MLE-19883: Updating sample manifests

config/samples/complete.yaml

@@ -1,83 +1,312 @@
 apiVersion: database.marklogic.com/v1alpha1
-kind: MarklogicGroup
+kind: MarklogicCluster
 metadata:
-  labels:
-    app.kubernetes.io/name: marklogicgroup
-    app.kubernetes.io/instance: marklogicgroup-sample
-    app.kubernetes.io/part-of: marklogic-operator-kubernetes
-    app.kubernetes.io/managed-by: kustomize
-    app.kubernetes.io/created-by: marklogic-operator-kubernetes
-  name: marklogicgroup-sample
+  name: ml-cluster
+  namespace: prod
+  annotations: {}
 spec:
-  replicas: 1
-  name: marklogic
-  image: "progressofficial/marklogic-db:11.3.0-ubi-rootless"
-  ## Configure the imagePullSecrets to pull the image from private repository that requires credential
-  # imagePullSecrets: []
+  image: "progressofficial/marklogic-db:11.3.1-ubi-rootless-2.1.1"
+  imagePullPolicy: IfNotPresent
+  imagePullSecrets: 
+    - name: regcred
+  ## It is recommended to use Kubernetes secrets to store the admin credentials
+  ## To create a secret, run the following command in the same namespace as the CR:
+  ## kubectl create secret generic admincreds --from-literal=username=admin --from-literal=password=admin
+  ## If you do not provide the admin credentials, the operator will generate a secret for you containing admin credentials
   auth:
-    adminUsername: user
-    adminPassword: pass
-  # storage:
-  #   size: 10Gi
-  terminationGracePeriodSeconds: 9
-  updateStrategy: OnDelete
+    secretName: admincreds
   clusterDomain: cluster.local
-  priorityClassName: "system-node-critical"
-  # groupConfig:
-  #   name: "node"
-  enableConverters: true
-  hugePages:
+  persistence: 
     enabled: true
-    mountPath: /dev/hugepages
-  nodeSelector:
-    node-role.kubernetes.io/master: "true"
-  affinity: 
-    podAntiAffinity:
-      preferredDuringSchedulingIgnoredDuringExecution:
-      - weight: 100
-        podAffinityTerm:
-          labelSelector:
-            matchExpressions:
-            - key: app.kubernetes.io/name
-              operator: In
-              values:
-              - marklogic
-          topologyKey: kubernetes.io/hostname
+    size: 100Gi
+    storageClassName: "gp3"
+    accessModes: 
+      - ReadWriteOnce
+    annotations: {}
+  resources: 
+    requests:
+      memory: "64Gi"
+      cpu: "8"
+      hugespages2Mi: "24Gi"
+    limits:
+      memory: "64Gi"
+      cpu: "8"
+      hugespages2Mi: "24Gi"
+## To configure networkPolicy, set enabled: true and uncomment the following lines 
+## Below is an example of networkPolicy, update it as per your requirements
+## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies
+  # networkPolicy:
+  #   enabled: true
+  #   policyTypes:
+  #     - Ingress
+  #     - Egress
+  #   podSelector: {}
+  #   ingress: {}
+  #   egress:
+  #     - to:
+  #         - podSelector:
+  #             matchLabels:
+  #               app.kubernetes.io/name: marklogiccluster
+  #               app.kubernetes.io/instance: marklogiccluster-prod-sample
+  #       ports:
+  #         - protocol: TCP
+  #           port: 8000
+## Configuration for the HAProxy load balancer
+## An out of box load balancer configured to handle cookie based session affinity that's required by most MarkLogic applications.
