Version: Operator 3.4.0

Configuration parameters

Overview

This page lists all possible configuration parameters that you can put in the AKO Custom Resource (CR) file.

In the examples given in this documentation, the CR file (and all configuration files) are assumed to be in the same directory where you run kubectl commands.

The Operator Custom Resource Definition (CRD) specifies the CR structure that AKO uses to manage the cluster.

CR examples

These and other example CRs are available in the main AKO GitHub repository.

Example 1: Basic CR

This example creates a simple cluster with no storage, using data-in-memory (DIM).

Example 1

apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
  name: aerocluster
  namespace: aerospike
spec:
  size: 2
  image: aerospike/aerospike-server-enterprise:7.2.0.1

  podSpec:
    multiPodPerHost: true

  storage:
    filesystemVolumePolicy:
      cascadeDelete: true
      initMethod: deleteFiles
    volumes:
      - name: workdir
        source:
          persistentVolume:
            storageClass: ssd
            volumeMode: Filesystem
            size: 3Gi
        aerospike:
          path: /opt/aerospike
      - name: aerospike-config-secret
        source:
          secret:
            secretName: aerospike-secret
        aerospike:
          path: /etc/aerospike/secret

  aerospikeAccessControl:
    users:
      - name: admin
        secretName: auth-secret
        roles:
          - sys-admin
          - user-admin

  aerospikeConfig:
    service:
      feature-key-file: /etc/aerospike/secret/features.conf
    security: {}
    network:
      service:
        port: 3000
      fabric:
        port: 3001
      heartbeat:
        port: 3002
    namespaces:
      - name: test
        replication-factor: 2
        storage-engine:
          type: memory
          data-size: 1073741824

Example 2: Rack-enabled CR

This more comprehensive sample CR is for a rack-enabled cluster. It has an additional rackConfig subsection under spec. See Rack awareness for more information.

Example 2

apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
  name: aerocluster
  namespace: aerospike

spec:
  size: 2
  image: aerospike/aerospike-server-enterprise:7.2.0.1
  rackConfig:
    namespaces:
      - test
    racks:
      - id: 1
        # Change to the zone for your k8s cluster.
        zone: us-west1-a
      - id: 2
        # Change to the zone for your k8s cluster.
        zone: us-west1-b

  storage:
    filesystemVolumePolicy:
      cascadeDelete: true
      initMethod: deleteFiles
    blockVolumePolicy:
      cascadeDelete: true
    volumes:
      - name: workdir
        aerospike:
          path: /opt/aerospike
        source:
          persistentVolume:
            storageClass: ssd
            volumeMode: Filesystem
            size: 1Gi
      - name: ns
        aerospike:
          path: /test/dev/xvdf
        source:
          persistentVolume:
            storageClass: ssd
            volumeMode: Block
            size: 5Gi
      - name: aerospike-config-secret
        source:
          secret:
            secretName: aerospike-secret
        aerospike:
          path: /etc/aerospike/secret

  podSpec:
    multiPodPerHost: true

  aerospikeAccessControl:
    users:
      - name: admin
        secretName: auth-secret
        roles:
          - sys-admin
          - user-admin

  aerospikeConfig:
    service:
      feature-key-file: /etc/aerospike/secret/features.conf
    security: {}

    network:
      service:
        port: 3000
      heartbeat:
        port: 3002
      fabric:
        port: 3001

    namespaces:
      - name: test
        replication-factor: 2
        storage-engine:
          type: device
          devices:
            - /test/dev/xvdf
      - name: testMem
        replication-factor: 1
        storage-engine:
          type: memory
          data-size: 1073741824

CR file metadata

The initial part of the CR file selects the Custom Resource Definition (CRD) and the namespace to use for the Aerospike cluster.

apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
  name: aerocluster
  namespace: aerospike

The rest of this page explains the parameters in the subsequent parts of the CR file.

Spec

The spec section defines the cluster's configurations.

