diff --git a/modules/reference/pages/k-console-helm-spec.adoc b/modules/reference/pages/k-console-helm-spec.adoc index 9f5a1c64b0..9b57787609 100644 --- a/modules/reference/pages/k-console-helm-spec.adoc +++ b/modules/reference/pages/k-console-helm-spec.adoc @@ -2,12 +2,12 @@ :description: Find the default values and descriptions of settings in the Redpanda Console Helm chart. -image:https://img.shields.io/badge/Version-3.1.0-informational?style=flat-square[Version: -3.1.0] +image:https://img.shields.io/badge/Version-3.3.0-informational?style=flat-square[Version: +3.3.0] image:https://img.shields.io/badge/Type-application-informational?style=flat-square[Type: application] -image:https://img.shields.io/badge/AppVersion-v3.1.0-informational?style=flat-square[AppVersion: -v3.1.0] +image:https://img.shields.io/badge/AppVersion-v3.3.2-informational?style=flat-square[AppVersion: +v3.3.2] This page describes the official Redpanda Console Helm Chart. In particular, this page describes the contents of the chart’s @@ -53,7 +53,7 @@ Annotations to add to the deployment. === link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=automountServiceAccountToken++[automountServiceAccountToken] -Automount API credentials for the Service Account into the pod. Redpanda Console +Automount API credentials for the Service Account into the pod. Console does not communicate with Kubernetes API. *Default:* `false` @@ -83,7 +83,7 @@ does not communicate with Kubernetes API. Settings for the `Config.yaml` (required). For a reference of configuration settings, see the https://docs.redpanda.com/docs/reference/console/config/[Redpanda -Redpanda Consoleonsole documentation]. +Console documentation]. *Default:* `{}` @@ -95,6 +95,13 @@ Redpanda Consoleonsole documentation]. *Default:* `true` +=== link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraContainerPorts++[extraContainerPorts] + +Add additional container ports to the console container. Useful when +using multi-listener configuration. + +*Default:* `[]` + === link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraContainers++[extraContainers] Add additional containers, such as for oauth2-proxy. @@ -344,7 +351,7 @@ Annotations to add to the service account. === link:++https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.automountServiceAccountToken++[serviceAccount.automountServiceAccountToken] Specifies whether a service account should automount API-Credentials. -Redpanda Console does not communicate with Kubernetes API. The ServiceAccount +Console does not communicate with Kubernetes API. The ServiceAccount could be used for workload identity. *Default:* `false` diff --git a/modules/reference/pages/k-crd.adoc b/modules/reference/pages/k-crd.adoc index ca0197100b..542d49b0d3 100644 --- a/modules/reference/pages/k-crd.adoc +++ b/modules/reference/pages/k-crd.adoc @@ -4,6 +4,8 @@ :description: Custom resource definitions for Redpanda resources. Use the Redpanda resources to create and manage Redpanda clusters, users and topics with the Redpanda Operator. :page-aliases: reference:k-topic-crd.adoc + + .Resource Types - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-console[$$Console$$] - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-redpanda[$$Redpanda$$] @@ -19,6 +21,8 @@ Filter an ACL based on its access type, operation, principal, and host. + + .Appears in: - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclfilter[$$ACLFilter$$] @@ -35,11 +39,15 @@ all principals with the specified `operation` and `permissionType` + |=== + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-acloperation"] == ACLOperation (string) ACLOperation specifies the type of operation for an ACL. + + .Appears in: - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclaccessfilter[$$ACLAccessFilter$$] - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclrule[$$ACLRule$$] @@ -49,6 +57,10 @@ ACLOperation specifies the type of operation for an ACL. [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclresourcefilter"] == ACLResourceFilter + + + + .Appears in: - xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-aclfilter[$$ACLFilter$$] @@ -203,9 +215,11 @@ AdminSASL configures credentials to connect to Redpanda cluster that has authent |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + | *`mechanism`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + -| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies token for token-based authentication (only used if no username/password are provided). + +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies the password. + +| *`authToken`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies token for token-based authentication (only used if no username/password are provided). + +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + +| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `authToken` instead + |=== @@ -504,9 +518,19 @@ CommonTLS specifies TLS configuration settings for