Documentation
¶
Index ¶
- type AuthFailureListeners
- type AzureMigration
- type Cpu
- type GcsMigration
- type IndexPatterns
- type IndexRollup
- type IndexTemplate
- type InternalAuthenticationBackendLimiting
- type IpFilter
- type IpRateLimiting
- type Latency
- type Memory
- type Node
- type NodeDuress
- type Openid
- type Opensearch
- type OpensearchDashboards
- type OpensearchUserConfig
- type OperatingFactor
- type PrimaryParameter
- type PrivateAccess
- type PrivatelinkAccess
- type PublicAccess
- type S3Migration
- type Saml
- type SearchBackpressure
- type SearchInsightsTopQueries
- type SearchShardTask
- type SearchTask
- type Shard
- type ShardIndexingPressure
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthFailureListeners ¶ added in v0.14.0
type AuthFailureListeners struct {
InternalAuthenticationBackendLimiting *InternalAuthenticationBackendLimiting `groups:"create,update" json:"internal_authentication_backend_limiting,omitempty"`
// IP address rate limiting settings
IpRateLimiting *IpRateLimiting `groups:"create,update" json:"ip_rate_limiting,omitempty"`
}
Opensearch Security Plugin Settings
func (*AuthFailureListeners) DeepCopy ¶ added in v0.14.0
func (in *AuthFailureListeners) DeepCopy() *AuthFailureListeners
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthFailureListeners.
func (*AuthFailureListeners) DeepCopyInto ¶ added in v0.14.0
func (in *AuthFailureListeners) DeepCopyInto(out *AuthFailureListeners)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AzureMigration ¶ added in v0.25.0
type AzureMigration struct {
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Account name
Account string `groups:"create,update" json:"account"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The path to the repository data within its container. The value of this setting should not start or end with a /
BasePath string `groups:"create,update" json:"base_path"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Big files can be broken down into chunks during snapshotting if needed. Should be the same as for the 3rd party repository
ChunkSize *string `groups:"create,update" json:"chunk_size,omitempty"`
// when set to true metadata files are stored in compressed format
Compress *bool `groups:"create,update" json:"compress,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Azure container name
Container string `groups:"create,update" json:"container"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Defines the DNS suffix for Azure Storage endpoints.
EndpointSuffix *string `groups:"create,update" json:"endpoint_suffix,omitempty"`
// Whether to restore aliases alongside their associated indexes. Default is true.
IncludeAliases *bool `groups:"create,update" json:"include_aliases,omitempty"`
// +kubebuilder:validation:Pattern=`^(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?)(,(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?))*[,]?$`
// A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported.
Indices string `groups:"create,update" json:"indices"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Azure account secret key. One of key or sas_token should be specified
Key *string `groups:"create,update" json:"key,omitempty"`
// If true, restore the cluster state. Defaults to false
RestoreGlobalState *bool `groups:"create,update" json:"restore_global_state,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// A shared access signatures (SAS) token. One of key or sas_token should be specified
SasToken *string `groups:"create,update" json:"sas_token,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The snapshot name to restore from
SnapshotName string `groups:"create,update" json:"snapshot_name"`
}
Azure migration settings
func (*AzureMigration) DeepCopy ¶ added in v0.25.0
func (in *AzureMigration) DeepCopy() *AzureMigration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureMigration.
func (*AzureMigration) DeepCopyInto ¶ added in v0.25.0
func (in *AzureMigration) DeepCopyInto(out *AzureMigration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Cpu ¶ added in v0.26.0
type Cpu struct {
// Enable or disable top N query monitoring by the metric
Enabled *bool `groups:"create,update" json:"enabled,omitempty"`
// +kubebuilder:validation:Minimum=1
// Specify the value of N for the top N queries by the metric
TopNSize *int `groups:"create,update" json:"top_n_size,omitempty"`
// +kubebuilder:validation:Pattern=`^(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?)(,(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?))*[,]?$`
// The window size of the top N queries by the metric
WindowSize *string `groups:"create,update" json:"window_size,omitempty"`
}
Top N queries monitoring by CPU
func (*Cpu) DeepCopy ¶ added in v0.26.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Cpu.
func (*Cpu) DeepCopyInto ¶ added in v0.26.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GcsMigration ¶ added in v0.25.0
type GcsMigration struct {
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The path to the repository data within its container. The value of this setting should not start or end with a /
BasePath string `groups:"create,update" json:"base_path"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The path to the repository data within its container
Bucket string `groups:"create,update" json:"bucket"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Big files can be broken down into chunks during snapshotting if needed. Should be the same as for the 3rd party repository
ChunkSize *string `groups:"create,update" json:"chunk_size,omitempty"`
// when set to true metadata files are stored in compressed format
Compress *bool `groups:"create,update" json:"compress,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Google Cloud Storage credentials file content
Credentials string `groups:"create,update" json:"credentials"`
// Whether to restore aliases alongside their associated indexes. Default is true.
IncludeAliases *bool `groups:"create,update" json:"include_aliases,omitempty"`
// +kubebuilder:validation:Pattern=`^(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?)(,(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?))*[,]?$`
// A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported.
Indices string `groups:"create,update" json:"indices"`
// If true, restore the cluster state. Defaults to false
RestoreGlobalState *bool `groups:"create,update" json:"restore_global_state,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The snapshot name to restore from
SnapshotName string `groups:"create,update" json:"snapshot_name"`
}
Google Cloud Storage migration settings
func (*GcsMigration) DeepCopy ¶ added in v0.25.0
func (in *GcsMigration) DeepCopy() *GcsMigration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GcsMigration.
func (*GcsMigration) DeepCopyInto ¶ added in v0.25.0
func (in *GcsMigration) DeepCopyInto(out *GcsMigration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IndexPatterns ¶
type IndexPatterns struct {
// +kubebuilder:validation:Minimum=0
// Maximum number of indexes to keep
MaxIndexCount int `groups:"create,update" json:"max_index_count"`
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[A-Za-z0-9-_.*?]+$`
// fnmatch pattern
Pattern string `groups:"create,update" json:"pattern"`
// +kubebuilder:validation:Enum="alphabetical";"creation_date"
// Deletion sorting algorithm
SortingAlgorithm *string `groups:"create,update" json:"sorting_algorithm,omitempty"`
}
Allows you to create glob style patterns and set a max number of indexes matching this pattern you want to keep. Creating indexes exceeding this value will cause the oldest one to get deleted. You could for example create a pattern looking like 'logs.?' and then create index logs.1, logs.2 etc, it will delete logs.1 once you create logs.6. Do note 'logs.?' does not apply to logs.10. Note: Setting max_index_count to 0 will do nothing and the pattern gets ignored.
func (*IndexPatterns) DeepCopy ¶
func (in *IndexPatterns) DeepCopy() *IndexPatterns
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IndexPatterns.
func (*IndexPatterns) DeepCopyInto ¶
func (in *IndexPatterns) DeepCopyInto(out *IndexPatterns)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IndexRollup ¶ added in v0.25.0
type IndexRollup struct {
// Whether rollups are enabled in OpenSearch Dashboards. Defaults to true.
