apiVersion: v1 kind: Namespace metadata: labels: control-plane: controller-manager name: awx --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: awxbackups.awx.ansible.com spec: group: awx.ansible.com names: kind: AWXBackup listKind: AWXBackupList plural: awxbackups singular: awxbackup scope: Namespaced versions: - name: v1beta1 schema: openAPIV3Schema: description: Schema validation for the AWXBackup CRD properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: additional_labels: description: Additional labels defined on the resource, which should be propagated to child resources items: type: string type: array backup_pvc: description: Name of the backup PVC type: string backup_pvc_namespace: description: (Deprecated) Namespace the PVC is in type: string backup_resource_requirements: description: Resource requirements for the management pod used to create a backup properties: limits: properties: cpu: type: string memory: type: string type: object requests: properties: cpu: type: string memory: type: string type: object type: object backup_storage_class: description: Storage class to use when creating PVC for backup type: string backup_storage_requirements: description: Storage requirements for backup PVC (may be similar to existing postgres PVC backing up from) type: string clean_backup_on_delete: description: Flag to indicate if backup should be deleted on PVC if AWXBackup object is deleted type: boolean db_management_pod_node_selector: description: nodeSelector for the Postgres pods to backup type: string deployment_name: description: Name of the deployment to be backed up type: string image_pull_policy: default: IfNotPresent description: The image pull policy enum: - Always - always - Never - never - IfNotPresent - ifnotpresent type: string no_log: default: true description: Configure no_log for no_log tasks type: boolean pg_dump_suffix: description: Additional parameters for the pg_dump command type: string postgres_image: description: Registry path to the PostgreSQL container to use type: string postgres_image_version: description: PostgreSQL container image version to use type: string postgres_label_selector: description: Label selector used to identify postgres pod for backing up data type: string precreate_partition_hours: description: Number of hours worth of events table partitions to precreate before backup to avoid pg_dump locks. format: int32 type: integer set_self_labels: default: true description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) type: boolean required: - deployment_name type: object x-kubernetes-preserve-unknown-fields: true status: properties: backupClaim: description: Backup persistent volume claim type: string backupDirectory: description: Backup directory name on the specified pvc type: string conditions: description: The resulting conditions when a Service Telemetry is instantiated items: properties: lastTransitionTime: type: string reason: type: string status: type: string type: type: string type: object type: array type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: awxmeshingresses.awx.ansible.com spec: group: awx.ansible.com names: kind: AWXMeshIngress listKind: AWXMeshIngressList plural: awxmeshingresses singular: awxmeshingress scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: AWXMeshIngress is the Schema for the awxmeshingresses API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of AWXMeshIngress properties: affinity: description: Scheduling constraints to apply to the Pod definition properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object type: object deployment_name: description: Name of the AWX deployment to create the Mesh Ingress for. type: string external_hostname: description: External hostname to use for the Mesh Ingress. type: string external_ipaddress: description: External IP address to use for the Mesh Ingress. type: string image_pull_secrets: description: Image pull secrets for Mesh Ingress containers. items: type: string type: array ingress_annotations: description: Annotations to add to the Ingress Controller type: string ingress_api_version: description: The Ingress API version to use type: string ingress_class_name: description: The name of ingress class to use instead of the cluster default. type: string ingress_controller: description: Special configuration for specific Ingress Controllers type: string ingress_type: description: The ingress type to use to reach the deployed instance enum: - none - Ingress - ingress - IngressRouteTCP - ingressroutetcp - Route - route type: string node_selector: description: Assign the Mesh Ingress Pod to the specified node. type: string tolerations: description: Scheduling tolerations for the Mesh Ingress instance. type: string topology_spread_constraints: description: Topology spread constraints for the Mesh Ingress instance. type: string required: - deployment_name type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of AWXMeshIngress type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: awxrestores.awx.ansible.com spec: group: awx.ansible.com names: kind: AWXRestore listKind: AWXRestoreList plural: awxrestores singular: awxrestore scope: Namespaced versions: - name: v1beta1 schema: openAPIV3Schema: description: Schema validation for the AWXRestore CRD properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: additional_labels: description: Additional labels defined on the resource, which should be propagated to child resources items: type: string type: array backup_dir: description: Backup directory name, set as a status found on the awxbackup object (backupDirectory) type: string backup_name: description: AWXBackup object name type: string backup_pvc: description: Name of the PVC to be restored from, set as a status found on the awxbackup object (backupClaim) type: string backup_pvc_namespace: description: (Deprecated) Namespace the PVC is