Platforms, technologies and services can be linked to the Resiliency Operator to enable process automation and data synchronization.
This is the multi-page printable view of this section. Click here to print.
Assets
Assets management
- 1: Introduction
- 2: Buckets
- 2.1: Import GCP Cloud Storage
- 2.2: Import generic bucket
- 2.3: Configurations
- 2.4: API Reference
- 3: Databases
- 3.1: Import Zookeeper
- 4: Kubernetes Clusters
- 4.1: Import
- 4.2: Configurations
- 4.3: API Reference
1 - Introduction
Asset introduction
An Asset is any kind of platform, technology or service that can be imported into the operator to improve its resiliency. Assets can include Kubernetes clusters and databases.
Asset types
Kubernetes Cluster
While the system is designed to be compatible with all kinds of Kubernetes clusters, official support and testing are limited to a specific list of Kubernetes distributions. This ensures that the synchronization process is reliable, consistent, and well-supported.
This is the list of officially supported Kubernetes distributions:
| Distribution | Versions |
|---|---|
| OpenShift Container Platform | 4.12+ |
| Azure Kubernetes Service (AKS) | 1.28+ |
| Elastic Kubernetes Service (EKS) | 1.26+ |
| Google Kubernetes Engine (GKE) | 1.28+ |
Buckets
Public cloud storage containers for objects stored in simple storage service.
Databases
| Database | Versions |
|---|---|
| Zookeeper | 3.6+ |
2 - Buckets
Manage Buckets
2.1 - Import GCP Cloud Storage
How-to import a bucke from GCP Cloud Storage
Buckets hosted in Cloud Storage can be imported as GCP CLoud Storage.
Requirements
The Bucket properties:
- Bucket name
- GCP project ID
The credentials to access the bucket:
- The ServiceAccount key
Process
1. Create the Secret
Store the following file as secret.yaml and substitute the template parameters with real ones.
apiVersion: v1
kind: Secret
metadata:
name: bucket-credentials
stringData:
application_default_credentials.json: '{...}'
Then create the Secret with the following command:
kubectl -n <namespace_name> apply -f secret.yaml
2. Create the object
Store the following file as bucket.yaml and substitute the template parameters with real ones.
apiVersion: assets.astronetes.io/v1alpha1
kind: Bucket
metadata:
name: <name>
namespace: <namespace>
spec:
gcpCloudStorage:
name: <gcp-project-name>
projectID: <gcp-project-id>
secretName: gcp-bucket
Deploy the resource with the following command:
kubectl create -f bucket.yaml
2.2 - Import generic bucket
How-to import a generic bucket
Buckets that support AWS S3 protocol (like Minio), can be imported as a generic bucket.
Requirements
The Bucket properties:
- Bucket endpoint
- Bucket name
The credentials to access the bucket:
- The access key ID
- The ssecret access key
Process
1. Create the Secret
Store the following file as secret.yaml and substitute the template parameters with real ones.
apiVersion: v1
kind: Secret
metadata:
name: bucket-credentials
stringData:
accessKeyID: <access_key_id>
secretAccessKey: <secret_access_key>
Then create the Secret with the following command:
kubectl -n <namespace_name> apply -f secret.yaml
2. Create the Bucket
Store the following file as bucket.yaml and substitute the template parameters with real ones.
apiVersion: assets.astronetes.io/v1alpha1
kind: Bucket
metadata:
name: <name>
namespace: <namespace>
spec:
generic:
endpoint: mybucket.example.com
name: <bucket_name>
useSSL: true
secretName: bucket-credentials
Deploy the resource with the following command:
kubectl create -f bucket.yaml
2.3 - Configurations
Configure the Bucket import
Intro
The import of each Bucket can be configured with some specific parameters using the .spec.config attribute.
apiVersion: assets.astronetes.io/v1alpha1
kind: Bucket
metadata:
name: my-bucket
spec:
...
config: {}
Limit assigned resources
For each Bucket imported, a new Pod is deployed inside the same Namespace. The limit and requests resources can be set using the .spec.config.resources field.
