From 5c87d8c44e2f8c4537261131643c5178ef8e200f Mon Sep 17 00:00:00 2001 From: "mykyta.oleksiienko" Date: Wed, 22 Nov 2023 17:07:18 +0200 Subject: [PATCH] issue-412, documentation refactoring --- config/samples/clusters_v1beta1_cadence.yaml | 2 +- .../clusters/datatest/cadence_v1beta1.yaml | 2 +- .../datatest/cadence_v1beta1_packaged.yaml | 2 +- .../aws-security-group-firewall-rule.md | 10 +- doc/clusterresources/azure-vnet-peering.md | 16 +-- .../cluster-network-firewall-rule.md | 10 +- doc/clusters/cadence.md | 94 +++++++++++----- doc/clusters/cassandra.md | 73 ++++++------ doc/clusters/kafka-connect.md | 40 +++---- doc/clusters/kafka.md | 106 ++++++++++++------ doc/clusters/opensearch.md | 96 ++++++++++------ doc/clusters/postgresql.md | 40 ++++--- doc/clusters/redis.md | 59 +++++++--- doc/clusters/zookeeper.md | 29 ++--- doc/getting-started.md | 15 +-- doc/kafkamanagment/kafka-acl.md | 21 ++-- doc/usermanagment/user-managment.md | 96 ++++++++++++++++ 17 files changed, 484 insertions(+), 227 deletions(-) create mode 100644 doc/usermanagment/user-managment.md diff --git a/config/samples/clusters_v1beta1_cadence.yaml b/config/samples/clusters_v1beta1_cadence.yaml index 72b302978..4d776897e 100644 --- a/config/samples/clusters_v1beta1_cadence.yaml +++ b/config/samples/clusters_v1beta1_cadence.yaml @@ -43,7 +43,7 @@ spec: - region: "US_EAST_2" network: "10.12.0.0/16" # if you use multi-region mode please provide - # non-overlapping CIDR block for the secondary mode cluster + # In a multi-region mode setup, ensure the CIDR block for the secondary cluster does not overlap with the primary one # network: "10.16.0.0/16" cloudProvider: "AWS_VPC" name: "testdc" diff --git a/controllers/clusters/datatest/cadence_v1beta1.yaml b/controllers/clusters/datatest/cadence_v1beta1.yaml index 322a5e6b7..808c22941 100644 --- a/controllers/clusters/datatest/cadence_v1beta1.yaml +++ b/controllers/clusters/datatest/cadence_v1beta1.yaml @@ -46,7 +46,7 @@ spec: - region: "US_WEST_2" network: "10.12.0.0/16" # if you use multi-region mode please provide - # non-overlapping CIDR block for the secondary mode cluster + # In a multi-region mode setup, ensure the CIDR block for the secondary cluster does not overlap with the primary one # network: "10.16.0.0/16" cloudProvider: "AWS_VPC" name: "testdc" diff --git a/controllers/clusters/datatest/cadence_v1beta1_packaged.yaml b/controllers/clusters/datatest/cadence_v1beta1_packaged.yaml index 7339656a7..83bce04b8 100644 --- a/controllers/clusters/datatest/cadence_v1beta1_packaged.yaml +++ b/controllers/clusters/datatest/cadence_v1beta1_packaged.yaml @@ -46,7 +46,7 @@ spec: - region: "US_WEST_2" network: "10.12.0.0/16" # if you use multi-region mode please provide - # non-overlapping CIDR block for the secondary mode cluster + # In a multi-region mode setup, ensure the CIDR block for the secondary cluster does not overlap with the primary one # network: "10.16.0.0/16" cloudProvider: "AWS_VPC" name: "testdc" diff --git a/doc/clusterresources/aws-security-group-firewall-rule.md b/doc/clusterresources/aws-security-group-firewall-rule.md index 75805d76a..817a2f331 100644 --- a/doc/clusterresources/aws-security-group-firewall-rule.md +++ b/doc/clusterresources/aws-security-group-firewall-rule.md @@ -2,11 +2,11 @@ ## Available spec fields -| Field | Type | Description | -|----------------------------------------------|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| clusterId | string
**required** | ID of the cluster for the cluster network firewall rule. | -| type | string
**required**
| The type of firewall rule.

Enum: `APACHE_ZOOKEEPER`, `CADENCE`, `CADENCE_GRPC`, `CADENCE_WEB`, `CASSANDRA`, `CASSANDRA_CQL`, `ELASTICSEARCH`, `KAFKA`, `KAFKA_CONNECT`, `KAFKA_ENCRYPTION`, `KAFKA_MTLS`, `KAFKA_NO_ENCRYPTION`, `KAFKA_REST_PROXY`, `KAFKA_SCHEMA_REGISTRY`, `KARAPACE_REST_PROXY`, `KARAPACE_SCHEMA_REGISTRY`, `OPENSEARCH`, `OPENSEARCH_DASHBOARDS`, `PGBOUNCER`, `POSTGRESQL`, `REDIS`, `SEARCH_DASHBOARDS`, `SECURE_APACHE_ZOOKEEPER`, `SPARK`, `SPARK_JOBSERVER`, `SHOTOVER_PROXY`. | -| securityGroupId | string
**required** | The security group ID of the AWS security group firewall rule. | | +| Field | Type | Description | +|----------------------------------------------|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| clusterId | string
**required** | ID of the cluster for the cluster network firewall rule. | +| type | string
**required**
| The type of firewall rule.Enum: `APACHE_ZOOKEEPER`, `CADENCE`, `CADENCE_GRPC`, `CADENCE_HTTP_API`, `CADENCE_WEB`, `CASSANDRA`, `CASSANDRA_CQL`, `ELASTICSEARCH`, `KAFKA`, `KAFKA_CONNECT`, `KAFKA_ENCRYPTION`, `KAFKA_MTLS`, `KAFKA_NO_ENCRYPTION`, `KAFKA_PRIVATE_SASL_PLAINTEXT_LISTENER`, `KAFKA_PUBLIC_SASL_PLAINTEXT_LISTENER`, `KAFKA_PRIVATE_PLAINTEXT_LISTENER`, `KAFKA_PUBLIC_PLAINTEXT_LISTENER`, `KAFKA_PRIVATE_SSL_LISTENER`, `KAFKA_PUBLIC_SSL_LISTENER`, `KAFKA_REST_PROXY`, `KAFKA_SCHEMA_REGISTRY`, `KARAPACE_REST_PROXY`, `KARAPACE_SCHEMA_REGISTRY`, `MONGODB`, `OPENSEARCH`, `OPENSEARCH_DASHBOARDS`, `PGBOUNCER`, `POSTGRESQL`, `REDIS`, `SEARCH_DASHBOARDS`, `SECURE_APACHE_ZOOKEEPER`, `SPARK`, `SPARK_JOBSERVER`, `SHOTOVER_PROXY`, `DEBEZIUM_CONNECTOR_CASSANDRA_KAFKA`, `DEBEZIUM_CONNECTOR_CASSANDRA_SCHEMA`. | +| securityGroupId | string
**required** | The security group ID of the AWS security group firewall rule. | | ## Resource create flow To create an AWS Security Group Firewall Rule resource you need to prepare the yaml manifest. Here is an example: diff --git a/doc/clusterresources/azure-vnet-peering.md b/doc/clusterresources/azure-vnet-peering.md index 712512545..1b98bfaff 100644 --- a/doc/clusterresources/azure-vnet-peering.md +++ b/doc/clusterresources/azure-vnet-peering.md @@ -2,14 +2,14 @@ ## Available spec fields -| Field | Type | Description | -|-------------------------------------------------------|------------------------------------------------|------------------------------------------------------------------------------------------------------------| -| peerVirtualNetworkName | string
**required** | The name of the VPC Network you wish to peer to. | -| peerSubnets | Array of strings
**required**
| The subnets for the peering VPC. | -| peerAdObjectId | string
**required** | ID of the Active Directory Object to give peering permissions to, required for cross subscription peering. | | -| peerResourceGroup | string
**required** | Resource Group Name of the Virtual Network. | -| peerSubscriptionId | string
**required**
| Subscription ID of the Virtual Network. | -| cdcId | string
**required** | ID of the Cluster Data Centre. | | +| Field | Type | Description | +|-------------------------------------------------------|---------------------------------------------|------------------------------------------------------------------------------------------------------------| +| peerVirtualNetworkName | string
**required** | The name of the VPC Network you wish to peer to. | +| peerSubnets | Array of strings
**required**
| The subnets for the peering VPC. | +| peerAdObjectId | string | ID of the Active Directory Object to give peering permissions to, required for cross subscription peering. | | +| peerResourceGroup | string
**required** | Resource Group Name of the Virtual Network. | +| peerSubscriptionId | string
**required**
| Subscription ID of the Virtual Network. | +| cdcId | string
**required** | ID of the Cluster Data Centre. | | ## Resource create flow To create a Azure Vnet Peering resource you need to prepare the yaml manifest. Here is an example: diff --git a/doc/clusterresources/cluster-network-firewall-rule.md b/doc/clusterresources/cluster-network-firewall-rule.md index 621814d92..4d1ab2018 100644 --- a/doc/clusterresources/cluster-network-firewall-rule.md +++ b/doc/clusterresources/cluster-network-firewall-rule.md @@ -2,11 +2,11 @@ ## Available spec fields -| Field | Type | Description | -|-------------------------------------------------|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| clusterId | string
**required** | ID of the cluster for the cluster network firewall rule. | -| type | string
**required**
| The type of firewall rule.

