Configuration Settings for an Aerospike Cluster on Kubernetes
Aerospike cluster configuration settings are in the Aerospike cluster Custom Resource (CR) file.
The Aerospike Kubernetes Operator (AKO) reads this file to make changes to the cluster based on any changes in the file.
The CR file is not required to be in any specific location on the server where you run Kubernetes since the command to update AKO with a new version of the file passes the entire file path to AKO.
In the examples given in this documentation, the CR file (and all configuration files) are assumed to be in the same directory where you run kubectl
commands.
The Operator Custom Resource Definition (CRD) specifies the CR structure that the Operator uses to manage the cluster.
CR examplesโ
These and other example CRs are stored in the main Aerospike Kubernetes Operator repository.
Example 1: Basic CRโ
This example creates a simple cluster with no storage, using data-in-memory (DIM).
Example 1
apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
name: aerocluster
namespace: aerospike
spec:
size: 2
image: aerospike/aerospike-server-enterprise:7.1.0.0
podSpec:
multiPodPerHost: true
storage:
filesystemVolumePolicy:
cascadeDelete: true
initMethod: deleteFiles
volumes:
- name: workdir
source:
persistentVolume:
storageClass: ssd
volumeMode: Filesystem
size: 3Gi
aerospike:
path: /opt/aerospike
- name: aerospike-config-secret
source:
secret:
secretName: aerospike-secret
aerospike:
path: /etc/aerospike/secret
aerospikeAccessControl:
users:
- name: admin
secretName: auth-secret
roles:
- sys-admin
- user-admin
aerospikeConfig:
service:
feature-key-file: /etc/aerospike/secret/features.conf
security: {}
network:
service:
port: 3000
fabric:
port: 3001
heartbeat:
port: 3002
namespaces:
- name: test
replication-factor: 2
storage-engine:
type: memory
data-size: 1073741824
Example 2: Rack-enabled CRโ
This more comprehensive sample CR is for a rack-enabled cluster. It has an additional rackConfig
subsection under spec
. See Rack Awareness for more information.
Example 2
apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
name: aerocluster
namespace: aerospike
spec:
size: 2
image: aerospike/aerospike-server-enterprise:7.1.0.0
rackConfig:
namespaces:
- test
racks:
- id: 1
# Change to the zone for your k8s cluster.
zone: us-west1-a
- id: 2
# Change to the zone for your k8s cluster.
zone: us-west1-b
storage:
filesystemVolumePolicy:
cascadeDelete: true
initMethod: deleteFiles
blockVolumePolicy:
cascadeDelete: true
volumes:
- name: workdir
aerospike:
path: /opt/aerospike
source:
persistentVolume:
storageClass: ssd
volumeMode: Filesystem
size: 1Gi
- name: ns
aerospike:
path: /test/dev/xvdf
source:
persistentVolume:
storageClass: ssd
volumeMode: Block
size: 5Gi
- name: aerospike-config-secret
source:
secret:
secretName: aerospike-secret
aerospike:
path: /etc/aerospike/secret
podSpec:
multiPodPerHost: true
aerospikeAccessControl:
users:
- name: admin
secretName: auth-secret
roles:
- sys-admin
- user-admin
aerospikeConfig:
service:
feature-key-file: /etc/aerospike/secret/features.conf
security: {}
network:
service:
port: 3000
heartbeat:
port: 3002
fabric:
port: 3001
namespaces:
- name: test
replication-factor: 2
storage-engine:
type: device
devices:
- /test/dev/xvdf
- name: testMem
replication-factor: 1
storage-engine:
type: memory
data-size: 1073741824
Configurationโ
The initial part of the CR file selects the CRD and the namespace to use for the Aerospike cluster.
apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
name: aerocluster
namespace: aerospike
The rest of this page explains the parameters in the subsequent parts of the CR file.
Specโ
The spec section defines the cluster's configurations.