RollupDashboardsEnabled *bool `groups:"create,update" json:"rollup_dashboards_enabled,omitempty"`
// Whether the rollup plugin is enabled. Defaults to true.
RollupEnabled *bool `groups:"create,update" json:"rollup_enabled,omitempty"`
// +kubebuilder:validation:Minimum=1
// How many retries the plugin should attempt for failed rollup jobs. Defaults to 5.
RollupSearchBackoffCount *int `groups:"create,update" json:"rollup_search_backoff_count,omitempty"`
// +kubebuilder:validation:Minimum=1
// The backoff time between retries for failed rollup jobs. Defaults to 1000ms.
RollupSearchBackoffMillis *int `groups:"create,update" json:"rollup_search_backoff_millis,omitempty"`
// Whether OpenSearch should return all jobs that match all specified search terms. If disabled, OpenSearch returns just one, as opposed to all, of the jobs that matches the search terms. Defaults to false.
RollupSearchSearchAllJobs *bool `groups:"create,update" json:"rollup_search_search_all_jobs,omitempty"`
}
Index rollup settings
func (*IndexRollup) DeepCopy ¶ added in v0.25.0
func (in *IndexRollup) DeepCopy() *IndexRollup
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IndexRollup.
func (*IndexRollup) DeepCopyInto ¶ added in v0.25.0
func (in *IndexRollup) DeepCopyInto(out *IndexRollup)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IndexTemplate ¶
type IndexTemplate struct {
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=100000
// The maximum number of nested JSON objects that a single document can contain across all nested types. This limit helps to prevent out of memory errors when a document contains too many nested objects. Default is 10000.
MappingNestedObjectsLimit *int `groups:"create,update" json:"mapping_nested_objects_limit,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=29
// The number of replicas each primary shard has.
NumberOfReplicas *int `groups:"create,update" json:"number_of_replicas,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=1024
// The number of primary shards that an index should have.
NumberOfShards *int `groups:"create,update" json:"number_of_shards,omitempty"`
}
Template settings for all new indexes
func (*IndexTemplate) DeepCopy ¶
func (in *IndexTemplate) DeepCopy() *IndexTemplate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IndexTemplate.
func (*IndexTemplate) DeepCopyInto ¶
func (in *IndexTemplate) DeepCopyInto(out *IndexTemplate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InternalAuthenticationBackendLimiting ¶ added in v0.14.0
type InternalAuthenticationBackendLimiting struct {
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// The number of login attempts allowed before login is blocked
AllowedTries *int `groups:"create,update" json:"allowed_tries,omitempty"`
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Enum="internal"
// internal_authentication_backend_limiting.authentication_backend
AuthenticationBackend *string `groups:"create,update" json:"authentication_backend,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=2147483647
// The duration of time that login remains blocked after a failed login
BlockExpirySeconds *int `groups:"create,update" json:"block_expiry_seconds,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=2147483647
// internal_authentication_backend_limiting.max_blocked_clients
MaxBlockedClients *int `groups:"create,update" json:"max_blocked_clients,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=2147483647
// The maximum number of tracked IP addresses that have failed login
MaxTrackedClients *int `groups:"create,update" json:"max_tracked_clients,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=2147483647
// The window of time in which the value for `allowed_tries` is enforced
TimeWindowSeconds *int `groups:"create,update" json:"time_window_seconds,omitempty"`
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Enum="username"
// internal_authentication_backend_limiting.type
Type *string `groups:"create,update" json:"type,omitempty"`
}
func (*InternalAuthenticationBackendLimiting) DeepCopy ¶ added in v0.14.0
func (in *InternalAuthenticationBackendLimiting) DeepCopy() *InternalAuthenticationBackendLimiting
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InternalAuthenticationBackendLimiting.
func (*InternalAuthenticationBackendLimiting) DeepCopyInto ¶ added in v0.14.0
func (in *InternalAuthenticationBackendLimiting) DeepCopyInto(out *InternalAuthenticationBackendLimiting)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IpFilter ¶
type IpFilter struct {
// +kubebuilder:validation:MaxLength=1024
// Description for IP filter list entry
Description *string `groups:"create,update" json:"description,omitempty"`
// +kubebuilder:validation:MaxLength=43
// CIDR address block
Network string `groups:"create,update" json:"network"`
}
CIDR address block, either as a string, or in a dict with an optional description field
func (*IpFilter) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IpFilter.
func (*IpFilter) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IpRateLimiting ¶ added in v0.14.0
type IpRateLimiting struct {
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// The number of login attempts allowed before login is blocked
AllowedTries *int `groups:"create,update" json:"allowed_tries,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=36000
// The duration of time that login remains blocked after a failed login
BlockExpirySeconds *int `groups:"create,update" json:"block_expiry_seconds,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=2147483647
// The maximum number of blocked IP addresses
MaxBlockedClients *int `groups:"create,update" json:"max_blocked_clients,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=2147483647
// The maximum number of tracked IP addresses that have failed login
MaxTrackedClients *int `groups:"create,update" json:"max_tracked_clients,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=36000
// The window of time in which the value for `allowed_tries` is enforced
TimeWindowSeconds *int `groups:"create,update" json:"time_window_seconds,omitempty"`
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Enum="ip"
// The type of rate limiting
Type *string `groups:"create,update" json:"type,omitempty"`
}
IP address rate limiting settings
func (*IpRateLimiting) DeepCopy ¶ added in v0.14.0
func (in *IpRateLimiting) DeepCopy() *IpRateLimiting
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IpRateLimiting.
func (*IpRateLimiting) DeepCopyInto ¶ added in v0.14.0
func (in *IpRateLimiting) DeepCopyInto(out *IpRateLimiting)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Latency ¶ added in v0.26.0
type Latency struct {
// Enable or disable top N query monitoring by the metric
Enabled *bool `groups:"create,update" json:"enabled,omitempty"`
// +kubebuilder:validation:Minimum=1
// Specify the value of N for the top N queries by the metric
TopNSize *int `groups:"create,update" json:"top_n_size,omitempty"`
// +kubebuilder:validation:Pattern=`^(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?)(,(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?))*[,]?$`
// The window size of the top N queries by the metric
WindowSize *string `groups:"create,update" json:"window_size,omitempty"`
}
Top N queries monitoring by latency
func (*Latency) DeepCopy ¶ added in v0.26.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Latency.