Enum: `APACHE_ZOOKEEPER`, `CADENCE`, `CADENCE_GRPC`, `CADENCE_WEB`, `CASSANDRA`, `CASSANDRA_CQL`, `ELASTICSEARCH`, `KAFKA`, `KAFKA_CONNECT`, `KAFKA_ENCRYPTION`, `KAFKA_MTLS`, `KAFKA_NO_ENCRYPTION`, `KAFKA_REST_PROXY`, `KAFKA_SCHEMA_REGISTRY`, `KARAPACE_REST_PROXY`, `KARAPACE_SCHEMA_REGISTRY`, `OPENSEARCH`, `OPENSEARCH_DASHBOARDS`, `PGBOUNCER`, `POSTGRESQL`, `REDIS`, `SEARCH_DASHBOARDS`, `SECURE_APACHE_ZOOKEEPER`, `SPARK`, `SPARK_JOBSERVER`, `SHOTOVER_PROXY`. | -| network | string
**required** | The network of the cluster network firewall rule. | | +| Field | Type | Description | +|-------------------------------------------------|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| clusterId | string
**required** | ID of the cluster for the cluster network firewall rule. | +| type | string
**required**
| The type of firewall rule.Enum: `APACHE_ZOOKEEPER`, `CADENCE`, `CADENCE_GRPC`, `CADENCE_HTTP_API`, `CADENCE_WEB`, `CASSANDRA`, `CASSANDRA_CQL`, `ELASTICSEARCH`, `KAFKA`, `KAFKA_CONNECT`, `KAFKA_ENCRYPTION`, `KAFKA_MTLS`, `KAFKA_NO_ENCRYPTION`, `KAFKA_PRIVATE_SASL_PLAINTEXT_LISTENER`, `KAFKA_PUBLIC_SASL_PLAINTEXT_LISTENER`, `KAFKA_PRIVATE_PLAINTEXT_LISTENER`, `KAFKA_PUBLIC_PLAINTEXT_LISTENER`, `KAFKA_PRIVATE_SSL_LISTENER`, `KAFKA_PUBLIC_SSL_LISTENER`, `KAFKA_REST_PROXY`, `KAFKA_SCHEMA_REGISTRY`, `KARAPACE_REST_PROXY`, `KARAPACE_SCHEMA_REGISTRY`, `MONGODB`, `OPENSEARCH`, `OPENSEARCH_DASHBOARDS`, `PGBOUNCER`, `POSTGRESQL`, `REDIS`, `SEARCH_DASHBOARDS`, `SECURE_APACHE_ZOOKEEPER`, `SPARK`, `SPARK_JOBSERVER`, `SHOTOVER_PROXY`, `DEBEZIUM_CONNECTOR_CASSANDRA_KAFKA`, `DEBEZIUM_CONNECTOR_CASSANDRA_SCHEMA`. | +| network | string
**required** | The network of the cluster network firewall rule. | | ## Resource create flow To create a Cluster Network Firewall Rule resource you need to prepare the yaml manifest. Here is an example: diff --git a/doc/clusters/cadence.md b/doc/clusters/cadence.md index 1f274bf3e..5b2319fbc 100644 --- a/doc/clusters/cadence.md +++ b/doc/clusters/cadence.md @@ -2,22 +2,36 @@ ## Available spec fields -| Field | Type | Description | -|------------------------|--------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | Cadence instance version.
**Available versions**: `0.22.4`, `0.24.0`. | -| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | -| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | -| dataCentres | Array of objects ([CadenceDataCentre](#CadenceDataCentreObject))
**required** | Object fields are described below as a bulleted list. | -| description | string | Description of the Cadence cluster. | -| useCadenceWebAuth | bool
**required** | Enable Authentication for Cadence Web. | -| awsArchival | Array of objects ([AWSArchival](#AWSArchivalObject)) | Cadence AWS Archival settings. | -| standardProvisioning | Array of objects ([StandardProvisioning](#StandardProvisioningObject)) | Settings for STANDARD provisioning. Must not be defined with SHARED and PACKAGED provisioning options. | -| sharedProvisioning | Array of objects ([SharedProvisioning](#SharedProvisioningObject)) | Settings for SHARED provisioning. Must not be defined with STANDARD and PACKAGED provisioning options. | -| packagedProvisioning | Array of objects ([PackagedProvisioning](#PackagedProvisioningObject)) | Settings for PACKAGED provisioning. Must not be defined with STANDARD and SHARED provisioning options. | - +| Field | Type | Description | +|-----------------------|-----------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | Cadence instance version.
**Available versions**: `0.22.4`, `0.24.0`. | +| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | +| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | +| dataCentres | Array of objects ([CadenceDataCentre](#CadenceDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| description | string | Description of the Cadence cluster. | +| useCadenceWebAuth | bool
**required** | Enable Authentication for Cadence Web. | +| awsArchival | Array of objects ([AWSArchival](#AWSArchivalObject)) | Cadence AWS Archival settings. | +| standardProvisioning | Array of objects ([StandardProvisioning](#StandardProvisioningObject)) | Settings for STANDARD provisioning. Must not be defined with SHARED and PACKAGED provisioning options. | +| sharedProvisioning | Array of objects ([SharedProvisioning](#SharedProvisioningObject)) | Settings for SHARED provisioning. Must not be defined with STANDARD and PACKAGED provisioning options. | +| packagedProvisioning | Array of objects ([PackagedProvisioning](#PackagedProvisioningObject)) | Settings for PACKAGED provisioning. Must not be defined with STANDARD and SHARED provisioning options. | +| targetPrimaryCadence | Array of objects ([TargetPrimaryCadence](#TargetPrimaryCadenceObject))
_mutable_ | Supporting Primary Cadence info for Multi region Cadence. | +| resizeSettings | Array of objects ([ResizeSettings](#ResizeSettingsObject))
_mutable_ | Settings to determine how resize requests will be performed for the cluster. | + + +### TargetPrimaryCadenceObject +| Field | Type | Description | +|-----------------------|-----------------------------|----------------------------------------------------| +| dependencyCdcId | string
**required** | ID of the supporting Cluster's Cluster Data Centre | +| dependencyVpcType | string
**required** | Enum: "TARGET_VPC" "VPC_PEERED" "SEPARATE_VPC" | + +### ResizeSettingsObject +| Field | Type | Description | +|------------------------|---------|-----------------------------------------------------------------------------------------------------------------------| +| notifySupportContacts | boolean | Setting this property to true will notify the Instaclustr Account's designated support contacts on resize completion. | +| concurrency | integer | Number of concurrent nodes to resize during a resize operation. | ### TwoFactorDeleteObject | Field | Type | Description | @@ -142,25 +156,53 @@ metadata: name: cadence-sample spec: name: "CadenceCluster" - version: "0.24.0" + version: "1.0.0" standardProvisioning: - targetCassandra: - dependencyCdcId: "66abf438-0020-4e2d-a39b-78706b7de064" + dependencyCdcId: "9d43ac54-7317-4ce5-859a-e9d0443508a4" dependencyVpcType: "VPC_PEERED" + packagedProvisioning: + - bundledCassandraSpec: + nodeSize: "CAS-DEV-t4g.small-5" + network: "10.2.0.0/16" + replicationFactor: 3 + nodesNumber: 3 + privateIPBroadcastForDiscovery: false + passwordAndUserAuth: true + useAdvancedVisibility: true + bundledKafkaSpec: + nodeSize: "KFK-DEV-t4g.small-5" + nodesNumber: 3 + network: "10.3.0.0/16" + replicationFactor: 3 + partitionsNumber: 3 + bundledOpenSearchSpec: + nodeSize: "SRH-DEV-t4g.small-5" + replicationFactor: 3 + network: "10.4.0.0/16" + twoFactorDelete: + - email: "example@netapp.com" privateNetworkCluster: false dataCentres: - - region: "US_EAST_1" - network: "10.3.0.0/16" + - region: "US_EAST_2" + network: "10.12.0.0/16" + # In a multi-region mode setup, ensure the CIDR block for the secondary cluster does not overlap with the primary one + # network: "10.16.0.0/16" cloudProvider: "AWS_VPC" - name: "testDC" + name: "testdc" nodeSize: "CAD-DEV-t3.small-5" - nodesNumber: 1 - privateLink: - - advertisedHostname: "cadence.test.com" + nodesNumber: 2 clientEncryption: false - description: "testCluster" + privateLink: + - advertisedHostname: "cadence-sample-test.com" slaTier: "NON_PRODUCTION" - useCadenceWebAuth: true + useCadenceWebAuth: false + targetPrimaryCadence: + - dependencyCdcId: "cce79be3-7f41-4cad-837c-86d3d8b4be77" + dependencyVpcType: "SEPARATE_VPC" + resizeSettings: + - notifySupportContacts: false + concurrency: 1 ``` If you want to enable AWSArchival option, please create a secret **before** cluster creation: diff --git a/doc/clusters/cassandra.md b/doc/clusters/cassandra.md index 518be83cf..57fd9fbaf 100644 --- a/doc/clusters/cassandra.md +++ b/doc/clusters/cassandra.md @@ -2,19 +2,22 @@ ## Available spec fields -| Field | Type | Description | -|-----------------------|------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | Cassandra instance version.