Field | Required | Type | Default | Description |
---|---|---|---|---|
aerospikeAccessControl Dynamic | No | Structure | Required if Aerospike security is enabled. | |
aerospikeConfig Dynamic Rolling restart | Yes | Structure | A freeform map conforming to the configuration schema for the deployed Aerospike Database version. | |
aerospikeNetworkPolicy Dynamic Rolling restart | No | Structure | Configures IP addresses and port types for access and fabric. | |
disablePDB | No | Boolean | False | Disables the creation of PodDisruptionBudget for the Aerospike cluster. |
enableDynamicConfigUpdate | No | Boolean | False | Enables the dynamic config update flow for AKO. |
image Dynamic Rolling restart | Yes | String | The official Aerospike Enterprise Database docker image to use for the node in the cluster. | |
k8sNodeBlockList | No | List of Strings | List of Kubernetes nodes that are disallowed for scheduling the Aerospike pods. Pods are not scheduled on these nodes and migrated from these nodes if already present. | |
maxUnavailable | No | Integer or String | 1 | Sets the maxUnavailable field for PodDisruptionBudget created by AKO for the Aerospike cluster. For more information see Specifying a Disruption Budget for your Application |
operatorClientCert Dynamic | With TLS | Structure | Configures the TLS certs used by AKO when connecting to the Aerospike cluster. | |
podSpec Dynamic Rolling restart | No | Structure | Configures the Kubernetes pod running Aerospike server. | |
rackConfig Dynamic | No | Structure | Configures AKO to deploy rack aware Aerospike clusters. Pods are deployed in racks based on the provided configuration. | |
rosterNodeBlockList Dynamic | No | List of Strings | Configures a list of nodeIDs which are blocked from roster in a strong consistency setup. | |
seedsFinderServices Dynamic | No | Structure | Creates additional Kubernetes services that allow clients to discover Aerospike cluster nodes. | |
size Dynamic | Yes | Integer | The size/number of Aerospike node pods to run for this cluster. | |
storage Dynamic | No | Structure | Required for persistent namespaces and for Aerospike work directory, unless the validation policy skips validating persistence of the work directory. | |
validationPolicy Dynamic | No | Structure | Configures the custom resource validation. |
Aerospike Access Controlโ
spec
-> aerospikeAccessControl
Provides Aerospike access control configuration for the Aerospike cluster.
Field | Required | Type | Description |
---|---|---|---|
roles Dynamic | No | List of Structures | A list of Role structures with an entry for each role. |
users Dynamic | No | List of Structures | A list of User structures with an entry for each user. Required if Aerospike security is enabled. |
If the Aerospike cluster has security enabled, the CR file must have an entry for the "admin" user having at least "sys-admin" and "user-admin" roles.
Aerospike Roleโ
spec
-> aerospikeAccessControl
-> roles
Configures roles for the Aerospike cluster.
Field | Required | Type | Description |
---|---|---|---|
name | Yes | String | The name of this role. |
privileges Dynamic | Yes | List of Strings | The privileges to grant this role. |
whitelist Dynamic | No | List of Strings | Allowlist of host address allowed for this role. |
readQuota Dynamic | No | Integer | Specifies permitted rate of read records for current role (the value is in RPS). |
writeQuota Dynamic | No | Integer | Specifies permitted rate of writes for current role (the value is in RPS). |
Aerospike Userโ
spec
-> aerospikeAccessControl
-> users
Configures users for the Aerospike cluster.
Field | Required | Type | Description |
---|---|---|---|
name | Yes | String | The name of this user. |
secretName Dynamic | Yes | String | The name of the secret containing this user's password. |
roles Dynamic | Yes | List of Strings | The roles to grant to this user. |
Aerospike Configโ
spec
-> aerospikeConfig
The YAML form of Aerospike server configuration. See Aerospike Configuration for details.
Aerospike Config Secretโ
Configures the name of the secret to use and the mount path to mount the secret files on the container.
Field | Required | Type | Description |
---|---|---|---|
secretName Dynamic | Yes | String | The name of the secret. |
mountPath Dynamic | Yes | String | The path where the secret files will be mounted in the container. |
Aerospike Network Policyโ
spec
-> aerospikeNetworkPolicy
This section describes how to configure IP addresses and port types for access and alternate access, TLS and TLS alternate access, fabric and TLS fabric endpoints on the Aerospike cluster.
Aerospike supports the following types of endpoint configurations:
- pod uses the Kubernetes pod IP address and Aerospike port to connect from other pods in the same Kubernetes cluster.