Field	Required	Type	Default	Description
aerospikeAccessControl _Dynamic	No	Structure		Required if Aerospike security is enabled.
aerospikeConfig _{Dynamic Rolling restart}	Yes	Structure		A freeform map conforming to the configuration schema for the deployed Aerospike Database version.
aerospikeNetworkPolicy _{Dynamic Rolling restart}	No	Structure		Configures IP addresses and port types for access and fabric.
disablePDB	No	Boolean	False	Disables the creation of `PodDisruptionBudget` for the Aerospike cluster.
enableDynamicConfigUpdate	No	Boolean	False	Enables the dynamic config update flow for AKO.
image _{Dynamic Rolling restart}	Yes	String		The official Aerospike Enterprise Database docker image to use for the node in the cluster.
k8sNodeBlockList	No	List of Strings		List of Kubernetes nodes that are disallowed for scheduling the Aerospike pods. Pods are not scheduled on these nodes and migrated from these nodes if already present.
maxUnavailable	No	Integer or String	1	Sets the maxUnavailable field for PodDisruptionBudget created by AKO for the Aerospike cluster. 1. Readiness probe for PodDisruptionBudget doesn't wait for data migration. 2. It should only be used for Aerospike clusters with network attached storage. For any other storage type or no storage, use K8sNodeBlockList. For more information see Specifying a Disruption Budget for your Application
operatorClientCert _Dynamic	With TLS	Structure		Configures the TLS certs used by AKO when connecting to the Aerospike cluster.
paused	No	Boolean		Pause the operator reconciliation for the AerospikeCluster.
podSpec _{Dynamic Rolling restart}	No	Structure		Configures the Kubernetes pod running Aerospike server.
rackConfig _Dynamic	No	Structure		Configures AKO to deploy rack aware Aerospike clusters. Pods are deployed in racks based on the provided configuration.
rosterNodeBlockList _Dynamic	No	List of Strings		Configures a list of nodeIDs which are blocked from roster in a strong consistency setup.
seedsFinderServices _Dynamic	No	Structure		Creates additional Kubernetes services that allow clients to discover Aerospike cluster nodes.
size _Dynamic	Yes	Integer		The size/number of Aerospike node pods to run for this cluster.
storage _Dynamic	No	Structure		Required for persistent namespaces and for Aerospike work directory, unless the validation policy skips validating persistence of the work directory.
operations	No	[]Structure		A list of on-demand operations to be performed on the Aerospike database.
validationPolicy _Dynamic	No	Structure		Configures the custom resource validation.

Aerospike Access Control

spec -> aerospikeAccessControl

Provides Aerospike access control configuration for the Aerospike cluster.

Field	Required	Type	Description
roles _Dynamic	No	List of Structures	A list of Role structures with an entry for each role.
users _Dynamic	No	List of Structures	A list of User structures with an entry for each user. Required if Aerospike security is enabled.

If the Aerospike cluster has security enabled, the CR file must have an entry for the "admin" user having at least "sys-admin" and "user-admin" roles.

Aerospike Role

spec -> aerospikeAccessControl -> roles

Configures roles for the Aerospike cluster.

Field	Required	Type	Description
name	Yes	String	The name of this role.
privileges _Dynamic	Yes	List of Strings	The privileges to grant this role.
whitelist _Dynamic	No	List of Strings	Allowlist of host address allowed for this role.
readQuota _Dynamic	No	Integer	Specifies permitted rate of read records for current role (the value is in RPS).
writeQuota _Dynamic	No	Integer	Specifies permitted rate of writes for current role (the value is in RPS).

Aerospike User

spec -> aerospikeAccessControl -> users

Configures users for the Aerospike cluster.

Field	Required	Type	Description
name	Yes	String	The name of this user.
secretName _Dynamic	Yes	String	The name of the secret containing this user's password.
roles _Dynamic	Yes	List of Strings	The roles to grant to this user.

Aerospike Config

spec -> aerospikeConfig

The YAML form of Aerospike server configuration. See YAML Configuration mapping for details.

Aerospike Config Secret

Configures the name of the secret to use and the mount path to mount the secret files on the container.

Field	Required	Type	Description
secretName _Dynamic	Yes	String	The name of the secret.
mountPath _Dynamic	Yes	String	The path where the secret files will be mounted in the container.

Aerospike Network Policy

spec -> aerospikeNetworkPolicy

This section describes how to configure IP addresses and port types for access and alternate access, TLS and TLS alternate access, fabric and TLS fabric endpoints on the Aerospike cluster.