+  haproxy:
+    enabled: true
+    pathBasedRouting: true
+    frontendPort: 8080
+    tcpPorts:
+      enabled: true
+      ports:
+        - name: odbc
+          type: TCP
+          port: 5432
+    appServers:
+      - name: "app-service"
+        port: 8000
+        path: "/console"
+      - name: "admin"
+        port: 8001
+        path: "/adminUI"
+      - name: "manage"
+        port: 8002
+        path: "/manage"
+    stats:
+      enabled: true
+      port: 1024
+    resources:
+      requests:
+        memory: "4Gi"
+        cpu: "1"
+      limits:
+        memory: "4Gi"
+        cpu: "1"
+  ## Configure Ingress
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
+    ingress: 
+      enabled: false
+      ingressClassName: "alb"
+      ## Ingress labels
+      ## ref: https://kubernetes.io/docs/concepts/overvsiew/working-with-objects/labels/
+      labels: {}
+      ## Ingress annotations
+      ## Update the annotations as per your requirements
+      ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+      annotations: 
+        alb.ingress.kubernetes.io/healthcheck-port: '80'
+        alb.ingress.kubernetes.io/healthcheck-path: /adminUI
+        alb.ingress.kubernetes.io/success-codes: '200-401'
+        alb.ingress.kubernetes.io/load-balancer-name: mlingress
+        alb.ingress.kubernetes.io/scheme: internet-facing
+        alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}]'
+        alb.ingress.kubernetes.io/target-group-attributes: load_balancing.algorithm.type=least_outstanding_requests
+        alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:XXXXXXXXXXX:certificate/XxXXXXXX-xxxx-XXXX-XXXX-XXXXXXXxxxxXXX
+        alb.ingress.kubernetes.io/target-type: ip
+        alb.ingress.kubernetes.io/group.name: mlingress-group
+        alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=600,routing.http.xff_header_processing.mode=append
+      # Ingress hosts
+      # add default hosts and additional hosts
+      # ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
+      host: ""
+      additionalHosts: []
+      ## Ingress TLS
+      ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+      tls: []
+        # secretName: your-certificate-name
+        # hosts:
+        #   - marklogic.example.com
+  terminationGracePeriodSeconds: 10
+  updateStrategy: OnDelete
+  podSecurityContext:
+    fsGroup: 2
+    fsGroupChangePolicy: OnRootMismatch
+  securityContext:
+    runAsUser: 1000
+    runAsNonRoot: true
+    allowPrivilegeEscalation: false
+## Node Affinity for pod-node scheduling constraints
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+  affinity: {}
+## Configure NodeSelector property for scheduling pods to nodes
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/#create-a-pod-that-gets-scheduled-to-your-chosen-node
+  nodeSelector: {}
+    # disktype: ssd
+## Configure POD Topology Spread Constraints to spread pods across cluster
+## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
+## Preferred Topology Spread Constraints rule to evenly distribute Marklogic pods across worker nodes and zones
   topologySpreadConstraints:
     - maxSkew: 1
       topologyKey: kubernetes.io/hostname
       whenUnsatisfiable: DoNotSchedule
       labelSelector:
         matchLabels:
-          app.kubernetes.io/name: marklogic
+          app.kubernetes.io/name: marklogiccluster
     - maxSkew: 1
       topologyKey: topology.kubernetes.io/zone
       whenUnsatisfiable: ScheduleAnyway
       labelSelector:
         matchLabels:
-          app.kubernetes.io/name: marklogic
-  resources:
-    requests:
-      memory: "4Gi"
-      cpu: "1"
-      # When using huge pages requests should equal limits
-      # refer to https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/ for more information on huge pages
-      # hugepages-2Mi: 100Mi
-    limits:
-      memory: "4Gi"
-      cpu: "1"
-      # hugepages-2Mi: 100Mi
-  livenessProbe:
-    enabled: true
-    initialDelaySeconds: 31
-    periodSeconds: 11
-    timeoutSeconds: 6
-    successThreshold: 1
-    failureThreshold: 4
-  readinessProbe:
-    enabled: true
-    initialDelaySeconds: 29
-    periodSeconds: 9
-    timeoutSeconds: 4
-    successThreshold: 1
-    failureThreshold: 2
+          app.kubernetes.io/name: marklogiccluster
+## Configure priority class for pods 
+## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
+  priorityClassName:  ""
+## Supply license information for MarkLogic server
+  license:
+    key: ""
+    licensee: ""
+## Optionally install converters package on MarkLogic
+  enableConverters: false
+## Configure TLS for App Servers
+## If certSecretNames is not provided, self-signed temporary certificate will be generated.
