Skip to content

Assembly Resource

The AssemblyResource CRD is used to set namespace endpoints and defaults. These allow the operator to deploy Assembly CRs to that given namespace.

The Assembly CR allows for per deploy image and container configuration, but where those fields have not been set the AssemblyResource can be used to populate them.

Defining your own custom resource of kind: AssemblyResource

Top level of the CR details the apiVersion of the CR and the kind.

AssemblyResource name is set within metadata

apiVersion: insights.kx.com/v1alpha1
kind: AssemblyResource
metadata:
  name: insights

Validation on the CR fields is carried out on the apply of the CR.

kubectl apply -f insights_resource.yaml

On successfully applying your AssemblyResource, it can be seen by calling a get on the asr resource.

kubectl get assemblyresources
NAME       DESCRIPTION                      AGE
insights   Assembly Resource for insights   2d23h

Assembly Resources Configuration

Namespace configuration is set under the spec key of the AssemblyResource CR.

Some fields are required and will alert you if missing when applying your AssemblyResource.

Optional fields are defaulted by the AssemblyResource CRD, but may be overridden as part of your AssemblyResource.

apiVersion: insights.kx.com/v1alpha1
kind: AssemblyResource
metadata:
  name: assemblyresource-sample
spec:
description: "Assembly Resource for insights"

spec.description

The description key is an optional string field, allowing you to give a brief description of your AssemblyResource.

Key Type Required Description Default Validation
description string false Assembly Resource description Assembly Resource for insights Any string

spec.defaults

The defaults key is an object allowing default image and container configuration for each of the Assembly components.

Key Type Required Description
defaults object false Component default configuration

spec.defaults.certManager

The optional certManager key allows the namespace Issuer to be set for all Assembly that require a certificate to be generated by cert-manager

spec:
  defaults:
    certManager:
      issuer: kxi-certificate
Key Type Required Description
certManager object false Cert Manager Object
certManager.issuer string false Cert Manager Issuer

spec.defaults.license

The optional license key allows the namespace KX On Demand License to be set for all Assembly components that require a KX License.

spec:
  defaults:
    license:
      user: "User Name"
      email: "u.name@custom.com"
      secretName: "my-kx-secret"
      licType: "selfService"
      asFile: true
      kxAcct: "insights.kx-acc-svc:5000"
Key Type Required Description
license object false KX License details
license.user string false License owner name
license.email string false License owner e-mail address
license.secretName string false Name of pre-existing secret containing KX License
license.licType string false License Type - onDemand or selfService
license.asFile boolean false Mount License secret as a file
license.kxAcct string false KX Account aggregator service endpoint

spec.defaults.storageManager

The optional storageManager key allows the namespace default image and container configuration to be set on all Storage Manager components that may be deployed as part of an Assembly

spec:
  defaults:
    storageManager:
      affinity: soft
      sm: 
        image: registry.dl.kx.com/kxi-sm:0.9.15
        portName: "sm"
        port: 10001
        env:
        - name: CUSTOM_ENV_VAR
          value: "customValue"
      eoi:
      ...
Key Type Required Description
sm object false Storage Manager defaults object
sm.image string false Full image string
sm.portName string false Main container port name
sm.port integer false Main container port
sm.env array false List of Kubernetes Environment variables
eoi object false EOI container defaults object
eoi.image string false Full image string
eoi.portName string false EOI container port name
eoi.port integer false EOI container port
eoi.env array false List of Kubernetes Environment variables
eod object false EOD container defaults object
eod.image string false Full image string
eod.portName string false EOD container port name
eod.port integer false EOD container port
eod.env array false List of Kubernetes Environment variables
dbm object false DBM container defaults object
dbm.image string false Full image string
dbm.portName string false DBM container port name
dbm.port integer false DBM container port
dbm.env array false List of Kubernetes Environment variables
affinity string false Set hard, soft, hard-az or soft-az affinity on all instances
probes object false Configure the use of probes within the component. See probes for more details.