Redpanda clusters that have a [cols="25a,75a", options="header"] |=== | Field | Description -| *`caCertSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | CaCert is the reference for certificate authority used to establish TLS connection to Redpanda + -| *`certSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Cert is the reference for client public certificate to establish mTLS connection to Redpanda + -| *`keySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Key is the reference for client private certificate to establish mTLS connection to Redpanda + +| *`enabled`* __boolean__ | Enabled tells any connections derived from this configuration to leverage TLS even if no + +certificate configuration is specified. It *only* is relevant if no other field is specified + +in the TLS configuration block, as, for backwards compatibility reasons, any CA/Cert/Key-specification + +results in attempting to create a connection using TLS - specifying "false" in such a case does + +*not* disable TLS from being used. Leveraging this option is to support the use-case where a + +connection is served by publically issued TLS certificates that don't require any additional certificate + +specification. + +| *`caCert`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | CaCert is the reference for certificate authority used to establish TLS connection to Redpanda + +| *`cert`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Cert is the reference for client public certificate to establish mTLS connection to Redpanda + +| *`key`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Key is the reference for client private certificate to establish mTLS connection to Redpanda + +| *`caCertSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: replaced by "caCert". + +| *`certSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: replaced by "cert". + +| *`keySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: replaced by "key". + | *`insecureSkipTlsVerify`* __boolean__ | InsecureSkipTLSVerify can skip verifying Redpanda self-signed certificate when establish TLS connection to Redpanda + |=== @@ -692,7 +716,7 @@ never used. Prefer Create. + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-console"] == Console -Redpanda defines the CRD for Redpanda clusters. +Console defines the CRD for Redpanda Console instances. @@ -779,17 +803,18 @@ ConsoleCreateObj represents configuration options for creating Kubernetes object | *`secretMounts`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretmount[$$SecretMount$$] array__ | | *`secret`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretconfig[$$SecretConfig$$]__ | | *`licenseSecretRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | -| *`livenessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | -| *`readinessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | -| *`deployment`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-deploymentconfig[$$DeploymentConfig$$]__ | -| *`strategy`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deploymentstrategy-v1-apps[$$DeploymentStrategy$$]__ | -| *`cluster`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$]__ | -| *`warnings`* __string array__ | Human-readable warnings generated by the automatic migration of a Redpanda Console v2 configuration to v3. + - + -If warnings are present, they describe which fields from the original v2 configuration could not be automatically migrated and require manual intervention. These warnings help identify configuration elements that need your attention during the upgrade process. + - + -This is a read-only field. Setting this field has no effect. + -For information about migrating from Console v2 to v3, see xref:migrate:console-v3.adoc[]. + +| *`livenessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | LivenessProbe describes a health check to be performed against a container to determine whether it is + +alive. + +| *`readinessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | ReadinessProbe describes a health check to be performed against a container to determine whether it is + +ready to receive traffic. + +| *`deployment`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-deploymentconfig[$$DeploymentConfig$$]__ | +| *`strategy`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deploymentstrategy-v1-apps[$$DeploymentStrategy$$]__ | +| *`warnings`* __string array__ | Warnings is a slice of human readable warnings generated by the automatic + +migration of a Console V2 config to a Console V3 config. If warnings are + +present, they will describe which fields from the original config have + +been dropped and why. + +Setting this field has no effect. + +| *`cluster`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-clustersource[$$ClusterSource$$]__ | |=== @@ -863,10 +888,17 @@ constraints without accidentally polluting the defaults of the chart. | *`secretMounts`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretmount[$$SecretMount$$] array__ | | *`secret`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretconfig[$$SecretConfig$$]__ | | *`licenseSecretRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | -| *`livenessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | -| *`readinessProbe`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core[$$Probe$$]__ | +| *`livenessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | LivenessProbe describes a health check to be performed against a container to determine whether it is + +alive. + +| *`readinessProbe`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration[$$ProbeApplyConfiguration$$]__ | ReadinessProbe describes a health check to be performed against a container to determine whether it is + +ready to receive traffic. + | *`deployment`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-deploymentconfig[$$DeploymentConfig$$]__ | | *`strategy`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deploymentstrategy-v1-apps[$$DeploymentStrategy$$]__ | +| *`warnings`* __string array__ | Warnings is a slice of human readable warnings generated by the automatic + +migration of a Console V2 config to a Console V3 config. If warnings are + +present, they will describe which fields from the original config have + +been dropped and why. + +Setting this field has no effect. + |=== @@ -1054,6 +1086,23 @@ on internal listeners. + |=== +[id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalsecretkeyselector"] +== ExternalSecretKeySelector + +ExternalSecretKeySelector selects a key of an external Secret. + + + +.Appears in: +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`name`* __string__ | +|=== + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalservice"] == ExternalService @@ -1339,11 +1388,12 @@ KafkaSASL configures credentials to connect to Redpanda cluster that has authent |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies the password. + | *`mechanism`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + | *`oauth`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$]__ | | *`gssapi`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$]__ | | *`awsMskIam`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + |=== @@ -1362,9 +1412,11 @@ see: https://docs.aws.amazon.com/msk/latest/developerguide/iam-access-control.ht |=== | Field | Description | *`accessKey`* __string__ | -| *`secretKeySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | -| *`sessionTokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | SessionToken, if non-empty, is a session / security token to use for authentication. + +| *`secretKey`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | +| *`secretKeySecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `secretKey` instead + +| *`sessionToken`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | SessionToken, if non-empty, is a session / security token to use for authentication. + See: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html + +| *`sessionTokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `sessionToken` instead + | *`userAgent`* __string__ | UserAgent is the user agent to for the client to use when connecting + to Kafka, overriding the default "franz-go//". + @@ -1393,7 +1445,8 @@ KafkaSASLGSSAPI represents the Kafka Kerberos config. | *`kerberosConfigPath`* __string__ | | *`serviceName`* __string__ | | *`username`* __string__ | -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + | *`realm`* __string__ | | *`enableFast`* __boolean__ | EnableFAST enables FAST, which is a pre-authentication framework for Kerberos. + It includes a mechanism for tunneling pre-authentication exchanges using armored KDC messages. + @@ -1414,7 +1467,8 @@ KafkaSASLOAuthBearer is the config struct for the SASL OAuthBearer mechanism [cols="25a,75a", options="header"] |=== | Field | Description -| *`tokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | +| *`tokenSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `token` instead + |=== @@ -1900,6 +1954,20 @@ into this Job's PodTemplate. + |=== +[id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-probeapplyconfiguration"] +== ProbeApplyConfiguration + +ProbeApplyConfiguration is a wrapper type that allows including a partial +[corev1.Probe] in a CRD. + + + +.Appears in: +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolespec[$$ConsoleSpec$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-consolevalues[$$ConsoleValues$$] + + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-rbac"] == RBAC @@ -2527,6 +2595,8 @@ RoleStatus defines the observed state of a Redpanda role to be cleaned up. + | *`managedRole`* __boolean__ | ManagedRole returns whether the role has been created in Redpanda and needs + to be cleaned up. + +| *`managedPrincipals`* __boolean__ | ManagedPrincipals returns whether the role has managed principals (membership) + +that are being reconciled by the operator. + |=== @@ -2663,9 +2733,11 @@ SchemaRegistrySASL