Example:
apiVersion: assets.astronetes.io/v1alpha1
kind: Bucket
metadata:
name: my-cluster
spec:
...
config:
resources:
requests:
cpu: 1
memory: 2Gi
limits:
cpu: 2
memory: 2Gi
Filter the watched resources
By default, the operator will watch all the files in the bucket. You can filter the list of path to be watched by configuring the .spec.config.paths field.
Example:
apiVersion: assets.astronetes.io/v1alpha1
kind: Bucket
metadata:
name: my-bucket
spec:
...
config:
paths:
- example1/
Concurrency
The concurrency parameter can be used to improve the peformance of the operator on listening the changes that happens in the Bucket.
Example:
apiVersion: assets.astronetes.io/v1alpha1
kind: Bucket
metadata:
name: my-cluster
spec:
...
config:
concurrency: 200
2.4 - API Reference
Configuration details
Config
Customize the integration with a Bucket
| Field | Description | Type | Required |
|---|---|---|---|
concurrency | Concurrent processes to be executed to improve performance | int | false |
interval | Interval of which | string | false |
logLevel | Log level to be used by the related Pod | string | false |
observability | Observability configuration | ObservabilityConfig | false |
paths | Filter the list of paths to be listened | []string | false |
resources | Resources to be assigned to the synchronization Pod | ResourceRequirements | false |
ObservabilityConfig
Configure the synchronization process observability using Prometheus ServiceMonitor
| Field | Description | Type | Required |
|---|---|---|---|
enabled | Enable the Observability with a Prometheus ServiceMonitor | bool | false |
interval | Configure the interval in the ServiceMonitor that Prometheus will use to scrape metrics | Duration | false |
Duration
Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.
| Field | Description | Type | Required |
|---|
3 - Databases
Manage Databases
3.1 - Import Zookeeper
How-to import a Zookeeper database
Zookeeper clusters can be imported with the Database resource.
Requirements
- The Zookeeper server hosts
Process
1. Create the object
Define the Database resource with the following YAML, and save it as database.yaml:
apiVersion: assets.astronetes.io/v1alpha1
kind: Database
metadata:
name: zookeeper
spec:
zookeeper:
client:
servers:
- 172.18.0.4:30181
- 172.18.0.5:30181
- 172.18.0.6:30181
Deploy the resource with the following command:
kubectl create -f database.yaml
4 - Kubernetes Clusters
Manager Kubernetes Cluster
4.1 - Import
How-to import Kubernetes clusters
Any kind of KubernetesCluster can be imported in the operator. Credentials are stored in Kubernetes secrets from which the KubernetesCluster collection access to connect to the clusters.
Once you have imported the KubernetesCluster, all the resources in the cluster that can be watched, will be read by the operator.
Requirements
- The kubeconfig file to access the cluster
Process
1. Create the Secret
Get the kubeconfig file that can be used to access the cluster, and save it as kubeconfig.yaml.
Then create the Secret with the following command:
kubectl create secret generic source --from-file=kubeconfig.yaml=kubeconfig.yaml
2. Create the KubernetesCluster
Define the KubernetesCluster object with the following YAML, and save it as cluster.yaml:
apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
name: cluster-1
spec:
secretName: <secret_name>
Deploy the resource with the following command:
kubectl create -f cluster.yaml
4.2 - Configurations
Configure the Kubernetes Clusters import
Intro
The import of each KubernetesCluster can be configured with some specific parameters using the .spec.config attribute.
apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
name: my-cluster
spec:
secretName: my-cluster-secret
config: {}
Limit assigned resources
For each Kubernetes Cluster imported, a new Pod is deployed inside the same Namespace. The limit and requestsresources can be set using the.spec.config.resources` field.