- hostInternal uses the Kubernetes cluster node's host IP address and a mapped Aerospike port to connect from the Kubernetes cluster's VPC or internal network.
- hostExternal uses the Kubernetes cluster node's host external/public IP address and a mapped Aerospike port to connect from the external network.
- configuredIP uses the IP address configured by the user in the Kubernetes node labels, and a mapped Aerospike port, to connect from the internal/external network. Label "aerospike.com/configured-access-address" in the Kubernetes node is the
accessAddress
, and label "aerospike.com/configured-alternate-access-address" in the Kubernetes node is thealternateAccessAddress
. - customInterface uses the IP address assigned to the custom interfaces attached to the pod and Aerospike port, to connect from the same custom interfaces network. These custom interfaces are given separately as a list of
NetworkAttachmentDefinition
CRs and also, must be defined in the pod annotationk8s.v1.cni.cncf.io/networks
to assign network interfaces to the pod.
Field | Required | Type | Default | Description |
---|---|---|---|---|
access Dynamic Rolling restart | No | Enum [pod, hostInternal, hostExternal, configuredIP, customInterface] | hostInternal | Configures Aerospike access endpoint. |
customAccessNetworkNames Dynamic Rolling restart | No | List of Strings | List of the pod's network interfaces used for Aerospike access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod. Required with 'customInterface' access type. | |
alternateAccess Dynamic Rolling restart | No | Enum [pod, hostInternal, hostExternal, configuredIP, customInterface] | hostExternal | Configures Aerospike alternate access endpoint. |
customAlternateAccessNetworkNames Dynamic Rolling restart | No | List of Strings | List of the pod's network interfaces used for Aerospike alternate access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod. Required with 'customInterface' alternateAccess type. | |
tlsAccess Dynamic Rolling restart | No | Enum [pod, hostInternal, hostExternal, configuredIP, customInterface] | hostInternal | Configures Aerospike TLS access endpoint. |
customTLSAccessNetworkNames Dynamic Rolling restart | No | List of Strings | List of the pod's network interfaces used for Aerospike TLS access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod. Required with 'customInterface' tlsAccess type. | |
tlsAlternateAccess Dynamic Rolling restart | No | Enum [pod, hostInternal, hostExternal, configuredIP, customInterface] | hostExternal | Configures Aerospike TLS alternate endpoint. |
customTLSAlternateAccessNetworkNames Dynamic Rolling restart | No | List of Strings | List of the pod's network interfaces used for Aerospike TLS alternate access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod. Required with 'customInterface' tlsAlternateAccess type. | |
fabric | No | Enum [customInterface] | Configures Aerospike fabric endpoint. | |
customFabricNetworkNames | No | List of Strings | CustomFabricNetworkNames is the list of the pod's network interfaces used for Aerospike fabric address. Each element in the list is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod. Required with 'customInterface' fabric type. | |
tlsFabric | No | Enum [customInterface] | Configures Aerospike TLS fabric endpoint. | |
customTLSFabricNetworkNames | No | List of Strings | List of the pod's network interfaces used for Aerospike TLS fabric address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod. Required with 'customInterface' tlsFabric type. |
Operator Client Certโ
spec
-> operatorClientCert
AKO needs to connect as an Aerospike client to perform management asinfo
calls.
If the Aerospike service is configured to use TLS for clients, you need to specify the certificates the client uses to make these calls.
Field | Required | Type | Description |
---|---|---|---|
certPathInOperator | Yes | Structure | Specifies the path to the AKO certs as files mounted in the AKO container. |
secretCertSource | Yes | Structure | Specifies that the AKO certs are read from a secret. |
tlsClientName | No | String | If specified, AKO adds this name to the tls-authenticate-client list so that the Aerospike servers will always allow it. |
Either certPathInOperator
or secretCertSource
must be specified, but not both.
Cert Path In Operatorโ
spec
-> operatorClientCert
-> certPathInOperator
Specifies that the AKO certificate files are mounted onto the AKO containers.