in type: string backup_source: description: Backup source enum: - Backup CR - PVC type: string cluster_name: description: Cluster name type: string db_management_pod_node_selector: description: nodeSelector for the Postgres pods to backup type: string deployment_name: description: Name of the restored deployment. This should be different from the original deployment name if the original deployment still exists. type: string force_drop_db: default: false description: Force drop the database before restoring. USE WITH CAUTION! type: boolean image_pull_policy: default: IfNotPresent description: The image pull policy enum: - Always - always - Never - never - IfNotPresent - ifnotpresent type: string no_log: default: true description: Configure no_log for no_log tasks type: boolean postgres_image: description: Registry path to the PostgreSQL container to use type: string postgres_image_version: description: PostgreSQL container image version to use type: string postgres_label_selector: description: Label selector used to identify postgres pod for backing up data type: string restore_resource_requirements: description: Resource requirements for the management pod that restores AWX from a backup properties: limits: properties: cpu: type: string memory: type: string type: object requests: properties: cpu: type: string memory: type: string type: object type: object set_self_labels: default: true description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) type: boolean spec_overrides: description: Overrides for the AWX spec type: object x-kubernetes-preserve-unknown-fields: true required: - deployment_name type: object x-kubernetes-preserve-unknown-fields: true status: properties: conditions: description: The resulting conditions when a Service Telemetry is instantiated items: properties: lastTransitionTime: type: string reason: type: string status: type: string type: type: string type: object type: array restoreComplete: description: Restore process complete type: boolean type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: awxs.awx.ansible.com spec: group: awx.ansible.com names: kind: AWX listKind: AWXList plural: awxs singular: awx scope: Namespaced versions: - name: v1beta1 schema: openAPIV3Schema: description: Schema validation for the AWX CRD properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: additional_labels: description: Additional labels defined on the resource, which should be propagated to child resources items: type: string type: array admin_email: description: The admin user email type: string admin_password_secret: description: Secret where the admin password can be found maxLength: 255 pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ type: string admin_user: default: admin description: Username to use for the admin account type: string affinity: description: If specified, the pod's scheduling constraints properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object type: object annotations: description: Common annotations for both Web and Task deployments. type: string api_urlpattern_prefix: description: An optional configuration to add a prefix in the API URL path type: string api_version: description: apiVersion of the deployment type type: string auto_upgrade: default: true description: Should AWX instances be automatically upgraded when operator gets upgraded type: boolean broadcast_websocket_secret: description: Secret where the broadcast websocket secret can be found maxLength: 255 pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ type: string bundle_cacert_secret: description: Secret where can be found the trusted Certificate Authority Bundle type: string ca_trust_bundle: description: Path where the trusted CA bundle is available type: string control_plane_ee_image: description: Registry path to the Execution Environment container image to use on control plane pods type: string control_plane_priority_class: description: Assign a preexisting priority class to the control plane pods type: string create_preload_data: default: true description: Whether or not to preload data upon instance creation type: boolean csrf_cookie_secure: description: Set csrf cookie secure mode for web type: string deployment_type: description: Name of the deployment type type: string development_mode: description: If the deployment should be done in development mode type: boolean ee_extra_env: type: string ee_extra_volume_mounts: description: Specify volume mounts to be added to Execution container type: string ee_images: description: Registry path to the Execution Environment container to use items: properties: image: type: string name: type: string type: object type: array ee_pull_credentials_secret: description: Secret where pull credentials for registered ees can be found type: string ee_resource_requirements: description: Resource requirements for the ee container properties: limits: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object type: object extra_settings: description: Extra settings to specify for AWX items: properties: setting: type: string value: x-kubernetes-preserve-unknown-fields: true type: object type: array extra_settings_files: description: Extra ConfigMaps or Secrets of settings files to specify for AWX properties: configmaps: items: properties: key: type: string name: type: string type: object type: array secrets: items: properties: key: type: string name: type: string type: object type: array type: object extra_volumes: description: Specify extra volumes to add to the application pod type: string garbage_collect_secrets: default: false description: Whether or not to remove secrets upon instance removal type: boolean host_aliases: description: HostAliases for app containers items: properties: hostnames: items: type: string type: array ip: type: string type: object type: array hostname: description: (Deprecated) The hostname of the instance