.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.glusterfs

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

Name Type Description Required

endpoints

string

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

path

string

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

readOnly

boolean

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.hostPath

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

Name Type Description Required

path

string

path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

true

type

string

type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.iscsi

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

Name Type Description Required

iqn

string

iqn is the target iSCSI Qualified Name.

true

lun

integer

lun represents iSCSI Target Lun number.

  • Format: int32

true

targetPortal

string

targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

true

chapAuthDiscovery

boolean

chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

false

chapAuthSession

boolean

chapAuthSession defines whether support iSCSI Session CHAP authentication

false

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine

false

initiatorName

string

initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

false

iscsiInterface

string

iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

false

portals

[]string

portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

false

secretRef

object

secretRef is the CHAP Secret for iSCSI target and initiator authentication

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.iscsi.secretRef

secretRef is the CHAP Secret for iSCSI target and initiator authentication

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.nfs

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Name Type Description Required

path

string

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

server

string

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

readOnly

boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.persistentVolumeClaim

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Name Type Description Required

claimName

string

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

true

readOnly

boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.photonPersistentDisk

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

Name Type Description Required

pdID

string

pdID is the ID that identifies Photon Controller persistent disk

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.portworxVolume

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

Name Type Description Required

volumeID

string

volumeID uniquely identifies a Portworx volume

true

fsType

string

fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected

projected items for all in one resources secrets, configmaps, and downward API

Name Type Description Required

defaultMode

integer

defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

sources

[]object

sources is the list of volume projections

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index]

Projection that may be projected along with other supported volume types

Name Type Description Required

clusterTrustBundle

object

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

false

configMap

object

configMap information about the configMap data to project

false

downwardAPI

object

downwardAPI information about the downwardAPI data to project

false

secret

object

secret information about the secret data to project

false

serviceAccountToken

object

serviceAccountToken is information about the serviceAccountToken data to project

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].clusterTrustBundle

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

Name Type Description Required

path

string

Relative path from the volume root to write the bundle.

true

labelSelector

object

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

false

name

string

Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.

false

optional

boolean

If true, don’t block pod startup if the referenced ClusterTrustBundle(s) aren’t available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.

false

signerName

string

Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].configMap

configMap information about the configMap data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI

downwardAPI information about the downwardAPI data to project

Name Type Description Required

items

[]object

Items is a list of DownwardAPIVolume file

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].secret

secret information about the secret data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional field specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.projected.sources[index].serviceAccountToken

serviceAccountToken is information about the serviceAccountToken data to project

Name Type Description Required

path

string

path is the path relative to the mount point of the file to project the token into.

true

audience

string

audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

false

expirationSeconds

integer

expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

  • Format: int64

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.quobyte

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

Name Type Description Required

registry

string

registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

true

volume

string

volume is a string that references an already created Quobyte volume by name.

true

group

string

group to map volume access to Default is no group

false

readOnly

boolean

readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

false

tenant

string

tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

false

user

string

user to map volume access to Defaults to serivceaccount user

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.rbd

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

Name Type Description Required

image

string

image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

monitors

[]string

monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine

false

keyring

string

keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

pool

string

pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

secretRef

object

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

user

string

user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.rbd.secretRef

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.scaleIO

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

Name Type Description Required

gateway

string

gateway is the host address of the ScaleIO API Gateway.

true

secretRef

object

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

true

system

string

system is the name of the storage system as configured in ScaleIO.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

false

protectionDomain

string

protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

sslEnabled

boolean

sslEnabled Flag enable/disable SSL communication with Gateway, default false

false

storageMode

string

storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

false

storagePool

string

storagePool is the ScaleIO Storage Pool associated with the protection domain.

false

volumeName

string

volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.scaleIO.secretRef

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.secret

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Name Type Description Required

defaultMode

integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

optional

boolean

optional field specify whether the Secret or its keys must be defined

false

secretName

string

secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.storageos

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

false

volumeName

string

volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

false

volumeNamespace

string

volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod’s namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.storageos.secretRef

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.pvcs[index].volumeSource.vsphereVolume

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

Name Type Description Required

volumePath

string

volumePath is the path that identifies vSphere volume vmdk

true

fsType

string

fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

storagePolicyID

string

storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

false

storagePolicyName

string

storagePolicyName is the storage Policy Based Management (SPBM) profile name.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index]

Volume represents a named volume in a pod that may be accessed by any container in the pod.

Name Type Description Required

name

string

name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

true

awsElasticBlockStore

object

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

azureDisk

object

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

false

azureFile

object

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

false

cephfs

object

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

false

cinder

object

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

configMap

object

configMap represents a configMap that should populate this volume

false

csi

object

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

false

downwardAPI

object

downwardAPI represents downward API about the pod that should populate this volume

false

emptyDir

object

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

ephemeral

object

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

false

fc

object

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

false

flexVolume

object

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

false

flocker

object

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

false

gcePersistentDisk

object

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

gitRepo

object

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

false

glusterfs

object

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

false

hostPath

object

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

false

iscsi

object

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

false

nfs

object

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

persistentVolumeClaim

object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

false

photonPersistentDisk

object

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

false

portworxVolume

object

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

false

projected

object

projected items for all in one resources secrets, configmaps, and downward API

false

quobyte

object

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

false

rbd

object

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

false

scaleIO

object

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

false

secret

object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

storageos

object

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

false

vsphereVolume

object

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].awsElasticBlockStore

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

Name Type Description Required

volumeID

string

volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).

  • Format: int32

false

readOnly

boolean

readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].azureDisk

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

Name Type Description Required

diskName

string

diskName is the Name of the data disk in the blob storage

true

diskURI

string

diskURI is the URI of data disk in the blob storage

true

cachingMode

string

cachingMode is the Host Caching mode: None, Read Only, Read Write.

false

fsType

string

fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

kind

string

kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].azureFile

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

Name Type Description Required

secretName

string

secretName is the name of secret that contains Azure Storage Account Name and Key

true

shareName

string

shareName is the azure share Name

true

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].cephfs

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

Name Type Description Required

monitors

[]string

monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

true

path

string

path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretFile

string

secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretRef

object

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

user

string

user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].cephfs.secretRef

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].cinder

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

Name Type Description Required

volumeID

string

volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

secretRef

object

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].cinder.secretRef

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].configMap

configMap represents a configMap that should populate this volume

Name Type Description Required

defaultMode

integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].csi

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

Name Type Description Required

driver

string

driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

true

fsType

string

fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

false

nodePublishSecretRef

object

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

false

readOnly

boolean

readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

false

volumeAttributes

map[string]string

volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].csi.nodePublishSecretRef

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].downwardAPI

downwardAPI represents downward API about the pod that should populate this volume

Name Type Description Required

defaultMode

integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

Items is a list of downward API volume file

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].emptyDir

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

Name Type Description Required

medium

string

medium represents what type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

sizeLimit

int or string

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

Name Type Description Required

volumeClaimTemplate

object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Name Type Description Required

spec

object

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

true

metadata

object

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].fc

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine

false

lun

integer

lun is Optional: FC target lun number

  • Format: int32

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

targetWWNs

[]string

targetWWNs is Optional: FC target worldwide names (WWNs)

false

wwids

[]string

wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].flexVolume

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

Name Type Description Required

driver

string

driver is the name of the driver to use for this volume.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

false

options

map[string]string

options is Optional: this field holds extra command options if any.

false

readOnly

boolean

readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].flexVolume.secretRef

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].flocker

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

Name Type Description Required

datasetName

string

datasetName is Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated

false

datasetUUID

string

datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].gcePersistentDisk

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

Name Type Description Required

pdName

string

pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

true

fsType

string

fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

  • Format: int32

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].gitRepo

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

Name Type Description Required

repository

string

repository is the URL

true

directory

string

directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

false

revision

string

revision is the commit hash for the specified revision.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].glusterfs

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

Name Type Description Required

endpoints

string

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

path

string

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

readOnly

boolean

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].hostPath

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

Name Type Description Required

path

string

path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

true

type

string

type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].iscsi

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

Name Type Description Required

iqn

string

iqn is the target iSCSI Qualified Name.

true

lun

integer

lun represents iSCSI Target Lun number.

  • Format: int32

true

targetPortal

string

targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

true

chapAuthDiscovery

boolean

chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

false

chapAuthSession

boolean

chapAuthSession defines whether support iSCSI Session CHAP authentication

false

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine

false

initiatorName

string

initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

false

iscsiInterface

string

iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

false

portals

[]string

portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

false

secretRef

object

secretRef is the CHAP Secret for iSCSI target and initiator authentication

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].iscsi.secretRef

secretRef is the CHAP Secret for iSCSI target and initiator authentication

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].nfs

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Name Type Description Required

path

string

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

server

string

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

readOnly

boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].persistentVolumeClaim

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Name Type Description Required

claimName

string

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

true

readOnly

boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].photonPersistentDisk

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

Name Type Description Required

pdID

string

pdID is the ID that identifies Photon Controller persistent disk

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].portworxVolume

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

Name Type Description Required

volumeID

string

volumeID uniquely identifies a Portworx volume

true

fsType

string

fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected

projected items for all in one resources secrets, configmaps, and downward API

Name Type Description Required

defaultMode

integer

defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

sources

[]object

sources is the list of volume projections

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index]

Projection that may be projected along with other supported volume types

Name Type Description Required

clusterTrustBundle

object

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

false

configMap

object

configMap information about the configMap data to project

false

downwardAPI

object

downwardAPI information about the downwardAPI data to project

false

secret

object

secret information about the secret data to project

false

serviceAccountToken

object

serviceAccountToken is information about the serviceAccountToken data to project

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].clusterTrustBundle

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

Name Type Description Required

path

string

Relative path from the volume root to write the bundle.

true

labelSelector

object

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

false

name

string

Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.

false

optional

boolean

If true, don’t block pod startup if the referenced ClusterTrustBundle(s) aren’t available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.

false

signerName

string

Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].clusterTrustBundle.labelSelector

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].clusterTrustBundle.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].configMap

configMap information about the configMap data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].downwardAPI

downwardAPI information about the downwardAPI data to project

Name Type Description Required

items

[]object

Items is a list of DownwardAPIVolume file

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].secret

secret information about the secret data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional field specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].projected.sources[index].serviceAccountToken

serviceAccountToken is information about the serviceAccountToken data to project

Name Type Description Required

path

string

path is the path relative to the mount point of the file to project the token into.

true

audience

string

audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

false

expirationSeconds

integer

expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

  • Format: int64

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].quobyte

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

Name Type Description Required

registry

string

registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

true

volume

string

volume is a string that references an already created Quobyte volume by name.

true

group

string

group to map volume access to Default is no group

false

readOnly

boolean

readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

false

tenant

string

tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

false

user

string

user to map volume access to Defaults to serivceaccount user

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].rbd

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

Name Type Description Required

image

string

image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

monitors

[]string

monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine

false

keyring

string

keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

pool

string

pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

secretRef

object

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

user

string

user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].rbd.secretRef

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].scaleIO

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

Name Type Description Required

gateway

string

gateway is the host address of the ScaleIO API Gateway.

true

secretRef

object

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

true

system

string

system is the name of the storage system as configured in ScaleIO.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

false

protectionDomain

string

protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

sslEnabled

boolean

sslEnabled Flag enable/disable SSL communication with Gateway, default false

false

storageMode

string

storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

false

storagePool

string

storagePool is the ScaleIO Storage Pool associated with the protection domain.

false

volumeName

string

volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].scaleIO.secretRef

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].secret

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Name Type Description Required

defaultMode

integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

optional

boolean

optional field specify whether the Secret or its keys must be defined

false

secretName

string

secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].storageos

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

false

volumeName

string

volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

false

volumeNamespace

string

volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod’s namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].storageos.secretRef

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.extraVolumes.volumes[index].vsphereVolume

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

Name Type Description Required

volumePath

string

volumePath is the path that identifies vSphere volume vmdk

true

fsType

string

fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

storagePolicyID

string

storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

false

storagePolicyName

string

storagePolicyName is the storage Policy Based Management (SPBM) profile name.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index]

A single application container that you want to run within a pod.