**Available versions**: `4.0.4`, `3.11.13`. | -| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | -| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | -| spark | Array of objects ([Spark](#SparkObject)) | Adds the specified version of Apache Spark to the Cassandra cluster. **Available versions:** `2.3.2`,`3.0.1` | -| luceneEnabled | bool
**required** | Adds Apache Lucene to the Cassandra cluster. | -| passwordAndUserAuth | bool
**required** | Enables Password Authentication and User Authorization. | -| restoreFrom | Object ([CassandraRestoreFrom](#CassandraRestoreFromObject)) | Triggers a restore cluster operation. | -| dataCentres | Array of objects ([CassandraDataCentre](#CassandraDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| Field | Type | Description | +|---------------------------|------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | Cassandra instance version.
**Available versions**: `3.11.15`, `3.11.16`, `4.0.10`, `4.0.11`, `4.1.3`. | +| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | +| description | string
| A description of the cluster | +| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | +| schemaRegistry | Array of objects ([KafkaSchemaRegistryDetails](#KafkaSchemaRegistryDetailsObject))
_mutable_ | Adds the specified version of Kafka Schema Registry to this Kafka cluster. | +| luceneEnabled | bool
**required** | Adds Apache Lucene to the Cassandra cluster. | +| passwordAndUserAuth | bool
**required** | Enables Password Authentication and User Authorization. | +| bundledUseOnly | bool
**required** | Provision this cluster for Bundled Use only. | +| restoreFrom | Object ([CassandraRestoreFrom](#CassandraRestoreFromObject)) | Triggers a restore cluster operation. | +| dataCentres | Array of objects ([CassandraDataCentre](#CassandraDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| resizeSettings | Array of objects ([ResizeSettings](#ResizeSettingsObject))
_mutable_ | Settings to determine how resize requests will be performed for the cluster. | ### TwoFactorDeleteObject | Field | Type | Description | @@ -22,27 +25,33 @@ | confirmationPhoneNumber | string | The phone number which will be contacted when the cluster is requested to be deleted. | | confirmationEmail | string
**required** | The email address which will be contacted when the cluster is requested to be deleted. | -### SparkObject -| Field | Type | Description | -|------------|-----------------------------|----------------------------------------------------------------------------------------------------------------| -| version | string
**required** | Adds the specified version of Apache Spark to the Cassandra cluster. **Available versions:** `2.3.2`, `3.0.1`. | +### KafkaSchemaRegistryDetailsObject +| Field | Type | Description | +|--------------------------|-------------------------------|-------------------------------------------------------------------------------------------------------------------| +| version | string
**required** | Adds the specified version of Kafka Schema Registry to the Kafka cluster.
**Available versions**: `5.0.0`. | + +### ResizeSettingsObject +| Field | Type | Description | +|------------------------|---------|-----------------------------------------------------------------------------------------------------------------------| +| notifySupportContacts | boolean | Setting this property to true will notify the Instaclustr Account's designated support contacts on resize completion. | +| concurrency | integer | Number of concurrent nodes to resize during a resize operation. | ### CassandraDataCentreObject -| Field | Type | Description | -|----------------------------------|--------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | A logical name for the data centre within a cluster. These names must be unique in the cluster. | -| region | string
**required** | Region of the Data Centre. See the description for node size for a compatible Data Centre for a given node size. | -| cloudProvider | string
**required** | Name of the cloud provider service in which the Data Centre will be provisioned.
**Enum**: `AWS_VPC` `GCP` `AZURE` `AZURE_AZ`. | -| accountName | string | For customers running in their own account. Your provider account can be found on the Create Cluster page on the Instaclustr Console, or the "Provider Account" property on any existing cluster. For customers provisioning on Instaclustr's cloud provider accounts, this property may be omitted. | -| cloudProviderSettings | Array of objects ([CloudProviderSettings](#CloudProviderSettingsObject)) | Cloud provider specific settings for the Data Centre. | -| network | string
**required** | The private network address block for the Data Centre specified using CIDR address notation. The network must have a prefix length between /12 and /22 and must be part of a private address space. | -| nodeSize | string
**required**
_mutable_ | Size of the nodes provisioned in the Data Centre. Available node sizes, see [Instaclustr API docs NodeSize](https://instaclustr.redoc.ly/Current/tag/Cassandra-Cluster-V2#paths/~1cluster-management~1v2~1resources~1applications~1cassandra~1clusters~1v2/post!path=dataCentres/nodeSize&t=request). | -| nodesNumber | int32
**required**
_mutable_ | Total number of nodes in the Data Centre.
Available values: [1…5]. | -| tags | map[string]string | List of tags to apply to the Data Centre. Tags are metadata labels which allow you to identify, categorise and filter clusters. This can be useful for grouping together clusters into applications, environments, or any category that you require.
**Format**:
tags:
- key: value. | -| replicationFactor | int32
**required** | Number of racks to use when allocating nodes. | -| continuousBackup | bool
**required** | Enables commitlog backups and increases the frequency of the default snapshot backups. | -| privateIpBroadcastForDiscovery | bool
**required** | Enables broadcast of private IPs for auto-discovery. | -| clientToClusterEncryption | bool
**required** | Enables Client ⇄ Node Encryption. | +| Field | Type | Description | +|----------------------------------|--------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | A logical name for the data centre within a cluster. These names must be unique in the cluster. | +| region | string
**required** | Region of the Data Centre. See the description for node size for a compatible Data Centre for a given node size. | +| cloudProvider | string
**required** | Name of the cloud provider service in which the Data Centre will be provisioned.
**Enum**: `AWS_VPC` `GCP` `AZURE` `AZURE_AZ`. | +| accountName | string | For customers running in their own account. Your provider account can be found on the Create Cluster page on the Instaclustr Console, or the "Provider Account" property on any existing cluster. For customers provisioning on Instaclustr's cloud provider accounts, this property may be omitted. | +| cloudProviderSettings | Array of objects ([CloudProviderSettings](#CloudProviderSettingsObject)) | Cloud provider specific settings for the Data Centre. | +| network | string
**required** | The private network address block for the Data Centre specified using CIDR address notation. The network must have a prefix length between /12 and /22 and must be part of a private address space. | +| nodeSize | string
**required**
_mutable_ | Size of the nodes provisioned in the Data Centre. Available node sizes, see [Instaclustr API docs NodeSize](https://instaclustr.redoc.ly/Current/tag/Cassandra-Cluster-V2#paths/~1cluster-management~1v2~1resources~1applications~1cassandra~1clusters~1v2/post!path=dataCentres/nodeSize&t=request). | +| nodesNumber | int32
**required**
_mutable_ | Total number of nodes in the Data Centre.