func (*Latency) DeepCopyInto ¶ added in v0.26.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Memory ¶ added in v0.26.0
type Memory struct {
// Enable or disable top N query monitoring by the metric
Enabled *bool `groups:"create,update" json:"enabled,omitempty"`
// +kubebuilder:validation:Minimum=1
// Specify the value of N for the top N queries by the metric
TopNSize *int `groups:"create,update" json:"top_n_size,omitempty"`
// +kubebuilder:validation:Pattern=`^(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?)(,(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?))*[,]?$`
// The window size of the top N queries by the metric
WindowSize *string `groups:"create,update" json:"window_size,omitempty"`
}
Top N queries monitoring by memory
func (*Memory) DeepCopy ¶ added in v0.26.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Memory.
func (*Memory) DeepCopyInto ¶ added in v0.26.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Node ¶ added in v0.26.0
type Node struct {
// +kubebuilder:validation:Minimum=0
// Define the percentage of the node-level memory threshold that acts as a soft indicator for strain on a node. Default is 0.7
SoftLimit *float64 `groups:"create,update" json:"soft_limit,omitempty"`
}
func (*Node) DeepCopy ¶ added in v0.26.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Node.
func (*Node) DeepCopyInto ¶ added in v0.26.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeDuress ¶ added in v0.26.0
type NodeDuress struct {
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The CPU usage threshold (as a percentage) required for a node to be considered to be under duress. Default is 0.9
CpuThreshold *float64 `groups:"create,update" json:"cpu_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The heap usage threshold (as a percentage) required for a node to be considered to be under duress. Default is 0.7
HeapThreshold *float64 `groups:"create,update" json:"heap_threshold,omitempty"`
// +kubebuilder:validation:Minimum=1
// The number of successive limit breaches after which the node is considered to be under duress. Default is 3
NumSuccessiveBreaches *int `groups:"create,update" json:"num_successive_breaches,omitempty"`
}
Node duress settings
func (*NodeDuress) DeepCopy ¶ added in v0.26.0
func (in *NodeDuress) DeepCopy() *NodeDuress
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDuress.
func (*NodeDuress) DeepCopyInto ¶ added in v0.26.0
func (in *NodeDuress) DeepCopyInto(out *NodeDuress)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Openid ¶ added in v0.13.0
type Openid struct {
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The ID of the OpenID Connect client configured in your IdP. Required.
ClientId string `groups:"create,update" json:"client_id"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The client secret of the OpenID Connect client configured in your IdP. Required.
ClientSecret string `groups:"create,update" json:"client_secret"`
// +kubebuilder:validation:MaxLength=2048
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The URL of your IdP where the Security plugin can find the OpenID Connect metadata/configuration settings.
ConnectUrl string `groups:"create,update" json:"connect_url"`
// Enables or disables OpenID Connect authentication for OpenSearch. When enabled, users can authenticate using OpenID Connect with an Identity Provider.
Enabled bool `groups:"create,update" json:"enabled"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// HTTP header name of the JWT token. Optional. Default is Authorization.
Header *string `groups:"create,update" json:"header,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The HTTP header that stores the token. Typically the Authorization header with the Bearer schema: Authorization: Bearer <token>. Optional. Default is Authorization.
JwtHeader *string `groups:"create,update" json:"jwt_header,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// If the token is not transmitted in the HTTP header, but as an URL parameter, define the name of the parameter here. Optional.
JwtUrlParameter *string `groups:"create,update" json:"jwt_url_parameter,omitempty"`
// +kubebuilder:validation:Minimum=10
// The maximum number of unknown key IDs in the time frame. Default is 10. Optional.
RefreshRateLimitCount *int `groups:"create,update" json:"refresh_rate_limit_count,omitempty"`
// +kubebuilder:validation:Minimum=10000
// The time frame to use when checking the maximum number of unknown key IDs, in milliseconds. Optional.Default is 10000 (10 seconds).
RefreshRateLimitTimeWindowMs *int `groups:"create,update" json:"refresh_rate_limit_time_window_ms,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The key in the JSON payload that stores the user’s roles. The value of this key must be a comma-separated list of roles. Required only if you want to use roles in the JWT
RolesKey *string `groups:"create,update" json:"roles_key,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The scope of the identity token issued by the IdP. Optional. Default is openid profile email address phone.
Scope *string `groups:"create,update" json:"scope,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The key in the JSON payload that stores the user’s name. If not defined, the subject registered claim is used. Most IdP providers use the preferred_username claim. Optional.
SubjectKey *string `groups:"create,update" json:"subject_key,omitempty"`
}
OpenSearch OpenID Connect Configuration
func (*Openid) DeepCopy ¶ added in v0.13.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Openid.
func (*Openid) DeepCopyInto ¶ added in v0.13.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Opensearch ¶
type Opensearch struct {
// Explicitly allow or block automatic creation of indices. Defaults to true
ActionAutoCreateIndexEnabled *bool `groups:"create,update" json:"action_auto_create_index_enabled,omitempty"`
// Require explicit index names when deleting
ActionDestructiveRequiresName *bool `groups:"create,update" json:"action_destructive_requires_name,omitempty"`
// Opensearch Security Plugin Settings
AuthFailureListeners *AuthFailureListeners `groups:"create,update" json:"auth_failure_listeners,omitempty"`
// +kubebuilder:validation:Minimum=100
// +kubebuilder:validation:Maximum=10000
// Controls the number of shards allowed in the cluster per data node
ClusterMaxShardsPerNode *int `groups:"create,update" json:"cluster_max_shards_per_node,omitempty"`
// +kubebuilder:validation:Minimum=2
// +kubebuilder:validation:Maximum=16
// How many concurrent incoming/outgoing shard recoveries (normally replicas) are allowed to happen on a node. Defaults to node cpu count * 2.