type: string image: description: Registry path to the application container to use type: string image_pull_policy: default: IfNotPresent description: The image pull policy enum: - Always - always - Never - never - IfNotPresent - ifnotpresent type: string image_pull_secret: description: (Deprecated) Image pull secret for app and database containers type: string image_pull_secrets: description: Image pull secrets for app and database containers items: type: string type: array image_version: description: Application container image version to use type: string ingress_annotations: description: Annotations to add to the Ingress Controller type: string ingress_api_version: description: The Ingress API version to use type: string ingress_class_name: description: The name of ingress class to use instead of the cluster default. type: string ingress_controller: description: Special configuration for specific Ingress Controllers type: string ingress_hosts: description: Ingress hostnames of the instance items: properties: hostname: description: Hostname of the instance type: string tls_secret: description: Secret where the Ingress TLS secret can be found type: string type: object type: array ingress_path: description: The ingress path used to reach the deployed service type: string ingress_path_type: description: The ingress path type for the deployed service type: string ingress_tls_secret: description: (Deprecated) Secret where the Ingress TLS secret can be found type: string ingress_type: description: The ingress type to use to reach the deployed instance enum: - none - Ingress - ingress - Route - route type: string init_container_extra_commands: description: Extra commands for the init container type: string init_container_extra_volume_mounts: description: Specify volume mounts to be added to the init container type: string init_container_image: description: Registry path to the init container to use type: string init_container_image_version: description: Init container image version to use type: string init_container_resource_requirements: description: Resource requirements for the init container properties: limits: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object type: object init_projects_container_image: description: Registry path to the init projects container to use type: string ipv6_disabled: default: false description: Disable web container's nginx ipv6 listener type: boolean kind: description: Kind of the deployment type type: string ldap_cacert_secret: description: Secret where can be found the LDAP trusted Certificate Authority Bundle type: string ldap_password_secret: description: Secret where can be found the LDAP bind password type: string loadbalancer_class: default: "" description: Class of LoadBalancer to use type: string loadbalancer_ip: default: "" description: Assign LoadBalancer IP address type: string loadbalancer_port: default: 80 description: Port to use for the loadbalancer type: integer loadbalancer_protocol: default: http description: Protocol to use for the loadbalancer enum: - http - https type: string metrics_utility_configmap: description: Metrics-Utility ConfigMap type: string metrics_utility_console_enabled: default: false description: Enable metrics utility shipping to Red Hat Hybrid Cloud Console type: boolean metrics_utility_cronjob_gather_schedule: default: '@hourly' description: Metrics-Utility Gather Data CronJob Schedule type: string metrics_utility_cronjob_report_schedule: default: '@monthly' description: Metrics-Utility Report CronJob Schedule type: string metrics_utility_enabled: default: false description: Enable metrics utility type: boolean metrics_utility_image: description: Metrics-Utility Image type: string metrics_utility_image_pull_policy: description: Metrics-Utility Image PullPolicy type: string metrics_utility_image_version: description: Metrics-Utility Image Version type: string metrics_utility_pvc_claim: description: Metrics-Utility PVC Claim type: string metrics_utility_pvc_claim_size: default: 5Gi description: Metrics-Utility PVC Claim Size type: string metrics_utility_pvc_claim_storage_class: description: Metrics-Utility PVC Claim Storage Class type: string metrics_utility_secret: description: Metrics-Utility Secret type: string metrics_utility_ship_target: description: Metrics-Utility Ship Target type: string nginx_listen_queue_size: description: Set the socket listen queue size for nginx (defaults to same as uwsgi) type: integer nginx_worker_connections: description: Set the number of connections per worker for nginx type: integer nginx_worker_cpu_affinity: description: Set the CPU affinity for nginx workers type: string nginx_worker_processes: description: Set the number of workers for nginx type: integer no_log: default: true description: Configure no_log for no_log tasks type: boolean node_selector: description: nodeSelector for the pods type: string nodeport_port: description: Port to use for the nodeport type: integer old_postgres_configuration_secret: description: Secret where the old database configuration can be found for data migration maxLength: 255 pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ type: string postgres_configuration_secret: description: Secret where the database configuration can be found type: string postgres_data_volume_init: description: Sets permissions on the /var/lib/pgdata/data for postgres container using an init container (not Openshift) type: boolean postgres_extra_args: items: type: string type: array postgres_extra_volume_mounts: description: Specify volume mounts to be added to Postgres container type: string postgres_extra_volumes: description: Specify extra volumes to add to the application pod type: string postgres_image: description: Registry path to the PostgreSQL container to use type: string postgres_image_version: description: PostgreSQL container image version to use type: string postgres_init_container_commands: description: Customize the postgres init container commands (Non Openshift) type: string postgres_init_container_resource_requirements: description: (Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container properties: limits: properties: cpu: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string memory: type: string storage: type: string type: object type: object postgres_keep_pvc_after_upgrade: description: Specify whether or not to keep the old PVC after PostgreSQL upgrades type: boolean postgres_keepalives: default: true description: Controls whether client-side TCP keepalives are used for Postgres connections. type: boolean postgres_keepalives_count: default: 5 description: Controls the number of TCP keepalives that can be lost before the client's connection to the server is considered dead. format: int32 type: integer postgres_keepalives_idle: default: 5 description: Controls the number of seconds of inactivity after which TCP should send a keepalive message to the server. format: int32 type: integer postgres_keepalives_interval: default: 5 description: Controls the number of seconds after which a TCP keepalive message that is not acknowledged by the server should be retransmitted. format: int32 type: integer postgres_label_selector: description: Label selector used to identify postgres pod for data migration type: string postgres_priority_class: description: Assign a preexisting priority class to the postgres pod type: string postgres_resource_requirements: description: Resource requirements for the PostgreSQL container properties: limits: properties: cpu: type: string memory: type: string type: object requests: properties: cpu: type: string memory: type: string type: object type: object postgres_security_context_settings: description: Key/values that will be set under the pod-level securityContext field type: object x-kubernetes-preserve-unknown-fields: true postgres_selector: description: nodeSelector for the Postgres pods type: string postgres_storage_class: description: Storage class to use for the PostgreSQL PVC type: string postgres_storage_requirements: description: Storage requirements for the PostgreSQL container properties: limits: properties: storage: type: string type: object requests: properties: storage: type: string type: object type: object postgres_tolerations: description: node tolerations for the Postgres pods type: string projects_existing_claim: description: PersistentVolumeClaim to mount /var/lib/projects directory type: string projects_persistence: default: false description: Whether or not the /var/lib/projects directory will be persistent type: boolean projects_storage_access_mode: default: ReadWriteMany description: AccessMode for the /var/lib/projects PersistentVolumeClaim type: string projects_storage_class: description: Storage class for the /var/lib/projects PersistentVolumeClaim type: string projects_storage_size: default: 8Gi description: Size for the /var/lib/projects PersistentVolumeClaim type: string projects_use_existing_claim: description: Using existing PersistentVolumeClaim enum: - _Yes_ - _No_ type: string receptor_log_level: description: Set log level of receptor service type: string redis_capabilities: description: Redis container capabilities items: type: string type: array redis_image: description: Registry path to the redis container to use type: string redis_image_version: description: Redis container image version to use type: string redis_resource_requirements: description: Resource requirements for the redis container properties: limits: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object type: object replicas: default: 1 description: Number of instance replicas format: int32 type: integer route_api_version: description: The route API version to use type: string route_host: description: The DNS to use to points to the instance type: string route_tls_secret: description: Secret where the TLS related credentials are stored type: string route_tls_termination_mechanism: default: Edge description: The secure TLS termination mechanism to use enum: - Edge - edge - Passthrough - passthrough type: string rsyslog_args: items: type: string type: array rsyslog_command: items: type: string type: array rsyslog_extra_env: type: string rsyslog_extra_volume_mounts: description: Specify volume mounts to be added to the Rsyslog container type: string rsyslog_resource_requirements: description: Resource requirements for the rsyslog container properties: limits: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object type: object secret_key_secret: description: Secret where the secret key can be found maxLength: 255 pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ type: string security_context_settings: description: Key/values that will be set under the pod-level securityContext field type: object x-kubernetes-preserve-unknown-fields: true service_account_annotations: description: ServiceAccount annotations type: string service_annotations: description: Annotations to add to the service type: string service_labels: description: Additional labels to apply to the service type: string service_type: description: The service type to be used on the deployed instance enum: - LoadBalancer - loadbalancer - ClusterIP - clusterip - NodePort - nodeport type: string session_cookie_secure: description: Set session cookie secure mode for web type: string set_self_labels: default: true description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) type: boolean task_affinity: description: If specified, the pod's scheduling constraints properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object type: object task_annotations: description: Task deployment annotations. This will override the general annotations parameter for the Task deployment. type: string task_args: items: type: string type: array