Available values: [1…5]. | +| tags | map[string]string | List of tags to apply to the Data Centre. Tags are metadata labels which allow you to identify, categorise and filter clusters. This can be useful for grouping together clusters into applications, environments, or any category that you require.
**Format**:
tags:
- key: value. | +| replicationFactor | int32
**required** | Default Replication factor to use for new topic. Also represents the number of racks to use when allocating nodes. | +| continuousBackup | bool
**required** | Enables commitlog backups and increases the frequency of the default snapshot backups. | +| privateIpBroadcastForDiscovery | bool
**required** | Enables broadcast of private IPs for auto-discovery. | +| clientToClusterEncryption | bool
**required** | Enables Client ⇄ Node Encryption. | ### CloudProviderSettingsObject diff --git a/doc/clusters/kafka-connect.md b/doc/clusters/kafka-connect.md index 3fe92fa49..618517892 100644 --- a/doc/clusters/kafka-connect.md +++ b/doc/clusters/kafka-connect.md @@ -2,16 +2,17 @@ ## Available spec fields -| Field | Type | Description | -|-----------------------|-------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | Kafka Connect instance version.
**Available versions**: `3.1.2`, `3.0.2`, `2.8.2`, `2.7.1`. | -| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | -| targetCluster | Array of objects ([TargetCluster](#TargetClusterObject))
**required** | Details to connect to a target Kafka Cluster cluster. | -| customConnectors | Array of objects ([CustomConnectors](#CustomConnectorsObject)) | Defines the location for custom connector storage and access info. | -| dataCentres | Array of objects ([KafkaConnectDataCentre](#KafkaConnectDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| Field | Type | Description | +|------------------------|--------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | Kafka Connect instance version.
**Available versions**: `3.1.2`, `3.3.1`, `3.4.1`, `3.5.1`. | +| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | +| targetCluster | Array of objects ([TargetCluster](#TargetClusterObject))
**required** | Details to connect to a target Kafka Cluster cluster. | +| customConnectors | Array of objects ([CustomConnectors](#CustomConnectorsObject)) | Defines the location for custom connector storage and access info. | +| dataCentres | Array of objects ([KafkaConnectDataCentre](#KafkaConnectDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| description | string
| A description of the cluster | ### TwoFactorDeleteObject | Field | Type | Description | @@ -26,15 +27,16 @@ | managedCluster | Array of objects ([ManagedCluster](#ManagedClusterObject)) | Details to connect to a Instaclustr managed cluster. Cannot be provided if targeting an external cluster. | ### ExternalClusterObject -| Field | Type | Description | -|-------------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| securityProtocol | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | -| sslTruststorePassword | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | -| bootstrapServers | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | -| saslJaasConfig | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | -| saslMechanism | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | -| sslProtocol | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | -| truststore | string | Base64 encoded version of the TLS trust store (in JKS format) used to connect to your Kafka Cluster. Only required if connecting to a Non-Instaclustr managed Kafka Cluster with TLS enabled. | +| Field | Type | Description | +|-----------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| securityProtocol | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| sslTruststorePassword | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| bootstrapServers | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| saslJaasConfig | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| saslMechanism | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| sslProtocol | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| sslEnabledProtocols | string | Connection information for your Kafka Cluster. These options are analogous to the similarly named options that you would place in your Kafka Connect worker.properties file. Only required if connecting to a Non-Instaclustr managed Kafka Cluster. | +| truststore | string | Base64 encoded version of the TLS trust store (in JKS format) used to connect to your Kafka Cluster. Only required if connecting to a Non-Instaclustr managed Kafka Cluster with TLS enabled. | ### ManagedClusterObject | Field | Type | Description | diff --git a/doc/clusters/kafka.md b/doc/clusters/kafka.md index 207b8b08f..2a945cd40 100644 --- a/doc/clusters/kafka.md +++ b/doc/clusters/kafka.md @@ -2,29 +2,32 @@ ## Available spec fields -| Field | Type | Description | -|-----------------------------------|----------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | Kafka instance version.
**Available versions**: `3.0.2`, `3.1.2`, `2.8.2`. | -| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | -| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | -| schemaRegistry | Array of objects ([SchemaRegistry](#SchemaRegistryObject)) | Adds the specified version of Kafka Schema Registry to this Kafka cluster. | -| replicationFactor | int32
**required** | Default Replication factor to use for new topic. Also represents the number of racks to use when allocating nodes. | -| partitionsNumber | int32
**required** | Default number of partitions to use when created new topics. | -| restProxy | Array of objects ([RestProxy](#RestProxyObject)) | Adds the specified version of Kafka REST Proxy to this Kafka cluster. | -| allowDeleteTopics | bool
**required** | Allows topics to be deleted via the kafka-topics tool. | -| autoCreateTopics | bool
**required** | Allows topics to be auto created by brokers when messages are published to a non-existent topic. | -| clientToClusterEncryption | bool
**required** | Enables Client ⇄ Cluster Encryption. | -| dataCentres | Array of objects ([KafkaDataCentre](#KafkaDataCentreObject))
**required** | Object fields are described below as a bulleted list. | -| dedicatedZookeeper | Array of objects ([DedicatedZookeeper](#DedicatedZookeeperObject)) | Provision additional dedicated nodes for Apache Zookeeper to run on. Zookeeper nodes will be co-located with Kafka if this is not provided. | -| clientBrokerAuthWithMtls | bool | Enables Client ⇄ Broker Authentication with mTLS. | -| clientAuthBrokerWithoutEncryption | bool | Enables Client ⇄ Broker Authentication without Encryption. | -| clientAuthBrokerWithEncryption | bool | Enables Client ⇄ Broker Authentication with Encryption. | -| karapaceRestProxy | Array of objects ([KarapaceRestProxy](#KarapaceRestProxyObject)) | Adds the specified version of Kafka Karapace REST Proxy to this Kafka cluster. | -| karapaceSchemaRegistry | Array of objects ([KarapaceSchemaRegistry](#KarapaceSchemaRegistryObject)) | Adds the specified version of Kafka Karapace Schema Registry to this Kafka cluster. | -| bundledUseOnly | bool | Provision this cluster for [Bundled Use only](https://www.instaclustr.com/support/documentation/cadence/getting-started-with-cadence/bundled-use-only-cluster-deployments/). | +| Field | Type | Description | +|---------------------------------------|----------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | Kafka instance version.