ClusterRoutingAllocationNodeConcurrentRecoveries *int `groups:"create,update" json:"cluster_routing_allocation_node_concurrent_recoveries,omitempty"`
// +kubebuilder:validation:MaxLength=40
// +kubebuilder:validation:Pattern=`^[a-zA-Z0-9-_]+$`
// Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore
EmailSenderName *string `groups:"create,update" json:"email_sender_name,omitempty"`
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\x00-\x1F]+$`
// Sender password for Opensearch alerts to authenticate with SMTP server
EmailSenderPassword *string `groups:"create,update" json:"email_sender_password,omitempty"`
// +kubebuilder:validation:MaxLength=320
// +kubebuilder:validation:Pattern=`^[^\x00-\x1F]+$`
// Sender username for Opensearch alerts
EmailSenderUsername *string `groups:"create,update" json:"email_sender_username,omitempty"`
// Enable/Disable security audit
EnableSecurityAudit *bool `groups:"create,update" json:"enable_security_audit,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// Maximum content length for HTTP requests to the OpenSearch HTTP API, in bytes.
HttpMaxContentLength *int `groups:"create,update" json:"http_max_content_length,omitempty"`
// +kubebuilder:validation:Minimum=1024
// +kubebuilder:validation:Maximum=262144
// The max size of allowed headers, in bytes
HttpMaxHeaderSize *int `groups:"create,update" json:"http_max_header_size,omitempty"`
// +kubebuilder:validation:Minimum=1024
// +kubebuilder:validation:Maximum=65536
// The max length of an HTTP URL, in bytes
HttpMaxInitialLineLength *int `groups:"create,update" json:"http_max_initial_line_length,omitempty"`
// +kubebuilder:validation:Minimum=3
// +kubebuilder:validation:Maximum=100
// Relative amount. Maximum amount of heap memory used for field data cache. This is an expert setting; decreasing the value too much will increase overhead of loading field data; too much memory used for field data cache will decrease amount of heap available for other operations.
IndicesFielddataCacheSize *int `groups:"create,update" json:"indices_fielddata_cache_size,omitempty"`
// +kubebuilder:validation:Minimum=3
// +kubebuilder:validation:Maximum=40
// Percentage value. Default is 10%. Total amount of heap used for indexing buffer, before writing segments to disk. This is an expert setting. Too low value will slow down indexing; too high value will increase indexing performance but causes performance issues for query performance.
IndicesMemoryIndexBufferSize *int `groups:"create,update" json:"indices_memory_index_buffer_size,omitempty"`
// +kubebuilder:validation:Minimum=3
// +kubebuilder:validation:Maximum=2048
// Absolute value. Default is unbound. Doesn't work without indices.memory.index_buffer_size. Maximum amount of heap used for query cache, an absolute indices.memory.index_buffer_size maximum hard limit.
IndicesMemoryMaxIndexBufferSize *int `groups:"create,update" json:"indices_memory_max_index_buffer_size,omitempty"`
// +kubebuilder:validation:Minimum=3
// +kubebuilder:validation:Maximum=2048
// Absolute value. Default is 48mb. Doesn't work without indices.memory.index_buffer_size. Minimum amount of heap used for query cache, an absolute indices.memory.index_buffer_size minimal hard limit.
IndicesMemoryMinIndexBufferSize *int `groups:"create,update" json:"indices_memory_min_index_buffer_size,omitempty"`
// +kubebuilder:validation:Minimum=3
// +kubebuilder:validation:Maximum=40
// Percentage value. Default is 10%. Maximum amount of heap used for query cache. This is an expert setting. Too low value will decrease query performance and increase performance for other operations; too high value will cause issues with other OpenSearch functionality.
IndicesQueriesCacheSize *int `groups:"create,update" json:"indices_queries_cache_size,omitempty"`
// +kubebuilder:validation:Minimum=64
// +kubebuilder:validation:Maximum=4096
// Maximum number of clauses Lucene BooleanQuery can have. The default value (1024) is relatively high, and increasing it may cause performance issues. Investigate other approaches first before increasing this value.
IndicesQueryBoolMaxClauseCount *int `groups:"create,update" json:"indices_query_bool_max_clause_count,omitempty"`
// +kubebuilder:validation:Minimum=40
// +kubebuilder:validation:Maximum=400
// Limits total inbound and outbound recovery traffic for each node. Applies to both peer recoveries as well as snapshot recoveries (i.e., restores from a snapshot). Defaults to 40mb
IndicesRecoveryMaxBytesPerSec *int `groups:"create,update" json:"indices_recovery_max_bytes_per_sec,omitempty"`
// +kubebuilder:validation:Minimum=2
// +kubebuilder:validation:Maximum=5
// Number of file chunks sent in parallel for each recovery. Defaults to 2.
IndicesRecoveryMaxConcurrentFileChunks *int `groups:"create,update" json:"indices_recovery_max_concurrent_file_chunks,omitempty"`
// Specifies whether ISM is enabled or not
IsmEnabled *bool `groups:"create,update" json:"ism_enabled,omitempty"`
// Specifies whether audit history is enabled or not. The logs from ISM are automatically indexed to a logs document.
IsmHistoryEnabled *bool `groups:"create,update" json:"ism_history_enabled,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// The maximum age before rolling over the audit history index in hours
IsmHistoryMaxAge *int `groups:"create,update" json:"ism_history_max_age,omitempty"`
// +kubebuilder:validation:Minimum=1
// The maximum number of documents before rolling over the audit history index.
IsmHistoryMaxDocs *int `groups:"create,update" json:"ism_history_max_docs,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// The time between rollover checks for the audit history index in hours.
IsmHistoryRolloverCheckPeriod *int `groups:"create,update" json:"ism_history_rollover_check_period,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=2147483647
// How long audit history indices are kept in days.
IsmHistoryRolloverRetentionPeriod *int `groups:"create,update" json:"ism_history_rollover_retention_period,omitempty"`
// Enable or disable KNN memory circuit breaker. Defaults to true.
KnnMemoryCircuitBreakerEnabled *bool `groups:"create,update" json:"knn_memory_circuit_breaker_enabled,omitempty"`
// +kubebuilder:validation:Minimum=3
// +kubebuilder:validation:Maximum=100
// Maximum amount of memory that can be used for KNN index. Defaults to 50% of the JVM heap size.
KnnMemoryCircuitBreakerLimit *int `groups:"create,update" json:"knn_memory_circuit_breaker_limit,omitempty"`
// Compatibility mode sets OpenSearch to report its version as 7.10 so clients continue to work. Default is false
OverrideMainResponseVersion *bool `groups:"create,update" json:"override_main_response_version,omitempty"`
// Enable or disable filtering of alerting by backend roles. Requires Security plugin. Defaults to false
PluginsAlertingFilterByBackendRoles *bool `groups:"create,update" json:"plugins_alerting_filter_by_backend_roles,omitempty"`
// +kubebuilder:validation:MaxItems=32
// Whitelisted addresses for reindexing. Changing this value will cause all OpenSearch instances to restart.