Field | Required | Type | Description |
---|---|---|---|
caCertsPath | No | String | The path to the file or directory containing the CA certificates. |
clientCertPath | No | String | The path to the file containing the AKO certificate. |
clientKeyPath | No | String | The path to the file containing the AKO secret key. |
Secret Cert Sourceโ
spec
-> operatorClientCert
-> secretCertSource
Specifies that the certificate should be read from a Kubernetes Secret.
Field | Required | Type | Default | Description |
---|---|---|---|---|
caCertsFilename | No | String | The name of the secret key or file containing the CA certificate. | |
caCertsSource | No | Structure | Structure containing CA certificates secret object info. | |
clientCertFilename | No | String | The name of the secret key or file containing the AKO certificate. | |
clientKeyFilename | No | String | The name of the secret key or file containing the AKO secret key. | |
secretName | Yes | String | The name of the secret. | |
secretNamespace | No | String | Kubernetes namespace where Aerospike cluster is deployed | The namespace containing the secret. |
CA Certs Sourceโ
spec
-> operatorClientCert
-> secretCertSource
-> caCertsSource
Field | Required | Type | Default | Description |
---|---|---|---|---|
secretName | Yes | String | The name of the secret. | |
secretNamespace | No | String | Kubernetes namespace where Aerospike cluster is deployed | The namespace containing the secret. |
Pod Specโ
spec
-> podSpec
Configures the Kubernetes pod running Aerospike server. Sidecar containers for monitoring or running connectors can be added to each Aerospike pod.
Field | Required | Type | Default | Description |
---|---|---|---|---|
aerospikeContainer | No | Structure | Configures the aerospike-server container created by AKO. | |
aerospikeInitContainer | No | Structure | Configures the aerospike-init container created by AKO. | |
affinity | No | Kubernetes Pod Affinity | Kubernetes Affinity rules for pod placement. These rules are merged with affinity rules that AKO generates. | |
dnsPolicy | No | Kubernetes DNSPolicy | DnsPolicy to use. If hostNetwork is true and policy is not specified, it defaults to ClusterFirstWithHostNet . | |
metadata | No | Structure | Kubernetes Annotations and Labels to add to pods. | |
multiPodPerHost | No | Boolean | False | Specifies whether to run multiple pods per Kubernetes cluster host. |
hostNetwork | No | Boolean | False | Enables host networking for the pod. To enable hostNetwork, multiPodPerHost must be false . |
imagePullSecrets | No | List of TypedLocalObjectReference | IOptional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. | |
initContainers | No | List of Container structures | List of init containers before running Aerospike and the sidecar containers. | |
nodeSelector | No | Map from string to string | Node selector constraints for the Aerospike pods. | |
securityContext | No | Structure PodSecurityContext | Holds pod-level security attributes and common container settings. | |
sidecars | No | List of Container structures | List of side containers to run along with the main Aerospike server container. Volume mounts are not supported. See storage for attaching volumes to sidecars. | |
tolerations | No | Kubernetes Pod Tolerations | Kubernetes Toleration for Aerospike pod placement. |
See Monitoring for details on configuring monitoring sidecars or Aerospike containers.
Aerospike containerโ
spec
-> podSpec
-> aerospikeContainer
Configures the aerospike-server
container created by AKO.
Field | Required | Type | Description |
---|---|---|---|
securityContext | No | Structure SecurityContext | Kubernetes security context for the Aerospike container. |
resources | No | Structure ResourceRequirements | Configures resource requirements and limits like CPU or memory for the Aerospike container. |
Aerospike Init Containerโ
spec
-> podSpec
-> aerospikeInitContainer
Configures the aerospike-init
container created by AKO.
Field | Required | Type | Default | Description |
---|---|---|---|---|
imageRegistry | No | String | docker.io | Name of image registry for Aerospike init container image. |
securityContext | No | Structure SecurityContext | Kubernetes security context for the Aerospike init container. | |
resources | No | Structure ResourceRequirements | Configures resources requirements and limits like CPU or memory for the Aerospike init container. |
Metadataโ
Kubernetes annotations and labels to add to the pods.
Field | Required | Type | Description |
---|---|---|---|
annotations | No | Map from annotation name to its value | Kubernetes Annotations |
labels | No | Map from label name to its value | Kubernetes Labels |
Rack Configโ
spec
-> rackConfig
Configures AKO to deploy a rack-aware Aerospike cluster. Pods are deployed in given racks based on the given configuration.