**Available versions**: `3.1.2`, `3.3.1`, `3.4.1`, `3.5.1`. | +| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | +| privateNetworkCluster | bool
**required** | Allows topics to be deleted via the kafka-topics tool | +| allowDeleteTopics | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | +| schemaRegistry | Array of objects ([SchemaRegistry](#SchemaRegistryObject)) | Adds the specified version of Kafka Schema Registry to this Kafka cluster. | +| replicationFactor | int32
**required** | Default Replication factor to use for new topic. Also represents the number of racks to use when allocating nodes. | +| partitionsNumber | int32
**required** | Default number of partitions to use when created new topics. | +| restProxy | Array of objects ([RestProxy](#RestProxyObject)) | Adds the specified version of Kafka REST Proxy to this Kafka cluster. | +| kraft | Array of objects ([KafkaKraftSettings](#KafkaKraftSettingsObject)) | Create a KRaft Cluster | +| allowDeleteTopics | bool
**required** | Allows topics to be deleted via the kafka-topics tool. | +| autoCreateTopics | bool
**required** | Allows topics to be auto created by brokers when messages are published to a non-existent topic. | +| clientToClusterEncryption | bool
**required** | Enables Client ⇄ Cluster Encryption. | +| dataCentres | Array of objects ([KafkaDataCentre](#KafkaDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| dedicatedZookeeper | Array of objects ([DedicatedZookeeper](#DedicatedZookeeperObject)) | Provision additional dedicated nodes for Apache Zookeeper to run on. Zookeeper nodes will be co-located with Kafka if this is not provided. | +| clientBrokerAuthWithMtls | bool | Enables Client ⇄ Broker Authentication with mTLS. | +| clientAuthBrokerWithoutEncryption | bool | Enables Client ⇄ Broker Authentication without Encryption. | +| clientAuthBrokerWithEncryption | bool | Enables Client ⇄ Broker Authentication with Encryption. | +| karapaceRestProxy | Array of objects ([KarapaceRestProxy](#KarapaceRestProxyObject)) | Adds the specified version of Kafka Karapace REST Proxy to this Kafka cluster. | +| karapaceSchemaRegistry | Array of objects ([KarapaceSchemaRegistry](#KarapaceSchemaRegistryObject)) | Adds the specified version of Kafka Karapace Schema Registry to this Kafka cluster. | +| bundledUseOnly | bool | Provision this cluster for [Bundled Use only](https://www.instaclustr.com/support/documentation/cadence/getting-started-with-cadence/bundled-use-only-cluster-deployments/). | +| description | string
| A description of the cluster | ### TwoFactorDeleteObject | Field | Type | Description | @@ -37,6 +40,11 @@ |-----------|-----------------------------|------------------------------------------------------------------------------------------------------------| | version | string
**required** | Adds the specified version of Kafka Schema Registry to the Kafka cluster. **Available versions:** `5.0.0`. | +### KafkaKraftSettingsObject +| Field | Type | Description | +|---------------------|----------------------------|---------------------------------------------------------------------| +| controllerNodeCount | int32
**required** | Number of KRaft controller nodes (only 3 is currently supported). | + ### RestProxyObject | Field | Type | Description | |--------------------------------------|----------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -87,35 +95,53 @@ | version | string
**required** | Adds the specified version of Kafka REST Proxy to the Kafka cluster. **Available versions:** `3.4.3`. | ### KarapaceSchemaRegistryObject -| Field | Type | Description | -|----------|----------------------------|------------------------------------------------------------------------------------------------------------| -| version | string
**required** | Adds the specified version of Kafka Schema Registry to the Kafka cluster. **Available versions:** `3.4.3`. | +| Field | Type | Description | +|----------|----------------------------|---------------------------------------------------------------------------------------------------------------------| +| version | string
**required** | Adds the specified version of Kafka Schema Registry to the Kafka cluster. **Available versions:** `3.4.3`, `3.6.2`. | ## Cluster create flow To create a Kafka cluster instance you need to prepare the yaml manifest. Here is an example: ```yaml -# kafka.yaml + kafka.yaml apiVersion: clusters.instaclustr.com/v1beta1 kind: Kafka metadata: - name: kafka-sample + name: kafka spec: - name: "kafka" - version: "2.8.2" + name: "Kafka-example" + version: "3.3.1" pciCompliance: false replicationFactor: 3 partitionsNumber: 3 allowDeleteTopics: true autoCreateTopics: true - clientToClusterEncryption: true - privateNetworkCluster: true + clientToClusterEncryption: false + privateNetworkCluster: false slaTier: "NON_PRODUCTION" + bundledUseOnly: true + clientBrokerAuthWithMtls: true + dedicatedZookeeper: + - nodeSize: "KDZ-DEV-t4g.small-30" + nodesNumber: 3 + twoFactorDelete: + - email: "example@gmail.com" + phone: "example" karapaceSchemaRegistry: - version: "3.2.0" + schemaRegistry: + - version: "5.0.0" karapaceRestProxy: - integrateRestProxyWithSchemaRegistry: true version: "3.2.0" + kraft: + - controllerNodeCount: 3 + restProxy: + - integrateRestProxyWithSchemaRegistry: false + schemaRegistryPassword: "asdfasdf" + schemaRegistryServerUrl: "schemaRegistryServerUrl" + "useLocalSchemaRegistry": true + version: "5.0.0" dataCentres: - name: "AWS_VPC_US_EAST_1" nodesNumber: 3 @@ -126,9 +152,19 @@ spec: nodeSize: "KFK-DEV-t4g.small-5" network: "10.0.0.0/16" region: "US_EAST_1" - dedicatedZookeeper: - - nodeSize: "KDZ-DEV-t4g.small-30" - nodesNumber: 3 + accountName: "Custrom" + cloudProviderSettings: + - customVirtualNetworkId: "vpc-12345678" + diskEncryptionKey: "123e4567-e89b-12d3-a456-426614174000" + resourceGroup: "asdfadfsdfas" + privateLink: + - advertisedHostname: "kafka-example-test.com" + userRefs: + - name: kafkauser-sample + namespace: default + resizeSettings: + - notifySupportContacts: false + concurrency: 1 ``` Next, you need to apply this manifest in your K8s cluster. This will create a custom resource instance inside (more info about an apply command you can find [here](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#apply)): diff --git a/doc/clusters/opensearch.md b/doc/clusters/opensearch.md index cf73a2b06..5287ab745 100644 --- a/doc/clusters/opensearch.md +++ b/doc/clusters/opensearch.md @@ -2,31 +2,32 @@ ## Available spec fields -| Field | Type | Description | -|--------------------------|------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | OpenSearch instance version. | -| privateNetworkCluster | bool | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject)) | Contacts that will be contacted when cluster request is sent. | -| dataCentres | Array of objects ([OpenSearchDataCentre](#OpenSearchDataCentreObject)) | List of data centre settings. | -| privateLink | bool | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/) | -| openSearchRestoreFrom | Object ([OpenSearchRestoreFrom](#OpenSearchRestoreFromObject)) | Triggers a restore cluster operation. | -| bundledUseOnly | bool | Provision this cluster for Bundled Use only. | -| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | -| clusterManagerNodes | Array of objects ([ClusterManagerNodes](#ClusterManagerNodes)) | List of cluster managers node settings | -| indexManagementPlugin | bool | Enables Index Management Plugin. This helps automate recurring index management activities. | -| alertingPlugin | bool | Enables Alerting Plugin. | -| icuPlugin | bool | Enables ICU Plugin. | -| asynchronousSearchPlugin | bool | Enables asynchronousSearch plugin. | -| anomalyDetectionPlugin | bool | Enables anomalyDetection plugin. | -| sqlPlugin | bool | Enables sql plugin. | -| knnPlugin | bool | Enables knn plugin. | -| notificationsPlugin | bool | Enables notifications plugin. | -| reportingPlugin | bool | Enables reporting plugin. | -| loadBalancer | bool | Enables Load Balancer. | -| dataNodes | Array of objects ([DataNodes](#DataNodes)) | List of data node settings | -| dashboards | Array of objects ([Dashboards](#Dashboards)) | List of dashboards node settings | +| Field | Type | Description | +|---------------------------|---------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | OpenSearch instance version. | +| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject)) | Contacts that will be contacted when cluster request is sent. | +| dataCentres | Array of objects ([OpenSearchDataCentre](#OpenSearchDataCentreObject))
**required** | List of data centre settings. | +| privateLink | bool | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/) | +| openSearchRestoreFrom | Object ([OpenSearchRestoreFrom](#OpenSearchRestoreFromObject)) | Triggers a restore cluster operation. | +| bundledUseOnly | bool | Provision this cluster for Bundled Use only. | +| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | +| clusterManagerNodes | Array of objects ([ClusterManagerNodes](#ClusterManagerNodes))
**required** | List of cluster managers node settings | +| indexManagementPlugin | bool | Enables Index Management Plugin. This helps automate recurring index management activities. | +| alertingPlugin | bool | Enables Alerting Plugin. | +| icuPlugin | bool | Enables ICU Plugin. | +| asynchronousSearchPlugin | bool | Enables asynchronousSearch plugin. | +| anomalyDetectionPlugin | bool | Enables anomalyDetection plugin. | +| sqlPlugin | bool | Enables sql plugin. | +| knnPlugin | bool | Enables knn plugin. | +| notificationsPlugin | bool | Enables notifications plugin. | +| reportingPlugin | bool | Enables reporting plugin. | +| loadBalancer | bool | Enables Load Balancer. | +| dataNodes | Array of objects ([DataNodes](#DataNodes)) | List of data node settings | +| dashboards | Array of objects ([Dashboards](#Dashboards)) | List of dashboards node settings | +| description | string
| A description of the cluster | ### DataNodes @@ -111,20 +112,47 @@ apiVersion: clusters.instaclustr.com/v1beta1 kind: OpenSearch metadata: name: opensearch-sample + annotations: + test.annotation/first: testAnnotation spec: - name: "k8sOpOS" - version: "2.7.0" + name: opensearch-sample + alertingPlugin: false + anomalyDetectionPlugin: false + asynchronousSearchPlugin: false + clusterManagerNodes: + - dedicatedManager: false + nodeSize: SRH-DEV-t4g.small-30 dataCentres: - - region: "US_WEST_2" - network: "10.1.0.0/16" - cloudProvider: "AWS_VPC" + - cloudProvider: AWS_VPC + name: AWS_VPC_US_EAST_1 + network: 10.0.0.0/16 replicationFactor: 3 privateLink: false - clusterManagerNodes: - - dedicatedManager: false - nodeSize: "SRH-DEV-t4g.small-30" - slaTier: "NON_PRODUCTION" + region: US_EAST_1 + ingestNodes: + - nodeSize: SRH-DI-PRD-m6g.xlarge-10 + nodeCount: 3 + dataNodes: + - nodeNumber: 3 + nodeSize: SRH-DEV-t4g.small-5 + icuPlugin: false + indexManagementPlugin: true + knnPlugin: false + loadBalancer: false + notificationsPlugin: false + opensearchDashboards: + - nodeSize: SRH-DEV-t4g.small-5 + oidcProvider: '' + version: opensearch-dashboards:2.5.0 + version: 2.9.0 pciCompliance: false + privateNetworkCluster: false + reportingPlugin: false + slaTier: NON_PRODUCTION + sqlPlugin: false + resizeSettings: + - notifySupportContacts: false + concurrency: 3 ``` Next you need to apply this manifest. This will create OpenSearch custom resource instance: diff --git a/doc/clusters/postgresql.md b/doc/clusters/postgresql.md index 5ce1cde45..9f5a98590 100644 --- a/doc/clusters/postgresql.md +++ b/doc/clusters/postgresql.md @@ -2,18 +2,25 @@ ## Available spec fields -| Field | Type | Description | -|-----------------------|-----------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | PostgreSQL instance version.