+  tls:
+    enableOnDefaultAppServers: false
+    certSecretNames: []
+    caSecretName: ""  
+## Configure options for log collection
+## Log collection will collect all logs for each file type enabled, parse them, 
+## And export them to a logging backend specified in the outputs section below
+  # logCollection:
+  #   enabled: true
+  #   image: fluent/fluent-bit:3.1.1
+  #   files:
+  #     errorLogs: true
+  #     accessLogs: true
+  #     requestLogs: true
+  #     crashLogs: true
+  #     auditLogs: true
+  #   outputs: |-
+  #       [OUTPUT]
+  #         name loki
+  #         match *
+  #         host loki.loki.svc.cluster.local
+  #         port 3100
+  #         labels job=fluent-bit
+  #         http_user admin
+  #         http_passwd admin
+  # additionalVolumes:
+  # - name: "logsdir"
+  #   emptyDir: {}
+  ## specify additional list of volumeMounts
+  # additionalVolumeMounts: 
+  # - name: "logsdir"
+  #   mountPath: "/var/opt/MarkLogic/Logs"
+  # additionalVolumeClaimTemplates: []
+  markLogicGroups:
+  - name: dnode
+    replicas: 3
+    groupConfig:
+      name: dnode
+      enableXdqpSsl: true
+    isBootstrap: true
+    image: "progressofficial/marklogic-db:11.3.0-ubi-rootless"
+    imagePullPolicy: IfNotPresent
+    imagePullSecrets: 
+      - name: regcred # secret name to pull the image from private repository
+    persistence:
+      enabled: true
+      size: 100Gi
+      storageClassName: "gp3"
+      accessModes: 
+        - ReadWriteOnce
+      annotations: {}
+    service:
+      type: ClusterIP
+      additionalPorts: 
+      - name: app1
+        port: 8010
+        targetPort: 8010
+        protocol: TCP
+      - name: app2
+        port: 8011
+        targetPort: 8011
+        protocol: TCP
+      annotations: {}
+    resources:
+      requests:
+        memory: "64Gi"
+        cpu: "8"
+        hugespages2Mi: "24Gi"
+      limits:
+        memory: "64Gi"
+        cpu: "8"
+        hugespages2Mi: "24Gi"
+    ## Configure Affinity property for scheduling pods to nodes
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+    affinity: {}
+    ## Configure POD Topology Spread Constraints to spread pods across cluster
+    ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/
+    ## Preferred Topology Spread Constraints rule to evenly distribute Marklogic pods across worker nodes and zones
+    topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: kubernetes.io/hostname
+        whenUnsatisfiable: DoNotSchedule
+        labelSelector:
+          matchLabels: {}
+      - maxSkew: 1
+        topologyKey: topology.kubernetes.io/zone
+        whenUnsatisfiable: ScheduleAnyway
+        labelSelector:
+          matchLabels: {}
+    ## Configure NodeSelector property for scheduling pods to nodes
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/#create-a-pod-that-gets-scheduled-to-your-chosen-node
+    nodeSelector: {}
+        # disktype: ssd
+    ## Configure priority class for pods 
+    ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
+    priorityClassName:  ""
+    hugePages: 
+      enabled: true
+      mountPath: /dev/hugepages
+    ## Configure options for log collection
+    ## Log collection will collect all logs for each file type enabled, parse them, 
+    ## And export them to a logging backend specified in the outputs section below
+      # logCollection:
+      #   enabled: true
+      #   image: fluent/fluent-bit:3.1.1
+      #   files:
+      #     errorLogs: true
+      #     accessLogs: true
+      #     requestLogs: true
+      #     crashLogs: true
+      #     auditLogs: true
+      #   outputs: |-
+      #       [OUTPUT]
+      #         name loki
+      #         match *
+      #         host loki.loki.svc.cluster.local
+      #         port 3100
+      #         labels job=fluent-bit
+      #         http_user admin
+      #         http_passwd admin
+    ## Configuration for the HAProxy on the group level.
+    ## haproxy.enabled to false to make the group exclude from the backend of haproxy
+    haproxy:
+      enabled: false
+  - name: enode
+    replicas: 3
+    groupConfig:
+      name: enode
+      enableXdqpSsl: true
+    isBootstrap: false
+    resources:
+      requests:
+        memory: "8Gi"
+        cpu: "8"
+        hugespages2Mi: "24Gi"
+      limits:
+        memory: "8Gi"
+        cpu: "8"
+        hugespages2Mi: "24Gi"
+    hugePages: 
+      enabled: true
+      mountPath: /dev/hugepages
+    service: 
+      type: ClusterIP
+      additionalPorts: 
+      - name: app1
+        port: 8012
+        targetPort: 8012
+        protocol: TCP
+      annotations: {}

config/samples/kustomization.yaml

@@ -1,5 +1,6 @@
 ## Append samples of your project ##
 resources:
-- marklogiccluster.yaml
-- marklogicgroup.yaml
+- quick-start.yaml
+- minimal-production.yaml
+- complete.yaml
 #+kubebuilder:scaffold:manifestskustomizesamples