apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 creationTimestamp: "2026-04-04T02:17:01Z" generation: 1 name: novacells.nova.openstack.org resourceVersion: "38705" uid: 045df2ce-8a6c-4809-8549-904cb6516f8d spec: conversion: strategy: None group: nova.openstack.org names: kind: NovaCell listKind: NovaCellList plural: novacells singular: novacell scope: Namespaced versions: - name: v1beta1 schema: openAPIV3Schema: description: NovaCell is the Schema for the novacells API properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: NovaCellSpec defines the desired state of NovaCell properties: apiDatabaseAccount: default: nova description: APIDatabaseAccount - MariaDBAccount to use when accessing the API DB type: string apiDatabaseHostname: description: |- APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0. type: string apiTimeout: default: 60 description: APITimeout for Route and Apache minimum: 10 type: integer cellDatabaseAccount: default: nova description: CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB type: string cellDatabaseHostname: description: CellDatabaseHostname - hostname to use when accessing the cell DB type: string cellName: description: |- CellName is the name of the Nova Cell. The value "cell0" has a special meaning. The "cell0" Cell cannot have compute nodes associated and the conductor in this cell acts as the super conductor for all the cells in the deployment. type: string computeContainerImageURL: description: NovaComputeContainerImageURL type: string conductorContainerImageURL: description: ConductorContainerImageURL type: string conductorServiceTemplate: description: ConductorServiceTemplate - defines the cell conductor deployment for the cell properties: customServiceConfig: description: |- CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file. type: string networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network items: type: string type: array nodeSelector: additionalProperties: type: string description: |- NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object replicas: default: 1 description: Replicas of the service to run format: int32 maximum: 32 minimum: 0 type: integer resources: description: |- Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: description: |- Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string request: description: |- Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object topologyRef: description: |- TopologyRef to apply the Topology defined by the associated CR referenced by name properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object type: object dbPurge: description: DBPurge defines the parameters for the DB archiving and purging cron job properties: archiveAge: default: 30 description: |- ArchiveAge defines the minimum age of the records in days that can be moved to the shadow tables. minimum: 1 type: integer purgeAge: default: 90 description: |- PurgeAge defines the minimum age of the records in days that can be deleted from the shadow tables minimum: 1 type: integer schedule: default: 0 0 * * * description: |- Schedule defines when to run the DB maintenance job in a cron format. By default it runs every midnight. type: string type: object keystoneAuthURL: description: |- KeystoneAuthURL - the URL that the service in the cell can use to talk to keystone type: string memcachedInstance: description: MemcachedInstance is the name of the Memcached CR that all nova service will use. type: string metadataContainerImageURL: description: MetadataContainerImageURL type: string metadataServiceTemplate: description: MetadataServiceTemplate - defines the metadata service dedicated for the cell. properties: customServiceConfig: description: |- CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file. type: string defaultConfigOverwrite: additionalProperties: type: string description: DefaultConfigOverwrite - interface to overwrite default config files like e.g. api-paste.ini. type: object enabled: description: |- Enabled - Whether NovaMetadata services should be deployed and managed. If it is set to false then the related NovaMetadata CR will be deleted if exists and owned by a higher level nova CR (Nova or NovaCell). If it exist but not owned by a higher level nova CR then the NovaMetadata CR will not be touched. If it is set to true the a NovaMetadata CR will be created. If there is already a manually created NovaMetadata CR with the relevant name then this operator will not try to update that CR, instead the higher level nova CR will be in error state until the manually create NovaMetadata CR is deleted manually. type: boolean networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network items: type: string type: array nodeSelector: additionalProperties: type: string description: |- NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object override: description: Override, provides the ability to override the generated manifest of several child resources. properties: service: description: |- Override configuration for the Service created to serve traffic to the cluster for internal communication. properties: metadata: description: |- EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included. properties: annotations: additionalProperties: type: string description: |- Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: description: |- OverrideServiceSpec is a subset of the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec Limited to Type, SessionAffinity, LoadBalancerSourceRanges, ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy properties: externalName: description: |- externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". type: string externalTrafficPolicy: description: |- externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. type: string internalTrafficPolicy: description: |- InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). type: string ipFamilyPolicy: description: |- IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. type: string loadBalancerClass: description: |- loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. type: string loadBalancerSourceRanges: description: |- If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ items: type: string type: array x-kubernetes-list-type: atomic sessionAffinity: description: |- Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains the configurations of session affinity. properties: clientIP: description: clientIP contains the