**Available versions**: `15.1.0`, `14.6.0`, `14.5.0`, `13.9.0`, `13.8.0`. | -| privateNetworkCluster | bool | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | -| dataCentres | Array of objects ([PgDataCentre](#PgDataCentreObject))
_mutable_ | List of data centre settings. | -| clusterConfigurations | map[string]string
_mutable_ | PostgreSQL cluster configurations. Cluster nodes will need to be manually reloaded to apply configuration changes.
**Format**:
clusterConfigurations:
- key: value | -| description | string
_mutable_ | A description of the cluster. | -| synchronousModeStrict | bool | Create the PostgreSQL cluster with the selected replication mode, see [PostgreSQL replication mode](https://www.instaclustr.com/support/documentation/postgresql/options/replication-mode/). | -| pgRestoreFrom | Object ([PgRestoreFrom](#PgRestoreFromObject)) | Triggers a restore cluster operation. | +| Field | Type | Description | +|-----------------------|-----------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | PostgreSQL instance version.
**Available versions**: `13.11.0`, `13.12.0`, `14.9.0`, `13.10.0`, `14.7.0`, `14.8.0`, `16.0.0`, `15.4.0`, `15.2.0`, `15.3.0` | +| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | +| dataCentres | Array of objects ([PgDataCentre](#PgDataCentreObject))
_mutable_ | List of data centre settings. | +| clusterConfigurations | map[string]string
_mutable_ | PostgreSQL cluster configurations. Cluster nodes will need to be manually reloaded to apply configuration changes.
**Format**:
clusterConfigurations:
- key: value | +| description | string
_mutable_ | A description of the cluster. | +| synchronousModeStrict | bool
**required** | Create the PostgreSQL cluster with the selected replication mode, see [PostgreSQL replication mode](https://www.instaclustr.com/support/documentation/postgresql/options/replication-mode/). | +| pgRestoreFrom | Object ([PgRestoreFrom](#PgRestoreFromObject)) | Triggers a restore cluster operation. | +| resizeSettings | Array of objects ([ResizeSettings](#ResizeSettingsObject))
_mutable_ | Settings to determine how resize requests will be performed for the cluster. | + +### ResizeSettingsObject +| Field | Type | Description | +|------------------------|---------|-----------------------------------------------------------------------------------------------------------------------| +| notifySupportContacts | boolean | Setting this property to true will notify the Instaclustr Account's designated support contacts on resize completion. | +| concurrency | integer | Number of concurrent nodes to resize during a resize operation. | ### TwoFactorDeleteObject @@ -37,7 +44,7 @@ | clientEncryption | bool | Enable client to cluster Encryption. | | interDataCentreReplication | Array of objects ([InterDataCentreReplication](#InterDataCentreReplicationObject)) | | | intraDataCentreReplication | Array of objects ([IntraDataCentreReplication](#IntraDataCentreReplicationObject)) | | -| pgBouncerVersion | string | Version of Pg Bouncer to run on the cluster. Required to enable Pg Bouncer.
**Available versions**: `1.17.0` | +| pgBouncer | Array of objects ([PgBouncerDetails](#PgBouncerDetailsObject)) | Version of Pg Bouncer to run on the cluster. Required to enable Pg Bouncer.
**Available versions**: `1.17.0` | | poolMode | string | Creates PgBouncer with the selected mode, see PgBouncer pool modes. Only available with `pgBouncerVersion` filled.
**Enum**: `TRANSACTION` `SESSION` `STATEMENT` | ### CloudProviderSettingsObject @@ -48,6 +55,13 @@ | resourceGroup | string | The name of the Azure Resource Group into which the Data Centre will be provisioned.
Cannot be provided with `customVirtualNetworkId` and `diskEncryptionKey` | | diskEncryptionKey | string | ID of a KMS encryption key to encrypt data on nodes. KMS encryption key must be set in Cluster Resources through the Instaclustr Console before provisioning an encrypted Data Centre.
Cannot be provided with `customVirtualNetworkId` | +### #PgBouncerDetailsObject + +| Field | Type | Description | +|--------------------|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| pgBouncerVersion | string
**required** | Version of Pg Bouncer to run on the cluster. Available versions: `1.19.0`, `1.20.0`, `1.18.0` | +| poolMode | string
**required** | Creates PgBouncer with the selected mode, see [PgBouncer pool modes] (https://www.instaclustr.com/support/documentation/postgresql-add-ons/using-pgbouncer/) Enum: "TRANSACTION" "SESSION" "STATEMENT" | + ### InterDataCentreReplicationObject | Field | Type | Description | diff --git a/doc/clusters/redis.md b/doc/clusters/redis.md index afea820c2..d87dbdf49 100644 --- a/doc/clusters/redis.md +++ b/doc/clusters/redis.md @@ -2,19 +2,26 @@ ## Available spec fields -| Field | Type | Description | -|-----------------------|----------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | Redis instance version.
