Fleet API reference

Chart defines the helm chart configuration of the backup engine. The default value is:

chart:
repository: https://vmware-tanzu.github.io/helm-charts
name: velero
version: 5.0.2

Storage provides details on where the backup data should be stored.

ExtraArgs provides the extra chart values for the backup engine chart. For example, use the following configuration to change the image tag or pull policy:

extraArgs:
image:
repository: velero/velero
tag: v1.11.1
pullPolicy: IfNotPresent

Location specifies where the backup data will be stored.

The structure of the secret varies depending on the object storage provider:

• For AWS S3, Minio or Huawei Cloud, the secret should contain the following keys:

  • access-key: The access key for S3 authentication.
  • secret-key: The secret key for S3 authentication.

• For GCP, the secret should be created according to the official GCP documentation. see https://github.com/vmware-tanzu/velero-plugin-for-gcp/blob/main/README.md

• For Azure, the secret should be created according to the official Azure documentation. see https://github.com/vmware-tanzu/velero-plugin-for-microsoft-azure/blob/main/README.md

Bucket specifies the storage bucket name.

Provider specifies the storage provider type (e.g., aws, huaweicloud, gcp, azure).

Endpoint provides the endpoint URL for the storage.

Region specifies the region of the storage.

Config is a map for additional provider-specific configurations. # region: # s3ForcePathStyle: # s3Url: # kmsKeyId: # resourceGroup: # The ID of the subscription containing the storage account, if different from the cluster’s subscription. (Azure only) # subscriptionId: # storageAccount: # publicUrl: # Name of the GCP service account to use for this backup storage location. Specify the # service account here if you want to use workload identity instead of providing the key file.(GCP only) # serviceAccount: # Option to skip certificate validation or not if insecureSkipTLSVerify is set to be true, the client side should set the # flag. For Velero client Command like velero backup describe, velero backup logs needs to add the flag –insecure-skip-tls-verify # insecureSkipTLSVerify:

Repository defines the repository of chart. Default value depends on the kind of the component.

Name defines the name of the chart. Default value depends on the kind of the component.

Version defines the version of the chart. Default value depends on the kind of the component.

Chart defines the helm chart config of the TrafficRoutingProvider. For Example, using the following configuration to change the version of nginx installed.

repo: https://kubernetes.github.io/ingress-nginx
version: 4.10.0

ExtraArgs is the set of extra arguments for TrafficRoutingProvider’s chart. You can pass in values according to your needs. For Example, using the following configuration to change the port that Prometheus uses to scrape metrics.

values:
controller:
podAnnotations:
prometheus.io/port: 10378

The path on the host where config and data can be persisted. If the storagecluster is deleted, please clean up the configuration files in this file path. e.g. /var/lib/rook

Monitor is the daemon that monitors the status of the ceph cluster. Responsible for collecting cluster information, updating cluster information, and publishing cluster information. Including monmap, osdmap, PGmap, mdsmap, etc. A spec for mon related options

Manager is the daemon runs alongside monitor daemon,to provide additional monitoring and interfaces to external monitoring and management systems. A spec for mgr related options

A spec for available storage in the cluster and how it should be used

Chart defines the helm chart configuration of the distributed storage engine. The default value is:

chart:
repository: https://charts.rook.io/release
name: rook
version: 1.11.11

Storage provides detailed settings for unified distributed storage.

ExtraArgs provides the extra chart values for rook chart. For example, use the following configuration to change the pull policy:

extraArgs:
image:
pullPolicy: Always

Chart defines the helm chart config of the flagger. default value is

chart:
repository: oci://ghcr.io/fluxcd/charts
name: flagger
version: 1.x

ExtraArgs is the set of extra arguments for flagger chart. For Example, using following configuration to change replica count.

extraArgs:
flagger:
replicaCount: 2

TrafficRoutingProvider defines traffic routing provider. And Kurator will install flagger in trafficRoutingProvider’s namespace For example, If you use istio as a provider, flager will be installed in istio’s namespace istio-system. And if you use istio as a provider, you need to install it manually. Otherwise, you can configure it in ProviderConfig (or use the default configuration) and Kurator will automatically deploy it. Other provider will be added later.

PublicTestloader defines whether to install the publictestloader or not. In addition to the public testloader you can configure here, you can also specify a private testloader in the Application.Spec.SyncPolicies.Rollout.TestLoader

ProviderConfig defines the helm configuration for the TrafficRoutingProvider. You can pass in a custom helm configuration to install the TrafficRoutingProvider And default value is in ./pkg/fleet-manager/manifests/plugins/ Currently only used for Kuma and Nginx

Clusters represents the clusters that would be registered to the fleet.

Plugin defines the plugins that would be installed in the fleet.

CredentialSecret is the secret name that holds credentials used for accessing the fleet control plane.

Phase represents the current phase of fleet. E.g. Pending, Running, Terminating, Failed, Ready, etc.

A brief CamelCase message indicating details about why the fleet is in this state.

PluginEndpoints is the endpoints of the plugins.

Total number of ready clusters, ready to deploy .

Total number of unready clusters, not ready for use.

