Skip to content

Latest commit

 

History

History
622 lines (489 loc) · 33.1 KB

rabbitmq.com.ref.asciidoc

File metadata and controls

622 lines (489 loc) · 33.1 KB

API Reference

rabbitmq.com/v1beta1

Package v1beta1 contains API Schema definitions for the rabbitmq v1beta1 API group

Definitions

EmbeddedLabelsAnnotations

EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included.

Appears In:
Field Description

labels object (keys:string, values:string)

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels

annotations object (keys:string, values:string)

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

EmbeddedObjectMeta

EmbeddedObjectMeta is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only fields which are relevant to embedded resources are included.

Field Description

name string

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names

namespace string

Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.

Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces

labels object (keys:string, values:string)

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels

annotations object (keys:string, values:string)

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations

PersistentVolumeClaim

PersistentVolumeClaim is an embedded version of k8s.io/api/core/v1.PersistentVolumeClaim. It contains TypeMeta and a reduced ObjectMeta. Field status is omitted.

Appears In:
Field Description

kind string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

apiVersion string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

Refer to Kubernetes API documentation for fields of metadata.

Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

Plugin (string)

A Plugin to enable on the RabbitmqCluster.

PodTemplateSpec

PodTemplateSpec is an embedded version of k8s.io/api/core/v1.PodTemplateSpec. It contains a reduced ObjectMeta.

Appears In:
Field Description

Refer to Kubernetes API documentation for fields of metadata.

spec PodSpec

RabbitmqCluster

RabbitmqCluster is the Schema for the RabbitmqCluster API. Each instance of this object corresponds to a single RabbitMQ cluster.

Appears In:
Field Description

apiVersion string

rabbitmq.com/v1beta1

kind string

RabbitmqCluster

kind string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

apiVersion string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

Spec is the desired state of the RabbitmqCluster Custom Resource.

Status presents the observed state of RabbitmqCluster

RabbitmqClusterConfigurationSpec

RabbitMQ-related configuration.

Appears In:
Field Description

additionalPlugins Plugin array

List of plugins to enable in addition to essential plugins: rabbitmq_management, rabbitmq_prometheus, and rabbitmq_peer_discovery_k8s.

additionalConfig string

Modify to add to the rabbitmq.conf file in addition to default configurations set by the operator. Modifying this property on an existing RabbitmqCluster will trigger a StatefulSet rolling restart and will cause rabbitmq downtime. For more information on this config, see https://www.rabbitmq.com/configure.html#config-file

advancedConfig string

Specify any rabbitmq advanced.config configurations to apply to the cluster. For more information on advanced config, see https://www.rabbitmq.com/configure.html#advanced-config-file

envConfig string

Modify to add to the rabbitmq-env.conf file. Modifying this property on an existing RabbitmqCluster will trigger a StatefulSet rolling restart and will cause rabbitmq downtime. For more information on env config, see https://www.rabbitmq.com/man/rabbitmq-env.conf.5.html

erlangInetConfig string

Erlang Inet configuration to apply to the Erlang VM running rabbit. See also: https://www.erlang.org/doc/apps/erts/inet_cfg.html

RabbitmqClusterDefaultUser

Contains references to resources created with the RabbitmqCluster resource.

Appears In:
Field Description

Reference to the Kubernetes Secret containing the credentials of the default user.

Reference to the Kubernetes Service serving the cluster.

RabbitmqClusterList

RabbitmqClusterList contains a list of RabbitmqClusters.

Field Description

apiVersion string

rabbitmq.com/v1beta1

kind string

RabbitmqClusterList

kind string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

apiVersion string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items RabbitmqCluster array

Array of RabbitmqCluster resources.

RabbitmqClusterOverrideSpec

Provides the ability to override the generated manifest of several child resources.

Appears In:
Field Description

statefulSet StatefulSet

Override configuration for the RabbitMQ StatefulSet.

service Service

Override configuration for the Service created to serve traffic to the cluster.

RabbitmqClusterPersistenceSpec

The settings for the persistent storage desired for each Pod in the RabbitmqCluster.

Appears In:
Field Description

storageClassName string

The name of the StorageClass to claim a PersistentVolume from.

storage Quantity

The requested size of the persistent volume attached to each Pod in the RabbitmqCluster. The format of this field matches that defined by kubernetes/apimachinery. See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity for more info on the format of this field.

RabbitmqClusterSecretReference

Reference to the Kubernetes Secret containing the credentials of the default user.

Field Description

name string

Name of the Secret containing the default user credentials

namespace string

Namespace of the Secret containing the default user credentials

keys object (keys:string, values:string)

Key-value pairs in the Secret corresponding to username, password, host, and port

RabbitmqClusterServiceReference

Reference to the Kubernetes Service serving the cluster.