configures credentials to connect to Redpanda cluster that ha |=== | Field | Description | *`username`* __string__ | Specifies the username. + -| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Specifies the password. + +| *`password`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | Specifies the password. + +| *`authToken`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource[$$ValueSource$$]__ | | *`mechanism`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-saslmechanism[$$SASLMechanism$$]__ | Specifies the SASL/SCRAM authentication mechanism. + -| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | +| *`passwordSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `password` instead + +| *`token`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref[$$SecretKeyRef$$]__ | Deprecated: use `authToken` instead + |=== @@ -2791,7 +2863,7 @@ SchemaType specifies the type of the given schema. [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-secretkeyref"] == SecretKeyRef -SecretKeyRef contains enough information to inspect or modify the referred Secret data +Deprecated: SecretKeyRef contains enough information to inspect or modify the referred Secret data See https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. @@ -3297,6 +3369,8 @@ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api- |=== + + [id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-topicspec"] == TopicSpec @@ -3614,3 +3688,33 @@ UsersItems configures a list of superusers in the Helm values. |=== +[id="{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-valuesource"] +== ValueSource + +ValueSource represents where a value can be pulled from + + + +.Appears in: +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-adminsasl[$$AdminSASL$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-commontls[$$CommonTLS$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasl[$$KafkaSASL$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslawsmskiam[$$KafkaSASLAWSMskIam$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasaslgssapi[$$KafkaSASLGSSAPI$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-kafkasasloauthbearer[$$KafkaSASLOAuthBearer$$] +- xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-schemaregistrysasl[$$SchemaRegistrySASL$$] + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`inline`* __string__ | Inline is the raw value specified inline. + +| *`configMapKeyRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#configmapkeyselector-v1-core[$$ConfigMapKeySelector$$]__ | If the value is supplied by a kubernetes object reference, coordinates are embedded here. + +For target values, the string value fetched from the source will be treated as + +a raw string. + +| *`secretKeyRef`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#secretkeyselector-v1-core[$$SecretKeySelector$$]__ | Should the value be contained in a k8s secret rather than configmap, we can refer + +to it here. + +| *`externalSecretRef`* __xref:{anchor_prefix}-github-com-redpanda-data-redpanda-operator-operator-api-redpanda-v1alpha2-externalsecretkeyselector[$$ExternalSecretKeySelector$$]__ | If the value is supplied by an external source, coordinates are embedded here. + +Note: we interpret all fetched external secrets as raw string values + +|=== + + diff --git a/modules/reference/pages/k-operator-helm-spec.adoc b/modules/reference/pages/k-operator-helm-spec.adoc index ec1d071025..4c81de27fc 100644 --- a/modules/reference/pages/k-operator-helm-spec.adoc +++ b/modules/reference/pages/k-operator-helm-spec.adoc @@ -2,12 +2,12 @@ :description: Find the default values and descriptions of settings in the Redpanda Operator Helm chart. -image:https://img.shields.io/badge/Version-v25.1.1--beta3-informational?style=flat-square[Version: -v25.1.1-beta3] +image:https://img.shields.io/badge/Version-25.2.1-informational?style=flat-square[Version: +25.2.1] image:https://img.shields.io/badge/Type-application-informational?style=flat-square[Type: application] -image:https://img.shields.io/badge/AppVersion-v25.1.1--beta3-informational?style=flat-square[AppVersion: -v25.1.1-beta3] +image:https://img.shields.io/badge/AppVersion-v25.2.1-informational?style=flat-square[AppVersion: +v25.2.1] This page describes the official Redpanda Operator Helm Chart. In particular, this page describes the contents of the chart’s @@ -156,6 +156,29 @@ Sets the port for the webhook server to listen on. *Default:* `9443` +=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=crds++[crds] + +Flags to control CRD installation. + +*Default:* + +.... +{"enabled":false,"experimental":false} +.... + +=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=crds.enabled++[crds.enabled] + +Specifies whether to install stable CRDs. + +*Default:* `false` + +=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=crds.experimental++[crds.experimental] + +Specifies whether to install experimental CRDs. If this is true both +experimental and stable CRDs