Name Type Description Required

name

string

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

true

args

[]string

Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

command

[]string

Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

false

env

[]object

List of environment variables to set in the container. Cannot be updated.

false

envFrom

[]object

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

false

image

string

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

false

imagePullPolicy

string

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

false

lifecycle

object

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

false

livenessProbe

object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

ports

[]object

List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.

false

readinessProbe

object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

resizePolicy

[]object

Resources resize policy for the container.

false

resources

object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

restartPolicy

string

RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod’s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.

false

securityContext

object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

false

startupProbe

object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

false

stdin

boolean

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

false

stdinOnce

boolean

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

false

terminationMessagePath

string

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

false

terminationMessagePolicy

string

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

false

tty

boolean

Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.

false

volumeDevices

[]object

volumeDevices is the list of block devices to be used by the container.

false

volumeMounts

[]object

Pod volumes to mount into the container’s filesystem. Cannot be updated.

false

workingDir

string

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].envFrom[index]

EnvFromSource represents the source of a set of ConfigMaps

Name Type Description Required

configMapRef

object

The ConfigMap to select from

false

prefix

string

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

false

secretRef

object

The Secret to select from

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].envFrom[index].configMapRef

The ConfigMap to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].envFrom[index].secretRef

The Secret to select from

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

Name Type Description Required

postStart

object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

preStop

object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.postStart

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.postStart.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.postStart.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.postStart.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.postStart.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.postStart.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.preStop

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod’s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Name Type Description Required

exec

object

Exec specifies the action to take.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

sleep

object

Sleep represents the duration that the container should sleep before being terminated.

false

tcpSocket

object

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.preStop.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.preStop.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.preStop.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.preStop.sleep

Sleep represents the duration that the container should sleep before being terminated.

Name Type Description Required

seconds

integer

Seconds is the number of seconds to sleep.

  • Format: int64

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].lifecycle.preStop.tcpSocket

Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].livenessProbe

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].ports[index]

ContainerPort represents a network port in a single container.

Name Type Description Required

containerPort

integer

Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

  • Format: int32

true

hostIP

string

What host IP to bind the external port to.

false

hostPort

integer

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

  • Format: int32

false

name

string

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

false

protocol

string

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

  • Default: TCP

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].readinessProbe

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].resizePolicy[index]

ContainerResizePolicy represents resource resize policy for the container.

Name Type Description Required

resourceName

string

Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.

true

restartPolicy

string

Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].resources

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].securityContext

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].securityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].securityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].securityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].securityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].startupProbe

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].startupProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].startupProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].startupProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].startupProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].startupProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].volumeDevices[index]

volumeDevice describes a mapping of a raw block device within a container.

Name Type Description Required

devicePath

string

devicePath is the path inside of the container that the device will be mapped to.

true

name

string

name must match the name of a persistentVolumeClaim in the pod

true

MissionControlCluster.spec.k8ssandra.cassandra.initContainers[index].volumeMounts[index]

VolumeMount describes a mounting of a Volume within a container.

Name Type Description Required

mountPath

string

Path within the container at which the volume should be mounted. Must not contain ':'.

true

name

string

This must match the Name of a Volume.

true

mountPropagation

string

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.

false

readOnly

boolean

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.

false

subPath

string

Path within the volume from which the container’s volume should be mounted. Defaults to "" (volume’s root).

false

subPathExpr

string

Expanded path within the volume from which the container’s volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to "" (volume’s root). SubPathExpr and SubPath are mutually exclusive.

false

MissionControlCluster.spec.k8ssandra.cassandra.jmxInitContainerImage

Deprecated: JMX security is now based on CQL roles. We don’t need an init container to configure JMX authentication anymore. The value of this field will be ignored.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.cassandra.jmxInitContainerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.managementApiAuth

ManagementApiAuth defines the authentication settings for the management API in the Cassandra pods.

Name Type Description Required

insecure

object

false

manual

object

false

MissionControlCluster.spec.k8ssandra.cassandra.managementApiAuth.manual

Name Type Description Required

clientSecretName

string

true

serverSecretName

string

true

skipSecretValidation

boolean

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata

Struct to hold labels and annotations for the top-level Cassandra cluster definition.

Name Type Description Required

annotations

map[string]string

false

commonAnnotations

map[string]string

annotations that will be applied to all components created by the CRD

false

commonLabels

map[string]string

labels that will be applied to all components created by the CRD

false

labels

map[string]string

false

pods

object

labels/annotations for the pod components

false

services

object

labels/annotations for all of the CassandraDatacenter service components

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.pods

labels/annotations for the pod components

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.services

labels/annotations for all of the CassandraDatacenter service components

Name Type Description Required

additionalSeedService

object

false

allPodsService

object

false

dcService

object

false

nodePortService

object

false

seedService

object

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.services.additionalSeedService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.services.allPodsService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.services.dcService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.services.nodePortService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.metadata.services.seedService

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.cassandra.networking

Networking enables host networking and configures a NodePort ports.

Name Type Description Required

hostNetwork

boolean

false

nodePort

object

false

MissionControlCluster.spec.k8ssandra.cassandra.networking.nodePort

Name Type Description Required

internode

integer

false

internodeSSL

integer

false

native

integer

false

nativeSSL

integer

false

MissionControlCluster.spec.k8ssandra.cassandra.podSecurityContext

PodSecurityContext defines the security context for the Cassandra pods.

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.cassandra.podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.cassandra.podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.cassandra.podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

MissionControlCluster.spec.k8ssandra.cassandra.podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index]

Rack …​

Name Type Description Required

name

string

The rack name

true

affinity

object

Affinity rules to set for this rack only. Merged with values from PodTemplateSpec Affinity as well as NodeAffinityLabels. If you wish to override all the default PodAntiAffinity rules, set allowMultipleWorkers to true, otherwise defaults are applied and then these Affinity settings are merged.

false

nodeAffinityLabels

map[string]string

NodeAffinityLabels to pin the rack, using node affinity

false

zone

string

Deprecated. Use nodeAffinityLabels instead. DeprecatedZone name to pin the rack, using node affinity

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity

Affinity rules to set for this rack only. Merged with values from PodTemplateSpec Affinity as well as NodeAffinityLabels. If you wish to override all the default PodAntiAffinity rules, set allowMultipleWorkers to true, otherwise defaults are applied and then these Affinity settings are merged.

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.racks[index].affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.resources

Resources is the cpu and memory resources for the cassandra container.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.serverEncryptionStores

Internode encryption stores which are used by Cassandra and Stargate.

Name Type Description Required

keystoreSecretRef

object

ref to the secret that contains the keystore and optionally its password (which can also be specified through the keystorePasswordSecretRef field) if keys are not specified, "keystore" entry and a "keystore-password" entry will be used

true

truststoreSecretRef

object

ref to the secret that contains the truststore and optionally its password (which can also be specified through the truststorePasswordSecretRef field) if keys are not specified explicitly, "keystore" entry and a "keystore-password" entry will be used

true

keystorePasswordSecretRef

object

ref to the secret that contains the keystore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "keystore-password" entry will be used

false

truststorePasswordSecretRef

object

ref to the secret that contains the truststore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "truststore-password" entry will be used

false

MissionControlCluster.spec.k8ssandra.cassandra.serverEncryptionStores.keystoreSecretRef

ref to the secret that contains the keystore and optionally its password (which can also be specified through the keystorePasswordSecretRef field) if keys are not specified, "keystore" entry and a "keystore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.serverEncryptionStores.truststoreSecretRef

ref to the secret that contains the truststore and optionally its password (which can also be specified through the truststorePasswordSecretRef field) if keys are not specified explicitly, "keystore" entry and a "keystore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.serverEncryptionStores.keystorePasswordSecretRef

ref to the secret that contains the keystore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "keystore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.serverEncryptionStores.truststorePasswordSecretRef

ref to the secret that contains the truststore password if password stored in different secret than keystoreSecretRef if key isn’t specified explicitly, "truststore-password" entry will be used

Name Type Description Required

key

string

The key of the entry in the Secret resource’s data field to be used.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig

StorageConfig is the persistent storage requirements for each Cassandra pod. This includes everything under /var/lib/cassandra, namely the commit log and data directories.

Name Type Description Required

additionalVolumes

[]object

false

cassandraDataVolumeClaimSpec

object

PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index]

AdditionalVolumes defines additional storage configurations

Name Type Description Required

mountPath

string

Mount path into cassandra container

true

name

string

Name of the pvc / volume

true

pvcSpec

object

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

false

volumeSource

object

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].pvcSpec

PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].pvcSpec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].pvcSpec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].pvcSpec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].pvcSpec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].pvcSpec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource

VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.

Name Type Description Required

awsElasticBlockStore

object

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

azureDisk

object

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

false

azureFile

object

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

false

cephfs

object

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

false

cinder

object

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

configMap

object

configMap represents a configMap that should populate this volume

false

csi

object

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

false

downwardAPI

object

downwardAPI represents downward API about the pod that should populate this volume

false

emptyDir

object

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

ephemeral

object

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

false

fc

object

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

false

flexVolume

object

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

false

flocker

object

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

false

gcePersistentDisk

object

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

gitRepo

object

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

false

glusterfs

object

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

false

hostPath

object

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

false

iscsi

object

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

false

nfs

object

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

persistentVolumeClaim

object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

false

photonPersistentDisk

object

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

false

portworxVolume

object

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

false

projected

object

projected items for all in one resources secrets, configmaps, and downward API

false

quobyte

object

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

false

rbd

object

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

false

scaleIO

object

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

false

secret

object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

storageos

object

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

false

vsphereVolume

object

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.awsElasticBlockStore

awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

Name Type Description Required

volumeID

string

volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).

  • Format: int32

false

readOnly

boolean

readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.azureDisk

azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

Name Type Description Required

diskName

string

diskName is the Name of the data disk in the blob storage

true

diskURI

string

diskURI is the URI of data disk in the blob storage

true

cachingMode

string

cachingMode is the Host Caching mode: None, Read Only, Read Write.

false

fsType

string

fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

kind

string

kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.azureFile

azureFile represents an Azure File Service mount on the host and bind mount to the pod.

Name Type Description Required

secretName

string

secretName is the name of secret that contains Azure Storage Account Name and Key

true

shareName

string

shareName is the azure share Name

true

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.cephfs

cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime

Name Type Description Required

monitors

[]string

monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

true

path

string

path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretFile

string

secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

secretRef

object

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

user

string

user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.cephfs.secretRef

secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.cinder

cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

Name Type Description Required

volumeID

string

volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

false

secretRef

object

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.cinder.secretRef

secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.configMap

configMap represents a configMap that should populate this volume

Name Type Description Required

defaultMode

integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.csi

csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

Name Type Description Required

driver

string

driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

true

fsType

string

fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

false

nodePublishSecretRef

object

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

false

readOnly

boolean

readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

false

volumeAttributes

map[string]string

volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.csi.nodePublishSecretRef

nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.downwardAPI

downwardAPI represents downward API about the pod that should populate this volume

Name Type Description Required

defaultMode

integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

Items is a list of downward API volume file

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.emptyDir

emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

Name Type Description Required

medium

string

medium represents what type of storage medium should back this directory. The default is "" which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

sizeLimit

int or string

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral

ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

Name Type Description Required

volumeClaimTemplate

object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Name Type Description Required

spec

object

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

true

metadata

object

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.fc

fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine

false

lun

integer

lun is Optional: FC target lun number

  • Format: int32

false

readOnly

boolean

readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

targetWWNs

[]string

targetWWNs is Optional: FC target worldwide names (WWNs)

false

wwids

[]string

wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.flexVolume

flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

Name Type Description Required

driver

string

driver is the name of the driver to use for this volume.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

false

options

map[string]string

options is Optional: this field holds extra command options if any.

false

readOnly

boolean

readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.flexVolume.secretRef

secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.flocker

flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running

Name Type Description Required

datasetName

string

datasetName is Name of the dataset stored as metadata → name on the dataset for Flocker should be considered as deprecated

false

datasetUUID

string

datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.gcePersistentDisk

gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

Name Type Description Required

pdName

string

pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

true

fsType

string

fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine

false

partition

integer

partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

  • Format: int32

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.gitRepo

gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

Name Type Description Required

repository

string

repository is the URL

true

directory

string

directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

false

revision

string

revision is the commit hash for the specified revision.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.glusterfs

glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

Name Type Description Required

endpoints

string

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

path

string

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

true

readOnly

boolean

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.hostPath

hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.

Name Type Description Required

path

string

path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

true

type

string

type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.iscsi

iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

Name Type Description Required

iqn

string

iqn is the target iSCSI Qualified Name.

true

lun

integer

lun represents iSCSI Target Lun number.