Aerospike supports the following types of endpoint configurations:

pod uses the Kubernetes pod IP address and Aerospike port to connect from other pods in the same Kubernetes cluster.
hostInternal uses the Kubernetes cluster node's host IP address and a mapped Aerospike port to connect from the Kubernetes cluster's VPC or internal network.
hostExternal uses the Kubernetes cluster node's host external/public IP address and a mapped Aerospike port to connect from the external network.
configuredIP uses the IP address configured by the user in the Kubernetes node labels, and a mapped Aerospike port, to connect from the internal/external network. Label "aerospike.com/configured-access-address" in the Kubernetes node is the accessAddress, and label "aerospike.com/configured-alternate-access-address" in the Kubernetes node is the alternateAccessAddress.
customInterface uses the IP address assigned to the custom interfaces attached to the pod and Aerospike port, to connect from the same custom interfaces network. These custom interfaces are given separately as a list of NetworkAttachmentDefinition CRs and also, must be defined in the pod annotation k8s.v1.cni.cncf.io/networks to assign network interfaces to the pod.

Field	Required	Type	Default	Description
access _{Dynamic Rolling restart}	No	Enum [pod, hostInternal, hostExternal, configuredIP, customInterface]	hostInternal	Configures Aerospike access endpoint.
customAccessNetworkNames _{Dynamic Rolling restart}	No	List of Strings		List of the pod's network interfaces used for Aerospike access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation `k8s.v1.cni.cncf.io/networks` to assign network interfaces to the pod. Required with 'customInterface' access type.
alternateAccess _{Dynamic Rolling restart}	No	Enum [pod, hostInternal, hostExternal, configuredIP, customInterface]	hostExternal	Configures Aerospike alternate access endpoint.
customAlternateAccessNetworkNames _{Dynamic Rolling restart}	No	List of Strings		List of the pod's network interfaces used for Aerospike alternate access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation `k8s.v1.cni.cncf.io/networks` to assign network interfaces to the pod. Required with 'customInterface' alternateAccess type.
tlsAccess _{Dynamic Rolling restart}	No	Enum [pod, hostInternal, hostExternal, configuredIP, customInterface]	hostInternal	Configures Aerospike TLS access endpoint.
customTLSAccessNetworkNames _{Dynamic Rolling restart}	No	List of Strings		List of the pod's network interfaces used for Aerospike TLS access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation `k8s.v1.cni.cncf.io/networks` to assign network interfaces to the pod. Required with 'customInterface' tlsAccess type.
tlsAlternateAccess _{Dynamic Rolling restart}	No	Enum [pod, hostInternal, hostExternal, configuredIP, customInterface]	hostExternal	Configures Aerospike TLS alternate endpoint.
customTLSAlternateAccessNetworkNames _{Dynamic Rolling restart}	No	List of Strings		List of the pod's network interfaces used for Aerospike TLS alternate access address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation `k8s.v1.cni.cncf.io/networks` to assign network interfaces to the pod. Required with 'customInterface' tlsAlternateAccess type.
fabric	No	Enum [customInterface]		Configures Aerospike fabric endpoint.
customFabricNetworkNames	No	List of Strings		CustomFabricNetworkNames is the list of the pod's network interfaces used for Aerospike fabric address. Each element in the list is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation `k8s.v1.cni.cncf.io/networks` to assign network interfaces to the pod. Required with 'customInterface' fabric type.
tlsFabric	No	Enum [customInterface]		Configures Aerospike TLS fabric endpoint.
customTLSFabricNetworkNames	No	List of Strings		List of the pod's network interfaces used for Aerospike TLS fabric address. Each element is specified with a namespace and the name of a NetworkAttachmentDefinition, separated by a forward slash (/). These elements must be defined in the pod annotation `k8s.v1.cni.cncf.io/networks` to assign network interfaces to the pod. Required with 'customInterface' tlsFabric type.

Operator Client Cert

spec -> operatorClientCert

AKO needs to connect as an Aerospike client to perform management asinfo calls. If the Aerospike service is configured to use TLS for clients, you need to specify the certificates the client uses to make these calls.

Field	Required	Type	Description
certPathInOperator	Yes	Structure	Specifies the path to the AKO certs as files mounted in the AKO container.
secretCertSource	Yes	Structure	Specifies that the AKO certs are read from a secret.
tlsClientName	No	String	If specified, AKO adds this name to the `tls-authenticate-client` list so that the Aerospike servers will always allow it.

note

You must specify certPathInOperator or secretCertSource, but not both.

Cert Path In Operator

spec -> operatorClientCert -> certPathInOperator

Specifies that the AKO certificate files are mounted onto the AKO containers.