will be installed. + +*Default:* `false` + === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=fullnameOverride++[fullnameOverride] Overrides the `redpanda-operator.fullname` template. @@ -272,7 +295,7 @@ Operator. *Default:* .... -{"create":true,"createAdditionalControllerCRs":true,"createRPKBundleCRs":true} +{"create":true,"createAdditionalControllerCRs":true} .... === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=rbac.create++[rbac.create] @@ -289,13 +312,6 @@ operator from deploying certain configurations of redpanda. *Default:* `true` -=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=rbac.createRPKBundleCRs++[rbac.createRPKBundleCRs] - -Create ClusterRoles needed for the Redpanda Helm chart’s -`rbac.rpkDebugBundle' feature. - -*Default:* `true` - === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=replicaCount++[replicaCount] Sets the number of instances of the Redpanda Operator to deploy. Each @@ -314,16 +330,6 @@ remove the curly braces after `resources`. *Default:* `{}` -=== link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=scope++[scope] - -Sets the scope of the Redpanda Operator. Valid values are `Cluster` or -`Namespace`. The Cluster scope is deprecated because it deploys the -deprecated version of the Redpanda Operator. Use the default Namespace -scope. In the Namespace scope, the Redpanda Operator manages Redpanda -resources that are deployed in the same namespace as itself. - -*Default:* `"Namespace"` - === link:++https://artifacthub.io/packages/helm/redpanda-data/operator?modal=values&path=serviceAccount++[serviceAccount] Service account management. diff --git a/modules/reference/pages/k-redpanda-helm-spec.adoc b/modules/reference/pages/k-redpanda-helm-spec.adoc index 9d51082fcb..c41f9893c6 100644 --- a/modules/reference/pages/k-redpanda-helm-spec.adoc +++ b/modules/reference/pages/k-redpanda-helm-spec.adoc @@ -2,16 +2,16 @@ :description: Find the default values and descriptions of settings in the Redpanda Helm chart. -image:https://img.shields.io/badge/Version-25.1.1--beta3-informational?style=flat-square[Version: -25.1.1-beta3] +image:https://img.shields.io/badge/Version-25.2.1-informational?style=flat-square[Version: +25.2.1] image:https://img.shields.io/badge/Type-application-informational?style=flat-square[Type: application] -image:https://img.shields.io/badge/AppVersion-v25.1.2-informational?style=flat-square[AppVersion: -v25.1.2] +image:https://img.shields.io/badge/AppVersion-v25.2.11-informational?style=flat-square[AppVersion: +v25.2.11] This page describes the official Redpanda Helm Chart. In particular, this page describes the contents of the chart’s -https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/values.yaml[`values.yaml` +https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/chart/values.yaml[`values.yaml` file]. Each of the settings is listed and described on this page, along with any default values. @@ -37,7 +37,7 @@ Kubernetes: `>= 1.25.0-0` [cols=",,",options="header",] |=== |Repository |Name |Version -|file://../console |console |>=3.1.0-0 +|file://../../console/chart |console |>=3.3.0-0 |=== == Settings @@ -724,9 +724,7 @@ Annotations to add to the `rbac` resources. Controls whether or not Roles, ClusterRoles, and bindings thereof will be generated. Disabling this very likely result in a non-functional -deployment. If you use the Redpanda Operator, you must deploy it with -the `--set rbac.createRPKBundleCRs=true` flag to give it the required -ClusterRoles. +deployment. *Default:* `true` @@ -1047,6 +1045,10 @@ number of worker nodes in the cluster) === link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.createRBAC++[statefulset.sideCars.controllers.createRBAC] +DEPRECATED: Use `rbac.enabled` to control RBAC chart wide or control +RBAC by selectively enabling/disabling specific sidecar controllers. +Setting this field has no effect. + *Default:* `true` === link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.enabled++[statefulset.sideCars.controllers.enabled] @@ -1065,9 +1067,12 @@ number of worker nodes in the cluster) *Default:* `":9083"` -=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.run%5B0%5D++[statefulset.sideCars.controllers.run[0]] +=== link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.run++[statefulset.sideCars.controllers.run] + +DEPRECATED: Please use statefulset.sideCars.brokerDecommissioner and +statefulset.sideCars.pvcUnbinder Setting this field has no effect. -*Default:* `"all"` +*Default:* `["all"]` === link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.image.repository++[statefulset.sideCars.image.repository] @@ -1079,7 +1084,7 @@ number of worker nodes in the cluster) === link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.image.tag++[statefulset.sideCars.image.tag] -*Default:* `"v25.1.1-beta3"` +*Default:* `"v25.2.1"` === link:++https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.pvcUnbinder.enabled++[statefulset.sideCars.pvcUnbinder.enabled]