configurations of Client IP based session affinity. properties: timeoutSeconds: description: |- timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: string type: object type: object type: object replicas: default: 1 description: Replicas of the service to run format: int32 maximum: 32 minimum: 0 type: integer resources: description: |- Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: description: |- Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string request: description: |- Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object tls: description: TLS - Parameters related to the TLS properties: caBundleSecretName: description: CaBundleSecretName - holding the CA certs in a pre-created bundle file type: string secretName: description: SecretName - holding the cert, key for the service type: string type: object topologyRef: description: |- TopologyRef to apply the Topology defined by the associated CR referenced by name properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object type: object noVNCProxyServiceTemplate: description: |- NoVNCProxyServiceTemplate - defines the novncproxy service dedicated for the cell. properties: customServiceConfig: description: |- CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file. type: string enabled: description: |- Enabled - Whether NovaNoVNCProxy services should be deployed and managed. If it is set to false then the related NovaNoVNCProxy CR will be deleted if exists and owned by the NovaCell. If it exist but not owned by the NovaCell then the NovaNoVNCProxy will not be touched. If it is set to true the a NovaNoVNCProxy CR will be created. If there is already a manually created NovaNoVNCProxy CR with the relevant name then the cell will not try to update that CR, instead the NovaCell be in error state until the manually create NovaNoVNCProxy CR is deleted by the operator. type: boolean networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network items: type: string type: array nodeSelector: additionalProperties: type: string description: NodeSelector to target subset of worker nodes running this service type: object override: description: Override, provides the ability to override the generated manifest of several child resources. properties: service: description: Override configuration for the Service created to serve traffic to the cluster. properties: endpointURL: type: string metadata: description: |- EmbeddedLabelsAnnotations is an embedded subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. Only labels and annotations are included. properties: annotations: additionalProperties: type: string description: |- Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ type: object labels: additionalProperties: type: string description: |- Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object type: object spec: description: |- OverrideServiceSpec is a subset of the fields included in https://pkg.go.dev/k8s.io/api@v0.26.6/core/v1#ServiceSpec Limited to Type, SessionAffinity, LoadBalancerSourceRanges, ExternalName, ExternalTrafficPolicy, SessionAffinityConfig, IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy properties: externalName: description: |- externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". type: string externalTrafficPolicy: description: |- externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. type: string internalTrafficPolicy: description: |- InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). type: string ipFamilyPolicy: description: |- IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. type: string loadBalancerClass: description: |- loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. type: string loadBalancerSourceRanges: description: |- If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ items: type: string type: array x-kubernetes-list-type: atomic sessionAffinity: description: |- Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains the configurations of session affinity. properties: clientIP: description: clientIP contains the configurations of Client IP based session affinity. properties: timeoutSeconds: description: |- timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: string type: object type: object type: object replicas: default: 1 description: Replicas of the service to run format: int32 maximum: 32 minimum: 0 type: integer resources: description: |- Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: description: |- Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string request: description: |- Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object tls: description: TLS - Parameters related to the TLS properties: caBundleSecretName: description: CaBundleSecretName - holding the CA certs in a pre-created bundle file type: string service: description: Service - Cert secret used for the nova novnc service endpoint properties: secretName: description: SecretName - holding the cert, key for the service type: string type: object vencrypt: description: |- Vencrypt - cert secret containing the x509 certificate to be presented to the VNC server. The CommonName field should match the primary hostname of the controller node. If using a HA deployment, the Organization field can also be configured to a value that is common across all console proxy instances in the deployment. https://docs.openstack.org/nova/latest/admin/remote-console-access.html#novnc-proxy-server-configuration properties: secretName: description: SecretName - holding the cert, key for the service type: string type: object type: object topologyRef: description: |- TopologyRef to apply the Topology defined by the associated CR referenced by name properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object type: object nodeSelector: additionalProperties: type: string description: NodeSelector to target subset of worker nodes running this services. type: object novaComputeTemplates: additionalProperties: description: |- NovaComputeTemplate defines the input parameters specified by the user to create a NovaCompute via higher level CRDs. properties: computeDriver: description: ComputeDriver - defines which driver to use for controlling virtualization enum: - ironic.IronicDriver - fake.FakeDriver type: string customServiceConfig: description: |- CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc//.conf.d directory as custom.conf file. type: string defaultConfigOverwrite: additionalProperties: type: string description: DefaultConfigOverwrite - interface to overwrite default config files like e.g. provider.yaml type: object networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network items: type: string type: array nodeSelector: additionalProperties: type: string description: |- NodeSelector to target subset of worker nodes running this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object replicas: default: 1 description: Replicas of the service to run. For ironic.IronicDriver the max replica is 1 format: int32 maximum: 32 minimum: 0 type: integer resources: description: |- Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: description: |- Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. type: string request: description: |- Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: |- Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object topologyRef: description: |- TopologyRef to apply the Topology defined by the associated CR referenced by name properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object required: - computeDriver type: object description: |- NovaComputeTemplates - map of nova computes template with selected drivers in format compute_name: compute_template. Key from map is arbitrary name for the compute. because of that there is a 20 character limit on the compute name. type: object novncproxyContainerImageURL: description: NoVNCContainerImageURL type: string preserveJobs: default: false description: PreserveJobs - do not delete jobs after they finished e.g. to check logs type: boolean region: default: regionOne description: Region - the region name to use for service endpoint discovery type: string secret: description: |- Secret is the name of the Secret instance containing password information for the nova cell. This secret is expected to be generated by the nova-operator based on the information passed to the Nova CR. type: string serviceAccount: description: ServiceAccount - service account name used internally to provide Nova services the default SA name type: string serviceUser: default: nova description: |- ServiceUser - optional username used for this service to register in keystone type: string tls: description: TLS - Parameters related to the TLS properties: caBundleSecretName: description: CaBundleSecretName - holding the CA certs in a pre-created bundle file type: string type: object topologyRef: description: |- TopologyRef to apply the Topology defined by the associated CR referenced by name properties: name: description: Name - The Topology CR name that the Service references type: string namespace: description: |- Namespace - The Namespace to fetch the Topology CR referenced NOTE: Namespace currently points by default to the same namespace where the Service is deployed. Customizing the namespace is not supported and webhooks prevent editing this field to a value different from the current project type: string type: object required: - cellDatabaseHostname - cellName - computeContainerImageURL - conductorContainerImageURL - conductorServiceTemplate - keystoneAuthURL - memcachedInstance - metadataContainerImageURL - noVNCProxyServiceTemplate - novncproxyContainerImageURL - secret - serviceAccount type: object status: description: NovaCellStatus defines the observed state of NovaCell properties: conditions: description: Conditions items: description: Condition defines an observation of a API resource operational state. properties: lastTransitionTime: description: |- Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: A human readable message indicating details about the transition. type: string reason: description: The reason for the condition's last transition in CamelCase. type: string severity: description: |- Severity provides a classification of Reason code, so the current situation is immediately understandable and could act accordingly. It is meant for situations where Status=False and it should be indicated if it is just informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue and no actions to automatically resolve the issue can/should be done). For conditions where Status=Unknown or Status=True the Severity should be SeverityNone. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: description: Type of condition in CamelCase. type: string required: - lastTransitionTime - status - type type: object type: array conductorServiceReadyCount: description: |- ConductorServiceReadyCount defines the number of replicas ready from nova-conductor service in the cell format: int32 type: integer hash: additionalProperties: type: string description: |- INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file Map of hashes to track e.g. job status type: object metadataServiceReadyCount: description: |- MetadataServiceReadyCount defines the number of replicas ready from nova-metadata service in the cell format: int32 type: integer noVNCProxyServiceReadyCount: description: |- NoVNCPRoxyServiceReadyCount defines the number of replicas ready from nova-novncproxy service in the cell format: int32 type: integer novaComputesStatus: additionalProperties: description: NovaComputeCellStatus defines state of NovaCompute in cell properties: deployed: description: 'Deployed value: true means that the compute is deployed but can still be undiscovered' type: boolean errors: description: Errors value True means that during deployment, errors appear, and the user needs to check the compute for problems type: boolean required: - deployed - errors type: object description: |- NovaComputesStatus is a map with format cell_name: NovaComputeCellStatus where NovaComputeCellStatus tell if compute with selected name deployed successfully and indicates if the compute is successfully mapped to the cell in the nova_api database. When a compute is removed from the Spec the operator will delete the related NovaCompute CR and then remove the compute from this Status field. type: object observedGeneration: description: |- ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage) format: int64 type: integer type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: NovaCell listKind: NovaCellList plural: novacells singular: novacell conditions: - lastTransitionTime: "2026-04-04T02:17:01Z" message: no conflicts found reason: NoConflicts status: "True" type: NamesAccepted - lastTransitionTime: "2026-04-04T02:17:01Z" message: the initial names have been accepted reason: InitialNamesAccepted status: "True" type: Established storedVersions: - v1beta1