github.com/verrazzano/verrazzano@v1.7.1/pkg/constants/constants.go (about) 1 // Copyright (c) 2021, 2023, Oracle and/or its affiliates. 2 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 package constants 5 6 import ( 7 "time" 8 ) 9 10 // VerrazzanoClusterIssuerName Name of the Verrazzano Cert-Manager cluster issuer 11 const VerrazzanoClusterIssuerName = "verrazzano-cluster-issuer" 12 13 // RestartVersionAnnotation - the annotation used by user to tell Verrazzano application to restart its components 14 const RestartVersionAnnotation = "verrazzano.io/restart-version" 15 16 // VerrazzanoRestartAnnotation is the annotation used to restart platform workloads 17 const VerrazzanoRestartAnnotation = "verrazzano.io/restartedAt" 18 19 // LifecycleActionAnnotation - the annotation perform lifecycle actions on a workload 20 const LifecycleActionAnnotation = "verrazzano.io/lifecycle-action" 21 22 // LifecycleActionStop - the annotation value used to stop a workload 23 const LifecycleActionStop = "stop" 24 25 // LifecycleActionStart - the annotation value used to start a workload 26 const LifecycleActionStart = "start" 27 28 // VerrazzanoWebLogicWorkloadKind - the VerrazzanoWebLogicWorkload resource kind 29 const VerrazzanoWebLogicWorkloadKind = "VerrazzanoWebLogicWorkload" 30 31 // VerrazzanoCoherenceWorkloadKind - the VerrazzanoCoherenceWorkload resource kind 32 const VerrazzanoCoherenceWorkloadKind = "VerrazzanoCoherenceWorkload" 33 34 // VerrazzanoHelidonWorkloadKind - the VerrazzanoHelidonWorkload resource kind 35 const VerrazzanoHelidonWorkloadKind = "VerrazzanoHelidonWorkload" 36 37 // ContainerizedWorkloadKind - the ContainerizedWorkload resource kind 38 const ContainerizedWorkloadKind = "ContainerizedWorkload" 39 40 // DeploymentWorkloadKind - the Deployment workload resource kind 41 const DeploymentWorkloadKind = "Deployment" 42 43 // StatefulSetWorkloadKind - the StatefulSet workload resource kind 44 const StatefulSetWorkloadKind = "StatefulSet" 45 46 // DaemonSetWorkloadKind - the DaemonSet workload resource kind 47 const DaemonSetWorkloadKind = "DaemonSet" 48 49 // VerrazzanoInstallNamespace is the namespace for installing the verrazzano-platform-operator 50 const VerrazzanoInstallNamespace = "verrazzano-install" 51 52 // VerrazzanoSystemNamespace is the system namespace for Verrazzano 53 const VerrazzanoSystemNamespace = "verrazzano-system" 54 55 // VerrazzanoCAPINamespace is the system namespace for Cluster API resources 56 const VerrazzanoCAPINamespace = "verrazzano-capi" 57 58 // VerrazzanoMultiClusterNamespace is the multi-cluster namespace for Verrazzano 59 const VerrazzanoMultiClusterNamespace = "verrazzano-mc" 60 61 // VerrazzanoMonitoringNamespace is the namespace for monitoring components 62 const VerrazzanoMonitoringNamespace = "verrazzano-monitoring" 63 64 // VerrazzanoLoggingNamespace is the namespace for logging components 65 const VerrazzanoLoggingNamespace = "verrazzano-logging" 66 67 // CertManagerNamespace - the CertManager namespace 68 const CertManagerNamespace = "cert-manager" 69 70 // ExternalDNSNamespace - the ExternalDNS namespace 71 const ExternalDNSNamespace = VerrazzanoSystemNamespace 72 73 // KeycloakNamespace - the keycloak namespace 74 const KeycloakNamespace = "keycloak" 75 76 // MySQLOperatorNamespace indicates the namespace to be used for the MySQLOperator installation 77 const MySQLOperatorNamespace = "mysql-operator" 78 79 // RancherSystemNamespace - the Rancher cattle-system namespace 80 const RancherSystemNamespace = "cattle-system" 81 82 // IstioSystemNamespace - the Istio system namespace 83 const IstioSystemNamespace = "istio-system" 84 85 // PrometheusOperatorNamespace - the namespace where Verrazzano installs Prometheus Operator 86 // and its related components. 