Default Pod Settings
This page describes how to configure the default settings for pods spawned by the operator.
Settings can be scoped using the following keys in the kannika Helm chart under operator.config:
pod: applies to all pods spawned by the operator.backup.pod: applies to Backup Pods only.restore.pod: applies to Restore Pods only.schemaRegistryBackup.pod: applies to SchemaRegistryBackup Pods only.schemaRegistryRestore.pod: applies to SchemaRegistryRestore Pods only.
To specify settings for individual pods, check the Backup Pod, Restore Pod and SchemaRegistryBackup Pod pages.
Synopsis
Section titled “Synopsis”operator: config: pod: # all pods labels: {} annotations: {} serviceAccountName: "" imagePullSecrets: [] resources: requests: memory: "64Mi" cpu: "100m" limits: memory: "1Gi" cpu: "1000m" securityContext: {} tolerations: [] affinity: {} nodeSelector: {} container: securityContext: {} livenessProbe: {} readinessProbe: {} startupProbe: {} backup: pod: {} # backup pods only restore: pod: {} # restore pods only schemaRegistryBackup: pod: {} # schema registry backup pods only schemaRegistryRestore: pod: {} # schema registry restore pods onlyDefault Resource Requirements
Section titled “Default Resource Requirements”operator: config: pod: # all pods resources: requests: memory: "64Mi" cpu: "100m" limits: memory: "1Gi" cpu: "1000m" backup: pod: # backup pods only resources: {} restore: pod: # restore pods only resources: {} schemaRegistryBackup: pod: # schema registry backup pods only resources: {} schemaRegistryRestore: pod: # schema registry restore pods only resources: {}Default Labels and Annotations
Section titled “Default Labels and Annotations”operator: config: pod: # all pods labels: my-label: "value" annotations: my-annotation: "value" backup: pod: # backup pods only labels: {} annotations: {} restore: pod: # restore pods only labels: {} annotations: {} schemaRegistryBackup: pod: # schema registry backup pods only labels: {} annotations: {} schemaRegistryRestore: pod: # schema registry restore pods only labels: {} annotations: {}Default Service Account Name
Section titled “Default Service Account Name”operator: config: pod: # all pods serviceAccountName: "global-service-account" backup: pod: # backup pods only serviceAccountName: "backup-service-account" restore: pod: # restore pods only serviceAccountName: "restore-service-account" schemaRegistryBackup: pod: # schema registry backup pods only serviceAccountName: "schema-registry-backup-service-account" schemaRegistryRestore: pod: # schema registry restore pods only serviceAccountName: "schema-registry-restore-service-account"Default Image Pull Secrets
Section titled “Default Image Pull Secrets”Normally, image pull secrets are defined using the root imagePullSecrets or global.imagePullSecrets field in the Helm charts,
as documented in the Private image registry support section.
However, if you wish to set different image pull secrets for pods spawned by the operator:
operator: config: pod: # all pods imagePullSecrets: - name: my-secret backup: pod: # backup pods only imagePullSecrets: [] restore: pod: # restore pods only imagePullSecrets: [] schemaRegistryBackup: pod: # schema registry backup pods only imagePullSecrets: [] schemaRegistryRestore: pod: # schema registry restore pods only imagePullSecrets: []Default Pod Security Context
Section titled “Default Pod Security Context”To set the default security context for pods spawned by the operator:
operator: config: pod: # all pods securityContext: runAsUser: 1000 backup: pod: # backup pods only securityContext: {} restore: pod: # restore pods only securityContext: {} schemaRegistryBackup: pod: # schema registry backup pods only securityContext: {} schemaRegistryRestore: pod: # schema registry restore pods only securityContext: {}Container Security Context
Section titled “Container Security Context”operator: config: pod: # all pods container: securityContext: runAsUser: 1000 backup: pod: # backup pods only container: securityContext: {} restore: pod: # restore pods only container: securityContext: {} schemaRegistryBackup: pod: # schema registry backup pods only container: securityContext: {} schemaRegistryRestore: pod: # schema registry restore pods only container: securityContext: {}Default Tolerations
Section titled “Default Tolerations”To set the default tolerations for pods spawned by the operator:
operator: config: pod: # all pods tolerations: - key: "key" operator: "Equal" value: "value" effect: "NoSchedule" backup: pod: # backup pods only tolerations: [] restore: pod: # restore pods only tolerations: [] schemaRegistryBackup: pod: # schema registry backup pods only tolerations: [] schemaRegistryRestore: pod: # schema registry restore pods only tolerations: []Default Affinity
Section titled “Default Affinity”To set the default affinity for pods spawned by the operator:
operator: config: pod: # all pods affinity:21 collapsed lines
nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: topology.kubernetes.io/zone operator: In values: - antarctica-east1 - antarctica-west1 backup: pod: # backup pods only affinity: {} restore: pod: # restore pods only affinity: {} schemaRegistryBackup: pod: # schema registry backup pods only affinity: {} schemaRegistryRestore: pod: # schema registry restore pods only affinity: {}Default Node Selector
Section titled “Default Node Selector”To set the default node selector for pods spawned by the operator:
operator: config: pod: # all pods nodeSelector: location: the-moon backup: pod: # backup pods only nodeSelector: {} restore: pod: # restore pods only nodeSelector: {} schemaRegistryBackup: pod: # schema registry backup pods only nodeSelector: {} schemaRegistryRestore: pod: # schema registry restore pods only nodeSelector: {}Default Pod Labels
Section titled “Default Pod Labels”It is possible to add default labels to the metadata of pods spawned by the operator. Type-specific labels take precedence over global defaults when the same key is set at multiple levels.
operator: config: pod: labels: team: platform backup: pod: labels: team: backup-team # overrides global for Backup pods restore: pod: labels: team: restore-team schemaRegistryBackup: pod: labels: {} schemaRegistryRestore: pod: labels: {}Default Pod Annotations
Section titled “Default Pod Annotations”It is possible to add default annotations to the metadata of pods spawned by the operator. Type-specific annotations take precedence over global defaults when the same key is set at multiple levels.
operator: config: pod: annotations: prometheus.io/scrape: "true" backup: pod: annotations: prometheus.io/scrape: "true" restore: pod: annotations: prometheus.io/scrape: "true" schemaRegistryBackup: pod: annotations: {} schemaRegistryRestore: pod: annotations: {}Probes
Section titled “Probes”It is possible to override the default
probes
for backup and restore containers.
By default,
only readiness and liveness probes are configured for the backup and restore containers,
which checks the /metrics path on port 9000 (the metrics port).
operator: config: backup: pod: container: livenessProbe: initialDelaySeconds: 1 periodSeconds: 60 timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 httpGet: path: /metrics port: 9000 # readinessProbe: ... # startupProbe: ...
restore: pod: container: livenessProbe: initialDelaySeconds: 1 periodSeconds: 60 timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 httpGet: path: /metrics port: 9000 # readinessProbe: ... # startupProbe: ...