**Available versions**: `6.2.7`, `7.0.5`. | -| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | -| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | -| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | -| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | -| clientEncryption | bool
**required** | Enables Client ⇄ Node Encryption. | -| passwordAndUserAuth | bool
**required** | Enables Password Authentication and User Authorization. | -| description | string
_mutable_ | Cluster description. | -| restoreFrom | Object ([RedisRestoreFrom](#RedisRestoreFromObject)) | Triggers a restore cluster operation. | -| dataCentres | Array of objects ([RedisDataCentre](#RedisDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| Field | Type | Description | +|-----------------------|-----------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | +| version | string
**required** | Redis instance version.
**Available versions**: `6.2.13`, `7.0.12`. | +| pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | +| privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | +| slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | +| twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject))
_mutable_ | Contacts that will be contacted when cluster request is sent. | +| clientEncryption | bool
**required** | Enables Client ⇄ Node Encryption. | +| passwordAndUserAuth | bool
**required** | Enables Password Authentication and User Authorization. | +| description | string
_mutable_ | Cluster description. | +| restoreFrom | Object ([RedisRestoreFrom](#RedisRestoreFromObject)) | Triggers a restore cluster operation. | +| dataCentres | Array of objects ([RedisDataCentre](#RedisDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| resizeSettings | Array of objects ([ResizeSettings](#ResizeSettingsObject))
_mutable_ | Settings to determine how resize requests will be performed for the cluster. | + +### ResizeSettingsObject +| Field | Type | Description | +|------------------------|---------|-----------------------------------------------------------------------------------------------------------------------| +| notifySupportContacts | boolean | Setting this property to true will notify the Instaclustr Account's designated support contacts on resize completion. | +| concurrency | integer | Number of concurrent nodes to resize during a resize operation. | ### TwoFactorDeleteObject | Field | Type | Description | @@ -45,12 +52,14 @@ | Field | Type | Description | |-----------------------|--------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | name | string
**required** | A logical name for the data centre within a cluster. These names must be unique in the cluster. | +| replicationFactor | string
**required** | A logical name for the data centre within a cluster. These names must be unique in the cluster. | | region | string
**required** | Region of the Data Centre. See the description for node size for a compatible Data Centre for a given node size. | | cloudProvider | string
**required** | Name of the cloud provider service in which the Data Centre will be provisioned.
**Enum**: `AWS_VPC` `GCP` `AZURE` `AZURE_AZ`. | | accountName | string | For customers running in their own account. Your provider account can be found on the Create Cluster page on the Instaclustr Console, or the "Provider Account" property on any existing cluster. For customers provisioning on Instaclustr's cloud provider accounts, this property may be omitted. | | cloudProviderSettings | Array of objects ([CloudProviderSettings](#CloudProviderSettingsObject)) | Cloud provider specific settings for the Data Centre. | | network | string
**required** | The private network address block for the Data Centre specified using CIDR address notation. The network must have a prefix length between /12 and /22 and must be part of a private address space. | | nodeSize | string
**required**
_mutable_ | Size of the nodes provisioned in the Data Centre. Available node sizes, see [Instaclustr API docs NodeSize](https://instaclustr.redoc.ly/Current/tag/Redis-Cluster-V2#paths/~1cluster-management~1v2~1resources~1applications~1redis~1clusters~1v2/post!path=dataCentres/nodeSize&t=request). | +| privateLink | Array of objects ([PrivateLinkSettings](#PrivateLinkSettingsObject)) | Create a PrivateLink enabled cluster, see PrivateLink. | | nodesNumber | int32
**required**
_mutable_ | Total number of nodes in the Data Centre.
Available values: [1…5]. | | tags | map[string]string | List of tags to apply to the Data Centre. Tags are metadata labels which allow you to identify, categorise and filter clusters. This can be useful for grouping together clusters into applications, environments, or any category that you require.
**Format**:
tags:
- key: value. | | masterNodes | string
**required** | Total number of master nodes in the Data Centre. | @@ -62,6 +71,11 @@ | resourceGroup | string | The name of the Azure Resource Group into which the Data Centre will be provisioned.
Cannot be provided with `customVirtualNetworkId` and `diskEncryptionKey` | | diskEncryptionKey | string | ID of a KMS encryption key to encrypt data on nodes. KMS encryption key must be set in Cluster Resources through the Instaclustr Console before provisioning an encrypted Data Centre.
Cannot be provided with `customVirtualNetworkId` | +### PrivateLinkSettingsObject +| Field | Type | Description | +|----------------------|-------------------------------|-----------------------------------------------------------------| +| advertisedHostname | string
**required** | The hostname to be used to connect to the PrivateLink cluster. | + ## Cluster create flow To create a Redis cluster instance you need to prepare the yaml manifest. Here is an example: @@ -72,18 +86,27 @@ kind: Redis metadata: name: redis-sample spec: - name: "Redis" - version: "7.0.5" + name: "Username-redis" + version: "7.0.12" slaTier: "NON_PRODUCTION" clientEncryption: false - passwordAndUserAuth: false + passwordAndUserAuth: true + privateNetworkCluster: false + twoFactorDelete: + - email: "rostyslp@netapp.com" dataCentres: - region: "US_WEST_2" cloudProvider: "AWS_VPC" network: "10.1.0.0/16" - nodeSize: "t3.small-20-r" + nodeSize: "RDS-DEV-t4g.small-20" masterNodes: 3 - nodesNumber: 3 + nodesNumber: 0 + replicationFactor: 0 + privateLink: + - advertisedHostname: redis-sample-test.com + resizeSettings: + - notifySupportContacts: false + concurrency: 1 ``` Next, you need to apply this manifest in your K8s cluster. This will create a custom resource instance inside (more info about an apply command you can find [here](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#apply)): diff --git a/doc/clusters/zookeeper.md b/doc/clusters/zookeeper.md index be8d34b27..76a4ce6e6 100644 --- a/doc/clusters/zookeeper.md +++ b/doc/clusters/zookeeper.md @@ -4,12 +4,13 @@ | Field | Type | Description | |-----------------------|------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | name | string
**required** | Cluster name. Should have length from 3 to 32 symbols. | -| version | string
**required** | Zookeeper instance version. | +| version | string
**required** | Version of Apache Zookeeper to run on the cluster. Available versions: `3.7.1`, `3.8.2` | | pciCompliance | bool
**required** | Creates a PCI compliant cluster, see [PCI Compliance](https://www.instaclustr.com/support/documentation/useful-information/pci-compliance/) | | privateNetworkCluster | bool
**required** | Creates the cluster with private network only, see [Private Network Clusters](https://www.instaclustr.com/support/documentation/useful-information/private-network-clusters/). | | slaTier | string
**required** | SLA Tier of the cluster. Non-production clusters may receive lower priority support and reduced SLAs. Production tier is not available when using Developer class nodes. See [SLA Tier](https://www.instaclustr.com/support/documentation/useful-information/sla-tier/) for more information.
**Enum**: `PRODUCTION`, `NON_PRODUCTION`. | | twoFactorDelete | Array of objects ([TwoFactorDelete](#TwoFactorDeleteObject)) | Contacts that will be contacted when cluster request is sent. | | dataCentres | Array of objects ([ZookeeperDataCentre](#ZookeeperDataCentreObject))
**required** | Object fields are described below as a bulleted list. | +| description | string
| A description of the cluster | ### TwoFactorDeleteObject | Field | Type | Description | @@ -18,18 +19,20 @@ | confirmationEmail | string
**required** | The email address which will be contacted when the cluster is requested to be deleted. | ### ZookeeperDataCentreObject -| Field | Type | Description | -|-------------------------------|--------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| name | string
**required** | A logical name for the data centre within a cluster. These names must be unique in the cluster. | -| region | string
**required** | Region of the Data Centre. See the description for node size for a compatible Data Centre for a given node size. | -| cloudProvider | string
**required** | Name of the cloud provider service in which the Data Centre will be provisioned.
**Enum**: `AWS_VPC` `GCP` `AZURE` `AZURE_AZ`. | -| providerAccountName | string | For customers running in their own account. Your provider account can be found on the Create Cluster page on the Instaclustr Console, or the "Provider Account" property on any existing cluster. For customers provisioning on Instaclustr's cloud provider accounts, this property may be omitted. | -| cloudProviderSettings | Array of objects ([CloudProviderSettings](#CloudProviderSettingsObject)) | Cloud provider specific settings for the Data Centre. | -| network | string
**required** | The private network address block for the Data Centre specified using CIDR address notation. The network must have a prefix length between /12 and /22 and must be part of a private address space. | -| nodeSize | string
**required** | Size of the nodes provisioned in the Data Centre. Available node sizes, see [Instaclustr API docs NodeSize](https://instaclustr.redoc.ly/Current/tag/Apache-Zookeeper-Cluster-V2#paths/~1cluster-management~1v2~1resources~1applications~1zookeeper~1clusters~1v2/post!path=dataCentres/nodeSize&t=request). | -| nodesNumber | int32
**required** | Total number of nodes in the Data Centre.
Available values: [1…5]. | -| tags | map[string]string | List of tags to apply to the Data Centre. Tags are metadata labels which allow you to identify, categorise and filter clusters. This can be useful for grouping together clusters into applications, environments, or any category that you require.