87 const PrometheusOperatorNamespace = "verrazzano-monitoring" 88 89 // ArgoCDNamespace - the Argocd namespace 90 const ArgoCDNamespace = "argocd" 91 92 // LabelIstioInjection - constant for a Kubernetes label that is applied by Verrazzano 93 const LabelIstioInjection = "istio-injection" 94 95 // LabelVerrazzanoNamespace - constant for a Kubernetes label that is used by network policies 96 const LabelVerrazzanoNamespace = "verrazzano.io/namespace" 97 98 // LegacyOpensearchSecretName legacy secret name for Opensearch credentials 99 const LegacyOpensearchSecretName = "verrazzano" 100 101 // VerrazzanoESInternal is the name of the Verrazzano internal Opensearch secret in the Verrazzano system namespace 102 const VerrazzanoESInternal = "verrazzano-es-internal" 103 104 // VerrazzanoPromInternal is the name of the Verrazzano internal Prometheus secret in the Verrazzano system namespace 105 const VerrazzanoPromInternal = "verrazzano-prom-internal" 106 107 // RancherTLSCA is a tls secret that contains CA if private CA is being used 108 const RancherTLSCA = "tls-ca" 109 110 // RancherTLSCAKey is the key containing the CA in the secret specified by the RancherTLSCA constant 111 const RancherTLSCAKey = "cacerts.pem" 112 113 // PrivateCABundle is an optional tls secret that contains private CAs used to issue/validate Verrazzano certificates 114 const PrivateCABundle = "verrazzano-tls-ca" 115 116 // CABundleKey is the key for the CA bundle in the PrivateCABundle secret 117 const CABundleKey = "cacerts.pem" 118 119 // VerrazzanoIngressTLSSecret is the name of the secret in a cluster that contains the cluster's ca bundle 120 const VerrazzanoIngressTLSSecret = "verrazzano-tls" //nolint:gosec //#gosec G101 121 122 // CACertKey is the key for the CA bundle Cert-Manager issued leaf-certificate secrets, if it not from a public issuer 123 const CACertKey = "ca.crt" 124 125 // CustomCACertKey is the key for the public certificate in Cert-Manager issued certificate secrets 126 const CustomCACertKey = "tls.crt" 127 128 // VMCAgentPollingTimeInterval - The time interval at which mcagent polls Verrazzano Managed CLuster resource on the admin cluster. 129 const VMCAgentPollingTimeInterval = 60 * time.Second 130 131 // MaxTimesVMCAgentPollingTime - The constant used to set max polling time for vmc agent to determine VMC state 132 const MaxTimesVMCAgentPollingTime = 3 133 134 // FluentdDaemonSetName - The name of the Fluentd DaemonSet 135 const FluentdDaemonSetName = "fluentd" 136 137 // FluentBitDaemonSetName - The name of the FluentBit DaemonSet 138 const FluentBitDaemonSetName = "fluent-bit" 139 140 // KubeSystem - The name of the kube-system namespace 141 const KubeSystem = "kube-system" 142 143 // DefaultVerrazzanoCASecretName Default self-signed CA secret name 144 // #nosec 145 const DefaultVerrazzanoCASecretName = "verrazzano-ca-certificate-secret" 146 147 // VmiPromConfigName - The name of the prometheus config map 148 const VmiPromConfigName string = "vmi-system-prometheus-config" 149 150 const PrometheusJobNameKey = "job_name" 151 152 // TestPrometheusJobScrapeInterval - The string 0s representing a test only prometheus config scrape interval 153 const TestPrometheusJobScrapeInterval = "0s" 154 155 // TestPrometheusJob - Name of a test prometheus scraper job 156 const TestPrometheusScrapeJob = "test_job" 157 158 // Default OpenSearch URL 159 const DefaultOpensearchURL = "http://verrazzano-authproxy-opensearch:8775" 160 161 // Default Jaeger OpenSearch URL 162 const DefaultJaegerOSURL = "http://verrazzano-authproxy-opensearch.verrazzano-system:8775" 163 164 // DefaultOperatorOSURL is the default OpenSearch URL for opensearch-operator based OpenSearch 165 const DefaultOperatorOSURL = "http://verrazzano-authproxy-opensearch-logging:8775" 166 167 // DefaultOperatorOSURLWithNS is the default OpenSearch URL for opensearch-operator based OpenSearch with namespace suffix 168 const DefaultOperatorOSURLWithNS = "http://verrazzano-authproxy-opensearch-logging.verrazzano-system:8775" 