Example:
apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
name: my-cluster
spec:
secretName: my-cluster-secret
config:
resources:
requests:
cpu: 1
memory: 2Gi
limits:
cpu: 2
memory: 2Gi
Filter the watched resources
By default, the operator will watch all the available resources int he cluster that can be watched. You can filter the list of this resources by configuring the .spec.config.selectors field.
Example:
apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
name: my-cluster
spec:
secretName: my-cluster-secret
config:
selectors:
targets:
- group: ""
version: v1
resources:
- namespaces
- secrets
- configmaps
- serviceaccounts
- resourcequotas
- limitranges
- persistentvolumeclaims
- group: policy
version: v1
resources:
- poddisruptionbudgets
Concurrency
The concurrency parameter can be used to improve the peformance of the operator on listening the changes that happens in the Kubernetes Cluster.
Example:
apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
name: my-cluster
spec:
secretName: my-cluster-secret
config:
concurrency: 200
4.3 - API Reference
Configuration details
Config
Customize the integration with a KubernetesCluster
| Field | Description | Type | Required |
|---|---|---|---|
concurrency | Concurrent processes to be executed to improve performance | int | false |
logLevel | Log level to be used by the related Pod | string | false |
observability | Observability configuration | ObservabilityConfig | false |
resources | Resources to be assigned to the synchronization Pod | ResourceRequirements | false |
selectors | Filter the list of resources to be listened | KubernetesClusterSelectors | false |
ObservabilityConfig
Configure the synchronization process observability using Prometheus ServiceMonitor
| Field | Description | Type | Required |
|---|---|---|---|
enabled | Enable the Observability with a Prometheus ServiceMonitor | bool | false |
interval | Configure the interval in the ServiceMonitor that Prometheus will use to scrape metrics | Duration | false |
Duration
Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.
| Field | Description | Type | Required |
|---|
KubernetesClusterSelectors
Filter the Kubernetes objects that should be read from the cluster. All defined selectors are combined using AND logic.
| Field | Description | Type | Required |
|---|---|---|---|
objectSelector | Rules to filter Kubernetes objects by ObjectSelector | ObjectSelector | false |
namespaceSelector | Rules to filter Kubernetes objects by NamespaceSelector | NamespaceSelector | false |
targets | Kuberentes resourcs to be usedr | []GroupVersionResources | false |
ObjectSelector
| Field | Description | Type | Required |
|---|---|---|---|
nameSelector | Filter objects by their name | NameSelector | false |
labelSelector | Filter objects by their labels | LabelSelector | false |
NameSelector
Select object by their name
| Field | Description | Type | Required |
|---|---|---|---|
includeRegex | Include names that matches at least one regex | []string | false |
excludeRegex | Exlcude names that matches at least one regex | []string | false |
LabelSelector
A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. +structType=atomic
| Field | Description | Type | Required |
|---|---|---|---|
matchLabels | matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is “key”, theoperator is “In”, and the values array contains only “value”. The requirements are ANDed.+optional | map[string]string | false |
matchExpressions | matchExpressions is a list of label selector requirements. The requirements are ANDed.+optional+listType=atomic | []LabelSelectorRequirement | false |
LabelSelectorRequirement
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
| Field | Description | Type | Required |
|---|---|---|---|
key | key is the label key that the selector applies to. | string | true |
operator | operator represents a key’s relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist. | LabelSelectorOperator | true |
values | values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.+optional+listType=atomic | []string | false |
LabelSelectorOperator
A label selector operator is the set of operators that can be used in a selector requirement.
| Field | Description | Type | Required |
|---|
NamespaceSelector
| Field | Description | Type | Required |
|---|---|---|---|
nameSelector | Filter Namespaces by their name | NameSelector | false |
labelSelector | Filter Namespaces by their labels | LabelSelector | false |
GroupVersionResources
Select a set of GroupVersionResource
| Field | Description | Type | Required |
|---|---|---|---|
group | Kubernetes resource group. Example: apps | string | true |
version | Kubernetes resource version. Example: v1 | string | true |
resources | Kubernetes resource names. Example: deployments | []string | false |