  • Format: int32

true

targetPortal

string

targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

true

chapAuthDiscovery

boolean

chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

false

chapAuthSession

boolean

chapAuthSession defines whether support iSCSI Session CHAP authentication

false

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine

false

initiatorName

string

initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

false

iscsiInterface

string

iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

false

portals

[]string

portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

false

secretRef

object

secretRef is the CHAP Secret for iSCSI target and initiator authentication

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.iscsi.secretRef

secretRef is the CHAP Secret for iSCSI target and initiator authentication

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.nfs

nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Name Type Description Required

path

string

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

server

string

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

true

readOnly

boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.persistentVolumeClaim

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Name Type Description Required

claimName

string

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

true

readOnly

boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.photonPersistentDisk

photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

Name Type Description Required

pdID

string

pdID is the ID that identifies Photon Controller persistent disk

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.portworxVolume

portworxVolume represents a portworx volume attached and mounted on kubelets host machine

Name Type Description Required

volumeID

string

volumeID uniquely identifies a Portworx volume

true

fsType

string

fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected

projected items for all in one resources secrets, configmaps, and downward API

Name Type Description Required

defaultMode

integer

defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

sources

[]object

sources is the list of volume projections

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index]

Projection that may be projected along with other supported volume types

Name Type Description Required

clusterTrustBundle

object

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

false

configMap

object

configMap information about the configMap data to project

false

downwardAPI

object

downwardAPI information about the downwardAPI data to project

false

secret

object

secret information about the secret data to project

false

serviceAccountToken

object

serviceAccountToken is information about the serviceAccountToken data to project

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].clusterTrustBundle

ClusterTrustBundle allows a pod to access the .spec.trustBundle field of ClusterTrustBundle objects in an auto-updating file.

Alpha, gated by the ClusterTrustBundleProjection feature gate.

ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector.

Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.

Name Type Description Required

path

string

Relative path from the volume root to write the bundle.

true

labelSelector

object

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

false

name

string

Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.

false

optional

boolean

If true, don’t block pod startup if the referenced ClusterTrustBundle(s) aren’t available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.

false

signerName

string

Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector

Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything".

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].clusterTrustBundle.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].configMap

configMap information about the configMap data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional specify whether the ConfigMap or its keys must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].configMap.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI

downwardAPI information about the downwardAPI data to project

Name Type Description Required

items

[]object

Items is a list of DownwardAPIVolume file

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI.items[index]

DownwardAPIVolumeFile represents information to create the file containing the pod field

Name Type Description Required

path

string

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

true

fieldRef

object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

false

mode

integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI.items[index].fieldRef

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].downwardAPI.items[index].resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].secret

secret information about the secret data to project

Name Type Description Required

items

[]object

items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

optional field specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.projected.sources[index].serviceAccountToken

serviceAccountToken is information about the serviceAccountToken data to project

Name Type Description Required

path

string

path is the path relative to the mount point of the file to project the token into.

true

audience

string

audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

false

expirationSeconds

integer

expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

  • Format: int64

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.quobyte

quobyte represents a Quobyte mount on the host that shares a pod’s lifetime

Name Type Description Required

registry

string

registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

true

volume

string

volume is a string that references an already created Quobyte volume by name.

true

group

string

group to map volume access to Default is no group

false

readOnly

boolean

readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

false

tenant

string

tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

false

user

string

user to map volume access to Defaults to serivceaccount user

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.rbd

rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

Name Type Description Required

image

string

image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

monitors

[]string

monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

true

fsType

string

fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine

false

keyring

string

keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

pool

string

pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

readOnly

boolean

readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

secretRef

object

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

user

string

user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.rbd.secretRef

secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.scaleIO

scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

Name Type Description Required

gateway

string

gateway is the host address of the ScaleIO API Gateway.

true

secretRef

object

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

true

system

string

system is the name of the storage system as configured in ScaleIO.

true

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

false

protectionDomain

string

protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

false

readOnly

boolean

readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

sslEnabled

boolean

sslEnabled Flag enable/disable SSL communication with Gateway, default false

false

storageMode

string

storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

false

storagePool

string

storagePool is the ScaleIO Storage Pool associated with the protection domain.

false

volumeName

string

volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.scaleIO.secretRef

secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.secret

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Name Type Description Required

defaultMode

integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

items

[]object

items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

false

optional

boolean

optional field specify whether the Secret or its keys must be defined

false

secretName

string

secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.secret.items[index]

Maps a string key to a path within a volume.

Name Type Description Required

key

string

key is the key to project.

true

path

string

path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

true

mode

integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.storageos

storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

Name Type Description Required

fsType

string

fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

readOnly

boolean

readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

false

secretRef

object

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

false

volumeName

string

volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

false

volumeNamespace

string

volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod’s namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.storageos.secretRef

secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.additionalVolumes[index].volumeSource.vsphereVolume

vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

Name Type Description Required

volumePath

string

volumePath is the path that identifies vSphere volume vmdk

true

fsType

string

fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

false

storagePolicyID

string

storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

false

storagePolicyName

string

storagePolicyName is the storage Policy Based Management (SPBM) profile name.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.cassandraDataVolumeClaimSpec

PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.cassandraDataVolumeClaimSpec.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.cassandraDataVolumeClaimSpec.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.cassandraDataVolumeClaimSpec.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.cassandraDataVolumeClaimSpec.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.cassandra.storageConfig.cassandraDataVolumeClaimSpec.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.cassandra.superuserSecretRef

The reference to the superuser secret to use for Cassandra. If unspecified, a default secret will be generated with a random password; the generated secret name will be "<cluster_name>-superuser" where <cluster_name> is the K8ssandraCluster CRD name.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry

Telemetry defines the desired state for telemetry resources in this datacenter. If telemetry configurations are defined, telemetry resources will be deployed to integrate with a user-provided monitoring solution (at present, only support for Prometheus is available).

Name Type Description Required

cassandra

object

false

mcac

object

false

prometheus

object

false

vector

object

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.cassandra

Name Type Description Required

endpoint

object

false

relabels

[]object

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.cassandra.endpoint

Name Type Description Required

address

string

false

port

string

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.cassandra.relabels[index]

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Name Type Description Required

action

enum

Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.

  • Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase

  • Default: replace

false

modulus

integer

Modulus to take of the hash of the source label values.

  • Format: int64

false

regex

string

Regular expression against which the extracted value is matched. Default is '(.*)'

false

replacement

string

Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'

false

separator

string

Separator placed between concatenated source label values. default is ';'.

false

sourceLabels

[]string

The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.

false

targetLabel

string

Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.mcac

Name Type Description Required

enabled

boolean

enabled sets whether MCAC (legacy metrics endpoint) is enabled. This is considered true by default.

false

metricFilters

[]string

MetricFilters allows passing filters to MCAC in order to reduce the amount of extracted metrics. Not setting this field will result in the default filters being used: - "deny:org.apache.cassandra.metrics.Table" - "deny:org.apache.cassandra.metrics.table" - "allow:org.apache.cassandra.metrics.table.live_ss_table_count" - "allow:org.apache.cassandra.metrics.Table.LiveSSTableCount" - "allow:org.apache.cassandra.metrics.table.live_disk_space_used" - "allow:org.apache.cassandra.metrics.table.LiveDiskSpaceUsed" - "allow:org.apache.cassandra.metrics.Table.Pending" - "allow:org.apache.cassandra.metrics.Table.Memtable" - "allow:org.apache.cassandra.metrics.Table.Compaction" - "allow:org.apache.cassandra.metrics.table.read" - "allow:org.apache.cassandra.metrics.table.write" - "allow:org.apache.cassandra.metrics.table.range" - "allow:org.apache.cassandra.metrics.table.coordinator" - "allow:org.apache.cassandra.metrics.table.dropped_mutations" Setting it to an empty list will result in all metrics being extracted.

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.prometheus

Name Type Description Required

commonLabels

map[string]string

CommonLabels are applied to all serviceMonitors created.

false

enabled

boolean

Enable the creation of Prometheus serviceMonitors for this resource (Cassandra or Stargate).

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector

Name Type Description Required

components

object

false

enabled

boolean

Enabled enables the Vector agent for this resource (Cassandra, Reaper or Stargate). Enabling the vector agent will inject a sidecar container into the pod.

false

image

string

Image is the name of the Vector image to use. If not set, the default image will be used. kube:default="timberio/vector:0.26.0-alpine"

false

resources

object

Resources is the resource requirements for the Vector agent.

false

scrapeInterval

string

ScrapeInterval is the interval at which the Vector agent will scrape the metrics endpoint. Use values like 30s, 1m, 5m. kube:default=30s

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector.components

Name Type Description Required

sinks

[]object

Sinks is the list of sinks to use for the Vector agent.

false

sources

[]object

Sources is the list of sources to use for the Vector agent.

false

transforms

[]object

Transforms is the list of transforms to use for the Vector agent.

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector.components.sinks[index]

Name Type Description Required

name

string

Name is the name of the sink.

true

type

string

Type is the type of the sink.

true

config

string

Config is the configuration for the sink.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector.components.sources[index]

Name Type Description Required

name

string

Name is the name of the source.

true

type

string

Type is the type of the source.

true

config

string

Config is the configuration for the source.

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector.components.transforms[index]

Name Type Description Required

name

string

Name is the name of the transform.

true

type

string

Type is the type of the transform.

true

config

string

Config is the configuration for the transform.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector.resources

Resources is the resource requirements for the Vector agent.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.cassandra.telemetry.vector.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.cassandra.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.k8ssandra.medusa

Medusa defines the desired deployment characteristics for Medusa in this K8ssandraCluster. If this is non-nil, Medusa will be deployed in every Cassandra pod in this K8ssandraCluster.

Name Type Description Required

cassandraUserSecretRef

object

Defines the username and password that Medusa will use to authenticate CQL connections to Cassandra clusters. These credentials will be automatically turned into CQL roles by cass-operator when bootstrapping the datacenter, then passed to the Medusa instances, so that it can authenticate against nodes in the datacenter using CQL. The secret must be in the same namespace as Cassandra and must contain two keys: "username" and "password".

false

certificatesSecretRef

object

Certificates for Medusa if client encryption is enabled in Cassandra. The secret must be in the same namespace as Cassandra and must contain three keys: "rootca.crt", "client.crt_signed" and "client.key". See https://docs.datastax.com/en/developer/python-driver/latest/security/ for more information on the required files.

false

containerImage

object

MedusaContainerImage is the image characteristics to use for Medusa containers. Leave nil to use a default image.

false

containerResources

object

Medusa main container resources.

false

initContainerResources

object

medusa-restore init container resources.

false

livenessProbe

object

Define the liveness probe settings to use for the Medusa containers.

false

medusaConfigurationRef

object

MedusaConfigurationRef points to an existing MedusaConfiguration object. The purpose is to allow shared default settings across several clusters. StorageProperties override the settings from MedusaConfiguration object to allow customization.

false

purgeBackups

boolean

PurgeBackups toggles if the medusa backups should be purged nightly or not Defaults to true.

  • Default: true

false

readinessProbe

object

Define the readiness probe settings to use for the Medusa containers.

false

securityContext

object

SecurityContext applied to the Medusa containers.

false

storageProperties

object

Provides all storage backend related properties for backups.

false

MissionControlCluster.spec.k8ssandra.medusa.cassandraUserSecretRef

Defines the username and password that Medusa will use to authenticate CQL connections to Cassandra clusters. These credentials will be automatically turned into CQL roles by cass-operator when bootstrapping the datacenter, then passed to the Medusa instances, so that it can authenticate against nodes in the datacenter using CQL. The secret must be in the same namespace as Cassandra and must contain two keys: "username" and "password".

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.medusa.certificatesSecretRef

Certificates for Medusa if client encryption is enabled in Cassandra. The secret must be in the same namespace as Cassandra and must contain three keys: "rootca.crt", "client.crt_signed" and "client.key". See https://docs.datastax.com/en/developer/python-driver/latest/security/ for more information on the required files.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.medusa.containerImage

MedusaContainerImage is the image characteristics to use for Medusa containers. Leave nil to use a default image.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.medusa.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.medusa.containerResources

Medusa main container resources.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.medusa.containerResources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.medusa.initContainerResources

medusa-restore init container resources.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.medusa.initContainerResources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.medusa.livenessProbe

Define the liveness probe settings to use for the Medusa containers.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.medusa.livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.medusa.livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.medusa.livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.medusa.livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.medusa.livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.medusa.medusaConfigurationRef

MedusaConfigurationRef points to an existing MedusaConfiguration object. The purpose is to allow shared default settings across several clusters. StorageProperties override the settings from MedusaConfiguration object to allow customization.