ReindexRemoteWhitelist []string `groups:"create,update" json:"reindex_remote_whitelist,omitempty"`
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Script compilation circuit breaker limits the number of inline script compilations within a period of time. Default is use-context
ScriptMaxCompilationsRate *string `groups:"create,update" json:"script_max_compilations_rate,omitempty"`
SearchInsightsTopQueries *SearchInsightsTopQueries `groups:"create,update" json:"search.insights.top_queries,omitempty"`
// Search Backpressure Settings
SearchBackpressure *SearchBackpressure `groups:"create,update" json:"search_backpressure,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=1000000
// Maximum number of aggregation buckets allowed in a single response. OpenSearch default value is used when this is not defined.
SearchMaxBuckets *int `groups:"create,update" json:"search_max_buckets,omitempty"`
// Shard indexing back pressure settings
ShardIndexingPressure *ShardIndexingPressure `groups:"create,update" json:"shard_indexing_pressure,omitempty"`
// +kubebuilder:validation:Minimum=10
// +kubebuilder:validation:Maximum=2000
// Size for the thread pool queue. See documentation for exact details.
ThreadPoolAnalyzeQueueSize *int `groups:"create,update" json:"thread_pool_analyze_queue_size,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=128
// Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value.
ThreadPoolAnalyzeSize *int `groups:"create,update" json:"thread_pool_analyze_size,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=128
// Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value.
ThreadPoolForceMergeSize *int `groups:"create,update" json:"thread_pool_force_merge_size,omitempty"`
// +kubebuilder:validation:Minimum=10
// +kubebuilder:validation:Maximum=2000
// Size for the thread pool queue. See documentation for exact details.
ThreadPoolGetQueueSize *int `groups:"create,update" json:"thread_pool_get_queue_size,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=128
// Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value.
ThreadPoolGetSize *int `groups:"create,update" json:"thread_pool_get_size,omitempty"`
// +kubebuilder:validation:Minimum=10
// +kubebuilder:validation:Maximum=2000
// Size for the thread pool queue. See documentation for exact details.
ThreadPoolSearchQueueSize *int `groups:"create,update" json:"thread_pool_search_queue_size,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=128
// Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value.
ThreadPoolSearchSize *int `groups:"create,update" json:"thread_pool_search_size,omitempty"`
// +kubebuilder:validation:Minimum=10
// +kubebuilder:validation:Maximum=2000
// Size for the thread pool queue. See documentation for exact details.
ThreadPoolSearchThrottledQueueSize *int `groups:"create,update" json:"thread_pool_search_throttled_queue_size,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=128
// Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value.
ThreadPoolSearchThrottledSize *int `groups:"create,update" json:"thread_pool_search_throttled_size,omitempty"`
// +kubebuilder:validation:Minimum=10
// +kubebuilder:validation:Maximum=2000
// Size for the thread pool queue. See documentation for exact details.
ThreadPoolWriteQueueSize *int `groups:"create,update" json:"thread_pool_write_queue_size,omitempty"`
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=128
// Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value.
ThreadPoolWriteSize *int `groups:"create,update" json:"thread_pool_write_size,omitempty"`
}
OpenSearch settings
func (*Opensearch) DeepCopy ¶
func (in *Opensearch) DeepCopy() *Opensearch
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Opensearch.
func (*Opensearch) DeepCopyInto ¶
func (in *Opensearch) DeepCopyInto(out *Opensearch)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OpensearchDashboards ¶
type OpensearchDashboards struct {
// Enable or disable OpenSearch Dashboards
Enabled *bool `groups:"create,update" json:"enabled,omitempty"`
// +kubebuilder:validation:Minimum=64
// +kubebuilder:validation:Maximum=2048
// Limits the maximum amount of memory (in MiB) the OpenSearch Dashboards process can use. This sets the max_old_space_size option of the nodejs running the OpenSearch Dashboards. Note: the memory reserved by OpenSearch Dashboards is not available for OpenSearch.
MaxOldSpaceSize *int `groups:"create,update" json:"max_old_space_size,omitempty"`
// +kubebuilder:validation:Minimum=5000
// +kubebuilder:validation:Maximum=120000
// Timeout in milliseconds for requests made by OpenSearch Dashboards towards OpenSearch
OpensearchRequestTimeout *int `groups:"create,update" json:"opensearch_request_timeout,omitempty"`
}
OpenSearch Dashboards settings
func (*OpensearchDashboards) DeepCopy ¶
func (in *OpensearchDashboards) DeepCopy() *OpensearchDashboards
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpensearchDashboards.
func (*OpensearchDashboards) DeepCopyInto ¶
func (in *OpensearchDashboards) DeepCopyInto(out *OpensearchDashboards)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OpensearchUserConfig ¶
type OpensearchUserConfig struct {
// +kubebuilder:validation:MaxItems=1
// Additional Cloud Regions for Backup Replication
AdditionalBackupRegions []string `groups:"create,update" json:"additional_backup_regions,omitempty"`
// Azure migration settings
AzureMigration *AzureMigration `groups:"create,update" json:"azure_migration,omitempty"`
// +kubebuilder:validation:MaxLength=255
// Serve the web frontend using a custom CNAME pointing to the Aiven DNS name
CustomDomain *string `groups:"create,update" json:"custom_domain,omitempty"`
// Disable automatic replication factor adjustment for multi-node services. By default, Aiven ensures all indexes are replicated at least to two nodes. Note: Due to potential data loss in case of losing a service node, this setting can not be activated unless specifically allowed for the project.
DisableReplicationFactorAdjustment *bool `groups:"create,update" json:"disable_replication_factor_adjustment,omitempty"`
// Google Cloud Storage migration settings
GcsMigration *GcsMigration `groups:"create,update" json:"gcs_migration,omitempty"`
// +kubebuilder:validation:MaxItems=512
// Index patterns
IndexPatterns []*IndexPatterns `groups:"create,update" json:"index_patterns,omitempty"`
// Index rollup settings
IndexRollup *IndexRollup `groups:"create,update" json:"index_rollup,omitempty"`
// Template settings for all new indexes
IndexTemplate *IndexTemplate `groups:"create,update" json:"index_template,omitempty"`
// +kubebuilder:validation:MaxItems=1024
// Allow incoming connections from CIDR address block, e.g. '10.20.0.0/16'
IpFilter []*IpFilter `groups:"create,update" json:"ip_filter,omitempty"`
// Aiven automation resets index.refresh_interval to default value for every index to be sure that indices are always visible to search. If it doesn't fit your case, you can disable this by setting up this flag to true.