spec.defaults.seq

The optional seq key allows the namespace default image, container and sequencer archiver configuration to be set on all Sequencer components that may be deployed as part of an Assembly

spec:
  defaults:
    seq:
      rt:
        image: registry.dl.kx.com/kxi-rt-sequencer-raft:0.0.38
        env:
        - name: CUSTOM_ENV_VAR
          value: "customValue"
        affinity: hard
        containerPorts:
        - containerPort: 4000
          name: seq-tcp
          protocol: TCP
        - containerPort: 5000
          name: topic
          protocol: TCP
        ...
        externalServicePorts:
        - name: rt-ext
          port: 5000
          protocol: TCP
          targetPort: topic
        servicePorts:
        - name: pull
          port: 5001
          protocol: TCP
          targetPort: pull
        - name: push
          port: 5002
          protocol: TCP
          targetPort: push
        ...
      archiver:
        retentionDuration: 10080
        maxLogSize: "5g"
        maxDiskUsagePercent: 90
Key Type Required Description
rt object false RT defaults object
rt.image string false Full image string
rt.env array false List of Kubernetes Environment variables
rt.externalNodePort boolean true Use NodePort Type as default Service type for all externally facing Sequencers
rt.useInternalLBAnnotations boolean false When enabled will append Service annotations creating an Internal LoadBalancer for external RT
rt.affinity string false Set hard, soft, hard-az or soft-az affinity on all instances
rt.containerPorts list false List of Container port objects, define ports to be exposed by RT container
rt.servicePorts list false List of Service port objects, define ports to be exposed internally by RT Service resource
rt.externalServicePorts list false List of Service port objects, define ports to be exposed externally by RT Service resource
archiver object false Sequencer Archiver configuration
archiver.retentionDuration integer false Log retention in minutes
archiver.maxLogSize string false Maximum log size
archiver.maxDiskUsagePercent integer false Maximum Percentage of disk utilization

spec.defaults.dap

The optional dap key allows the namespace default image and container configuration to be set on all Data Access components that may be deployed as part of an Assembly

spec:
  defaults:
    dap:
      image: registry.dl.kx.com/kxi-da:0.9.25
      portName: "dap"
      port: 5080
      env:
      - name: CUSTOM_ENV_VAR
        value: "customValue"
      affinity: soft
Key Type Required Description
image string false Full image string
portName string false Main container port name
port integer false Main container port
env array false List of Kubernetes Environment variables
affinity string false Set hard, soft, hard-az or soft-az affinity on all instances

spec.defaults.dapSingle

The optional dapSingle key allows the namespace default image and container configuration to be set on all Data Access components configured as single: true that may be deployed as part of an Assembly

spec:
  defaults:
    dapSingle:
      image: registry.dl.kx.com/kxi-da-single:0.9.25
      port: 5080
      env:
      - name: CUSTOM_ENV_VAR
        value: "customValue"
      affinity: soft
Key Type Required Description
image string false Full image string
port integer false Main container port
env array false List of Kubernetes Environment variables
affinity string false Set hard, soft, hard-az or soft-az affinity on all instances

spec.defaults.imagePullSecrets

The optional list field imagePullSecrets allows secrets to be provided to all Assembly deployed within this namespace.

spec:
  defaults:
    imagePullSecrets:
      - name: image-secret-cred
Key Type Required Description
imagePullSecrets list false List of image pull secrets

spec.defaults.sidecar

The optional sidecar field allows for configuration of metrics, discovery and side car container configuration.