Name Type Description Required

apiVersion

string

API version of the referent.

false

fieldPath

string

If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.

false

kind

string

false

name

string

false

namespace

string

false

resourceVersion

string

false

uid

string

false

MissionControlCluster.spec.k8ssandra.medusa.readinessProbe

Define the readiness probe settings to use for the Medusa containers.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.medusa.readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.medusa.readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.medusa.readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.medusa.readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.medusa.readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.medusa.securityContext

SecurityContext applied to the Medusa containers.

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.medusa.securityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.medusa.securityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.medusa.securityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.medusa.securityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.medusa.storageProperties

Provides all storage backend related properties for backups.

Name Type Description Required

apiProfile

string

AWS Profile to use for authentication.

false

backupGracePeriodInDays

integer

Age after which orphan sstables can be deleted from the storage backend. Protects from race conditions between purge and ongoing backups. Defaults to 10 days.

false

bucketName

string

The name of the bucket to use for the backups.

false

concurrentTransfers

integer

Number of concurrent uploads. Helps maximizing the speed of uploads but puts more pressure on the network. Defaults to 0.

  • Default: 0

false

credentialsType

enum

Type of credentials to use for authentication. Can be "role-based", "credential-based" or empty.

  • Enum: role-based, credential-based

false

host

string

Host to connect to for the storage backend.

false

maxBackupAge

integer

Maximum backup age that the purge process should observe.

  • Default: 0

false

maxBackupCount

integer

Maximum number of backups to keep (used by the purge process). Default is unlimited.

  • Default: 0

false

multiPartUploadThreshold

integer

File size over which cloud specific cli tools are used for transfer. Defaults to 100 MB.

  • Default: 104857600

false

podStorage

object

Pod storage settings for the local storage provider

false

port

integer

Port to connect to for the storage backend.

false

prefix

string

Name of the top level folder in the backup bucket. If empty, the cluster name will be used.

false

region

string

Region of the storage bucket. Defaults to "default".

false

secure

boolean

Whether to use SSL for the storage backend.

false

sslVerify

boolean

When using SSL, whether to also verify the certificate.

false

storageProvider

enum

The storage backend to use for the backups.

  • Enum: google_storage, azure_blobs, s3, s3_compatible, s3_rgw, ibm_storage

false

storageSecretRef

object

Kubernetes Secret that stores the key file for the storage provider’s API. If using 'local' storage, this value is ignored.

false

transferMaxBandwidth

string

Max upload bandwidth in MB/s. Defaults to 50 MB/s.

  • Default: 50MB/s

false

MissionControlCluster.spec.k8ssandra.medusa.storageProperties.podStorage

Pod storage settings for the local storage provider

Name Type Description Required

accessModes

[]string

Pod local storage access modes

false

size

int or string

Size of the pod’s storage in bytes. Defaults to 10 GB.

  • Default: 10Gi

false

storageClassName

string

Storage class name to use for the pod’s storage.

false

MissionControlCluster.spec.k8ssandra.medusa.storageProperties.storageSecretRef

Kubernetes Secret that stores the key file for the storage provider’s API. If using 'local' storage, this value is ignored.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.reaper

Reaper defines the desired deployment characteristics for Reaper in this K8ssandraCluster. If this is non-nil, Reaper might be deployed on every Cassandra datacenter in this K8ssandraCluster, unless there is a Control Plane Reaper present. In that case, the K8ssandraCluster will get registered to it.

Name Type Description Required

ServiceAccountName

string

  • Default: default

false

affinity

object

Affinity applied to the Reaper pods.

false

autoScheduling

object

Auto scheduling properties. When you enable the auto-schedule feature, Reaper dynamically schedules repairs for all non-system keyspaces in a cluster. A cluster’s keyspaces are monitored and any modifications (additions or removals) are detected. When a new keyspace is created, a new repair schedule is created automatically for that keyspace. Conversely, when a keyspace is removed, the corresponding repair schedule is deleted.

false

cassandraUserSecretRef

object

Defines the username and password that Reaper will use to authenticate CQL connections to Cassandra clusters. These credentials will be automatically turned into CQL roles by cass-operator when bootstrapping the datacenter, then passed to the Reaper instance, so that it can authenticate against nodes in the datacenter using CQL. If CQL authentication is not required, leave this field empty. The secret must be in the same namespace as Reaper itself and must contain two keys: "username" and "password".

false

containerImage

object

The image to use for the Reaper pod main container. The default is "thelastpickle/cassandra-reaper:3.6.1". TODO: update with real release version.

  • Default: map[name:cassandra-reaper repository:thelastpickle tag:3.6.1]

false

deploymentMode

enum

  • Enum: PER_DC, SINGLE, CONTROL_PLANE

  • Default: PER_DC

false

heapSize

int or string

HeapSize sets the JVM heap size to use for Reaper.

  • Default: 2Gi

false

httpManagement

object

  • Default: map[enabled:false]

false

initContainerImage

object

Deprecated: The main container image will be used for the init container as well.

false

initContainerResources

object

Init Container resources.

false

initContainerSecurityContext

object

InitContainerSecurityContext is the SecurityContext applied to the Reaper init container, used to perform schema migrations.

false

jmxUserSecretRef

object

Deprecated: JMX security is now based on CQL roles. Reaper will use cassandraUsefSecretRef for authentication, this field is ignored.

false

keyspace

string

The keyspace to use to store Reaper’s state. Will default to "reaper_db" if unspecified. Will be created if it does not exist, and if this Reaper resource is managed by K8ssandra.

  • Default: reaper_db

false

livenessProbe

object

LivenessProbe sets the Reaper liveness probe. Leave nil to use defaults.

false

metadata

object

labels and annotations for Reaper resources

false

podSecurityContext

object

PodSecurityContext contains a pod-level SecurityContext to apply to Reaper pods.

false

readinessProbe

object

ReadinessProbe sets the Reaper readiness probe. Leave nil to use defaults.

false

reaperRef

object

When there is a CONTROL_PLANE Reaper out there, this field allows registering a K8ssandra cluster to it. Populating this field disables some operator behaviour related to setting Reaper up.

false

resources

object

Main Container resources.

false

secretsProvider

enum

SecretsProvider defines whether the secrets used for credentials and certs will be backed by an external secret backend. This moves the responsibility of generating and storing secrets from the operators to the user and will rely on a mutating webhook to inject the secrets into the necessary resources

  • Enum: internal, external

  • Default: internal

false

securityContext

object

SecurityContext applied to the Reaper main container.

false

storageConfig

object

If StorageType is "local", Reaper will need a Persistent Volume to persist its data. This field allows configuring that Persistent Volume.

false

storageType

enum

The storage backend to store Reaper’s data. Defaults to "cassandra" which causes Reaper to be stateless and store its state to a Cassandra cluster it repairs (implying there must be one Reaper for each Cassandra cluster). The "local" option makes Reaper to store its state locally, allowing a single Reaper to repair several clusters.

  • Enum: cassandra, local

  • Default: cassandra

false

telemetry

object

Telemetry defines the desired telemetry integrations to deploy targeting the Reaper pods for all DCs in this cluster (unless overridden by DC specific settings)

false

tolerations

[]object

Tolerations applied to the Reaper pods.

false

uiUserSecretRef

object

Defines the secret which contains the username and password for the Reaper UI and REST API authentication. When UiUserSecretRef.Name == "", authentication is turned off in the front-end only.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity

Affinity applied to the Reaper pods.

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.autoScheduling

Auto scheduling properties. When you enable the auto-schedule feature, Reaper dynamically schedules repairs for all non-system keyspaces in a cluster. A cluster’s keyspaces are monitored and any modifications (additions or removals) are detected. When a new keyspace is created, a new repair schedule is created automatically for that keyspace. Conversely, when a keyspace is removed, the corresponding repair schedule is deleted.

Name Type Description Required

enabled

boolean

  • Default: false

false

excludedClusters

[]string

ExcludedClusters are the clusters that are to be excluded from the repair schedule.

false

excludedKeyspaces

[]string

ExcludedKeyspaces are the keyspaces that are to be excluded from the repair schedule.

false

initialDelayPeriod

string

InitialDelay is the amount of delay time before the schedule period starts. Must be a valid ISO-8601 duration string. The default is "PT15S" (15 seconds).

  • Default: PT15S

false

percentUnrepairedThreshold

integer

PercentUnrepairedThreshold is the percentage of unrepaired data over which an incremental repair should be started. Only relevant when using repair type INCREMENTAL.

  • Default: 10

  • Minimum: 0

  • Maximum: 100

false

periodBetweenPolls

string

PeriodBetweenPolls is the interval time to wait before checking whether to start a repair task. Must be a valid ISO-8601 duration string. The default is "PT10M" (10 minutes).

  • Default: PT10M

false

repairType

enum

RepairType is the type of repair to create: - REGULAR creates a regular repair (non-adaptive and non-incremental); - ADAPTIVE creates an adaptive repair; adaptive repairs are most suited for Cassandra 3. - INCREMENTAL creates an incremental repair; incremental repairs should only be used with Cassandra 4+. - AUTO chooses between ADAPTIVE and INCREMENTAL depending on the Cassandra server version; ADAPTIVE for Cassandra 3 and INCREMENTAL for Cassandra 4+.

  • Enum: REGULAR, ADAPTIVE, INCREMENTAL, AUTO

  • Default: AUTO

false

scheduleSpreadPeriod

string

ScheduleSpreadPeriod is the time spacing between each of the repair schedules that is to be carried out. Must be a valid ISO-8601 duration string. The default is "PT6H" (6 hours).

  • Default: PT6H

false

timeBeforeFirstSchedule

string

TimeBeforeFirstSchedule is the grace period before the first repair in the schedule is started. Must be a valid ISO-8601 duration string. The default is "PT5M" (5 minutes).

  • Default: PT5M

false

MissionControlCluster.spec.k8ssandra.reaper.cassandraUserSecretRef

Defines the username and password that Reaper will use to authenticate CQL connections to Cassandra clusters. These credentials will be automatically turned into CQL roles by cass-operator when bootstrapping the datacenter, then passed to the Reaper instance, so that it can authenticate against nodes in the datacenter using CQL. If CQL authentication is not required, leave this field empty. The secret must be in the same namespace as Reaper itself and must contain two keys: "username" and "password".

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.reaper.containerImage

The image to use for the Reaper pod main container. The default is "thelastpickle/cassandra-reaper:3.6.1". TODO: update with real release version.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.reaper.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.reaper.httpManagement

Name Type Description Required

enabled

boolean

Enable/disable the HTTP management connection between Reaper and Cassandra. When enabled, HTTP will be used instead of JMX for management connectivity between Cassandra and Reaper. In future, this will be true by default

  • Default: false

false

keystores

object

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

false

MissionControlCluster.spec.k8ssandra.reaper.httpManagement.keystores

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerImage

Deprecated: The main container image will be used for the init container as well.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerResources

Init Container resources.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerResources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.reaper.initContainerSecurityContext

InitContainerSecurityContext is the SecurityContext applied to the Reaper init container, used to perform schema migrations.

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerSecurityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerSecurityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerSecurityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.reaper.initContainerSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.reaper.jmxUserSecretRef

Deprecated: JMX security is now based on CQL roles. Reaper will use cassandraUsefSecretRef for authentication, this field is ignored.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.reaper.livenessProbe

LivenessProbe sets the Reaper liveness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.reaper.livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.reaper.livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.reaper.livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.reaper.livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.reaper.livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.reaper.metadata

labels and annotations for Reaper resources

Name Type Description Required

annotations

map[string]string

false

commonLabels

map[string]string

labels/annotations that will be applied to all components created by the CRD

false

labels

map[string]string

false

pods

object

labels/annotations for the pod components

false

service

object

labels/annotations for the service component

false

MissionControlCluster.spec.k8ssandra.reaper.metadata.pods

labels/annotations for the pod components

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.reaper.metadata.service

labels/annotations for the service component

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.reaper.podSecurityContext

PodSecurityContext contains a pod-level SecurityContext to apply to Reaper pods.

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.reaper.podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.reaper.podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.reaper.podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

MissionControlCluster.spec.k8ssandra.reaper.podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.reaper.readinessProbe

ReadinessProbe sets the Reaper readiness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.reaper.readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.reaper.readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.reaper.readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.reaper.readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.reaper.readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.reaper.reaperRef

When there is a CONTROL_PLANE Reaper out there, this field allows registering a K8ssandra cluster to it. Populating this field disables some operator behaviour related to setting Reaper up.