Field	Required	Type	Description
caCertsPath	No	String	The path to the file or directory containing the CA certificates.
clientCertPath	No	String	The path to the file containing the AKO certificate.
clientKeyPath	No	String	The path to the file containing the AKO secret key.

Secret Cert Source

spec -> operatorClientCert -> secretCertSource

Specifies that the certificate should be read from a Kubernetes Secret.

Field	Required	Type	Default	Description
caCertsFilename	No	String		The name of the secret key or file containing the CA certificate.
caCertsSource	No	Structure		Structure containing CA certificates secret object info.
clientCertFilename	No	String		The name of the secret key or file containing the AKO certificate.
clientKeyFilename	No	String		The name of the secret key or file containing the AKO secret key.
secretName	Yes	String		The name of the secret.
secretNamespace	No	String	Kubernetes namespace where Aerospike cluster is deployed	The namespace containing the secret.

CA Certs Source

spec -> operatorClientCert -> secretCertSource -> caCertsSource

Field	Required	Type	Default	Description
secretName	Yes	String		The name of the secret.
secretNamespace	No	String	Kubernetes namespace where Aerospike cluster is deployed	The namespace containing the secret.

Pod Spec

spec -> podSpec

Configures the Kubernetes pod running Aerospike server. Sidecar containers for monitoring or running connectors can be added to each Aerospike pod.

Field	Required	Type	Default	Description
aerospikeContainer	No	Structure		Configures the `aerospike-server` container created by AKO.
aerospikeInitContainer	No	Structure		Configures the `aerospike-init` container created by AKO.
affinity	No	Kubernetes Pod Affinity		Kubernetes Affinity rules for pod placement. These rules are merged with affinity rules that AKO generates. See the OLM documentation on affinity for examples.
dnsPolicy	No	Kubernetes DNSPolicy		DnsPolicy to use. If `hostNetwork` is true and policy is not specified, it defaults to `ClusterFirstWithHostNet`.
metadata	No	Structure		Kubernetes Annotations and Labels to add to pods.
multiPodPerHost	No	Boolean	False	Specifies whether to run multiple pods per Kubernetes cluster host.
hostNetwork	No	Boolean	False	Enables host networking for the pod. To enable hostNetwork, `multiPodPerHost` must be `false`.
imagePullSecrets	No	List of TypedLocalObjectReference		Optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
initContainers	No	List of Container structures		List of init containers before running Aerospike and the sidecar containers.
nodeSelector	No	Map from string to string		Node selector constraints for the Aerospike pods.
securityContext	No	Structure PodSecurityContext		Holds pod-level security attributes and common container settings.
sidecars	No	List of Container structures		List of side containers to run along with the main Aerospike server container. Volume mounts are not supported. See storage for attaching volumes to sidecars.
tolerations	No	Kubernetes Pod Tolerations		Kubernetes Toleration for Aerospike pod placement.

See Monitoring for details on configuring monitoring sidecars or Aerospike containers.

Aerospike container

spec -> podSpec -> aerospikeContainer

Configures the aerospike-server container created by AKO.

Field	Required	Type	Description
securityContext	No	Structure SecurityContext	Kubernetes security context for the Aerospike container.
resources	No	Structure ResourceRequirements	Configures resource requirements and limits like CPU or memory for the Aerospike container.

Aerospike Init Container

spec -> podSpec -> aerospikeInitContainer

Configures the aerospike-init container created by AKO.

Field	Required	Type	Default	Description
imageRegistry	No	String	docker.io	Name of image registry for Aerospike init container image.
imageNameAndTag	No	String	aerospike-kubernetes-init:2.2.2	The `name:tag` string of the `aerospike-init` container image.
imageRegistryNamespace	No	String	aerospike	The name of the namespace in the registry for the `aerospike-init` container image.
securityContext	No	Structure SecurityContext		Kubernetes security context for the Aerospike init container.
resources	No	Structure ResourceRequirements		Configures resources requirements and limits like CPU or memory for the Aerospike init container.

Metadata

spec -> podSpec -> metadata

Kubernetes annotations and labels to add to the pods.

Field	Required	Type	Description
annotations	No	Map from annotation name to its value	Kubernetes Annotations
labels	No	Map from label name to its value	Kubernetes Labels

Rack Config

spec -> rackConfig

Configures AKO to deploy a rack-aware Aerospike cluster. Pods are deployed in given racks based on the given configuration.