169 170 // DefaultJaegerSecretName is the Jaeger secret name used by the default Jaeger instance 171 // #nosec 172 const DefaultJaegerSecretName = "verrazzano-jaeger-secret" 173 174 // JaegerInstanceName is the name of the default Jaeger instance 175 const JaegerInstanceName = "jaeger-operator-jaeger" 176 177 // JaegerQueryComponentName is the name of the collector component 178 const JaegerCollectorComponentName = "collector" 179 180 // JaegerQueryComponentName is the name of the collector component 181 const JaegerQueryComponentName = "query" 182 183 // VerrazzanoManagedLabelKey is a constant for a Kubernetes label that is applied to Verrazzano application namespaces 184 const VerrazzanoManagedLabelKey = "verrazzano-managed" 185 186 // PromAdditionalScrapeConfigsSecretName is the name of the secret that contains the additional scrape configurations loaded by Prometheus 187 const PromAdditionalScrapeConfigsSecretName = "additional-scrape-configs" 188 189 // PromAdditionalScrapeConfigsSecretKey is the name of the key in the additional scrape configurations secret that contains the scrape config YAML 190 const PromAdditionalScrapeConfigsSecretKey = "jobs" 191 192 // MetricsTemplateKind is the Kind of the MetricsTemplate custom resource 193 const MetricsTemplateKind = "MetricsTemplate" 194 195 // MetricsTemplateAPIVersion is the APIVersion of the MetricsTemplate custom resource 196 const MetricsTemplateAPIVersion = "app.verrazzano.io/v1alpha1" 197 198 // SecretKind is the kind for a secret 199 const SecretKind = "Secret" 200 201 // MysqlBackupMutatingWebhookName specifies the name of mysql webhook. 202 const MysqlBackupMutatingWebhookName = "verrazzano-mysql-backup" 203 204 // MysqlBackupMutatingWebhookPath specifies the path of mysql webhook. 205 const MysqlBackupMutatingWebhookPath = "/mysql-backup-job-annotate" 206 207 // VerrazzanoClusterRancherName is the name for the Rancher cluster role and secret used to grant permissions to the Verrazzano cluster user 208 const VerrazzanoClusterRancherName = "verrazzano-cluster-registrar" 209 210 // VerrazzanoClusterRancherUsername is the username in Rancher used to identify the Verrazzano cluster user 211 const VerrazzanoClusterRancherUsername = "vz-cluster-reg" 212 213 // ArgoCDClusterRancherSecretName is the name of secret for the Verrazzano Argo CD cluster user 214 // #nosec 215 const ArgoCDClusterRancherSecretName = "verrazzano-argocd-secret" 216 217 // ArgoCDClusterRancherUsername is the username in Rancher used to identify the Verrazzano Argo CD cluster user 218 const ArgoCDClusterRancherUsername = "vz-argoCD-reg" 219 220 // Components Names 221 const ( 222 Istio = "istio" 223 ExternalDNS = "external-dns" 224 IngressController = "ingress-controller" 225 IngressDefaultBackend = "ingress-controller-ingress-nginx-defaultbackend" 226 MySQL = "mysql" 227 CertManager = "cert-manager" 228 Rancher = "rancher" 229 Keycloak = "keycloak" 230 Grafana = "grafana" 231 JaegerOperator = "jaeger-operator" 232 Opensearch = "opensearch" 233 Velero = "velero" 234 Verrazzano = "verrazzano" 235 Fluentd = "fluentd" 236 MySQLOperator = "mysql-operator" 237 ) 238 239 // ThanosQueryIngress is the name of the ingress for the Thanos Query 240 const ThanosQueryIngress = "thanos-query-frontend" 241 242 // ThanosQueryStoreIngress is the name of the ingress for the Thanos Query Store API 243 const ThanosQueryStoreIngress = "thanos-query-store" 244 245 // ThanosRulerIngress is the name of the ingress for the Thanos Ruler 246 const ThanosRulerIngress = "thanos-ruler" 247 248 // LetsEncryptProduction - LetsEncrypt production env 249 const LetsEncryptProduction = "production" 250 251 // LetsEncryptStaging - LetsEncrypt staging env 252 const LetsEncryptStaging = "staging" 253 254 // VerrazzanoOIDCSystemRealm is the OIDC realm used for Verrazzano system auth 255 const VerrazzanoOIDCSystemRealm = "verrazzano-system"