Name Type Description Required

apiVersion

string

API version of the referent.

false

fieldPath

string

If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.

false

kind

string

false

name

string

false

namespace

string

false

resourceVersion

string

false

uid

string

false

MissionControlCluster.spec.k8ssandra.reaper.resources

Main Container resources.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.reaper.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.reaper.securityContext

SecurityContext applied to the Reaper main container.

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.k8ssandra.reaper.securityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.k8ssandra.reaper.securityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.k8ssandra.reaper.securityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.k8ssandra.reaper.securityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.k8ssandra.reaper.storageConfig

If StorageType is "local", Reaper will need a Persistent Volume to persist its data. This field allows configuring that Persistent Volume.

Name Type Description Required

accessModes

[]string

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

false

dataSource

object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

false

dataSourceRef

object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

resources

object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

false

selector

object

selector is a label query over volumes to consider for binding.

false

storageClassName

string

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

false

volumeAttributesClassName

string

volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it’s not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.

false

volumeMode

string

volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

false

volumeName

string

volumeName is the binding reference to the PersistentVolume backing this claim.

false

MissionControlCluster.spec.k8ssandra.reaper.storageConfig.dataSource

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

MissionControlCluster.spec.k8ssandra.reaper.storageConfig.dataSourceRef

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

Name Type Description Required

kind

string

Kind is the type of resource being referenced

true

name

string

Name is the name of resource being referenced

true

apiGroup

string

APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

false

namespace

string

Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

false

MissionControlCluster.spec.k8ssandra.reaper.storageConfig.resources

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name Type Description Required

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.reaper.storageConfig.selector

selector is a label query over volumes to consider for binding.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.reaper.storageConfig.selector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry

Telemetry defines the desired telemetry integrations to deploy targeting the Reaper pods for all DCs in this cluster (unless overridden by DC specific settings)

Name Type Description Required

cassandra

object

false

mcac

object

false

prometheus

object

false

vector

object

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.cassandra

Name Type Description Required

endpoint

object

false

relabels

[]object

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.cassandra.endpoint

Name Type Description Required

address

string

false

port

string

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.cassandra.relabels[index]

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Name Type Description Required

action

enum

Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.

  • Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase

  • Default: replace

false

modulus

integer

Modulus to take of the hash of the source label values.

  • Format: int64

false

regex

string

Regular expression against which the extracted value is matched. Default is '(.*)'

false

replacement

string

Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'

false

separator

string

Separator placed between concatenated source label values. default is ';'.

false

sourceLabels

[]string

The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.

false

targetLabel

string

Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.mcac

Name Type Description Required

enabled

boolean

enabled sets whether MCAC (legacy metrics endpoint) is enabled. This is considered true by default.

false

metricFilters

[]string

MetricFilters allows passing filters to MCAC in order to reduce the amount of extracted metrics. Not setting this field will result in the default filters being used: - "deny:org.apache.cassandra.metrics.Table" - "deny:org.apache.cassandra.metrics.table" - "allow:org.apache.cassandra.metrics.table.live_ss_table_count" - "allow:org.apache.cassandra.metrics.Table.LiveSSTableCount" - "allow:org.apache.cassandra.metrics.table.live_disk_space_used" - "allow:org.apache.cassandra.metrics.table.LiveDiskSpaceUsed" - "allow:org.apache.cassandra.metrics.Table.Pending" - "allow:org.apache.cassandra.metrics.Table.Memtable" - "allow:org.apache.cassandra.metrics.Table.Compaction" - "allow:org.apache.cassandra.metrics.table.read" - "allow:org.apache.cassandra.metrics.table.write" - "allow:org.apache.cassandra.metrics.table.range" - "allow:org.apache.cassandra.metrics.table.coordinator" - "allow:org.apache.cassandra.metrics.table.dropped_mutations" Setting it to an empty list will result in all metrics being extracted.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.prometheus

Name Type Description Required

commonLabels

map[string]string

CommonLabels are applied to all serviceMonitors created.

false

enabled

boolean

Enable the creation of Prometheus serviceMonitors for this resource (Cassandra or Stargate).

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector

Name Type Description Required

components

object

false

enabled

boolean

Enabled enables the Vector agent for this resource (Cassandra, Reaper or Stargate). Enabling the vector agent will inject a sidecar container into the pod.

false

image

string

Image is the name of the Vector image to use. If not set, the default image will be used. kube:default="timberio/vector:0.26.0-alpine"

false

resources

object

Resources is the resource requirements for the Vector agent.

false

scrapeInterval

string

ScrapeInterval is the interval at which the Vector agent will scrape the metrics endpoint. Use values like 30s, 1m, 5m. kube:default=30s

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector.components

Name Type Description Required

sinks

[]object

Sinks is the list of sinks to use for the Vector agent.

false

sources

[]object

Sources is the list of sources to use for the Vector agent.

false

transforms

[]object

Transforms is the list of transforms to use for the Vector agent.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector.components.sinks[index]

Name Type Description Required

name

string

Name is the name of the sink.

true

type

string

Type is the type of the sink.

true

config

string

Config is the configuration for the sink.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector.components.sources[index]

Name Type Description Required

name

string

Name is the name of the source.

true

type

string

Type is the type of the source.

true

config

string

Config is the configuration for the source.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector.components.transforms[index]

Name Type Description Required

name

string

Name is the name of the transform.

true

type

string

Type is the type of the transform.

true

config

string

Config is the configuration for the transform.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector.resources

Resources is the resource requirements for the Vector agent.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.reaper.telemetry.vector.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.reaper.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.k8ssandra.reaper.uiUserSecretRef

Defines the secret which contains the username and password for the Reaper UI and REST API authentication. When UiUserSecretRef.Name == "", authentication is turned off in the front-end only.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.stargate

Stargate defines the desired deployment characteristics for Stargate in this K8ssandraCluster. If this is non-nil, Stargate will be deployed on every Cassandra datacenter in this K8ssandraCluster.

Name Type Description Required

size

integer

Size is the number of Stargate instances to deploy in each datacenter. They will be spread evenly across racks.

  • Format: int32

  • Default: 1

  • Minimum: 1

true

affinity

object

Affinity is the affinity to apply to all the Stargate pods. Leave nil to let the controller reuse the same affinity rules used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity

false

allowStargateOnDataNodes

boolean

AllowStargateOnDataNodes allows Stargate pods to be scheduled on a worker node already hosting data pods for this datacenter. The default is false, which means that Stargate pods will be scheduled on separate worker nodes. Note: if the datacenter pods have HostNetwork:true, then the Stargate pods will inherit of it, in which case it is possible that Stargate nodes won’t be allowed to sit on data nodes even if this property is set to true, because of port conflicts on the same IP address.

  • Default: false

false

authOptions

object

Authentication options.

false

cassandraConfigMapRef

object

CassandraConfigMapRef is a reference to a ConfigMap that holds Cassandra configuration. The map should have a key named cassandra_yaml.

false

containerImage

object

ContainerImage is the image characteristics to use for Stargate containers. Leave nil to use a default image.

  • Default: map[repository:stargateio tag:v1.0.77]

false

heapSize

int or string

HeapSize sets the JVM heap size to use for Stargate. If no Resources are specified, this value will also be used to set a default memory request and limit for the Stargate pods: these will be set to HeapSize x2 and x4, respectively.

  • Default: 256Mi

false

livenessProbe

object

LivenessProbe sets the Stargate liveness probe. Leave nil to use defaults.

false

metadata

object

labels and annotations for Stargate resources

false

nodeSelector

map[string]string

NodeSelector is an optional map of label keys and values to restrict the scheduling of Stargate nodes to workers with matching labels. Leave nil to let the controller reuse the same node selectors used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector

false

readinessProbe

object

ReadinessProbe sets the Stargate readiness probe. Leave nil to use defaults.

false

resources

object

Resources is the Kubernetes resource requests and limits to apply, per Stargate pod. Leave nil to use defaults.

false

secretsProvider

enum

SecretsProvider defines whether the secrets used for credentials and certs will be backed by an external secret backend. This moves the responsibility of generating and storing secrets from the operators to the user and will rely on a mutating webhook to inject the secrets into the necessary resources

  • Enum: internal, external

  • Default: internal

false

serviceAccount

string

ServiceAccount is the service account name to use for Stargate pods.

  • Default: default

false

telemetry

object

Telemetry defines the desired telemetry integrations to deploy targeting the Stargate pods for all DCs in this cluster (unless overridden by DC specific settings)

false

tolerations

[]object

Tolerations are tolerations to apply to the Stargate pods. Leave nil to let the controller reuse the same tolerations used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

false

MissionControlCluster.spec.k8ssandra.stargate.affinity

Affinity is the affinity to apply to all the Stargate pods. Leave nil to let the controller reuse the same affinity rules used for data pods in this datacenter, if any. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.k8ssandra.stargate.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.k8ssandra.stargate.authOptions

Authentication options.

Name Type Description Required

apiAuthMethod

enum

The method to use for authenticating requests to the Stargate APIs. Stargate currently has two authentication / authorization methods: - Table: table-based; - JWT: JSON web token (JWT)-based. The methods are mutually exclusive. The default method is Table.

  • Enum: Table, JWT

  • Default: Table

false

providerUrl

string

Required when using JWT authentication method, ignored otherwise.

false

tokenTtlSeconds

integer

The time-to-live in seconds of an API authentication token. Valid only for the Table authentication method. By default, the token persists for 30 minutes with a sliding window. Each use of the token to authenticate resets the 30-minute window. A token created and used after 29 minutes will authenticate a request, but if 31 minutes passes before use, the token will no longer exist. Default is 1800 seconds (30 minutes).

  • Minimum: 1

false

MissionControlCluster.spec.k8ssandra.stargate.cassandraConfigMapRef

CassandraConfigMapRef is a reference to a ConfigMap that holds Cassandra configuration. The map should have a key named cassandra_yaml.

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.stargate.containerImage

ContainerImage is the image characteristics to use for Stargate containers. Leave nil to use a default image.

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.k8ssandra.stargate.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.k8ssandra.stargate.livenessProbe

LivenessProbe sets the Stargate liveness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.stargate.livenessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.stargate.livenessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.stargate.livenessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.stargate.livenessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.stargate.livenessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.stargate.metadata

labels and annotations for Stargate resources

Name Type Description Required

annotations

map[string]string

false

commonLabels

map[string]string

labels/annotations that will be applied to all components created by the CRD

false

labels

map[string]string

false

pods

object

labels/annotations for the pod components

false

service

object

labels/annotations for the service component

false

MissionControlCluster.spec.k8ssandra.stargate.metadata.pods

labels/annotations for the pod components

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.stargate.metadata.service

labels/annotations for the service component

Name Type Description Required

annotations

map[string]string

false

labels

map[string]string

false

MissionControlCluster.spec.k8ssandra.stargate.readinessProbe

ReadinessProbe sets the Stargate readiness probe. Leave nil to use defaults.

Name Type Description Required

exec

object

Exec specifies the action to take.

false

failureThreshold

integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

  • Format: int32

false

grpc

object

GRPC specifies an action involving a GRPC port.

false

httpGet

object

HTTPGet specifies the http request to perform.

false

initialDelaySeconds

integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

periodSeconds

integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

  • Format: int32

false

successThreshold

integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

  • Format: int32

false

tcpSocket

object

TCPSocket specifies an action involving a TCP port.

false

terminationGracePeriodSeconds

integer

Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod’s terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.

  • Format: int64

false

timeoutSeconds

integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

  • Format: int32

false

MissionControlCluster.spec.k8ssandra.stargate.readinessProbe.exec

Exec specifies the action to take.

Name Type Description Required

command

[]string

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions ('

', etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

MissionControlCluster.spec.k8ssandra.stargate.readinessProbe.grpc

GRPC specifies an action involving a GRPC port.

Name Type Description Required

port

integer

Port number of the gRPC service. Number must be in the range 1 to 65535.

  • Format: int32

true

service

string

Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

If this is not specified, the default behavior is defined by gRPC.

false

MissionControlCluster.spec.k8ssandra.stargate.readinessProbe.httpGet

HTTPGet specifies the http request to perform.

Name Type Description Required

port

int or string

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.

false

httpHeaders

[]object

Custom headers to set in the request. HTTP allows repeated headers.

false

path

string

Path to access on the HTTP server.

false

scheme

string

Scheme to use for connecting to the host. Defaults to HTTP.

false

MissionControlCluster.spec.k8ssandra.stargate.readinessProbe.httpGet.httpHeaders[index]

HTTPHeader describes a custom header to be used in HTTP probes

Name Type Description Required

name

string

The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

true

value

string

The header field value

true

MissionControlCluster.spec.k8ssandra.stargate.readinessProbe.tcpSocket

TCPSocket specifies an action involving a TCP port.