Field | Required | Type | Description |
---|---|---|---|
namespaces Dynamic Rolling restart | No | List of Strings | List of the Aerospike namespaces to enable the rack feature. |
racks Dynamic | Yes | List of structures | List of racks. |
rollingUpdateBatchSize Dynamic | No | Integer or String | Configures the number or percentage of rack pods to restart simultaneously during a rolling restart. This value can be an integer, like 5 , or a string, like 25% . |
maxIgnorablePods Dynamic | No | Integer or String | Configures the maximum number or percentage of pending or failed pods in a rack that are ignored while assessing cluster stability. Pods identified using this value are not considered part of the cluster. Additionally, in SC mode clusters, these pods are removed from the roster. This value can be an integer, like 5 , or a string, like 25% . |
scaleDownBatchSize | No | Integer or String | The percentage/number of rack pods that can be scaled down simultaneously. |
See Rack awareness for details.
Racksโ
spec
-> rackConfig
-> racks
Specifies single rack config.
Field | Required | Type | Description |
---|---|---|---|
id | Yes | Integer | Identifier for the rack. |
zone | No | String | Cloud provider-specific Zone name for setting rack affinity. Rack pods are deployed to the given cloud Zone. |
region | No | String | Cloud provider-specific Region name for setting rack affinity. Rack pods are deployed to the given cloud Region. |
rackLabel | No | String | Rack label for setting rack affinity. Rack pods are deployed in Kubernetes nodes with the rack label aerospike.com/rack-label: RACK LABEL . |
nodeName | No | String | Kubernetes node name for setting rack affinity. Rack pods are deployed on the given node. |
aerospikeConfig Dynamic Rolling restart | No | Structure | This local AerospikeConfig is a patch, which merges recursively with the common global AerospikeConfig and used for this Rack. See merge AerospikeConfig. If this AerospikeConfig is not given, the global AerospikeConfig is used. |
storage Dynamic Rolling restart | No | Structure | This local storage specifies persistent storage to use for the pods in this rack. If this storage is not given then global storage is used. |
podSpec Dynamic Rolling restart | No | Structure | Pod overrides for this rack. |
scaleDownBatchSize | No | Integer or String | The percentage or number of rack pods that can be scaled down simultaneously. |
podSpec
(Rack override)โ
spec
-> rackConfig
-> racks
-> podSpec
Provides rack-specific overrides to the Pod spec.
The following overrides are supported.
Field | Required | Type | Description |
---|---|---|---|
affinity | No | Kubernetes Pod Affinity | Kubernetes Affinity rules for pod placement. These rules are merged with affinity rules generated by AKO. |
tolerations | No | Kubernetes Pod Tolerations | Kubernetes Toleration for Aerospike pod placement. |
nodeSelector | No | Map from string to string | Node selector constraints for the Aerospike pods. |
Max Ignorable Podsโ
spec
-> rackConfig
-> maxIgnorablePods
maxIgnorablePods
is the maximum number or percentage of pending or failed pods in a rack that are ignored while assessing cluster stability. Pods identified using this value are not considered part of the cluster.
Additionally, in SC mode clusters, these pods are removed from the roster. This is particularly useful when some pods are stuck in pending or failed states due to any scheduling issues, and cannot be fixed by simply updating the CR. maxIgnorablePods
enables specific operations on the cluster, like changing Aerospike configurations, without being hindered by problematic pods.
Avoid using maxIgnorablePods
in small clusters or clusters with few nodes per rack. For example, in a 6-node cluster spread across three racks, do not set maxIgnorablePods
to 1.
If you are considering using the maxIgnorablePods
field, it's important to understand the following key points for its effective and safe application:
Use as a Last Resort: Use
maxIgnorablePods
only as a final option, particularly when issues in the cluster cannot be resolved by updating the CR (Custom Resource).Operate with Knowledge: Only modify this setting if you are confident in your understanding of its impact.
