This document describes the types introduced by the Infinispan Operator to be consumed by users.
Infinispan
defines a custom Infinispan resource.
Field | Description | Scheme | Required |
---|---|---|---|
|
Standard object’s metadata (more info) |
false |
|
|
Specification of the desired behaviour of the Infinispan deployment (more info) |
true |
|
|
Most recent observed status of the Infinispan deployment. Read-only. (more info) |
false |
InfinispanSpec
is a specification of the desired behavior of the Infinispan resource.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Operator image |
string |
false |
|
|
Number of instances for a Infinispan resource. |
int32 |
true |
|
|
Profile in use. See profiles for details. |
|
false |
|
|
Service specific configuration. |
false |
||
|
Security configuration. |
false |
||
|
Per instance configuration. |
false |
||
|
Logging categories |
false |
InfinispanServiceSpec
configures aspects related to the cache or datagrid service.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Type of service |
|
true |
|
|
Cache service eviction policy |
|
false |
|
|
Cache service replication factor |
int32 |
false |
|
|
Service specific container configuration. |
false |
||
|
Cross-site configuration |
false |
InfinispanServiceContainerSpec
defines service specific container configurations.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Storage per Infinispan container in the data grid service. Defines as indicated here. |
string |
false |
|
Profile | Connector Authentication | Connector Encryption | Cluster Authentication | Cluster Encryption |
---|---|---|---|---|
|
X |
X |
X |
X |
|
X |
X |
X |
|
|
InfinispanSecuritySpec
defines Infinispan security settings.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Roles for interacting with Infinispan. |
false |
||
|
Secret containing identities allowed to interact with Infinispan. The format of the metadata in the secret can be found here. |
string |
false |
InfinispanRoleSpec
defines Infinispan role definitions.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Name of role. |
string |
true |
|
|
List of permissions. Valid values are defined here. |
[]string |
true |
InfinispanContainerSpec
is a specification of the resource needed by the Infinispan container.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Extra Java opts to pass to Infinispan JVM |
string |
false |
|
|
Amount of memory required by the container |
string |
false |
512Mi |
|
Cpu to be allocated to the Infinispan container |
string |
false |
0.5 |
InfinispanLoggingSpec
configures logging.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Logging categories |
false |
InfinispanLoggingCategoriesSpec
configures logging categories.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Logging category name, e.g. |
|
true |
InfinispanPrometheusSpec
.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Enable prometheus. |
boolean |
false |
false |
InfinispanSpitesSpec
.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Local site information. |
true |
||
|
Remote site information. |
true |
InfinispanLocalSiteSpec
.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
External service that is accessible from other sites. |
true |
InfinispanRemoteSiteSpec
.
Field | Description | Scheme | Required | Default |
---|---|---|---|---|
|
Name of remote site. |
string |
true |
|
|
URL for remote site.
|
string |
true |
|
|
Only in use with OpenShift URLs. Contains the secret details for accessing remote OpenShift instances. |
string |
false |
InfinispanStatus
is the most recent observed status of the InfinispanSpec
. Read-only.
TODO: @Vittorio, update with your proposal
Field | Description | Scheme | Required |
---|---|---|---|
|
Status of the pods. |
true |
PodStatus
is the most recent observed status of a pod running InfinispanSpec
.
Field | Description | Scheme | Required |
---|---|---|---|
|
Name of the Pod. |
string |
true |
|
IP address allocated to the pod. |
string |
true |
[[
ies]]
## Identities
Identities
defines the identities configuration that’s stored within a Secret.
Field | Description | Scheme | Required |
---|---|---|---|
|
Credentials (username and password) based identities. |
true |
|
|
Certificate (p12 format) based identities. |
true |
|
|
Identities provided by OAuth servers. |
[] |
true |
|
Token-based identities. |
[] |
true |
Credentials
.
Field | Description | Scheme | Required |
---|---|---|---|
|
Username. |
string |
false |
|
Password. |
string |
true |
|
Roles of credentials |
[]string |
false |
Certificate
.
Field | Description | Scheme | Required |
---|---|---|---|
|
Certificate encoded in base 64 format. |
string |
true |
|
Roles of credentials |
[]string |
false |
OAuth
.
Field | Description | Scheme | Required |
---|---|---|---|
|
TODO |
string |
true |
|
TODO |
string |
true |
|
TODO |
string |
true |
apiVersion: infinispan.org/v1
kind: Infinispan
metadata:
name: full-cache-example-infinispan
spec:
image: jboss/infinispan-server:latest
replicas: 4
profile: Development
service:
type: Cache
evictionPolicy: Reject
replicationFactor: 3
security:
roles:
- name: admin
permissions:
- ADMIN
- name: developer
permissions:
- WRITE
- name: collaborator
permissions:
- READ
endpointSecret: endpoint-identities
container:
extraJvmOpts: "-XX:NativeMemoryTracking=summary"
cpu: "2000m"
memory: 1Gi
logging:
categories:
org.infinispan: trace
org.jgroups: trace
apiVersion: v1
kind: Secret
metadata:
name: endpoint-identities
type: Opaque
stringData:
identities.yaml: |-
credentials:
- username: connectusr
password: connectpass
roles:
- admin
- developer
- collaborator
certificates:
- p12: "FQSmxHHvFvrhEfKIq15axg=="
roles:
- admin
oauth:
- clientId: infinispan-server
clientSecret: 1fdca4ec-c416-47e0-867a-3d471af7050f
introspectionUrl: "http://..."
apiVersion: infinispan.org/v1
kind: Infinispan
metadata:
name: full-datagrid-example-infinispan
spec:
image: jboss/infinispan-server:latest
replicas: 6
profile: Performance
service:
type: Data Grid
container:
storage: 2Gi
sites:
local:
externalService:
type: LoadBalancer
ports:
- port: 12345
remotes:
- name: google
url: xsite://google.host:23456
- name: azure
url: openshift://api.azure.host:6443
secret: azure-identities
- name: aws
url: openshift://api.aws.host:6443
secret: aws-identities
container:
extraJvmOpts: "-XX:NativeMemoryTracking=summary"
cpu: "1000m"
memory: 1Gi
logging:
categories:
org.infinispan: debug
org.jgroups: debug
apiVersion: v1
kind: Secret
metadata:
name: azure-identities
type: Opaque
stringData:
identities.yaml: |-
credentials:
- username: openshifazrusr
password: openshifazrpass
tokens:
- gl8xTESu_j_tzMQhpe_P-It6IcWFQUm94WsuR3VFkUw
apiVersion: v1
kind: Secret
metadata:
name: aws-identities
type: Opaque
stringData:
identities.yaml: |-
tokens:
- LdqA1uM0e3wxhwOf0WRaP7Je3RdOjtrpai1jONQg7z0