Name Type Description Required

port

int or string

Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

true

host

string

Optional: Host name to connect to, defaults to the pod IP.

false

MissionControlCluster.spec.k8ssandra.stargate.resources

Resources is the Kubernetes resource requests and limits to apply, per Stargate pod. Leave nil to use defaults.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.stargate.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.stargate.telemetry

Telemetry defines the desired telemetry integrations to deploy targeting the Stargate pods for all DCs in this cluster (unless overridden by DC specific settings)

Name Type Description Required

cassandra

object

false

mcac

object

false

prometheus

object

false

vector

object

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.cassandra

Name Type Description Required

endpoint

object

false

relabels

[]object

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.cassandra.endpoint

Name Type Description Required

address

string

false

port

string

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.cassandra.relabels[index]

RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines <metric_relabel_configs>-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs

Name Type Description Required

action

enum

Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.

  • Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase

  • Default: replace

false

modulus

integer

Modulus to take of the hash of the source label values.

  • Format: int64

false

regex

string

Regular expression against which the extracted value is matched. Default is '(.*)'

false

replacement

string

Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'

false

separator

string

Separator placed between concatenated source label values. default is ';'.

false

sourceLabels

[]string

The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.

false

targetLabel

string

Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.mcac

Name Type Description Required

enabled

boolean

enabled sets whether MCAC (legacy metrics endpoint) is enabled. This is considered true by default.

false

metricFilters

[]string

MetricFilters allows passing filters to MCAC in order to reduce the amount of extracted metrics. Not setting this field will result in the default filters being used: - "deny:org.apache.cassandra.metrics.Table" - "deny:org.apache.cassandra.metrics.table" - "allow:org.apache.cassandra.metrics.table.live_ss_table_count" - "allow:org.apache.cassandra.metrics.Table.LiveSSTableCount" - "allow:org.apache.cassandra.metrics.table.live_disk_space_used" - "allow:org.apache.cassandra.metrics.table.LiveDiskSpaceUsed" - "allow:org.apache.cassandra.metrics.Table.Pending" - "allow:org.apache.cassandra.metrics.Table.Memtable" - "allow:org.apache.cassandra.metrics.Table.Compaction" - "allow:org.apache.cassandra.metrics.table.read" - "allow:org.apache.cassandra.metrics.table.write" - "allow:org.apache.cassandra.metrics.table.range" - "allow:org.apache.cassandra.metrics.table.coordinator" - "allow:org.apache.cassandra.metrics.table.dropped_mutations" Setting it to an empty list will result in all metrics being extracted.

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.prometheus

Name Type Description Required

commonLabels

map[string]string

CommonLabels are applied to all serviceMonitors created.

false

enabled

boolean

Enable the creation of Prometheus serviceMonitors for this resource (Cassandra or Stargate).

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector

Name Type Description Required

components

object

false

enabled

boolean

Enabled enables the Vector agent for this resource (Cassandra, Reaper or Stargate). Enabling the vector agent will inject a sidecar container into the pod.

false

image

string

Image is the name of the Vector image to use. If not set, the default image will be used. kube:default="timberio/vector:0.26.0-alpine"

false

resources

object

Resources is the resource requirements for the Vector agent.

false

scrapeInterval

string

ScrapeInterval is the interval at which the Vector agent will scrape the metrics endpoint. Use values like 30s, 1m, 5m. kube:default=30s

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector.components

Name Type Description Required

sinks

[]object

Sinks is the list of sinks to use for the Vector agent.

false

sources

[]object

Sources is the list of sources to use for the Vector agent.

false

transforms

[]object

Transforms is the list of transforms to use for the Vector agent.

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector.components.sinks[index]

Name Type Description Required

name

string

Name is the name of the sink.

true

type

string

Type is the type of the sink.

true

config

string

Config is the configuration for the sink.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector.components.sources[index]

Name Type Description Required

name

string

Name is the name of the source.

true

type

string

Type is the type of the source.

true

config

string

Config is the configuration for the source.

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector.components.transforms[index]

Name Type Description Required

name

string

Name is the name of the transform.

true

type

string

Type is the type of the transform.

true

config

string

Config is the configuration for the transform.

false

inputs

[]string

Inputs is the list of inputs for the transform.

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector.resources

Resources is the resource requirements for the Vector agent.

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.k8ssandra.stargate.telemetry.vector.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.k8ssandra.stargate.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.dataApi

Settings for enabling and configuring the Data API

Name Type Description Required

affinity

object

Affinity for the data api deployment

false

containerImage

object

Image coordinates for the data api container

false

containerSecurityContext

object

Security context settings for the data api container

false

driverConfig

string

Data Api Driver Config content

false

enabled

boolean

Enable the data api deployment for each DC

false

env

[]object

Environment variables to set in the data api container

false

podSecurityContext

object

Security context settings for the data api pod

false

port

integer

Data API port

  • Format: int32

  • Default: 8181

false

replicas

integer

Number of replicas for the data api deployment

  • Format: int32

false

resources

object

Resource requirements for the data api container

false

serviceAccount

string

Service account to use for the data api deployment

false

tolerations

[]object

Tolerations for the data api deployment

false

MissionControlCluster.spec.dataApi.affinity

Affinity for the data api deployment

Name Type Description Required

nodeAffinity

object

Describes node affinity scheduling rules for the pod.

false

podAffinity

object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

false

podAntiAffinity

object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity

Describes node affinity scheduling rules for the pod.

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).

Name Type Description Required

preference

object

A node selector term, associated with the corresponding weight.

true

weight

integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference

A node selector term, associated with the corresponding weight.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].preference.matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

Name Type Description Required

nodeSelectorTerms

[]object

Required. A list of node selector terms. The terms are ORed.

true

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index]

A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

Name Type Description Required

matchExpressions

[]object

A list of node selector requirements by node’s labels.

false

matchFields

[]object

A list of node selector requirements by node’s fields.

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchExpressions[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[index].matchFields[index]

A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

The label key that the selector applies to.

true

operator

string

Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

true

values

[]string

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.dataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

Name Type Description Required

preferredDuringSchedulingIgnoredDuringExecution

[]object

The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

false

requiredDuringSchedulingIgnoredDuringExecution

[]object

If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index]

The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)

Name Type Description Required

podAffinityTerm

object

Required. A pod affinity term, associated with the corresponding weight.

true

weight

integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

  • Format: int32

true

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm

Required. A pod affinity term, associated with the corresponding weight.

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[index].podAffinityTerm.namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index]

Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running

Name Type Description Required

topologyKey

string

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.

true

labelSelector

object

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

false

matchLabelKeys

[]string

MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key in (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

mismatchLabelKeys

[]string

MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with LabelSelector as key notin (value) to select the group of existing pods which pods will be taken into consideration for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn’t set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.

false

namespaceSelector

object

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

false

namespaces

[]string

namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod’s namespace".

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector

A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].labelSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector

A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod’s namespace". An empty selector ({}) matches all namespaces.

Name Type Description Required

matchExpressions

[]object

matchExpressions is a list of label selector requirements. The requirements are ANDed.

false

matchLabels

map[string]string

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

false

MissionControlCluster.spec.dataApi.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[index].namespaceSelector.matchExpressions[index]

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name Type Description Required

key

string

key is the label key that the selector applies to.

true

operator

string

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

true

values

[]string

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

false

MissionControlCluster.spec.dataApi.containerImage

Image coordinates for the data api container

Name Type Description Required

name

string

The image name to use.

false

pullPolicy

enum

The image pull policy to use. Defaults to "Always" if the tag is "latest", otherwise to "IfNotPresent".

  • Enum: Always, IfNotPresent, Never

false

pullSecretRef

object

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

false

registry

string

The Docker registry to use. Defaults to "docker.io", the official Docker Hub.

false

repository

string

The Docker repository to use.

false

tag

string

The image tag to use. Defaults to "latest".

  • Default: latest

false

MissionControlCluster.spec.dataApi.containerImage.pullSecretRef

The secret to use when pulling the image from private repositories. If specified, this secret will be passed to individual puller implementations for them to use. For example, in the case of Docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

Name Type Description Required

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

MissionControlCluster.spec.dataApi.containerSecurityContext

Security context settings for the data api container

Name Type Description Required

allowPrivilegeEscalation

boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.

false

capabilities

object

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

false

privileged

boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.

false

procMount

string

procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.

false

readOnlyRootFilesystem

boolean

Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.dataApi.containerSecurityContext.capabilities

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

add

[]string

Added capabilities

false

drop

[]string

Removed capabilities

false

MissionControlCluster.spec.dataApi.containerSecurityContext.seLinuxOptions

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.dataApi.containerSecurityContext.seccompProfile

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.dataApi.containerSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.dataApi.env[index]

EnvVar represents an environment variable present in a Container.

Name Type Description Required

name

string

Name of the environment variable. Must be a C_IDENTIFIER.

true

value

string

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

false

valueFrom

object

Source for the environment variable’s value. Cannot be used if value is not empty.

false

MissionControlCluster.spec.dataApi.env[index].valueFrom

Source for the environment variable’s value. Cannot be used if value is not empty.

Name Type Description Required

configMapKeyRef

object

Selects a key of a ConfigMap.

false

fieldRef

object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

false

resourceFieldRef

object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

false

secretKeyRef

object

Selects a key of a secret in the pod’s namespace

false

MissionControlCluster.spec.dataApi.env[index].valueFrom.configMapKeyRef

Selects a key of a ConfigMap.

Name Type Description Required

key

string

The key to select.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the ConfigMap or its key must be defined

false

MissionControlCluster.spec.dataApi.env[index].valueFrom.fieldRef

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name Type Description Required

fieldPath

string

Path of the field to select in the specified API version.

true

apiVersion

string

Version of the schema the FieldPath is written in terms of, defaults to "v1".

false

MissionControlCluster.spec.dataApi.env[index].valueFrom.resourceFieldRef

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name Type Description Required

resource

string

Required: resource to select

true

containerName

string

Container name: required for volumes, optional for env vars

false

divisor

int or string

Specifies the output format of the exposed resources, defaults to "1"

false

MissionControlCluster.spec.dataApi.env[index].valueFrom.secretKeyRef

Selects a key of a secret in the pod’s namespace

Name Type Description Required

key

string

The key of the secret to select from. Must be a valid secret key.

true

name

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

false

optional

boolean

Specify whether the Secret or its key must be defined

false

MissionControlCluster.spec.dataApi.podSecurityContext

Security context settings for the data api pod

Name Type Description Required

fsGroup

integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup

  2. The setgid bit is set (new files created in the volume will be owned by FSGroup)

  3. The permission bits are OR’d with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

fsGroupChangePolicy

string

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

false

runAsGroup

integer

The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

runAsNonRoot

boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

runAsUser

integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

  • Format: int64

false

seLinuxOptions

object

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

false

seccompProfile

object

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

false

supplementalGroups

[]integer

A list of groups applied to the first process run in each container, in addition to the container’s primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.

false

sysctls

[]object

Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.

false

windowsOptions

object

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

false

MissionControlCluster.spec.dataApi.podSecurityContext.seLinuxOptions

The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

level

string

Level is SELinux level label that applies to the container.

false

role

string

Role is a SELinux role label that applies to the container.

false

type

string

Type is a SELinux type label that applies to the container.

false

user

string

User is a SELinux user label that applies to the container.

false

MissionControlCluster.spec.dataApi.podSecurityContext.seccompProfile

The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.

Name Type Description Required

type

string

type indicates which kind of seccomp profile will be applied. Valid options are:

Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

true

localhostProfile

string

localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.

false

MissionControlCluster.spec.dataApi.podSecurityContext.sysctls[index]

Sysctl defines a kernel parameter to be set

Name Type Description Required

name

string

Name of a property to set

true

value

string

Value of a property to set

true

MissionControlCluster.spec.dataApi.podSecurityContext.windowsOptions

The Windows specific settings applied to all containers. If unspecified, the options within a container’s SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name Type Description Required

gmsaCredentialSpec

string

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

false

gmsaCredentialSpecName

string

GMSACredentialSpecName is the name of the GMSA credential spec to use.

false

hostProcess

boolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod’s containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

false

runAsUserName

string

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

false

MissionControlCluster.spec.dataApi.resources

Resource requirements for the data api container

Name Type Description Required

claims

[]object

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

This field is immutable. It can only be set for containers.

false

limits

map[string]int or string

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

requests

map[string]int or string

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

false

MissionControlCluster.spec.dataApi.resources.claims[index]

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name Type Description Required

name

string

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

true

MissionControlCluster.spec.dataApi.tolerations[index]

The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

Name Type Description Required

effect

string

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

false

key

string

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

false

operator

string

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

false

tolerationSeconds

integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

  • Format: int64

false

value

string

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

false

MissionControlCluster.spec.encryption

Name Type Description Required

internodeEncryption

object

Controls settings for encryption between DSE nodes.