Field	Required	Type	Description
namespaces _{Dynamic Rolling restart}	No	List of Strings	List of the Aerospike namespaces to enable the rack feature.
racks _Dynamic	Yes	List of structures	List of racks.
rollingUpdateBatchSize _Dynamic	No	Integer or String	Configures the number or percentage of rack pods to restart simultaneously during a rolling restart. The value can be integer eg. 5 or string eg. "25%".
maxIgnorablePods _Dynamic	No	Integer or String	Configures the maximum number or percentage of pending or failed pods in a rack that are ignored while assessing cluster stability. Pods identified using this value are not considered part of the cluster. Additionally, in SC mode clusters, these pods are removed from the roster. The value can be integer eg. 5 or string eg. "25%".
scaleDownBatchSize	No	Integer or String	The percentage/number of rack pods that can be scaled down simultaneously.

See Rack awareness for details.

Racks

spec -> rackConfig -> racks

Specifies single rack config.

Field	Required	Type	Description
id	Yes	Integer	Identifier for the rack.
zone	No	String	Cloud provider-specific Zone name for setting rack affinity. Rack pods are deployed to the given cloud Zone.
region	No	String	Cloud provider-specific Region name for setting rack affinity. Rack pods are deployed to the given cloud Region.
rackLabel	No	String	Rack label for setting rack affinity. Rack pods are deployed in Kubernetes nodes with the rack label `aerospike.com/rack-label: RACK LABEL`.
nodeName	No	String	Kubernetes node name for setting rack affinity. Rack pods are deployed on the given node.
aerospikeConfig _{Dynamic Rolling restart}	No	Structure	This local AerospikeConfig is a patch, which merges recursively with the common global `AerospikeConfig` and used for this Rack. See merge AerospikeConfig. If this `AerospikeConfig` is not given, the global `AerospikeConfig` is used.
storage _{Dynamic Rolling restart}	No	Structure	This local storage specifies persistent storage to use for the pods in this rack. If this storage is not given then global storage is used.
podSpec _{Dynamic Rolling restart}	No	Structure	Pod overrides for this rack.
scaleDownBatchSize	No	Integer or String	The percentage or number of rack pods that can be scaled down simultaneously.

`podSpec` (Rack override)

spec -> rackConfig -> racks -> podSpec

Provides rack-specific overrides to the Pod spec.

The following overrides are supported.

Field	Required	Type	Description
affinity	No	Kubernetes Pod Affinity	Kubernetes Affinity rules for pod placement. These rules are merged with affinity rules generated by AKO.
tolerations	No	Kubernetes Pod Tolerations	Kubernetes Toleration for Aerospike pod placement.
nodeSelector	No	Map from String to String	Node selector constraints for the Aerospike pods.

Max Ignorable Pods

spec -> rackConfig -> maxIgnorablePods

maxIgnorablePods is the maximum number or percentage of pending or failed pods in a rack that are ignored while assessing cluster stability. Pods identified using this value are not considered part of the cluster. Additionally, in SC mode clusters, these pods are removed from the roster. This is particularly useful when some pods are stuck in pending or failed states due to any scheduling issues, and cannot be fixed by simply updating the CR. maxIgnorablePods enables specific operations on the cluster, like changing Aerospike configurations, without being hindered by problematic pods.

caution

Avoid using maxIgnorablePods in small clusters or clusters with few nodes per rack. For example, in a 6-node cluster spread across three racks, do not set maxIgnorablePods to 1.

If you are considering using the maxIgnorablePods field, it's important to understand the following key points for its effective and safe application:

Use as a Last Resort: Use maxIgnorablePods only as a final option, particularly when issues in the cluster cannot be resolved by updating the CR (Custom Resource).
Operate with Knowledge: Only modify this setting if you are confident in your understanding of its impact.
Pod Downtime Consideration: If maxIgnorablePods is set to a non-zero value, then the maximum number of pods that can be down in each rack is maxIgnorablePods + RollingUpdateBatchSize (which defaults to 1). It's crucial to ensure that the remaining active pods in each rack have sufficient storage capacity to handle the total rack data during this downtime.
Minimize usage of maxIgnorablePods: Keep the maxIgnorablePods value as low as possible. Increasing this number heightens the risk of encountering sizing-related issues within your cluster.
Reset after operations: After completing the necessary operations, reset maxIgnorablePods to 0. This ensures that all pods are accurately considered in subsequent assessments of cluster stability.

