{ "description": "PointInTimeRecovery is the Schema for the pointintimerecoveries API. It contains binlog archival and point-in-time restoration settings.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "PointInTimeRecoverySpec defines the desired state of PointInTimeRecovery. It contains binlog archive and point-in-time restoration settings.", "properties": { "archiveTimeout": { "default": "1h", "description": "ArchiveTimeout defines the maximum duration for the binary log archival.\nIf this duration is exceeded, the sidecar agent will log an error and it will be retried in the next archive cycle.\nIt defaults to 1 hour.", "type": "string" }, "compression": { "description": "Compression algorithm to be used for compressing the binary logs.\nThis field is immutable, it cannot be updated after creation.", "enum": [ "none", "bzip2", "gzip" ], "type": "string" }, "physicalBackupRef": { "description": "PhysicalBackupRef is a reference to a PhysicalBackup object that will be used as base backup.", "properties": { "name": { "default": "", "type": "string" } }, "type": "object", "additionalProperties": false }, "storage": { "description": "PointInTimeRecoveryStorage is the storage where the point in time recovery data will be stored", "properties": { "azureBlob": { "description": "AzureBlob is the Azure Blob Storage where the binary logs will be kept.", "properties": { "containerName": { "description": "ContainerName is the name of the storage container.", "type": "string" }, "prefix": { "description": "Prefix indicates a folder/subfolder in the container. For example: mariadb/ or mariadb/backups. A trailing slash '/' is added if not provided.", "type": "string" }, "serviceURL": { "description": "ServiceURL is the full URL for connecting to Azure, usually in the form: http(s)://.blob.core.windows.net/.", "type": "string" }, "storageAccountKey": { "description": "StorageAccountKey is a reference to a Secret key containing the Azure Blob Storage Storage account Key. Pairs with StorageAccountKey for static credential authentication", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "storageAccountName": { "description": "StorageAccountName is the name of the storage account. Pairs with StorageAccountKey for static credential authentication", "type": "string" }, "tls": { "description": "TLS provides the configuration required to establish TLS connections with Azure Blob Storage.", "properties": { "caSecretKeyRef": { "description": "CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3.\nBy default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "enabled": { "description": "Enabled is a flag to enable TLS.", "type": "boolean" } }, "type": "object", "additionalProperties": false } }, "required": [ "containerName", "serviceURL" ], "type": "object", "additionalProperties": false }, "s3": { "description": "S3 is the S3-compatible storage where the binary logs will be kept.", "properties": { "accessKeyIdSecretKeyRef": { "description": "AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "bucket": { "description": "Bucket is the name Name of the bucket to store backups.", "type": "string" }, "endpoint": { "description": "Endpoint is the S3 API endpoint without scheme.", "type": "string" }, "prefix": { "description": "Prefix indicates a folder/subfolder in the bucket. For example: mariadb/ or mariadb/backups. A trailing slash '/' is added if not provided.", "type": "string" }, "region": { "description": "Region is the S3 region name to use.", "type": "string" }, "secretAccessKeySecretKeyRef": { "description": "AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "sessionTokenSecretKeyRef": { "description": "SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "ssec": { "description": "SSEC is a reference to a Secret containing the SSE-C (Server-Side Encryption with Customer-Provided Keys) key.\nThe secret must contain a 32-byte key (256 bits) in the specified key.\nThis enables server-side encryption where you provide and manage the encryption key.", "properties": { "customerKeySecretKeyRef": { "description": "CustomerKeySecretKeyRef is a reference to a Secret key containing the SSE-C customer-provided encryption key.\nThe key must be a 32-byte (256-bit) key encoded in base64.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false } }, "required": [ "customerKeySecretKeyRef" ], "type": "object", "additionalProperties": false }, "tls": { "description": "TLS provides the configuration required to establish TLS connections with S3.", "properties": { "caSecretKeyRef": { "description": "CASecretKeyRef is a reference to a Secret key containing a CA bundle in PEM format used to establish TLS connections with S3.\nBy default, the system trust chain will be used, but you can use this field to add more CAs to the bundle.", "properties": { "key": { "type": "string" }, "name": { "default": "", "type": "string" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic", "additionalProperties": false }, "enabled": { "description": "Enabled is a flag to enable TLS.", "type": "boolean" } }, "type": "object", "additionalProperties": false } }, "required": [ "bucket", "endpoint" ], "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "strictMode": { "description": "StrictMode controls the behavior when a point-in-time restoration cannot reach the exact target time:\nWhen enabled: Returns an error and avoids replaying binary logs if target time is not reached.\nWhen disabled (default): Replays available binary logs until the last recoverable time. It logs logs an error if target time is not reached.", "type": "boolean" } }, "required": [ "physicalBackupRef", "storage" ], "type": "object", "additionalProperties": false }, "status": { "description": "PointInTimeRecoveryStatus represents the current status of the point-in-time-recovery.", "properties": { "lastRecoverableTime": { "description": "LastRecoverableTime is the most recent recoverable time based on the current state of physical backups and archived binary logs.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object" }