**Format**:
tags:
- key: value. | -| clientToServerEncryption | bool
**required** | Enables Client ⇄ Node Encryption. | +| Field | Type | Description | +|----------------------------------|--------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| name | string
**required** | A logical name for the data centre within a cluster. These names must be unique in the cluster. | +| enforceAuthSchemes | Array of strings | A list of authentication schemes to enforce when enforce.auth.enabled=true. Items Enum: "NONE" "SASL" | +| enforceAuthEnabled | bool | Enables Enforced SASL Authentication. | +| region | string
**required** | Region of the Data Centre. See the description for node size for a compatible Data Centre for a given node size. | +| cloudProvider | string
**required** | Name of the cloud provider service in which the Data Centre will be provisioned.
**Enum**: `AWS_VPC` `GCP` `AZURE` `AZURE_AZ`. | +| providerAccountName | string | For customers running in their own account. Your provider account can be found on the Create Cluster page on the Instaclustr Console, or the "Provider Account" property on any existing cluster. For customers provisioning on Instaclustr's cloud provider accounts, this property may be omitted. | +| cloudProviderSettings | Array of objects ([CloudProviderSettings](#CloudProviderSettingsObject)) | Cloud provider specific settings for the Data Centre. | +| network | string
**required** | The private network address block for the Data Centre specified using CIDR address notation. The network must have a prefix length between /12 and /22 and must be part of a private address space. | +| nodeSize | string
**required** | Size of the nodes provisioned in the Data Centre. Available node sizes, see [Instaclustr API docs NodeSize](https://instaclustr.redoc.ly/Current/tag/Apache-Zookeeper-Cluster-V2#paths/~1cluster-management~1v2~1resources~1applications~1zookeeper~1clusters~1v2/post!path=dataCentres/nodeSize&t=request). | +| nodesNumber | int32
**required** | Total number of nodes in the Data Centre.
Available values: [1…5]. | +| tags | map[string]string | List of tags to apply to the Data Centre. Tags are metadata labels which allow you to identify, categorise and filter clusters. This can be useful for grouping together clusters into applications, environments, or any category that you require.
**Format**:
tags:
- key: value. | +| clientToServerEncryption | bool | Enables Client ⇄ Node Encryption. | ### CloudProviderSettingsObject | Field | Type | Description | diff --git a/doc/getting-started.md b/doc/getting-started.md index 6c5a14e94..55367fe07 100644 --- a/doc/getting-started.md +++ b/doc/getting-started.md @@ -1,10 +1,11 @@ ## To build and test your code you need to: 1. Download and install local k8s environment, such as Minikube or [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/). -2. Fill the .env file. -3. Run IMG="your image tag" **make docker-build** -4. Run IMG="your image tag" **make docker-push** -5. Run IMG="your image tag" **make deploy** -6. Apply the yaml manifest from operator/config/samples -7. Check logs of the operator container **kubectl logs -n operator-system operator-controller-manager-xxx** -8. Fix the issue if something goes wrong and repeat. \ No newline at end of file +2. Fill the .env file with your credentials. +3. Run **make cert-deploy** +4. Run IMG="your image tag" **make docker-build** +5. Run IMG="your image tag" **make docker-push** +6. Run IMG="your image tag" **make deploy** +7. Apply the yaml manifest from operator/config/samples +8. Check logs of the operator container **kubectl logs -n operator-system operator-controller-manager-xxx** +9. Fix the issue if something goes wrong and repeat. \ No newline at end of file diff --git a/doc/kafkamanagment/kafka-acl.md b/doc/kafkamanagment/kafka-acl.md index d8eeb472b..37b893002 100644 --- a/doc/kafkamanagment/kafka-acl.md +++ b/doc/kafkamanagment/kafka-acl.md @@ -2,14 +2,13 @@ ## Available spec fields -| Field | Type | Description | -|--------------------------------------|--------------------------------------------------------|-------------------------------------------------| -| userQuery | string
**required**
_mutable_ | This is the principal without the User: prefix. | -| clusterId | string
**required**
_mutable_ | UUID of the Kafka cluster. | -| acls | Array of strings
**required**
_mutable_ | List of ACLs for the given principal. | - -### ACLsObject +| Field | Type | Description | +|--------------------------------------|-------------------------------------------------------------------------------|-------------------------------------------------| +| userQuery | string
**required**
_mutable_ | This is the principal without the User: prefix. | +| clusterId | string
**required**
_mutable_ | UUID of the Kafka cluster. | +| acls | Array of objects ([KafkaAcl](#KafkaAclObject)) **required**
_mutable_ | List of ACLs for the given principal. | +### KafkaAclObject | Field | Type | Description | |------------------------------------------------|------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | principal | string
**required**
_mutable_ | Specifies the users(s) for which this ACL applies and can include the wildcard *. Valid values must start with "User:" including the wildcard. | @@ -28,6 +27,11 @@ To create a Kafka ACL resource you need to prepare the yaml manifest. Here is an apiVersion: kafkamanagement.instaclustr.com/v1beta1 kind: KafkaACL metadata: + labels: + app.kubernetes.io/name: kafkaacl + app.kubernetes.io/instance: kafkaacl-sample + app.kubernetes.io/part-of: operator + app.kubernetes.io/created-by: operator name: kafkaacl-sample spec: acls: @@ -38,8 +42,7 @@ spec: principal: User:test resourceName: kafka-cluster resourceType: CLUSTER - clusterId: c1af59c6-ba0e-4cc2-a0f3-65cee17a5f37 - id: c1af59c6-ba0e-4cc2-a0f3-65cee17a5f37_test + clusterId: dcb8e03f-8bac-4f4b-83bc-34b6e7f3cb29 userQuery: test ``` diff --git a/doc/usermanagment/user-managment.md b/doc/usermanagment/user-managment.md new file mode 100644 index 000000000..95495fe2b --- /dev/null +++ b/doc/usermanagment/user-managment.md @@ -0,0 +1,96 @@ +# User Management (Available on Redis, PostgreSQL, OpenSearch, Kafka, Cassandra) + +## User creation flow + +To create the user, fill redisuser.yaml. We need to create Secret first, and then create the user. You can do it in the same file. Here is an example: +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: redis-user-test-1 +data: + username: bXlreXRhCg== + password: VGVzdDEyMyEK +--- +apiVersion: clusterresources.instaclustr.com/v1beta1 +kind: RedisUser +metadata: + name: redisuser-sample-1 +spec: + initialPermissions: "none" + secretRef: + name: "redis-user-test-1" #metadata name + namespace: "default" +``` + +Next, you need to apply this manifest in your K8s cluster. This will create a custom resource instance inside: +```console +kubectl apply -f redisuser.yaml +``` + +Now you can get and describe the instance: +```console +kubectl get redisusers.clusterresources.instaclustr.com redisuser-sample-1 +``` +```console +kubectl describe redisusers.clusterresources.instaclustr.com redisuser-sample-1 +``` + +## To add user references to the cluster add userRef to spec. + +## Available spec fields for cluster + +| Field | Type | Description | +|------------------|--------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| userRefs | Array of objects ([UserRefs](#UserRefsObject))
**required** | Object fields are described below as a bulleted list. | + +### UserRefsObject + +| Field | Type | Description | +|---------------------|---------------------------------------|----------------------------------------| +| name | string
**required** | User reference name | +| namespace | string
**required**
| Namespace where User reference placed | + +## Here is an example of yaml file: +```yaml +apiVersion: clusters.instaclustr.com/v1beta1 +kind: Redis +metadata: + name: redis-sample +spec: + userRefs: + - name: redisuser-sample-1 + namespace: default + - name: redisuser-sample-2 + namespace: default + - name: redisuser-sample-3 + namespace: default +``` +Next, you need to apply this manifest in your K8s cluster. This will create a custom resource instance inside: +```console +kubectl apply -f redis.yaml +``` + +Now you can get and describe the instance: +```console +kubectl get redis.clusters.instaclustr.com redis-sample +``` +```console +kubectl describe redis.clusters.instaclustr.com redis-sample +``` + +After you have applied the entity, the Instaclustr operator will create it on your K8s cluster and send a request to the Instaclustr API. You can be sure, that the resource creation call was sent if the instance has an id field filled in the status section. + +Edit the custom resource instance: +```console +kubectl edit redis.clusters.instaclustr.com redis-sample +``` +You can only update fields that are **mutable** + +## User deletion flow + +### User deletion form cluster +To delete user from the cluster, remove userRef from "spec", then use following command: +```console +kubectl apply -f redis.yaml +```