8 KiB
8 KiB
Nextcloud Operator
Nextcloud operator handles the deployment of a Nextcloud HA instance plus the LibreOffice online application in a kubernetes cluster.
Operator main taks:
- Defines a Custom Resource Definition (CRD) that contains the configuration options required to define a Nextcloud HA instance.
- Creates Nextcloud HA instances when a new resource is created.
- Updates Nextcloud configuration to when a change to the CRD is detected.
- Checks for new Nextcloud versions and notifies the admin if there's a new compatible version.
- Handles nextcloud upgrades
Resources
Every time a new Nextcloud resource is created, the operator will create
a set of kubernetes resources:
-
php-fpm deployment: Handles the PHP processing part of the Nextcloud application.
- Shares a volume with the
nginxdeployment. - Is available to the cluster via the
php-fpm-serviceby using the php-fpm label. - Spins
php_fpm_replicasnumber of replicas defined in theNextcloudresource.
- Shares a volume with the
-
php-fpm service: Handles the load balancing of the
php-fpmdeployment containers. -
Nginx deployment: Handles de
HTTPrequests for the Nextcloud instances.- Shares a volume with the
php-fpmdeployment. - Uses the
php-fpm-serviceservice to communicate with thephp-fpminstances. - Is exposed to the cluster via the
http-serviceby using the http-service label. - Spins
http_replicasnumber of replicas defined in theNextcloudresource.
- Shares a volume with the
-
http-service: Handles the load balancing of the Nginx deployment containers.
-
coolwsd deployment: Handles the LibreOffice online server for Nextcloud.
- Creates
coolwsd_replicasnumber of containers defined in theNextcloudresource. - Is exposed to the cluster via the
coolwsd-serviceby using the coolwsd-service label. - Spins
coolwsd_replicasnumber of replicas defined in theNextcloudresource.
- Creates
-
coolwsd-service: Handles the load balancing of the coolwsd deployment containers.
-
redis deployment: Handles the redis database.
- Is exposed to the cluster via the
redis-serviceby using the redis-service label. - Spins
redis_replicasnumber of replicas defined in theNextcloudresource.
- Is exposed to the cluster via the
-
redis-service: Handles the load balancing of the redis deployment containers.
-
Database and IdM are assumed to be external services and are outside of the Nextcloud operator scope.
CRD:
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: nextcloud.operators.imcsk8.chavero.com.mx
spec:
group: operators.imcsk8.chavero.com.mx
versions:
- name: v1 # it's possible to provide multiple versions of a CRD
served: true # it's possible to disable a CRD
storage: true # there can be multiple versions but only one can be used to store the objects
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
nextcloud_path:
type: string
default: "/usr/share/nginx/html"
nextcloud_occ:
type: string
default: "/usr/share/nginx/html/occ"
nginx_path:
type: string
default: "/etc/nginx/conf.d" # FIXME: Set PHP version from Debian version: 7.4 for Debian 11, 7.3 for Debian 10
php_ini_path:
type: string
default: "/etc"
php_pool_path:
type: string
default: "/etc/php-fpm.d"
php_fpm_service:
type: string
default: "php-fpm"
document_root:
type: string
default: "/usr/share/nginx/html"
web_user:
type: string
default: "nginx"
pg_hba_conf:
type: string
default: "/var/lib/pgsql/data/pg_hba.conf"
redis_dir:
type: string
default: "/etc"
redis_user:
type: string
default: "nextcloud"
redis_url:
type: string
default: "https://127.0.0.1"
redis_password:
type: string
default: "2XenoNNBtLJqrELTfmCLum/42Guz72Ym0RPMxXh5+pT"
nextcloud_version:
type: string
default: "24.0.3"
nextcloud_checksum:
type: string
default: "sha256:4820808f799146853604e1fa27d7f292449018a44dc73bf928a97b02028318ba"
nextcloud_database:
type: string
default: "nextcloud"
nextcloud_database_user:
type: string
default: "nextcloud"
nextcloud_database_user_password:
type: string
default: "nVdUe6%Ua9c,Rd.8BVugPHPm2yqUSXWCAy%1GXOQGn8tg9F?k%R"
nextcloud_admin_user:
type: string
default: "nextcloud_admin"
nextcloud_admin_password:
type: string
default: "prueba123"
nextcloud_fqdn:
type: string
default: ""
nextcloud_domain_name:
type: string
default: "nextcloud"
notify_push_nextcloud_url:
type: string
default: "http://localhost"
key_size:
type: integer
default: 4096
key_type:
type: string
default: "RSA" # Others include DSA, ECC, Ed25519, Ed448, X25519, X448
country_name:
type: string
default: "MX"
email_address:
type: string
default: "ssl@example.com"
organization_name:
type: string
default: "Nextcloud"
server_hostname:
type: string
default: "example.com"
redis_cert_private_key:
type: string
default: "/etc/pki/tls/private/redis-cert-private-key.pem"
redis_cert:
type: string
default: "/etc/pki/tls/certs/redis-self-cert.crt"
redis_csr:
type: string
default: "/etc/pki/tls/certs/redis-self.csr"
generate_self_signed_cert: true
nginx_ssl_cert_file:
type: string
default: "/etc/pki/tls/private/nginx-self-signed.crt"
nginx_ssl_key_file:
type: string
default: "/etc/pki/tls/certs/nginx-self-signed.key"
nginx_ssl_csr_file:
type: string
default: "/etc/pki/tls/certs/nginx-self-signed.csr"
code_enable_ssl:
type: boolean
default: false
code_enable_ssl_termination:
type: boolean
default: true
code_ssl_key:
type: string
default: ""
code_ssl_cert:
type: string
default: ""
code_ssl_ca:
type: string
default: ""
php_fpm_replicas:
type: integer
default: 2
http_replicas:
type: integer
default: 2
coolwsd_replicas:
type: integer
default: 2
redis_replicas:
type: integer
default: 2
scope: Namespaced
names:
plural: nextclouds
singular: nextcloud
kind: Nextcloud
shortNames: nc