Seeds Finder Services

spec -> seedsFinderServices

Creates additional Kubernetes service that allow clients to discover Aerospike cluster nodes.

Field	Required	Type	Description
loadBalancer	No	Structure	Creates a load balancer service that allows Aerospike clients to discover Aerospike cluster nodes.

Load Balancer Service

spec -> seedsFinderServices -> loadBalancer

Creates a load balancer service which lets Aerospike clients discover Aerospike cluster nodes.

Field	Required	Type	Description
externalTrafficPolicy	No	Enum - Local, Cluster	External Traffic Policy Type string. See ServiceExternalTrafficPolicyType for details.
annotations	No	Map from annotation name to its value	Kubernetes Annotations for the load balancer.
port	No	Integer	Exposed port on load balancer. If not specified targetPort is used.

Storage

spec -> storage

The storage section configures persistent volume devices to provision and attach to the containers.

This section is required by default for persisting the Aerospike work directory. Store the work directory on persistent storage to ensure pod restarts do not reset Aerospike server metadata files.

This section is also required if Aerospike namespaces require persistent storage.

Field	Required	Type	Default	Description
cleanupThreads _Dynamic	No	Integer	1	Defines the maximum number of disk cleanup threads (dd or blkdiscard) per init container that wipe or initialize disk volumes.
blockVolumePolicy _Dynamic	No	Structure		Volume policy for block volumes.
filesystemVolumePolicy _Dynamic	No	Structure		Volume policy for filesystem volumes.
volumes _Dynamic	No	List of Volume Structures		List of volumes to attach to Aerospike pods. Persistent storage volumes cannot be added or removed dynamically.

Block/Filesystem Volume Policy

spec -> storage -> blockVolumePolicy

spec -> storage -> filesystemVolumePolicy

Specifies persistent volume policy to determine how new volumes are initialized. See Initializing Solid State Drives (SSDs) for more information. Although Aerospike Database allows you to choose trimming or zeroizing when you manually initialize an SSD, AKO only supports zeroizing. This prevents automatic reuse of an older Aerospike device if it has not been zeroized.

Field	Required	Type	Default	Description
initMethod _Dynamic	No	Enum	none	Controls how the volumes are initialized the first time the persistent volume is attached to a pod. Valid values are `none`, `dd`, `blkdiscard`, `deleteFiles`. `blkdiscard` only works if the device supports TRIM with RZAT.
wipeMethod _Dynamic	No	Enum	`dd` for block volumes and `deleteFiles` for filesystem volumes	Specifies how the volumes are wiped for special upgrades and downgrades. Valid values are `dd`, `blkdiscard`, `deleteFiles`.
cascadeDelete _Dynamic	No	Boolean	false	Determines if the persistent volumes are deleted after the pods these volumes bind to are terminated and removed from the cluster.

For filesystem volumes:

initMethod can be none or deleteFiles
wipeMethod can only be deleteFiles

For block volumes:

initMethod can be none, dd or blkdiscard
wipeMethod can be dd or blkdiscard

caution

When using blkdiscard, verify that the drive deterministically returns zeros after TRIM (RZAT). Check with your hardware provider or cloud provider for this information. If you are unsure, it is safer to wipe the device using dd as the wipe method.

Volumes

spec -> storage -> volumes

Describes volumes to be created and attached to the init containers and main Aerospike container, as well as other sidecars.

Field	Required	Type	Default	Description
name	Yes	String		A name identifying this volume. The name must be unique among all created volumes.
source	Yes	Structure		Specifies the source for this volume.
aerospike	No	Structure		Specifies how this volume is attached to the main Aerospike server container.
sidecars	No	Structure		Attaches this volume to other sidecar containers.
initContainers	No	Structure		Attaches this volume to other init containers.
initMethod _Dynamic	No	Enum	none	Controls how this volume is initialized when the persistent volume is attached the first time to a pod. Valid values are `none`, `dd`, `blkdiscard`, `deleteFiles`.
cascadeDelete _Dynamic	No	Boolean	false	CascadeDelete determines if the persistent volume is deleted after the pod this volume binds to is terminated and removed from the cluster.

For filesystem volumes, initMethod can be none or deleteFiles. For block volumes, initMethod can be none, dd or blkdiscard.

note

blkdiscard only works for devices that support TRIM. For AWS, see the storage volumes guide to check for TRIM support. If TRIM is not supported, use the slower dd to initialize your devices. For other devices, verify the support for TRIM command.

