# yaml-language-server: $schema=app-instance-schema.json apiVersion: kubecfg.dev/v1alpha1 kind: AppInstance metadata: name: influxdb namespace: influxdb spec: # One or more secrets that are used to pull the images from an authenticated registry. # This will either be the secret provided to you, if using our registry, or a secret for your own registry # if self-hosting the images. imagePullSecrets: - name: package: # The version of the clustered package that will be used. # This determines the version of all of the individual components. # When a new version of the product is released, this version should be updated and any # new config options should be updated below. image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20231115-746129 apiVersion: influxdata.com/v1alpha1 spec: # Provides a way to pass down hosting environment specific configuration, such as an role ARN when using EKS IRSA. # hostingEnvironment: # aws: # eksRoleArn: 'arn:aws:iam::111111111111:role/your-influxdb-clustered-role' # # A blank openshift object should be used to specify that changes should be made which cater to OpenShift. # openshift: {} # # gke: # Authenticate to Google Cloud services via workload identity, this # annotates the 'iox' ServiceAccount with the role name you specify. # NOTE: This requires a blank `objectStore.google` block in your # configuration to ensure that InfluxDB knows which Google auth mode to run. # workloadIdentity: # # Google Service Account name to use for the workload identity. # accountName: # # Your Google Cloud Platform project ID. # projectId: catalog: # A postgresql style DSN that points at a postgresql compatible database. # eg: postgres://[user[:password]@][netloc][:port][/dbname][?param1=value1&...] dsn: valueFrom: secretKeyRef: name: key: # images: # # This can be used to override a specific image name with its FQIN # # (Fully Qualified Image Name) for testing. eg. # overrides: # - name: influxdb2-artifacts/iox/iox # newFQIN: mycompany/test-iox-build:aninformativetag # # # Set this variable to the prefix of your internal registry. This will be prefixed to all expected images. # # eg. us-docker.pkg.dev/iox:latest => registry.mycompany.io/us-docker.pkg.dev/iox:latest # registryOverride: objectStore: # Bucket that the parquet files will be stored in bucket: # Uncomment one of the following (s3, azure) # to enable the configuration of your object store s3: # URL for S3 Compatible object store endpoint: # Set to true to allow communication over HTTP (instead of HTTPS) allowHttp: "false" # S3 Access Key # This can also be provided as a valueFrom: secretKeyRef: accessKey: value: # S3 Secret Key # This can also be provided as a valueFrom: secretKeyRef: secretKey: value: # This value is required for AWS S3, it may or may not be required for other providers. region: # azure: # Azure Blob Storage Access Key # This can also be provided as a valueFrom: secretKeyRef: # accessKey: # value: # Azure Blob Storage Account # This can also be provided as a valueFrom: secretKeyRef: # account: # value: # google: # Authenticate to Google Cloud services using a Service Account credentials file. # You must create a Kubernetes Secret containing the appropriate value and provide # its name here. # serviceAccountSecret: # # Kubernetes Secret name containing the credentials for a # Google IAM Service Account. # name: # # The key within the Secret containing the credentials, this # will be mounted onto the relevant pods. # key: # Ingester pods have a volume attached. ingesterStorage: # (Optional) Set the storage class. This will differ based on the K8s environment and desired storage characteristics. # If not set, the default storage class will be used. # storageClassName: # Set the storage size (minimum 2Gi recommended) storage: # Monitoring pods have a volume attached. monitoringStorage: # (Optional) Set the storage class. This will differ based on the K8s environment and desired storage characteristics. # If not set, the default storage class will be used. # storageClassName: # Set the storage size (minimum 1Gi recommended) storage: # Uncomment the follow block if using our provided Ingress. # # We currently only support the ingress NGINX ingress controller: https://github.com/kubernetes/ingress-nginx # # ingress: # hosts: # # This is the host on which you will access Influxdb 3.0, for both reads and writes # - # # A TLS cert is required to exist in the same namespace as the ingress. # tlsSecretName: # http: # # Usually you have only one ingress controller installed in a given cluster. # # In case you have more than one, you have to specify the "class name" of the ingress controller you want to use # className: nginx # grpc: # # Usually you have only one ingress controller installed in a given cluster. # # In case you have more than one, you have to specify the "class name" of the ingress controller you want to use # className: nginx # # Enables specifying which 'type' of Ingress to use, alongside whether to place additional annotations # onto those objects, this is useful for third party software in your environment, such as cert-manager. # template: # apiVersion: 'route.openshift.io/v1' # kind: 'Route' # metadata: # annotations: # 'example-annotation': 'annotation-value' # Enables specifying customizations for the various components in InfluxDB 3.0. # currently supported values are the `nodeSelector` configuration for specifying which node Pod(s) should run on. # components: # router: # template: # nodeSelector: # disktype: ssd # Uncomment the following block to tune the various pods for their cpu/memory/replicas based on workload needs. # Only uncomment the specific resources you want to change, anything uncommented will use the package default. # (You can read more about k8s resources and limits in https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits) # # resources: # # The ingester handles data being written # ingester: # requests: # cpu: # memory: # replicas: # The default for ingesters is 3 to increase availability # # # optionally you can specify the resource limits which improves isolation. # # (see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits) # # limits: # # cpu: # # memory: # # The compactor reorganizes old data to improve query and storage efficiency. # compactor: # requests: # cpu: # memory: # replicas: # the default is 1 # # The querier handles querying data. # querier: # requests: # cpu: # memory: # replicas: # the default is 1 # # The router performs some api routing. # router: # requests: # cpu: # memory: # replicas: # the default is 1 admin: # The list of users to grant access to Clustered via influxctl users: # First name of user - firstName: # Last name of user lastName: # Email of user email: # The ID that the configured Identity Provider uses for the user in oauth flows id: # The dsn for the postgres compatible database (note this is the same as defined above) dsn: valueFrom: secretKeyRef: name: key: # The identity provider to be used e.g. "keycloak", "auth0", "azure", etc # Note for Azure Active Directory it must be exactly "azure" identityProvider: # The JWKS endpoint provided by the Identity Provider jwksEndpoint: # # This (optional) section controls how InfluxDB issues outbound requests to other services # egress: # # If you're using a custom CA you will need to specify the full custom CA bundle here. # # # # NOTE: the custom CA is currently only honoured for outbound requests used to obtain # # the JWT public keys from your identiy provider (see `jwksEndpoint`). # customCertificates: # valueFrom: # configMapKeyRef: # key: ca.pem # name: custom-ca # We also include the ability to enable some features that are not yet ready for general availability # or for which we don't yet have a proper place to turn on an optional feature in the configuration file. # To turn on these you should include the name of the feature flag in the `featureFlag` array. # # featureFlags: # # Uncomment to install a Grafana deployment with some recommended dashboards. # # Depends on one of the prometheus features being deployed. # # - grafana # # The following 2 flags should be uncommented for k8s API 1.21 support. # # Note that this is an experimental configuration. # # - noMinReadySeconds # # - noGrpcProbes