Field Description

name string

Name of the Service serving the cluster

namespace string

Namespace of the Service serving the cluster

RabbitmqClusterServiceSpec

Settable attributes for the Service resource.

Appears In:
Field Description

Type of Service to create for the cluster. Must be one of: ClusterIP, LoadBalancer, NodePort. For more info see https://pkg.go.dev/k8s.io/api/core/v1#ServiceType

annotations object (keys:string, values:string)

Annotations to add to the Service.

ipFamilyPolicy IPFamilyPolicy

IPFamilyPolicy represents the dual-stack-ness requested or required by a Service See also: https://pkg.go.dev/k8s.io/api/core/v1#IPFamilyPolicy

RabbitmqClusterSpec

Spec is the desired state of the RabbitmqCluster Custom Resource.

Appears In:
Field Description

replicas integer

Replicas is the number of nodes in the RabbitMQ cluster. Each node is deployed as a Replica in a StatefulSet. Only 1, 3, 5 replicas clusters are tested. This value should be an odd number to ensure the resultant cluster can establish exactly one quorum of nodes in the event of a fragmenting network partition.

image string

Image is the name of the RabbitMQ docker image to use for RabbitMQ nodes in the RabbitmqCluster. Must be provided together with ImagePullSecrets in order to use an image in a private registry.

imagePullSecrets LocalObjectReference array

List of Secret resource containing access credentials to the registry for the RabbitMQ image. Required if the docker registry is private.

The desired state of the Kubernetes Service to create for the cluster.

The desired persistent storage configuration for each Pod in the cluster.

The desired compute resource requirements of Pods in the cluster.

affinity Affinity

Affinity scheduling rules to be applied on created Pods.

tolerations Toleration array

Tolerations is the list of Toleration resources attached to each Pod in the RabbitmqCluster.

Configuration options for RabbitMQ Pods created in the cluster.

tls TLSSpec

TLS-related configuration for the RabbitMQ cluster.

Provides the ability to override the generated manifest of several child resources.

skipPostDeploySteps boolean

If unset, or set to false, the cluster will run rabbitmq-queues rebalance all whenever the cluster is updated. Set to true to prevent the operator rebalancing queue leaders after a cluster update. Has no effect if the cluster only consists of one node. For more information, see https://www.rabbitmq.com/rabbitmq-queues.8.html#rebalance

terminationGracePeriodSeconds integer

TerminationGracePeriodSeconds is the timeout that each rabbitmqcluster pod will have to terminate gracefully. It defaults to 604800 seconds ( a week long) to ensure that the container preStop lifecycle hook can finish running. For more information, see: https://github.com/rabbitmq/cluster-operator/blob/main/docs/design/20200520-graceful-pod-termination.md

delayStartSeconds integer

DelayStartSeconds is the time the init container (setup-container) will sleep before terminating. This effectively delays the time between starting the Pod and starting the rabbitmq container. RabbitMQ relies on up-to-date DNS entries early during peer discovery. The purpose of this artificial delay is to ensure that DNS entries are up-to-date when booting RabbitMQ. For more information, see kubernetes/kubernetes#92559 If your Kubernetes DNS backend is configured with a low DNS cache value or publishes not ready addresses promptly, you can decrase this value or set it to 0.

secretBackend SecretBackend

Secret backend configuration for the RabbitmqCluster. Enables to fetch default user credentials and certificates from K8s external secret stores.

RabbitmqClusterStatus

Status presents the observed state of RabbitmqCluster

Appears In:
Field Description

conditions RabbitmqClusterCondition array

Set of Conditions describing the current state of the RabbitmqCluster

Identifying information on internal resources

Binding exposes a secret containing the binding information for this RabbitmqCluster. It implements the service binding Provisioned Service duck type. See: https://github.com/servicebinding/spec#provisioned-service

observedGeneration integer

observedGeneration is the most recent successful generation observed for this RabbitmqCluster. It corresponds to the RabbitmqCluster’s generation, which is updated on mutation by the API Server.

SecretBackend

SecretBackend configures a single secret backend. Today, only Vault exists as supported secret backend. Future secret backends could be Secrets Store CSI Driver. If not configured, K8s Secrets will be used.

Appears In:
Field Description

vault VaultSpec

externalSecret LocalObjectReference

Service

Override configuration for the Service created to serve traffic to the cluster. Allows for the manifest of the created Service to be overwritten with custom configuration.

Field Description

Refer to Kubernetes API documentation for fields of metadata.

StatefulSet

Override configuration for the RabbitMQ StatefulSet. Allows for the manifest of the created StatefulSet to be overwritten with custom configuration.