KeepIndexRefreshInterval *bool `groups:"create,update" json:"keep_index_refresh_interval,omitempty"`
// +kubebuilder:validation:Minimum=0
// DEPRECATED: use index_patterns instead
MaxIndexCount *int `groups:"create,update" json:"max_index_count,omitempty"`
// OpenSearch OpenID Connect Configuration
Openid *Openid `groups:"create,update" json:"openid,omitempty"`
// OpenSearch settings
Opensearch *Opensearch `groups:"create,update" json:"opensearch,omitempty"`
// OpenSearch Dashboards settings
OpensearchDashboards *OpensearchDashboards `groups:"create,update" json:"opensearch_dashboards,omitempty"`
// +kubebuilder:validation:Enum="1";"2"
// OpenSearch major version
OpensearchVersion *string `groups:"create,update" json:"opensearch_version,omitempty"`
// Allow access to selected service ports from private networks
PrivateAccess *PrivateAccess `groups:"create,update" json:"private_access,omitempty"`
// Allow access to selected service components through Privatelink
PrivatelinkAccess *PrivatelinkAccess `groups:"create,update" json:"privatelink_access,omitempty"`
// +kubebuilder:validation:MaxLength=63
// +kubebuilder:validation:Pattern=`^[a-z][-a-z0-9]{0,63}$|^$`
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
// Name of another project to fork a service from. This has effect only when a new service is being created.
ProjectToForkFrom *string `groups:"create" json:"project_to_fork_from,omitempty"`
// Allow access to selected service ports from the public Internet
PublicAccess *PublicAccess `groups:"create,update" json:"public_access,omitempty"`
// +kubebuilder:validation:MaxLength=128
// +kubebuilder:validation:Pattern=`^[a-zA-Z0-9-_:.]+$`
// Name of the basebackup to restore in forked service
RecoveryBasebackupName *string `groups:"create,update" json:"recovery_basebackup_name,omitempty"`
// AWS S3 / AWS S3 compatible migration settings
S3Migration *S3Migration `groups:"create,update" json:"s3_migration,omitempty"`
// OpenSearch SAML configuration
Saml *Saml `groups:"create,update" json:"saml,omitempty"`
// Store logs for the service so that they are available in the HTTP API and console.
ServiceLog *bool `groups:"create,update" json:"service_log,omitempty"`
// +kubebuilder:validation:MaxLength=64
// +kubebuilder:validation:Pattern=`^[a-z][-a-z0-9]{0,63}$|^$`
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
// Name of another service to fork from. This has effect only when a new service is being created.
ServiceToForkFrom *string `groups:"create" json:"service_to_fork_from,omitempty"`
// Use static public IP addresses
StaticIps *bool `groups:"create,update" json:"static_ips,omitempty"`
}
func (*OpensearchUserConfig) DeepCopy ¶
func (in *OpensearchUserConfig) DeepCopy() *OpensearchUserConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpensearchUserConfig.
func (*OpensearchUserConfig) DeepCopyInto ¶
func (in *OpensearchUserConfig) DeepCopyInto(out *OpensearchUserConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OperatingFactor ¶ added in v0.26.0
type OperatingFactor struct {
// +kubebuilder:validation:Minimum=0
// Specify the lower occupancy limit of the allocated quota of memory for the shard. If the total memory usage of a shard is below this limit, shard indexing backpressure decreases the current allocated memory for that shard. Default is 0.75
Lower *float64 `groups:"create,update" json:"lower,omitempty"`
// +kubebuilder:validation:Minimum=0
// Specify the optimal occupancy of the allocated quota of memory for the shard. If the total memory usage of a shard is at this level, shard indexing backpressure doesn’t change the current allocated memory for that shard. Default is 0.85
Optimal *float64 `groups:"create,update" json:"optimal,omitempty"`
// +kubebuilder:validation:Minimum=0
// Specify the upper occupancy limit of the allocated quota of memory for the shard. If the total memory usage of a shard is above this limit, shard indexing backpressure increases the current allocated memory for that shard. Default is 0.95
Upper *float64 `groups:"create,update" json:"upper,omitempty"`
}
Operating factor
func (*OperatingFactor) DeepCopy ¶ added in v0.26.0
func (in *OperatingFactor) DeepCopy() *OperatingFactor
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatingFactor.
func (*OperatingFactor) DeepCopyInto ¶ added in v0.26.0
func (in *OperatingFactor) DeepCopyInto(out *OperatingFactor)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PrimaryParameter ¶ added in v0.26.0
type PrimaryParameter struct {
Node *Node `groups:"create,update" json:"node,omitempty"`
Shard *Shard `groups:"create,update" json:"shard,omitempty"`
}
Primary parameter
func (*PrimaryParameter) DeepCopy ¶ added in v0.26.0
func (in *PrimaryParameter) DeepCopy() *PrimaryParameter
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrimaryParameter.
func (*PrimaryParameter) DeepCopyInto ¶ added in v0.26.0
func (in *PrimaryParameter) DeepCopyInto(out *PrimaryParameter)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PrivateAccess ¶
type PrivateAccess struct {
// Allow clients to connect to opensearch with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations
Opensearch *bool `groups:"create,update" json:"opensearch,omitempty"`
// Allow clients to connect to opensearch_dashboards with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations
OpensearchDashboards *bool `groups:"create,update" json:"opensearch_dashboards,omitempty"`
// Allow clients to connect to prometheus with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations
Prometheus *bool `groups:"create,update" json:"prometheus,omitempty"`
}
Allow access to selected service ports from private networks
func (*PrivateAccess) DeepCopy ¶
func (in *PrivateAccess) DeepCopy() *PrivateAccess
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrivateAccess.
func (*PrivateAccess) DeepCopyInto ¶
func (in *PrivateAccess) DeepCopyInto(out *PrivateAccess)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PrivatelinkAccess ¶
type PrivatelinkAccess struct {
// Enable opensearch
Opensearch *bool `groups:"create,update" json:"opensearch,omitempty"`
// Enable opensearch_dashboards
OpensearchDashboards *bool `groups:"create,update" json:"opensearch_dashboards,omitempty"`
// Enable prometheus
Prometheus *bool `groups:"create,update" json:"prometheus,omitempty"`
}
Allow access to selected service components through Privatelink
func (*PrivatelinkAccess) DeepCopy ¶
func (in *PrivatelinkAccess) DeepCopy() *PrivatelinkAccess
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrivatelinkAccess.