Pod Downtime Consideration: If
maxIgnorablePods
is set to a non-zero value, then the maximum number of pods that can be down in each rack ismaxIgnorablePods
+RollingUpdateBatchSize
(which defaults to 1). It's crucial to ensure that the remaining active pods in each rack have sufficient storage capacity to handle the total rack data during this downtime.Minimize usage of
maxIgnorablePods
: Keep themaxIgnorablePods
value as low as possible. Increasing this number heightens the risk of encountering sizing-related issues within your cluster.Reset after operations: After completing the necessary operations, reset
maxIgnorablePods
to 0. This ensures that all pods are accurately considered in subsequent assessments of cluster stability.
Seeds Finder Servicesโ
spec
-> seedsFinderServices
Creates additional Kubernetes service that allow clients to discover Aerospike cluster nodes.
Field | Required | Type | Description |
---|---|---|---|
loadBalancer | No | Structure | Creates a load balancer service that allows Aerospike clients to discover Aerospike cluster nodes. |
Load Balancer Serviceโ
spec
-> seedsFinderServices
-> loadBalancer
Creates a load balancer service which lets Aerospike clients discover Aerospike cluster nodes.
Field | Required | Type | Description |
---|---|---|---|
externalTrafficPolicy | No | Enum - Local, Cluster | External Traffic Policy Type string. See ServiceExternalTrafficPolicyType for details. |
annotations | No | Map from annotation name to its value | Kubernetes Annotations for the load balancer. |
port | No | Integer | Exposed port on load balancer. If not specified targetPort is used. |
Storageโ
spec
-> storage
The storage section configures persistent volume devices to provision and attach to the containers.
This section is required by default for persisting the Aerospike work directory. Store the work directory on persistent storage to ensure pod restarts do not reset Aerospike server metadata files.
This section is also required if Aerospike namespaces require persistent storage.
Field | Required | Type | Default | Description |
---|---|---|---|---|
cleanupThreads Dynamic | No | Integer | 1 | Defines the maximum number of disk cleanup threads (dd or blkdiscard) per init container that wipe or initialize disk volumes. |
blockVolumePolicy Dynamic | No | Structure | Volume policy for block volumes. | |
filesystemVolumePolicy Dynamic | No | Structure | Volume policy for filesystem volumes. | |
volumes Dynamic | No | List of Volume Structures | List of volumes to attach to Aerospike pods. Persistent storage volumes cannot be added or removed dynamically. |
Block/Filesystem Volume Policyโ
spec
-> storage
-> blockVolumePolicy
spec
-> storage
-> filesystemVolumePolicy
Specifies persistent volume policy to determine how new volumes are initialized. See Initializing Solid State Drives (SSDs) for more information. Although Aerospike Database allows you to choose trimming or zeroizing when you manually initialize an SSD, AKO only supports zeroizing. This prevents automatic reuse of an older Aerospike device if it has not been zeroized.
Field | Required | Type | Default | Description |
---|---|---|---|---|
initMethod Dynamic | No | Enum | none | Controls how the volumes are initialized the first time the persistent volume is attached to a pod. Valid values are none , dd , blkdiscard , deleteFiles . blkdiscard only works if the device supports TRIM with RZAT. |
wipeMethod Dynamic | No | Enum | dd for block volumes and deleteFiles for filesystem volumes | Specifies how the volumes are wiped for special upgrades and downgrades. Valid values are dd , blkdiscard , deleteFiles . |
cascadeDelete Dynamic | No | Boolean | false | Determines if the persistent volumes are deleted after the pods these volumes bind to are terminated and removed from the cluster. |
For filesystem volumes:
initMethod
can benone
ordeleteFiles
wipeMethod
can only bedeleteFiles
For block volumes:
initMethod
can benone
,dd
orblkdiscard
wipeMethod
can bedd
orblkdiscard
When using blkdiscard
, verify that the drive deterministically returns zeros after TRIM (RZAT).
Check with your hardware provider or cloud provider for this information.
If you are unsure, it is safer to wipe the device using dd
as the wipe method.
Volumesโ
Describes volumes to be created and attached to the init containers and main Aerospike container, as well as other sidecars.