Field Description

Refer to Kubernetes API documentation for fields of metadata.

Spec defines the desired identities of pods in this set.

StatefulSetSpec

StatefulSetSpec contains a subset of the fields included in k8s.io/api/apps/v1.StatefulSetSpec. Field RevisionHistoryLimit is omitted. Every field is made optional.

Appears In:
Field Description

replicas integer

replicas corresponds to the desired number of Pods in the StatefulSet. For more info, see https://pkg.go.dev/k8s.io/api/apps/v1#StatefulSetSpec

selector LabelSelector

selector is a label query over pods that should match the replica count. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

template PodTemplateSpec

template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.

volumeClaimTemplates PersistentVolumeClaim array

volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.

serviceName string

serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.

podManagementPolicy PodManagementPolicyType

podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is OrderedReady, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is Parallel which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.

updateStrategy StatefulSetUpdateStrategy

updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.

minReadySeconds integer

The minimum number of seconds for which a newly created StatefulSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).

persistentVolumeClaimRetentionPolicy StatefulSetPersistentVolumeClaimRetentionPolicy

StatefulSetPersistentVolumeClaimRetentionPolicy describes the policy used for PVCs created from the StatefulSet VolumeClaimTemplates.

TLSSpec

TLSSpec allows for the configuration of TLS certificates to be used by RabbitMQ. Also allows for non-TLS traffic to be disabled.

Appears In:
Field Description

secretName string

Name of a Secret in the same Namespace as the RabbitmqCluster, containing the server’s private key & public certificate for TLS. The Secret must store these as tls.key and tls.crt, respectively. This Secret can be created by running kubectl create secret tls tls-secret --cert=path/to/tls.crt --key=path/to/tls.key

caSecretName string

Name of a Secret in the same Namespace as the RabbitmqCluster, containing the Certificate Authority’s public certificate for TLS. The Secret must store this as ca.crt. This Secret can be created by running kubectl create secret generic ca-secret --from-file=ca.crt=path/to/ca.crt Used for mTLS, and TLS for rabbitmq_web_stomp and rabbitmq_web_mqtt.

disableNonTLSListeners boolean

When set to true, the RabbitmqCluster disables non-TLS listeners for RabbitMQ, management plugin and for any enabled plugins in the following list: stomp, mqtt, web_stomp, web_mqtt. Only TLS-enabled clients will be able to connect.

VaultSpec

VaultSpec will add Vault annotations (see https://www.vaultproject.io/docs/platform/k8s/injector/annotations) to RabbitMQ Pods. It requires a Vault Agent Sidecar Injector (https://www.vaultproject.io/docs/platform/k8s/injector) to be installed in the K8s cluster. The injector is a K8s Mutation Webhook Controller that alters RabbitMQ Pod specifications (based on the added Vault annotations) to include Vault Agent containers that render Vault secrets to the volume.

Appears In:
Field Description

role string

Role in Vault. If vault.defaultUserPath is set, this role must have capability to read the pre-created default user credential in Vault. If vault.tls is set, this role must have capability to create and update certificates in the Vault PKI engine for the domains "<namespace>" and "<namespace>.svc".

annotations object (keys:string, values:string)

Vault annotations that override the Vault annotations set by the cluster-operator. For a list of valid Vault annotations, see https://www.vaultproject.io/docs/platform/k8s/injector/annotations

defaultUserPath string

Path in Vault to access a KV (Key-Value) secret with the fields username and password for the default user. For example "secret/data/rabbitmq/config".

defaultUserUpdaterImage string

Sidecar container that updates the default user’s password in RabbitMQ when it changes in Vault. Additionally, it updates /var/lib/rabbitmq/.rabbitmqadmin.conf (used by rabbitmqadmin CLI). Set to empty string to disable the sidecar container.

VaultTLSSpec

Appears In:
Field Description

pkiIssuerPath string

Path in Vault PKI engine. For example "pki/issue/hashicorp-com". required

commonName string

Specifies the requested certificate Common Name (CN). Defaults to <serviceName>.<namespace>.svc if not provided.

altNames string

Specifies the requested Subject Alternative Names (SANs), in a comma-delimited list. These will be appended to the SANs added by the cluster-operator. The cluster-operator will add SANs: "<RabbitmqCluster name>-server-<index>.<RabbitmqCluster name>-nodes.<namespace>" for each pod, e.g. "myrabbit-server-0.myrabbit-nodes.default".

ipSans string

Specifies the requested IP Subject Alternative Names, in a comma-delimited list.

pkiRootPath string

Specifies an optional path to retrieve the root CA from vault. Useful if certificates are issued by an intermediate CA