Chart defines the helm chart config of the grafana. default value is

chart:
repository: oci://registry-1.docker.io/bitnamicharts
name: grafana
version: 8.2.33

ExtraArgs is the set of extra arguments for Grafana chart. For Example, using following configuration to change replica count.

extraArgs:
grafana:
replicaCount: 2

Chart defines the helm chart config of the kyverno. default value is

chart:
repository: https://kyverno.github.io/kyverno/
name: kyverno
version: 3.0.0

PodSecurity defines the pod security configuration for the kyverno.

ExtraArgs is the set of extra arguments for Kyverno chart. For Example, using following configuration to change image pull policy.

extraArgs:
image:
pullPolicy: Always

Thanos defines the configuration for the thanos querier and store gateway.

Prometheus defines the configuration for the prometheus installation in the clusters observed by the thanos, by default thanos sidecar will be installed in thanos sidecar mode.

Count is the number of manager to run Default is two, one for use and one for standby.

The annotation-related configuration to add/set on each Pod related object. Including Pod， Deployment.

The label-related configuration to add/set on each Pod related object. Including Pod， Deployment.

The placement-related configuration to pass to kubernetes (affinity, node selector, tolerations).

Count is the number of Ceph monitors. Default is three and preferably an odd number.

The annotation-related configuration to add/set on each Pod related object. Including Pod， Deployment.

Similar to Annotation, but more graphical than Annotation. The label-related configuration to add/set on each Pod related object. Including Pod， Deployment.

The placement-related configuration to pass to kubernetes (affinity, node selector, tolerations).

Name should match its kubernetes.io/hostname label

(Members of StorageDeviceSelection are embedded into this type.)

Specify which storage drives the osd deployed in this node can manage.

SecretName is the name of the secret that holds the object store configuration. The path of object store configuration must be objstore.yml

NodeAffinity is a group of node affinity scheduling rules

PodAffinity is a group of inter pod affinity scheduling rules

PodAntiAffinity is a group of inter pod anti affinity scheduling rules

The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator

TopologySpreadConstraint specifies how to spread matching pods among the given topology

Metric defines the configuration for the monitoring system installation and metrics collection..

Grafana defines the configuration for the grafana installation and observation.

Policy defines the configuration for the ploicy management.

Backup defines the configuration for the backup engine(Velero).

DistributedStorage define the configuration for the distributed storage(Implemented with Rook)

Flagger defines the configuration for the kurator rollout engine.

SubMarinerOperator defines the configuration for the kurator network management.

Standard defines the pod security standard. More details: https://kubernetes.io/docs/concepts/security/pod-security-standards

Severity indicates policy check result criticality in a policy report.

ValidationFailureAction indicates the action to take when a pod creation fails to validate. For more info https://kyverno.io/docs/writing-policies/validate/#validation-failure-action

Kyverno defines the configuration for the kyverno installation and policy management.

Chart defines the helm chart config of the prometheus. default value is

chart:
repository: oci://registry-1.docker.io/bitnamicharts
name: kube-prometheus
version: 8.9.1

NodeExporter defines the configuration for the node exporter.

KubeStateMetrics defines the configuration for the kube-state-metrics.

ExtraArgs is the set of extra arguments for Prometheus chart. For Example, using following configuration to create a ServiceMonitor to monitor prometheus itself.

extraArgs:
prometheus:
serviceMonitor:
enabled: true

Enabled indicates whether the exporters are enabled.

List of devices to use as storage devices A list of individual device names belonging to this node to include in the storage cluster e.g. sda or /dev/disk/by-id/ata-XXXX

indicating if all nodes in the cluster should be used for storage according to the cluster level storage selection and configuration values. If individual nodes are specified under the nodes field, then useAllNodes must be set to false.

(Members of StorageDeviceSelection are embedded into this type.)

Select device information used by osd. For more information see the design of the selection below.

Chart defines the helm chart configuration of the submariner operator. The default value is

chart:
repository: https://submariner-io.github.io/submariner-charts/charts
name: submariner-operator
version: 0.18.0
targetNamespace: submariner-operator

ExtraArgs is the set of extra arguments for submariner, and example will be provided in the future.

extraArgs:
broker:
globalnet: true
submariner:
serviceDiscovery: true
natEnabled: false

BrokerCluster is the name of cluster in which the broker will be installed. If the broker cluster is not specified, the first cluster in the fleet will be used as the broker cluster.

ClusterCidrs records the clustercidr of each cluster.

ServiceCidrs records the servicecidr of each cluster.

Globalcidrs records the globalcidr of each cluster in a virtual network Globalnet. Each cluster must use distinct globalCidr that don’t conflict or overlap with any other cluster If the globalcidr is not specified, Globalnet will be disabled.

Chart defines the helm chart config of the thanos. default value is

chart:
repository: oci://registry-1.docker.io/bitnamicharts
name: thanos
version: 12.5.1

ObjectStoreConfig is the secret reference of the object store. Configuration must follow the definition of the thanos: https://thanos.io/tip/thanos/storage.md/.

ExtraArgs is the set of extra arguments for Thanos chart. For Example, using following configuration to enable query frontend.

extraArgs:
queryFrontend:
enabled: true