The configuration will then be used to default any Assembly deployed.

spec:
  defaults:
    sidecar:
      image: registry.dl.kx.com/kxi-sidecar:0.9.0
      resources:
        requests:
          cpu: 0.1
          memory: 128Mi
        limits:
          cpu: 0.1
          memory: 128Mi
      discovery:
        enabled: true
        registry: disco-discovery-proxy:8761
      metrics:
        enabled: true
        useAnnotations: false
        serviceMonitor:
          enabled: true
          prometheus: kx-prom
Key Type Required Description
image string false Full image string
discovery object false Discovery Configuration
discovery.enabled boolean false Enable Discovery on each of the Assembly components
discovery.registry string false Discovery Service URL
metrics object false Metrics Configuration
metrics.enabled boolean false Enable Metrics on each of the Assembly components
metrics.useAnnotations boolean false Where Metrics has been enabled, and ServiceMonitor disabled, annotations may be applied to the Pod to allow Metrics scraping
metrics.serviceMonitor object false Service Monitor object
metrics.serviceMonitor.enabled boolean false Enable the Service Monitor resource for the Assembly components
metrics.serviceMonitor.prometheus string false Existing prometheus release name
resources object false Parent object to define requests and limits See spec.defaults.sidecar.resources
spec.defaults.sidecar.resources

Where metrics or discovery have been enabled for an Assembly, a side car container is deployed within each of the component pods.

The resources field allows the container resources limits and requests to be set for the side car container.

Resource Limits

When a process in the container tries to consume more than the allowed amount of memory, the system kernel terminates the process that attempted the allocation, with an out of memory (OOM) error

Key Type Required Description
requests object false Requested resources for Pod container
requests.memory string false Requested container memory in bytes. You can express memory as a plain integer or as a fixed-point number. See here for more details
requests.cpu string false Requested container cpu in units of Kubernetes CPUs.
limits object false Enforce resource limits on a Pod's container
limits.memory string false Enforced maximum memory in bytes. You can express memory as a plain integer or as a fixed-point number. See here for more details
limits.cpu string false Enforced cpu usage limit in units of Kubernetes CPUs.

spec.defaults.sp

The optional sp field allows for configuration of SP pipelines. SP coordinator service, worker and controller images.

The configuration will then be used to default pipelines requested within a deployed Assembly.

spec:
  defaults:
    sp:
      workerImage: "registry.dl.kx.com/kxi-sp-worker:0.10.5"
      controllerImage: "registry.dl.kx.com/kxi-sp-controller:0.10.5"
      coordinator: kxi-sp.svc:5000
      env:
      - name: CUSTOM_ENV_VAR
        value: "customValue"
Key Type Required Description
workerImage string false Full image string for Pipeline Worker
controllerImage string false Full image string for Pipeline Controller
coordinator string false The SP Coordinator service
env array false List of Kubernetes Environment variables

spec.defaults.podSecurityContext

The optional key podSecurityContext allows pod security configuration to be defaulted for any Assembly deployed within the namespace.

spec:
  defaults:
    podSecurityContext:
      fsGroup: 65534
      runAsUser: 65534
Key Type Required Description
fsGroup integer false Any files within Assembly will be owned by this user ID
runAsUser integer false Any Containers in the Assembly, all processes run with this user ID

spec.defaults.mount

The mount key is an object allowing default configuration to be set for Assembly mount PVC.

spec:
  defaults:
    mount:
      storageClass: "rook-cephfs"
      accessModes:
      - "ReadWriteMany"
Key Type Required Description
storageClass string false Storage Class to default to on all Assembly mount resources
accessModes []string false Requested k8s access modes for PVC

spec.defaults.element

The element key is an object allowing default configuration for all attach volumes to an Assembly component.

spec:
  defaults:
    element:
      storageClass: "standard"
      accessModes:
      - "ReadWriteOnce"
Key Type Required Description
storageClass string false Storage Class to default to element attached volumes
accessModes []string false Requested k8s access modes for PVC

spec.keycloak

The keycloak key is an object allowing configuration of the Keycloak credentials and endpoint for requesting Access Tokens.