  • Default: map[certs:map[createCerts:true] enabled:true]

false

managementApiAuthEncryption

object

Controls settings for encryption between operators and DSE nodes

  • Default: map[certs:map[createCerts:true] enabled:true]

false

MissionControlCluster.spec.encryption.internodeEncryption

Controls settings for encryption between DSE nodes.

Name Type Description Required

certs

object

Settings for where the encryption automation should source it’s certificates from.

  • Default: map[createCerts:true]

false

enabled

boolean

Should internode encryption be enabled?

  • Default: true

false

MissionControlCluster.spec.encryption.internodeEncryption.certs

Settings for where the encryption automation should source it’s certificates from.

Name Type Description Required

certTemplate

object

A cert-manager .spec structure which allows you to template the certificates to be created. Do not specify rotationPolicy or Encoding.

false

createCerts

boolean

Should the encryption subsystem create it’s own certs?

  • Default: true

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate

A cert-manager .spec structure which allows you to template the certificates to be created. Do not specify rotationPolicy or Encoding.

Name Type Description Required

additionalOutputFormats

[]object

Defines extra output formats of the private key and signed certificate chain to be written to this Certificate’s target Secret.

This is an Alpha Feature and is only enabled with the --feature-gates=AdditionalCertificateOutputFormats=true option set on both the controller and webhook components.

false

commonName

string

Requested common name X509 certificate subject attribute. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 NOTE: TLS clients will ignore this value when any subject alternative name is set (see https://tools.ietf.org/html/rfc6125#section-6.4.4).

Should have a length of 64 characters or fewer to avoid generating invalid CSRs. Cannot be set if the literalSubject field is set.

false

dnsNames

[]string

Requested DNS subject alternative names.

false

duration

string

Requested 'duration' (i.e. lifetime) of the Certificate. Note that the issuer may choose to ignore the requested duration, just like any other requested attribute.

If unset, this defaults to 90 days. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.

false

emailAddresses

[]string

Requested email subject alternative names.

false

encodeUsagesInRequest

boolean

Whether the KeyUsage and ExtKeyUsage extensions should be set in the encoded CSR.

This option defaults to true, and should only be disabled if the target issuer does not support CSRs with these X509 KeyUsage/ ExtKeyUsage extensions.

false

ipAddresses

[]string

Requested IP address subject alternative names.

false

isCA

boolean

Requested basic constraints isCA value. The isCA value is used to set the isCA field on the created CertificateRequest resources. Note that the issuer may choose to ignore the requested isCA value, just like any other requested attribute.

If true, this will automatically add the cert sign usage to the list of requested usages.

false

issuerRef

object

Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace.

The name field of the reference must always be specified.

false

keystores

object

Additional keystore output formats to be stored in the Certificate’s Secret.

false

literalSubject

string

Requested X.509 certificate subject, represented using the LDAP "String Representation of a Distinguished Name" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: CN=foo,DC=corp,DC=example,DC=com More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424

Cannot be set if the subject or commonName field is set. This is an Alpha Feature and is only enabled with the --feature-gates=LiteralCertificateSubject=true option set on both the controller and webhook components.

false

nameConstraints

object

x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10

This is an Alpha Feature and is only enabled with the --feature-gates=NameConstraints=true option set on both the controller and webhook components.

false

otherNames

[]object

otherNames is an escape hatch for SAN that allows any type. We currently restrict the support to string like otherNames, cf RFC 5280 p 37 Any UTF8 String valued otherName can be passed with by setting the keys oid: x.x.x.x and UTF8Value: somevalue for otherName. Most commonly this would be UPN set with oid: 1.3.6.1.4.1.311.20.2.3 You should ensure that any OID passed is valid for the UTF8String type as we do not explicitly validate this.

false

privateKey

object

Private key options. These include the key algorithm and size, the used encoding and the rotation policy.

false

renewBefore

string

How long before the currently issued certificate’s expiry cert-manager should renew the certificate. For example, if a certificate is valid for 60 minutes, and renewBefore=10m, cert-manager will begin to attempt to renew the certificate 50 minutes after it was issued (i.e. when there are 10 minutes remaining until the certificate is no longer valid).

The actual lifetime of the issued certificate is used to determine the renewal time. If an issuer returns a certificate with a different lifetime than the one requested, cert-manager will use the lifetime of the issued certificate.

If unset, this defaults to 1/3 of the issued certificate’s lifetime. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.

false

revisionHistoryLimit

integer

The maximum number of CertificateRequest revisions that are maintained in the Certificate’s history. Each revision represents a single CertificateRequest created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number.

If set, revisionHistoryLimit must be a value of 1 or greater. If unset (nil), revisions will not be garbage collected. Default value is nil.

  • Format: int32

false

secretName

string

Name of the Secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. The Secret resource lives in the same namespace as the Certificate resource.

false

secretTemplate

object

Defines annotations and labels to be copied to the Certificate’s Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate’s Secret.

false

subject

object

Requested set of X509 certificate subject attributes. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6

The common name attribute is specified separately in the commonName field. Cannot be set if the literalSubject field is set.

false

uris

[]string

Requested URI subject alternative names.

false

usages

[]enum

Requested key usages and extended key usages. These usages are used to set the usages field on the created CertificateRequest resources. If encodeUsagesInRequest is unset or set to true, the usages will additionally be encoded in the request field which contains the CSR blob.

If unset, defaults to digital signature and key encipherment.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.additionalOutputFormats[index]

CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key.

Name Type Description Required

type

enum

Type is the name of the format type that should be written to the Certificate’s target Secret.

  • Enum: DER, CombinedPEM

true

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.issuerRef

Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace.

The name field of the reference must always be specified.

Name Type Description Required

name

string

Name of the resource being referred to.

true

group

string

Group of the resource being referred to.

false

kind

string

Kind of the resource being referred to.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.keystores

Additional keystore output formats to be stored in the Certificate’s Secret.

Name Type Description Required

jks

object

JKS configures options for storing a JKS keystore in the spec.secretName Secret resource.

false

pkcs12

object

PKCS12 configures options for storing a PKCS12 keystore in the spec.secretName Secret resource.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.keystores.jks

JKS configures options for storing a JKS keystore in the spec.secretName Secret resource.

Name Type Description Required

create

boolean

Create enables JKS keystore creation for the Certificate. If true, a file named keystore.jks will be created in the target Secret resource, encrypted using the password stored in passwordSecretRef. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named truststore.jks will also be created in the target Secret resource, encrypted using the password stored in passwordSecretRef containing the issuing Certificate Authority

true

passwordSecretRef

object

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore.

true

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.keystores.jks.passwordSecretRef

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore.

Name Type Description Required

name

string

Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

true

key

string

The key of the entry in the Secret resource’s data field to be used. Some instances of this field may be defaulted, in others it may be required.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.keystores.pkcs12

PKCS12 configures options for storing a PKCS12 keystore in the spec.secretName Secret resource.

Name Type Description Required

create

boolean

Create enables PKCS12 keystore creation for the Certificate. If true, a file named keystore.p12 will be created in the target Secret resource, encrypted using the password stored in passwordSecretRef. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named truststore.p12 will also be created in the target Secret resource, encrypted using the password stored in passwordSecretRef containing the issuing Certificate Authority

true

passwordSecretRef

object

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore.

true

profile

enum

Profile specifies the key and certificate encryption algorithms and the HMAC algorithm used to create the PKCS12 keystore. Default value is LegacyRC2 for backward compatibility.

If provided, allowed values are: LegacyRC2: Deprecated. Not supported by default in OpenSSL 3 or Java 20. LegacyDES: Less secure algorithm. Use this option for maximal compatibility. Modern2023: Secure algorithm. Use this option in case you have to always use secure algorithms (eg. because of company policy). Please note that the security of the algorithm is not that important in reality, because the unencrypted certificate and private key are also stored in the Secret.

  • Enum: LegacyRC2, LegacyDES, Modern2023

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.keystores.pkcs12.passwordSecretRef

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore.

Name Type Description Required

name

string

Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

true

key

string

The key of the entry in the Secret resource’s data field to be used. Some instances of this field may be defaulted, in others it may be required.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.nameConstraints

x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10

This is an Alpha Feature and is only enabled with the --feature-gates=NameConstraints=true option set on both the controller and webhook components.

Name Type Description Required

critical

boolean

if true then the name constraints are marked critical.

false

excluded

object

Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted

false

permitted

object

Permitted contains the constraints in which the names must be located.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.nameConstraints.excluded

Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted

Name Type Description Required

dnsDomains

[]string

DNSDomains is a list of DNS domains that are permitted or excluded.

false

emailAddresses

[]string

EmailAddresses is a list of Email Addresses that are permitted or excluded.

false

ipRanges

[]string

IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation.

false

uriDomains

[]string

URIDomains is a list of URI domains that are permitted or excluded.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.nameConstraints.permitted

Permitted contains the constraints in which the names must be located.

Name Type Description Required

dnsDomains

[]string

DNSDomains is a list of DNS domains that are permitted or excluded.

false

emailAddresses

[]string

EmailAddresses is a list of Email Addresses that are permitted or excluded.

false

ipRanges

[]string

IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation.

false

uriDomains

[]string

URIDomains is a list of URI domains that are permitted or excluded.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.otherNames[index]

Name Type Description Required

oid

string

OID is the object identifier for the otherName SAN. The object identifier must be expressed as a dotted string, for example, "1.2.840.113556.1.4.221".

false

utf8Value

string

utf8Value is the string value of the otherName SAN. The utf8Value accepts any valid UTF8 string to set as value for the otherName SAN.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.privateKey

Private key options. These include the key algorithm and size, the used encoding and the rotation policy.

Name Type Description Required

algorithm

enum

Algorithm is the private key algorithm of the corresponding private key for this certificate.

If provided, allowed values are either RSA, ECDSA or Ed25519. If algorithm is specified and size is not provided, key size of 2048 will be used for RSA key algorithm and key size of 256 will be used for ECDSA key algorithm. key size is ignored when using the Ed25519 key algorithm.

  • Enum: RSA, ECDSA, Ed25519

false

encoding

enum

The private key cryptography standards (PKCS) encoding for this certificate’s private key to be encoded in.

If provided, allowed values are PKCS1 and PKCS8 standing for PKCS#1 and PKCS#8, respectively. Defaults to PKCS1 if not specified.

  • Enum: PKCS1, PKCS8

false

rotationPolicy

enum

RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed.

If set to Never, a private key will only be generated if one does not already exist in the target spec.secretName. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is Never for backward compatibility.

  • Enum: Never, Always

false

size

integer

Size is the key bit size of the corresponding private key for this certificate.

If algorithm is set to RSA, valid values are 2048, 4096 or 8192, and will default to 2048 if not specified. If algorithm is set to ECDSA, valid values are 256, 384 or 521, and will default to 256 if not specified. If algorithm is set to Ed25519, Size is ignored. No other values are allowed.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.secretTemplate

Defines annotations and labels to be copied to the Certificate’s Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate’s Secret.

Name Type Description Required

annotations

map[string]string

Annotations is a key value map to be copied to the target Kubernetes Secret.

false

labels

map[string]string

Labels is a key value map to be copied to the target Kubernetes Secret.

false

MissionControlCluster.spec.encryption.internodeEncryption.certs.certTemplate.subject

Requested set of X509 certificate subject attributes. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6

The common name attribute is specified separately in the commonName field. Cannot be set if the literalSubject field is set.

Name Type Description Required

countries

[]string

Countries to be used on the Certificate.

false

localities

[]string

Cities to be used on the Certificate.

false

organizationalUnits

[]string

Organizational Units to be used on the Certificate.

false

organizations

[]string

Organizations to be used on the Certificate.

false

postalCodes

[]string

Postal codes to be used on the Certificate.

false

provinces

[]string

State/Provinces to be used on the Certificate.

false

serialNumber

string

Serial number to be used on the Certificate.

false

streetAddresses

[]string

Street addresses to be used on the Certificate.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption

Controls settings for encryption between operators and DSE nodes

Name Type Description Required

certs

object

Settings for where the encryption automation should source it’s certificates from.