task_command: items: type: string type: array task_extra_env: type: string task_extra_volume_mounts: description: Specify volume mounts to be added to Task container type: string task_liveness_failure_threshold: default: 3 description: Number of consecutive failure events to identify failure of task pod format: int32 type: integer task_liveness_initial_delay: default: 5 description: Initial delay before starting liveness checks on task pod format: int32 type: integer task_liveness_period: default: 0 description: Time period in seconds between each liveness check for the task pod format: int32 type: integer task_liveness_timeout: default: 1 description: Number of seconds to wait for a probe response from task pod format: int32 type: integer task_manage_replicas: default: true description: Enables operator control of replicas count for the task deployment when set to 'true' type: boolean task_node_selector: description: nodeSelector for the task pods type: string task_privileged: default: false description: If a privileged security context should be enabled type: boolean task_readiness_failure_threshold: default: 3 description: Number of consecutive failure events to identify failure of task pod format: int32 type: integer task_readiness_initial_delay: default: 20 description: Initial delay before starting readiness checks on task pod format: int32 type: integer task_readiness_period: default: 0 description: Time period in seconds between each readiness check for the task pod format: int32 type: integer task_readiness_timeout: default: 1 description: Number of seconds to wait for a probe response from task pod format: int32 type: integer task_replicas: description: Number of task instance replicas format: int32 type: integer task_resource_requirements: description: Resource requirements for the task container properties: limits: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object type: object task_tolerations: description: node tolerations for the task pods type: string task_topology_spread_constraints: description: topology rule(s) for the task pods type: string termination_grace_period_seconds: description: Optional duration in seconds pods needs to terminate gracefully format: int32 type: integer tolerations: description: node tolerations for the pods type: string topology_spread_constraints: description: topology rule(s) for the pods type: string uwsgi_listen_queue_size: description: Set the socket listen queue size for uwsgi type: integer uwsgi_processes: description: Set the number of uwsgi processes to run in a web container type: integer web_affinity: description: If specified, the pod's scheduling constraints properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object type: object web_annotations: description: Web deployment annotations. This will override the general annotations parameter for the Web deployment. type: string web_args: items: type: string type: array web_command: items: type: string type: array web_extra_env: type: string web_extra_volume_mounts: description: Specify volume mounts to be added to the Web container type: string web_liveness_failure_threshold: default: 3 description: Number of consecutive failure events to identify failure of web pod format: int32 type: integer web_liveness_initial_delay: default: 5 description: Initial delay before starting liveness checks on web pod format: int32 type: integer web_liveness_period: default: 0 description: Time period in seconds between each liveness check for the web pod format: int32 type: integer web_liveness_timeout: default: 1 description: Number of seconds to wait for a probe response from web pod format: int32 type: integer web_manage_replicas: default: true description: Enables operator control of replicas count for the web deployment when set to 'true' type: boolean web_node_selector: description: nodeSelector for the web pods type: string web_readiness_failure_threshold: default: 3 description: Number of consecutive failure events to identify failure of web pod format: int32 type: integer web_readiness_initial_delay: default: 20 description: Initial delay before starting readiness checks on web pod format: int32 type: integer web_readiness_period: default: 0 description: Time period in seconds between each readiness check for the web pod format: int32 type: integer web_readiness_timeout: default: 1 description: Number of seconds to wait for a probe response from web pod format: int32 type: integer web_replicas: description: Number of web instance replicas format: int32 type: integer web_resource_requirements: description: Resource requirements for the web container properties: limits: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object requests: properties: cpu: type: string ephemeral-storage: type: string memory: type: string storage: type: string type: object type: object web_tolerations: description: node tolerations for the web pods type: string web_topology_spread_constraints: description: topology rule(s) for the web pods type: string type: object status: properties: URL: description: URL to access the deployed instance type: string adminPasswordSecret: description: Admin password secret name of the deployed instance type: string adminUser: description: Admin user of the deployed instance type: string broadcastWebsocketSecret: description: Broadcast websocket secret name of the deployed instance type: string conditions: description: The resulting conditions when a Service Telemetry is instantiated items: properties: lastTransitionTime: type: string reason: type: string status: type: string type: type: string type: object type: array image: description: URL of the image used for the deployed instance type: string migratedFromSecret: description: The secret used for migrating an old instance type: string postgresConfigurationSecret: description: Postgres Configuration secret name of the