Key Type Required Description
keycloak object false Component default configuration
spec:
  keycloak:
    enabled: true
    baseURL: keycloak.svc
    realm: insights
    clientID: kxi-operator
    clientSecret: kxi-operator-client-secret
Key Type Required Description
enabled boolean false Enable Keycloak on namespace
baseURL string false Keycloak service endpoint
realm string false Keycloak realm
clientID string false Client ID to use when communicating with keycloak
clientSecret string false Secret used for authentication

Advanced Configurations

probes

The ASR allow for the configuration of liveness, readiness and startup probes.

...
probes:
  enabled: true
  livenessProbe:
    enabled: true
    failureThreshold: 4
    initialDelaySeconds: 60
    path: /alive
    periodSeconds: 4
    probeType: httpGet
    scheme: HTTP
    successThreshold: 1
    timeoutSeconds: 1
  readinessProbe:
    enabled: false
    failureThreshold: 4
    initialDelaySeconds: 15
    path: /ready
    periodSeconds: 4
    probeType: httpGet
    scheme: HTTP
    successThreshold: 1
    timeoutSeconds: 1
  startUpProbe:
    enabled: true
    failureThreshold: 6
    initialDelaySeconds: 5
    path: /alive
    periodSeconds: 15
    probeType: httpGet
    scheme: HTTP
    successThreshold: 1
    timeoutSeconds: 1
...
Key Type Required Description
enabled boolean false Enable the use of probes within the component
livenessProbe object false Configure a liveness probe for component, see Probe Spec for more details
readinessProbe object false Configure a readiness probe for component, see Probe Spec for more details
startUpProbe object false Configure a startup probe for component, see Probe Spec for more details

Probe Spec

Within the probes object you can configure each of the three probe types - liveness, readiness and startup probes.

Under each of the relevant keys livenessProbe, readinessProbe and startUpProbe you may configure the probe as below:

Configuration varies depending on the selected probeType.

  [startUpProbe | livenessProbe | readinessProbe]:
    enabled: true
    failureThreshold: 6
    initialDelaySeconds: 5
    periodSeconds: 15
    successThreshold: 1
    timeoutSeconds: 1
Key Type Required Description
enabled boolean false Enable this particular probe within instance
probeType string false Probe type may be httpGet, tcpSocket or exec
initialDelaySeconds integer false Number of seconds after the container has started before liveness probes are initiated
timeoutSeconds integer false Number of seconds after which the probe times out
periodSeconds integer false How often (in seconds) to perform the probe
successThreshold integer false Minimum consecutive successes for the probe to be considered successful after having failed
failureThreshold integer false Minimum consecutive failures for the probe to be considered failed after having succeeded
terminationGracePeriodSeconds integer false Optional duration in seconds the pod needs to terminate gracefully upon probe failure

probeType tcpSocket

Additional fields to configure the tcpSocket probeType

  [startUpProbe | livenessProbe | readinessProbe]:
    probeType: tcpSocket
    port: 1234
| Key | Type | Required | Description | |-----|------|----------|-------------| | port | integer | false | Where probeType is tcpSocket - Probe target port may be set, if unset will use container port |

probeType exec

Additional fields to configure the exec probeType

  [startUpProbe | livenessProbe | readinessProbe]:
    probeType: exec
    command:
    - cat
    - /tmp/healthy
Key Type Required Description
port []string false Where probeType is exec - Command that will be executed on the running container

probeType httpGet

Additional fields to configure the exec probeType

  [startUpProbe | livenessProbe | readinessProbe]:
    probeType: httpGet
    port: 1234
    path: "/alive"
    scheme: "HTTP"
    headers:
    - name: custom-header
      value: custom
Key Type Required Description
port integer false Where probeType is httpGet - Probe target port may be set, if unset will use container port
path string false Target endpoint for request
scheme string false Scheme to use for connecting to the host - HTTP or HTTPS
headers []object false Custom headers to set in the request. HTTP allows repeated headers