Volume Source

spec -> storage -> volumes -> source

A Volume source specifies the source for an attached volume. Volumes are created using a volume source that can be one of the following:

Persistent Volume

Specifies a persistent volume to claim and attach to Aerospike pods.

Field	Required	Type	Default	Description
storageClass	Yes	String		The name of the storage class to use.
volumeMode	Yes	Enum - Filesystem, Block		Specifies the mode this volume should be created with. `Filesystem` creates a pre-formatted filesystem. Block mode creates a raw device.
size	Yes	String Quantity		The device size to be provisioned, for example 5Gi.
accessModes	No	List of PersistentVolumeAccessMode		Allowed access modes to the volume, for example ReadWriteOnce, ReadOnlyMany, ReadWriteMany.
selector	No	LabelSelector		Only the volumes whose labels match the selector are claimed.
initMethod _Dynamic	No	Enum	none	Controls how this volume is initialized when the persistent volume is attached the first time to a pod. Valid values are `none`, `dd`, `blkdiscard`, `deleteFiles`.
cascadeDelete _Dynamic	No	Boolean	false	CascadeDelete determines if the persistent volume is deleted after the pod this volume binds to is terminated and removed from the cluster.

EmptyDir

These are volumes to be used as temporary working disk space. See the official documentation for options.

      - name: tempFiles
        aerospike:
          path: /opt/aerospike/temp
        source:
          emptyDir: {}

Secret

A Kubernetes Secret can be mounted as a volume. You can use a Secret for mounting the Aerospike feature-key file (features.conf) or sensitive files like TLS certificates and credentials onto the containers.

- name: aerospike-config-secret
      source:
          secret:
              secretName: aerospike-secret
      aerospike:
          path: /etc/aerospike/secret

ConfigMap

A Kubernetes ConfigMap can be mounted as a volume. ConfigMaps hold non-confidential data like configuration for applications running in your custom init containers or sidecars.

- name: app-config
    source:
      configMap:
        # Provide the name of the ConfigMap you want to mount.
        name: app-config
        # An optional array of keys from the ConfigMap to create as files
        items:
        - key: "game.properties"
          path: "game.properties"
        - key: "user-interface.properties"
          path: "user-interface.properties"

Aerospike Database Volume Attachment

spec -> storage -> volumes -> aerospike

Specifies attaching a volume to the main Aerospike Database container.

Field	Required	Type	Description
path	Yes	String	The path to attach the volume to the Aerospike container.

Init/Sidecar Volume Attachment

spec -> storage -> volumes -> sidecars

spec -> storage -> volumes -> initContainers

Specifies attaching a volume to a sidecar container.

Field	Required	Type	Description
containerName	Yes	String	The name of the container to attach this volume to.
path	Yes	String	The path to attach the volume to the Aerospike container.

Operations

spec -> operations

Configure the Aerospike cluster to perform specific operations.

Field	Required	Type	Description
kind	Yes	String	Type of operation to be performed on the Aerospike cluster
id	Yes	String	Unique identifier of the operation
podList	No	[]String	List of pods to consider for operation

Validation Policy

spec -> validationPolicy

This section configures the policy for validating the cluster CR.

Field	Required	Type	Default	Description
skipWorkDirValidate _Dynamic	No	Boolean	false	If true, skips validating that the Aerospike work directory is stored on a persistent volume.
skipXdrDlogFileValidate _Dynamic	No	Boolean	false	If true, skips validating that the XDR digest log is stored on a persistent volume.

Overview​

CR examples​

Example 1: Basic CR​

Example 2: Rack-enabled CR​

CR file metadata​

Spec​

Aerospike Access Control​

Aerospike Role​

Aerospike User​

Aerospike Config​

Aerospike Config Secret​

Aerospike Network Policy​

Operator Client Cert​

Cert Path In Operator​

Secret Cert Source​

CA Certs Source​

Pod Spec​

Aerospike container​

Aerospike Init Container​

Metadata​

Rack Config​

Racks​

podSpec (Rack override)​

Max Ignorable Pods​

Seeds Finder Services​

Load Balancer Service​

Storage​

Block/Filesystem Volume Policy​

Volumes​

Volume Source​

Aerospike Database Volume Attachment​

Init/Sidecar Volume Attachment​

Operations​

Validation Policy​