  • Default: map[createCerts:true]

false

enabled

boolean

Enable operator to node encryption

  • Default: true

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs

Settings for where the encryption automation should source it’s certificates from.

Name Type Description Required

certTemplate

object

A cert-manager .spec structure which allows you to template the certificates to be created. Do not specify rotationPolicy or Encoding.

false

createCerts

boolean

Should the encryption subsystem create it’s own certs?

  • Default: true

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate

A cert-manager .spec structure which allows you to template the certificates to be created. Do not specify rotationPolicy or Encoding.

Name Type Description Required

additionalOutputFormats

[]object

Defines extra output formats of the private key and signed certificate chain to be written to this Certificate’s target Secret.

This is an Alpha Feature and is only enabled with the --feature-gates=AdditionalCertificateOutputFormats=true option set on both the controller and webhook components.

false

commonName

string

Requested common name X509 certificate subject attribute. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 NOTE: TLS clients will ignore this value when any subject alternative name is set (see https://tools.ietf.org/html/rfc6125#section-6.4.4).

Should have a length of 64 characters or fewer to avoid generating invalid CSRs. Cannot be set if the literalSubject field is set.

false

dnsNames

[]string

Requested DNS subject alternative names.

false

duration

string

Requested 'duration' (i.e. lifetime) of the Certificate. Note that the issuer may choose to ignore the requested duration, just like any other requested attribute.

If unset, this defaults to 90 days. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.

false

emailAddresses

[]string

Requested email subject alternative names.

false

encodeUsagesInRequest

boolean

Whether the KeyUsage and ExtKeyUsage extensions should be set in the encoded CSR.

This option defaults to true, and should only be disabled if the target issuer does not support CSRs with these X509 KeyUsage/ ExtKeyUsage extensions.

false

ipAddresses

[]string

Requested IP address subject alternative names.

false

isCA

boolean

Requested basic constraints isCA value. The isCA value is used to set the isCA field on the created CertificateRequest resources. Note that the issuer may choose to ignore the requested isCA value, just like any other requested attribute.

If true, this will automatically add the cert sign usage to the list of requested usages.

false

issuerRef

object

Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace.

The name field of the reference must always be specified.

false

keystores

object

Additional keystore output formats to be stored in the Certificate’s Secret.

false

literalSubject

string

Requested X.509 certificate subject, represented using the LDAP "String Representation of a Distinguished Name" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: CN=foo,DC=corp,DC=example,DC=com More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424

Cannot be set if the subject or commonName field is set. This is an Alpha Feature and is only enabled with the --feature-gates=LiteralCertificateSubject=true option set on both the controller and webhook components.

false

nameConstraints

object

x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10

This is an Alpha Feature and is only enabled with the --feature-gates=NameConstraints=true option set on both the controller and webhook components.

false

otherNames

[]object

otherNames is an escape hatch for SAN that allows any type. We currently restrict the support to string like otherNames, cf RFC 5280 p 37 Any UTF8 String valued otherName can be passed with by setting the keys oid: x.x.x.x and UTF8Value: somevalue for otherName. Most commonly this would be UPN set with oid: 1.3.6.1.4.1.311.20.2.3 You should ensure that any OID passed is valid for the UTF8String type as we do not explicitly validate this.

false

privateKey

object

Private key options. These include the key algorithm and size, the used encoding and the rotation policy.

false

renewBefore

string

How long before the currently issued certificate’s expiry cert-manager should renew the certificate. For example, if a certificate is valid for 60 minutes, and renewBefore=10m, cert-manager will begin to attempt to renew the certificate 50 minutes after it was issued (i.e. when there are 10 minutes remaining until the certificate is no longer valid).

The actual lifetime of the issued certificate is used to determine the renewal time. If an issuer returns a certificate with a different lifetime than the one requested, cert-manager will use the lifetime of the issued certificate.

If unset, this defaults to 1/3 of the issued certificate’s lifetime. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration.

false

revisionHistoryLimit

integer

The maximum number of CertificateRequest revisions that are maintained in the Certificate’s history. Each revision represents a single CertificateRequest created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number.

If set, revisionHistoryLimit must be a value of 1 or greater. If unset (nil), revisions will not be garbage collected. Default value is nil.

  • Format: int32

false

secretName

string

Name of the Secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. The Secret resource lives in the same namespace as the Certificate resource.

false

secretTemplate

object

Defines annotations and labels to be copied to the Certificate’s Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate’s Secret.

false

subject

object

Requested set of X509 certificate subject attributes. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6

The common name attribute is specified separately in the commonName field. Cannot be set if the literalSubject field is set.

false

uris

[]string

Requested URI subject alternative names.

false

usages

[]enum

Requested key usages and extended key usages. These usages are used to set the usages field on the created CertificateRequest resources. If encodeUsagesInRequest is unset or set to true, the usages will additionally be encoded in the request field which contains the CSR blob.

If unset, defaults to digital signature and key encipherment.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.additionalOutputFormats[index]

CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key.

Name Type Description Required

type

enum

Type is the name of the format type that should be written to the Certificate’s target Secret.

  • Enum: DER, CombinedPEM

true

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.issuerRef

Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace.

The name field of the reference must always be specified.

Name Type Description Required

name

string

Name of the resource being referred to.

true

group

string

Group of the resource being referred to.

false

kind

string

Kind of the resource being referred to.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.keystores

Additional keystore output formats to be stored in the Certificate’s Secret.

Name Type Description Required

jks

object

JKS configures options for storing a JKS keystore in the spec.secretName Secret resource.

false

pkcs12

object

PKCS12 configures options for storing a PKCS12 keystore in the spec.secretName Secret resource.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.keystores.jks

JKS configures options for storing a JKS keystore in the spec.secretName Secret resource.

Name Type Description Required

create

boolean

Create enables JKS keystore creation for the Certificate. If true, a file named keystore.jks will be created in the target Secret resource, encrypted using the password stored in passwordSecretRef. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named truststore.jks will also be created in the target Secret resource, encrypted using the password stored in passwordSecretRef containing the issuing Certificate Authority

true

passwordSecretRef

object

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore.

true

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.keystores.jks.passwordSecretRef

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore.

Name Type Description Required

name

string

Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

true

key

string

The key of the entry in the Secret resource’s data field to be used. Some instances of this field may be defaulted, in others it may be required.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.keystores.pkcs12

PKCS12 configures options for storing a PKCS12 keystore in the spec.secretName Secret resource.

Name Type Description Required

create

boolean

Create enables PKCS12 keystore creation for the Certificate. If true, a file named keystore.p12 will be created in the target Secret resource, encrypted using the password stored in passwordSecretRef. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named truststore.p12 will also be created in the target Secret resource, encrypted using the password stored in passwordSecretRef containing the issuing Certificate Authority

true

passwordSecretRef

object

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore.

true

profile

enum

Profile specifies the key and certificate encryption algorithms and the HMAC algorithm used to create the PKCS12 keystore. Default value is LegacyRC2 for backward compatibility.

If provided, allowed values are: LegacyRC2: Deprecated. Not supported by default in OpenSSL 3 or Java 20. LegacyDES: Less secure algorithm. Use this option for maximal compatibility. Modern2023: Secure algorithm. Use this option in case you have to always use secure algorithms (eg. because of company policy). Please note that the security of the algorithm is not that important in reality, because the unencrypted certificate and private key are also stored in the Secret.

  • Enum: LegacyRC2, LegacyDES, Modern2023

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.keystores.pkcs12.passwordSecretRef

PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore.

Name Type Description Required

name

string

Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

true

key

string

The key of the entry in the Secret resource’s data field to be used. Some instances of this field may be defaulted, in others it may be required.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.nameConstraints

x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10

This is an Alpha Feature and is only enabled with the --feature-gates=NameConstraints=true option set on both the controller and webhook components.

Name Type Description Required

critical

boolean

if true then the name constraints are marked critical.

false

excluded

object

Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted

false

permitted

object

Permitted contains the constraints in which the names must be located.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.nameConstraints.excluded

Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted

Name Type Description Required

dnsDomains

[]string

DNSDomains is a list of DNS domains that are permitted or excluded.

false

emailAddresses

[]string

EmailAddresses is a list of Email Addresses that are permitted or excluded.

false

ipRanges

[]string

IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation.

false

uriDomains

[]string

URIDomains is a list of URI domains that are permitted or excluded.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.nameConstraints.permitted

Permitted contains the constraints in which the names must be located.

Name Type Description Required

dnsDomains

[]string

DNSDomains is a list of DNS domains that are permitted or excluded.

false

emailAddresses

[]string

EmailAddresses is a list of Email Addresses that are permitted or excluded.

false

ipRanges

[]string

IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation.

false

uriDomains

[]string

URIDomains is a list of URI domains that are permitted or excluded.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.otherNames[index]

Name Type Description Required

oid

string

OID is the object identifier for the otherName SAN. The object identifier must be expressed as a dotted string, for example, "1.2.840.113556.1.4.221".

false

utf8Value

string

utf8Value is the string value of the otherName SAN. The utf8Value accepts any valid UTF8 string to set as value for the otherName SAN.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.privateKey

Private key options. These include the key algorithm and size, the used encoding and the rotation policy.

Name Type Description Required

algorithm

enum

Algorithm is the private key algorithm of the corresponding private key for this certificate.

If provided, allowed values are either RSA, ECDSA or Ed25519. If algorithm is specified and size is not provided, key size of 2048 will be used for RSA key algorithm and key size of 256 will be used for ECDSA key algorithm. key size is ignored when using the Ed25519 key algorithm.

  • Enum: RSA, ECDSA, Ed25519

false

encoding

enum

The private key cryptography standards (PKCS) encoding for this certificate’s private key to be encoded in.

If provided, allowed values are PKCS1 and PKCS8 standing for PKCS#1 and PKCS#8, respectively. Defaults to PKCS1 if not specified.

  • Enum: PKCS1, PKCS8

false

rotationPolicy

enum

RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed.

If set to Never, a private key will only be generated if one does not already exist in the target spec.secretName. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is Never for backward compatibility.

  • Enum: Never, Always

false

size

integer

Size is the key bit size of the corresponding private key for this certificate.

If algorithm is set to RSA, valid values are 2048, 4096 or 8192, and will default to 2048 if not specified. If algorithm is set to ECDSA, valid values are 256, 384 or 521, and will default to 256 if not specified. If algorithm is set to Ed25519, Size is ignored. No other values are allowed.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.secretTemplate

Defines annotations and labels to be copied to the Certificate’s Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate’s Secret.

Name Type Description Required

annotations

map[string]string

Annotations is a key value map to be copied to the target Kubernetes Secret.

false

labels

map[string]string

Labels is a key value map to be copied to the target Kubernetes Secret.

false

MissionControlCluster.spec.encryption.managementApiAuthEncryption.certs.certTemplate.subject

Requested set of X509 certificate subject attributes. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6

The common name attribute is specified separately in the commonName field. Cannot be set if the literalSubject field is set.

Name Type Description Required

countries

[]string

Countries to be used on the Certificate.

false

localities

[]string

Cities to be used on the Certificate.

false

organizationalUnits

[]string

Organizational Units to be used on the Certificate.

false

organizations

[]string

Organizations to be used on the Certificate.

false

postalCodes

[]string

Postal codes to be used on the Certificate.

false

provinces

[]string

State/Provinces to be used on the Certificate.

false

serialNumber

string

Serial number to be used on the Certificate.

false

streetAddresses

[]string

Street addresses to be used on the Certificate.

false

MissionControlCluster.status

MissionControlClusterStatus defines the observed state of MissionControlCluster.

Name Type Description Required

conditions

[]object

false

observedGeneration

integer

ObservedGeneration is the last observed generation of the MissionControlCluster by the owner operator

  • Format: int64

false

MissionControlCluster.status.conditions[index]

Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example,

type FooStatus struct{
    // Represents the observations of a foo's current state.
    // Known .status.conditions.type are: "Available", "Progressing", and "Degraded"
    // +patchMergeKey=type
    // +patchStrategy=merge
    // +listType=map
    // +listMapKey=type
    Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
    // other fields
}
Name Type Description Required

lastTransitionTime

string

lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

  • Format: date-time

true

message

string

message is a human readable message indicating details about the transition. This may be an empty string.

true

reason

string

reason contains a programmatic identifier indicating the reason for the condition’s last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.

true

status

enum

status of the condition, one of True, False, Unknown.

  • Enum: True, False, Unknown

true

type

string

type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)

true

observedGeneration

integer

observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

  • Format: int64

  • Minimum: 0

false

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com