func (*PrivatelinkAccess) DeepCopyInto ¶
func (in *PrivatelinkAccess) DeepCopyInto(out *PrivatelinkAccess)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PublicAccess ¶
type PublicAccess struct {
// Allow clients to connect to opensearch from the public internet for service nodes that are in a project VPC or another type of private network
Opensearch *bool `groups:"create,update" json:"opensearch,omitempty"`
// Allow clients to connect to opensearch_dashboards from the public internet for service nodes that are in a project VPC or another type of private network
OpensearchDashboards *bool `groups:"create,update" json:"opensearch_dashboards,omitempty"`
// Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network
Prometheus *bool `groups:"create,update" json:"prometheus,omitempty"`
}
Allow access to selected service ports from the public Internet
func (*PublicAccess) DeepCopy ¶
func (in *PublicAccess) DeepCopy() *PublicAccess
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PublicAccess.
func (*PublicAccess) DeepCopyInto ¶
func (in *PublicAccess) DeepCopyInto(out *PublicAccess)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type S3Migration ¶ added in v0.25.0
type S3Migration struct {
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// AWS Access key
AccessKey string `groups:"create,update" json:"access_key"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The path to the repository data within its container. The value of this setting should not start or end with a /
BasePath string `groups:"create,update" json:"base_path"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// S3 bucket name
Bucket string `groups:"create,update" json:"bucket"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Big files can be broken down into chunks during snapshotting if needed. Should be the same as for the 3rd party repository
ChunkSize *string `groups:"create,update" json:"chunk_size,omitempty"`
// when set to true metadata files are stored in compressed format
Compress *bool `groups:"create,update" json:"compress,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The S3 service endpoint to connect to. If you are using an S3-compatible service then you should set this to the service’s endpoint
Endpoint *string `groups:"create,update" json:"endpoint,omitempty"`
// Whether to restore aliases alongside their associated indexes. Default is true.
IncludeAliases *bool `groups:"create,update" json:"include_aliases,omitempty"`
// +kubebuilder:validation:Pattern=`^(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?)(,(\*?[a-z0-9._-]*\*?|-\*?[a-z0-9._-]*\*?))*[,]?$`
// A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported.
Indices string `groups:"create,update" json:"indices"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// S3 region
Region string `groups:"create,update" json:"region"`
// If true, restore the cluster state. Defaults to false
RestoreGlobalState *bool `groups:"create,update" json:"restore_global_state,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// AWS secret key
SecretKey string `groups:"create,update" json:"secret_key"`
// When set to true files are encrypted on server side
ServerSideEncryption *bool `groups:"create,update" json:"server_side_encryption,omitempty"`
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The snapshot name to restore from
SnapshotName string `groups:"create,update" json:"snapshot_name"`
}
AWS S3 / AWS S3 compatible migration settings
func (*S3Migration) DeepCopy ¶ added in v0.25.0
func (in *S3Migration) DeepCopy() *S3Migration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new S3Migration.
func (*S3Migration) DeepCopyInto ¶ added in v0.25.0
func (in *S3Migration) DeepCopyInto(out *S3Migration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Saml ¶ added in v0.10.0
type Saml struct {
// Enables or disables SAML-based authentication for OpenSearch. When enabled, users can authenticate using SAML with an Identity Provider.
Enabled bool `groups:"create,update" json:"enabled"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The unique identifier for the Identity Provider (IdP) entity that is used for SAML authentication. This value is typically provided by the IdP.
IdpEntityId string `groups:"create,update" json:"idp_entity_id"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=2048
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The URL of the SAML metadata for the Identity Provider (IdP). This is used to configure SAML-based authentication with the IdP.
IdpMetadataUrl string `groups:"create,update" json:"idp_metadata_url"`
// +kubebuilder:validation:MaxLength=16384
// This parameter specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification. The root CA content is used to verify the SSL/TLS certificate presented by the server.
IdpPemtrustedcasContent *string `groups:"create,update" json:"idp_pemtrustedcas_content,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Optional. Specifies the attribute in the SAML response where role information is stored, if available. Role attributes are not required for SAML authentication, but can be included in SAML assertions by most Identity Providers (IdPs) to determine user access levels or permissions.
RolesKey *string `groups:"create,update" json:"roles_key,omitempty"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=1024
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// The unique identifier for the Service Provider (SP) entity that is used for SAML authentication. This value is typically provided by the SP.
SpEntityId string `groups:"create,update" json:"sp_entity_id"`
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +kubebuilder:validation:Pattern=`^[^\r\n]*$`
// Optional. Specifies the attribute in the SAML response where the subject identifier is stored. If not configured, the NameID attribute is used by default.
SubjectKey *string `groups:"create,update" json:"subject_key,omitempty"`
}
OpenSearch SAML configuration
func (*Saml) DeepCopy ¶ added in v0.10.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Saml.
func (*Saml) DeepCopyInto ¶ added in v0.10.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SearchBackpressure ¶ added in v0.26.0
type SearchBackpressure struct {
// +kubebuilder:validation:Enum="disabled";"enforced";"monitor_only"
// The search backpressure mode. Valid values are monitor_only, enforced, or disabled. Default is monitor_only
Mode *string `groups:"create,update" json:"mode,omitempty"`
// Node duress settings
NodeDuress *NodeDuress `groups:"create,update" json:"node_duress,omitempty"`
// Search shard settings
SearchShardTask *SearchShardTask `groups:"create,update" json:"search_shard_task,omitempty"`
// Search task settings
SearchTask *SearchTask `groups:"create,update" json:"search_task,omitempty"`
}
Search Backpressure Settings
func (*SearchBackpressure) DeepCopy ¶ added in v0.26.0
func (in *SearchBackpressure) DeepCopy() *SearchBackpressure
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SearchBackpressure.
func (*SearchBackpressure) DeepCopyInto ¶ added in v0.26.0
func (in *SearchBackpressure) DeepCopyInto(out *SearchBackpressure)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SearchInsightsTopQueries ¶ added in v0.26.0
type SearchInsightsTopQueries struct {
// Top N queries monitoring by CPU
Cpu *Cpu `groups:"create,update" json:"cpu,omitempty"`
// Top N queries monitoring by latency
Latency *Latency `groups:"create,update" json:"latency,omitempty"`
// Top N queries monitoring by memory
Memory *Memory `groups:"create,update" json:"memory,omitempty"`
}
func (*SearchInsightsTopQueries) DeepCopy ¶ added in v0.26.0
func (in *SearchInsightsTopQueries) DeepCopy() *SearchInsightsTopQueries
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SearchInsightsTopQueries.