Field | Required | Type | Default | Description |
---|---|---|---|---|
name | Yes | String | A name identifying this volume. The name must be unique among all created volumes. | |
source | Yes | Structure | Specifies the source for this volume. | |
aerospike | No | Structure | Specifies how this volume is attached to the main Aerospike server container. | |
sidecars | No | Structure | Attaches this volume to other sidecar containers. | |
initContainers | No | Structure | Attaches this volume to other init containers. | |
initMethod Dynamic | No | Enum | none | Controls how this volume is initialized when the persistent volume is attached the first time to a pod. Valid values are none , dd , blkdiscard , deleteFiles . |
cascadeDelete Dynamic | No | Boolean | false | CascadeDelete determines if the persistent volume is deleted after the pod this volume binds to is terminated and removed from the cluster. |
For filesystem volumes, initMethod can be none
or deleteFiles
.
For block volumes, initMethod can be none
, dd
or blkdiscard
.
blkdiscard
only works for devices that support TRIM. For AWS please refer to the storage volumes guide to check TRIM support.
If TRIM is not supported please use the slower dd
to initialize your devices.
For other devices please verify the support for TRIM command.
Volume Sourceโ
spec
-> storage
-> volumes
-> source
A Volume source specifies the source for an attached volume. Volumes are created using a volume source that can be one of the following:
Persistent Volume
Specifies a persistent volume to claim and attach to Aerospike pods.
Field | Required | Type | Default | Description |
---|---|---|---|---|
storageClass | Yes | String | The name of the storage class to use. | |
volumeMode | Yes | Enum - Filesystem, Block | Specifies the mode this volume should be created with. Filesystem creates a pre-formatted filesystem. Block mode creates a raw device. | |
size | Yes | String Quantity | The device size to be provisioned, for example 5Gi. | |
accessModes | No | List of PersistentVolumeAccessMode | Allowed access modes to the volume, for example ReadWriteOnce, ReadOnlyMany, ReadWriteMany. | |
selector | No | LabelSelector | Only the volumes whose labels match the selector are claimed. | |
initMethod Dynamic | No | Enum | none | Controls how this volume is initialized when the persistent volume is attached the first time to a pod. Valid values are none , dd , blkdiscard , deleteFiles . |
cascadeDelete Dynamic | No | Boolean | false | CascadeDelete determines if the persistent volume is deleted after the pod this volume binds to is terminated and removed from the cluster. |
EmptyDir
These are volumes to be used as temporary working disk space. See the official documentation for options.
- name: tempFiles
aerospike:
path: /opt/aerospike/temp
source:
emptyDir: {}
Secret
A Kubernetes Secret can be mounted as a volume. You can use a Secret for mounting the Aerospike feature-key file (features.conf) or sensitive files like TLS certificates and credentials onto the containers.
- name: aerospike-config-secret
source:
secret:
secretName: aerospike-secret
aerospike:
path: /etc/aerospike/secret
ConfigMap
A Kubernetes ConfigMap can be mounted as a volume. ConfigMaps hold non-confidential data like configuration for applications running in your custom init containers or sidecars.
- name: app-config
source:
configMap:
# Provide the name of the ConfigMap you want to mount.
name: app-config
# An optional array of keys from the ConfigMap to create as files
items:
- key: "game.properties"
path: "game.properties"
- key: "user-interface.properties"
path: "user-interface.properties"
Aerospike Database Volume Attachmentโ
spec
-> storage
-> volumes
-> aerospike
Specifies attaching a volume to the main Aerospike Database container.
Field | Required | Type | Description |
---|---|---|---|
path | Yes | String | The path to attach the volume to the Aerospike container. |
Init/Sidecar Volume Attachmentโ
spec
-> storage
-> volumes
-> sidecars
spec
-> storage
-> volumes
-> initContainers
Specifies attaching a volume to a sidecar container.
Field | Required | Type | Description |
---|---|---|---|
containerName | Yes | String | The name of the container to attach this volume to. |
path | Yes | String | The path to attach the volume to the Aerospike container. |
Validation Policyโ
spec
-> validationPolicy
This section configures the policy for validating the cluster CR.
Field | Required | Type | Default | Description |
---|---|---|---|---|
skipWorkDirValidate Dynamic | No | Boolean | false | If true, skips validating that the Aerospike work directory is stored on a persistent volume. |
skipXdrDlogFileValidate Dynamic | No | Boolean | false | If true, skips validating that the XDR digest log is stored on a persistent volume. |