deployed instance type: string secretKeySecret: description: Secret key secret name of the deployed instance type: string upgradedPostgresVersion: description: Status to indicate that the database has been upgraded to the version in the status type: string version: description: Version of the deployed instance type: string type: object type: object served: true storage: true subresources: status: {} --- apiVersion: v1 kind: ServiceAccount metadata: name: awx-operator-controller-manager namespace: awx --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: creationTimestamp: null name: awx-operator-awx-manager-role namespace: awx rules: - apiGroups: - route.openshift.io resources: - routes - routes/custom-host verbs: - get - list - create - delete - patch - update - watch - apiGroups: - "" resources: - pods - services - services/finalizers - serviceaccounts - endpoints - persistentvolumeclaims - events - configmaps - secrets verbs: - get - list - create - delete - patch - update - watch - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - get - list - create - delete - patch - update - watch - apiGroups: - apps resources: - deployments - daemonsets - replicasets - statefulsets verbs: - get - list - create - delete - patch - update - watch - apiGroups: - networking.k8s.io resources: - ingresses verbs: - get - list - create - delete - patch - update - watch - apiGroups: - batch resources: - cronjobs - jobs verbs: - get - list - create - patch - update - watch - apiGroups: - monitoring.coreos.com resources: - servicemonitors verbs: - get - create - apiGroups: - apps resourceNames: - awx-operator resources: - deployments/finalizers verbs: - update - apiGroups: - apps resources: - deployments/scale - statefulsets/scale verbs: - patch - apiGroups: - "" resources: - pods/exec - pods/attach - pods/log verbs: - create - get - apiGroups: - apps resources: - replicasets verbs: - get - create - apiGroups: - awx.ansible.com resources: - '*' - awxbackups - awxrestores verbs: - '*' - apiGroups: - traefik.containo.us - traefik.io resources: - ingressroutetcps verbs: - get - list - create - delete - patch - update - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: awx-operator-leader-election-role namespace: awx rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awx-operator-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awx-operator-proxy-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: awx-operator-awx-manager-rolebinding namespace: awx roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: awx-operator-awx-manager-role subjects: - kind: ServiceAccount name: awx-operator-controller-manager namespace: awx --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: awx-operator-leader-election-rolebinding namespace: awx roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: awx-operator-leader-election-role subjects: - kind: ServiceAccount name: awx-operator-controller-manager namespace: awx --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: awx-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: awx-operator-proxy-role subjects: - kind: ServiceAccount name: awx-operator-controller-manager namespace: awx --- apiVersion: v1 data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 kind: ControllerManagerConfig health: healthProbeBindAddress: :6789 metrics: bindAddress: 127.0.0.1:8080 leaderElection: leaderElect: true resourceName: 811c9dc5.ansible.com # leaderElectionReleaseOnCancel defines if the leader should step down volume # when the Manager ends. This requires the binary to immediately end when the # Manager is stopped, otherwise, this setting is unsafe. Setting this significantly # speeds up voluntary leader transitions as the new leader don't have to wait # LeaseDuration time first. # In the default scaffold provided, the program ends immediately after # the manager stops, so would be fine to enable this option. However, # if you are doing or is intended to do any operation such as perform cleanups # after the manager stops then its usage might be unsafe. # leaderElectionReleaseOnCancel: true kind: ConfigMap metadata: name: awx-operator-awx-manager-config namespace: awx --- apiVersion: v1 kind: Service metadata: labels: control-plane: controller-manager name: awx-operator-controller-manager-metrics-service namespace: awx spec: ports: - name: https port: 8443 protocol: TCP targetPort: https selector: control-plane: controller-manager --- apiVersion: apps/v1 kind: Deployment metadata: labels: control-plane: controller-manager name: awx-operator-controller-manager namespace: awx spec: replicas: 1 selector: matchLabels: control-plane: controller-manager template: metadata: annotations: kubectl.kubernetes.io/default-container: awx-manager labels: control-plane: controller-manager spec: containers: - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=0 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https protocol: TCP resources: limits: cpu: 500m memory: 128Mi requests: cpu: 5m memory: 64Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL - args: - --health-probe-bind-address=:6789 - --metrics-bind-address=127.0.0.1:8080 - --leader-elect - --leader-election-id=awx-operator env: - name: ANSIBLE_GATHERING value: explicit - name: ANSIBLE_DEBUG_LOGS value: "false" - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: quay.io/ansible/awx-operator:2.19.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /healthz port: 6789 initialDelaySeconds: 15 periodSeconds: 20 name: awx-manager readinessProbe: httpGet: path: /readyz port: 6789 initialDelaySeconds: 5 periodSeconds: 10 resources: limits: cpu: 1500m memory: 960Mi requests: cpu: 50m memory: 32Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL imagePullSecrets: - name: redhat-operators-pull-secret securityContext: runAsNonRoot: true serviceAccountName: awx-operator-controller-manager terminationGracePeriodSeconds: 10