func (*SearchInsightsTopQueries) DeepCopyInto ¶ added in v0.26.0
func (in *SearchInsightsTopQueries) DeepCopyInto(out *SearchInsightsTopQueries)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SearchShardTask ¶ added in v0.26.0
type SearchShardTask struct {
// +kubebuilder:validation:Minimum=1
// The maximum number of search tasks to cancel in a single iteration of the observer thread. Default is 10.0
CancellationBurst *float64 `groups:"create,update" json:"cancellation_burst,omitempty"`
// +kubebuilder:validation:Minimum=0
// The maximum number of tasks to cancel per millisecond of elapsed time. Default is 0.003
CancellationRate *float64 `groups:"create,update" json:"cancellation_rate,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The maximum number of tasks to cancel, as a percentage of successful task completions. Default is 0.1
CancellationRatio *float64 `groups:"create,update" json:"cancellation_ratio,omitempty"`
// +kubebuilder:validation:Minimum=0
// The CPU usage threshold (in milliseconds) required for a single search shard task before it is considered for cancellation. Default is 15000
CpuTimeMillisThreshold *int `groups:"create,update" json:"cpu_time_millis_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// The elapsed time threshold (in milliseconds) required for a single search shard task before it is considered for cancellation. Default is 30000
ElapsedTimeMillisThreshold *int `groups:"create,update" json:"elapsed_time_millis_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// The number of previously completed search shard tasks to consider when calculating the rolling average of heap usage. Default is 100
HeapMovingAverageWindowSize *int `groups:"create,update" json:"heap_moving_average_window_size,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The heap usage threshold (as a percentage) required for a single search shard task before it is considered for cancellation. Default is 0.5
HeapPercentThreshold *float64 `groups:"create,update" json:"heap_percent_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// The minimum variance required for a single search shard task’s heap usage compared to the rolling average of previously completed tasks before it is considered for cancellation. Default is 2.0
HeapVariance *float64 `groups:"create,update" json:"heap_variance,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The heap usage threshold (as a percentage) required for the sum of heap usages of all search shard tasks before cancellation is applied. Default is 0.5
TotalHeapPercentThreshold *float64 `groups:"create,update" json:"total_heap_percent_threshold,omitempty"`
}
Search shard settings
func (*SearchShardTask) DeepCopy ¶ added in v0.26.0
func (in *SearchShardTask) DeepCopy() *SearchShardTask
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SearchShardTask.
func (*SearchShardTask) DeepCopyInto ¶ added in v0.26.0
func (in *SearchShardTask) DeepCopyInto(out *SearchShardTask)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SearchTask ¶ added in v0.26.0
type SearchTask struct {
// +kubebuilder:validation:Minimum=1
// The maximum number of search tasks to cancel in a single iteration of the observer thread. Default is 5.0
CancellationBurst *float64 `groups:"create,update" json:"cancellation_burst,omitempty"`
// +kubebuilder:validation:Minimum=0
// The maximum number of search tasks to cancel per millisecond of elapsed time. Default is 0.003
CancellationRate *float64 `groups:"create,update" json:"cancellation_rate,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The maximum number of search tasks to cancel, as a percentage of successful search task completions. Default is 0.1
CancellationRatio *float64 `groups:"create,update" json:"cancellation_ratio,omitempty"`
// +kubebuilder:validation:Minimum=0
// The CPU usage threshold (in milliseconds) required for an individual parent task before it is considered for cancellation. Default is 30000
CpuTimeMillisThreshold *int `groups:"create,update" json:"cpu_time_millis_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// The elapsed time threshold (in milliseconds) required for an individual parent task before it is considered for cancellation. Default is 45000
ElapsedTimeMillisThreshold *int `groups:"create,update" json:"elapsed_time_millis_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// The window size used to calculate the rolling average of the heap usage for the completed parent tasks. Default is 10
HeapMovingAverageWindowSize *int `groups:"create,update" json:"heap_moving_average_window_size,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The heap usage threshold (as a percentage) required for an individual parent task before it is considered for cancellation. Default is 0.2
HeapPercentThreshold *float64 `groups:"create,update" json:"heap_percent_threshold,omitempty"`
// +kubebuilder:validation:Minimum=0
// The heap usage variance required for an individual parent task before it is considered for cancellation. A task is considered for cancellation when taskHeapUsage is greater than or equal to heapUsageMovingAverage * variance. Default is 2.0
HeapVariance *float64 `groups:"create,update" json:"heap_variance,omitempty"`
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=1
// The heap usage threshold (as a percentage) required for the sum of heap usages of all search tasks before cancellation is applied. Default is 0.5
TotalHeapPercentThreshold *float64 `groups:"create,update" json:"total_heap_percent_threshold,omitempty"`
}
Search task settings
func (*SearchTask) DeepCopy ¶ added in v0.26.0
func (in *SearchTask) DeepCopy() *SearchTask
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SearchTask.
func (*SearchTask) DeepCopyInto ¶ added in v0.26.0
func (in *SearchTask) DeepCopyInto(out *SearchTask)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Shard ¶ added in v0.26.0
type Shard struct {
// +kubebuilder:validation:Minimum=0
// Specify the minimum assigned quota for a new shard in any role (coordinator, primary, or replica). Shard indexing backpressure increases or decreases this allocated quota based on the inflow of traffic for the shard. Default is 0.001
MinLimit *float64 `groups:"create,update" json:"min_limit,omitempty"`
}
func (*Shard) DeepCopy ¶ added in v0.26.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Shard.
func (*Shard) DeepCopyInto ¶ added in v0.26.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ShardIndexingPressure ¶ added in v0.26.0
type ShardIndexingPressure struct {
// Enable or disable shard indexing backpressure. Default is false
Enabled *bool `groups:"create,update" json:"enabled,omitempty"`
// Run shard indexing backpressure in shadow mode or enforced mode. In shadow mode (value set as false), shard indexing backpressure tracks all granular-level metrics, but it doesn’t actually reject any indexing requests. In enforced mode (value set as true), shard indexing backpressure rejects any requests to the cluster that might cause a dip in its performance. Default is false
Enforced *bool `groups:"create,update" json:"enforced,omitempty"`
// Operating factor
OperatingFactor *OperatingFactor `groups:"create,update" json:"operating_factor,omitempty"`
// Primary parameter
PrimaryParameter *PrimaryParameter `groups:"create,update" json:"primary_parameter,omitempty"`
}
Shard indexing back pressure settings
func (*ShardIndexingPressure) DeepCopy ¶ added in v0.26.0
func (in *ShardIndexingPressure) DeepCopy() *ShardIndexingPressure
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardIndexingPressure.
func (*ShardIndexingPressure) DeepCopyInto ¶ added in v0.26.0
func (in *ShardIndexingPressure) DeepCopyInto(out *ShardIndexingPressure)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
Click to show internal directories.
Click to hide internal directories.