├── .gitignore ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE.txt ├── Makefile ├── PREREQUISITES.md ├── PROJECT ├── README.md ├── SECURITY.md ├── THIRD_PARTY_LICENSES.txt ├── THIRD_PARTY_LICENSES_DOCKER.txt ├── apis ├── database │ ├── v1alpha1 │ │ ├── adbfamily_common_spec.go │ │ ├── autonomouscontainerdatabase_types.go │ │ ├── autonomouscontainerdatabase_webhook.go │ │ ├── autonomouscontainerdatabase_webhook_test.go │ │ ├── autonomousdatabase_conversion.go │ │ ├── autonomousdatabase_types.go │ │ ├── autonomousdatabase_webhook.go │ │ ├── autonomousdatabase_webhook_test.go │ │ ├── autonomousdatabasebackup_types.go │ │ ├── autonomousdatabasebackup_webhook.go │ │ ├── autonomousdatabasebackup_webhook_test.go │ │ ├── autonomousdatabaserestore_types.go │ │ ├── autonomousdatabaserestore_webhook.go │ │ ├── autonomousdatabaserestore_webhook_test.go │ │ ├── cdb_types.go │ │ ├── cdb_webhook.go │ │ ├── dataguardbroker_conversion.go │ │ ├── dataguardbroker_types.go │ │ ├── dataguardbroker_webhook.go │ │ ├── dbcssystem_conversion.go │ │ ├── dbcssystem_kms_types.go │ │ ├── dbcssystem_pdbconfig_types.go │ │ ├── dbcssystem_types.go │ │ ├── dbcssystem_webhook.go │ │ ├── groupversion_info.go │ │ ├── oraclerestdataservice_conversion.go │ │ ├── oraclerestdataservice_types.go │ │ ├── oraclerestdataservice_webhook.go │ │ ├── pdb_types.go │ │ ├── pdb_webhook.go │ │ ├── shardingdatabase_conversion.go │ │ ├── shardingdatabase_types.go │ │ ├── shardingdatabase_webhook.go │ │ ├── singleinstancedatabase_conversion.go │ │ ├── singleinstancedatabase_types.go │ │ ├── singleinstancedatabase_webhook.go │ │ ├── webhook_suite_test.go │ │ └── zz_generated.deepcopy.go │ └── v4 │ │ ├── adbfamily_common_spec.go │ │ ├── adbfamily_utils.go │ │ ├── autonomouscontainerdatabase_types.go │ │ ├── autonomouscontainerdatabase_webhook.go │ │ ├── autonomousdatabase_types.go │ │ ├── autonomousdatabase_webhook.go │ │ ├── autonomousdatabasebackup_types.go │ │ ├── autonomousdatabasebackup_webhook.go │ │ ├── autonomousdatabaserestore_types.go │ │ ├── autonomousdatabaserestore_webhook.go │ │ ├── cdb_types.go │ │ ├── cdb_webhook.go │ │ ├── dataguardbroker_conversion.go │ │ ├── dataguardbroker_types.go │ │ ├── dataguardbroker_webhook.go │ │ ├── dbcssystem_conversion.go │ │ ├── dbcssystem_kms_types.go │ │ ├── dbcssystem_pdbconfig_types.go │ │ ├── dbcssystem_types.go │ │ ├── dbcssystem_webhook.go │ │ ├── groupversion_info.go │ │ ├── lrest_types.go │ │ ├── lrest_webhook.go │ │ ├── lrpdb_types.go │ │ ├── lrpdb_webhook.go │ │ ├── oraclerestdataservice_conversion.go │ │ ├── oraclerestdataservice_types.go │ │ ├── oraclerestdataservice_webhook.go │ │ ├── ordssrvs_types.go │ │ ├── pdb_types.go │ │ ├── pdb_webhook.go │ │ ├── shardingdatabase_conversion.go │ │ ├── shardingdatabase_types.go │ │ ├── shardingdatabase_webhook.go │ │ ├── singleinstancedatabase_conversion.go │ │ ├── singleinstancedatabase_types.go │ │ ├── singleinstancedatabase_webhook.go │ │ └── zz_generated.deepcopy.go └── observability │ ├── v1 │ ├── databaseobserver_types.go │ ├── databaseobserver_webhook.go │ ├── groupversion_info.go │ └── zz_generated.deepcopy.go │ ├── v1alpha1 │ ├── databaseobserver_types.go │ ├── databaseobserver_webhook.go │ ├── groupversion_info.go │ └── zz_generated.deepcopy.go │ └── v4 │ ├── databaseobserver_types.go │ ├── databaseobserver_webhook.go │ ├── groupversion_info.go │ └── zz_generated.deepcopy.go ├── bundle.Dockerfile ├── commons ├── adb_family │ └── utils.go ├── annotations │ └── annotations.go ├── database │ ├── constants.go │ ├── podbuilder.go │ ├── svcbuilder.go │ └── utils.go ├── dbcssystem │ ├── dbcs_reconciler.go │ └── dcommon.go ├── finalizer │ └── finalizer.go ├── k8s │ ├── create.go │ ├── fetch.go │ ├── finalizer.go │ └── utils.go ├── multitenant │ └── lrest │ │ └── common.go ├── observability │ ├── constants.go │ └── utils.go ├── oci │ ├── containerdatabase.go │ ├── database.go │ ├── provider.go │ ├── vault.go │ ├── wallet.go │ └── workrequest.go └── sharding │ ├── catalog.go │ ├── exec.go │ ├── gsm.go │ ├── provstatus.go │ ├── scommon.go │ └── shard.go ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ ├── database.oracle.com_DbcsSystem.yaml │ │ ├── database.oracle.com_autonomouscontainerdatabases.yaml │ │ ├── database.oracle.com_autonomousdatabasebackups.yaml │ │ ├── database.oracle.com_autonomousdatabaserestores.yaml │ │ ├── database.oracle.com_autonomousdatabases.yaml │ │ ├── database.oracle.com_cdbs.yaml │ │ ├── database.oracle.com_dataguardbrokers.yaml │ │ ├── database.oracle.com_dbcssystems.yaml │ │ ├── database.oracle.com_lrests.yaml │ │ ├── database.oracle.com_lrpdbs.yaml │ │ ├── database.oracle.com_oraclerestdataservices.yaml │ │ ├── database.oracle.com_ordssrvs.yaml │ │ ├── database.oracle.com_pdbs.yaml │ │ ├── database.oracle.com_shardingdatabases.yaml │ │ ├── database.oracle.com_singleinstancedatabases.yaml │ │ └── observability.oracle.com_databaseobservers.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_autonomouscontainerdatabases.yaml │ │ ├── cainjection_in_autonomousdatabasebackups.yaml │ │ ├── cainjection_in_autonomousdatabaserestores.yaml │ │ ├── cainjection_in_autonomousdatabases.yaml │ │ ├── cainjection_in_cdbs.yaml │ │ ├── cainjection_in_database_dataguardbrokers.yaml │ │ ├── cainjection_in_database_lrests.yaml │ │ ├── cainjection_in_database_lrpdbs.yaml │ │ ├── cainjection_in_database_oraclerestdataservices.yaml │ │ ├── cainjection_in_database_ordssrvs.yaml │ │ ├── cainjection_in_database_singleinstancedatabases.yaml │ │ ├── cainjection_in_dataguardbrokers.yaml │ │ ├── cainjection_in_dbcssystems.yaml │ │ ├── cainjection_in_observability_databaseobservers.yaml │ │ ├── cainjection_in_oraclerestdataservices.yaml │ │ ├── cainjection_in_pdbs.yaml │ │ ├── cainjection_in_shardingdatabases.yaml │ │ ├── cainjection_in_singleinstancedatabases.yaml │ │ ├── cainjenction_in_databaseobservers.yaml │ │ ├── webhook_in_autonomouscontainerdatabases.yaml │ │ ├── webhook_in_autonomousdatabasebackups.yaml │ │ ├── webhook_in_autonomousdatabaserestores.yaml │ │ ├── webhook_in_autonomousdatabases.yaml │ │ ├── webhook_in_cdbs.yaml │ │ ├── webhook_in_databaseobservers.yaml │ │ ├── webhook_in_dataguardbrokers.yaml │ │ ├── webhook_in_dbcssystems.yaml │ │ ├── webhook_in_lrests.yaml │ │ ├── webhook_in_lrpdbs.yaml │ │ ├── webhook_in_oraclerestdataservices.yaml │ │ ├── webhook_in_ordssrvs.yaml │ │ ├── webhook_in_pdbs.yaml │ │ ├── webhook_in_shardingdatabases.yaml │ │ └── webhook_in_singleinstancedatabases.yaml ├── database.oracle.com_DbcsSystem.yaml ├── database.oracle.com_autonomouscontainerdatabases.yaml ├── database.oracle.com_autonomousdatabasebackups.yaml ├── database.oracle.com_autonomousdatabaserestores.yaml ├── database.oracle.com_autonomousdatabases.yaml ├── database.oracle.com_cdbs.yaml ├── database.oracle.com_dataguardbrokers.yaml ├── database.oracle.com_oraclerestdataservices.yaml ├── database.oracle.com_pdbs.yaml ├── database.oracle.com_shardingdatabases.yaml ├── database.oracle.com_singleinstancedatabases.yaml ├── default │ ├── kustomization.yaml │ ├── manager_auth_proxy_patch.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── manifests │ ├── bases │ │ └── oracle-database-operator.clusterserviceversion.yaml │ └── kustomization.yaml ├── observability.oracle.com_databaseobservers.yaml ├── rbac │ ├── auth_proxy_client_clusterrole.yaml │ ├── auth_proxy_role.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── autonomouscontainerdatabase_editor_role.yaml │ ├── autonomouscontainerdatabase_viewer_role.yaml │ ├── autonomousdatabase_editor_role.yaml │ ├── autonomousdatabase_viewer_role.yaml │ ├── autonomousdatabasebackup_editor_role.yaml │ ├── autonomousdatabasebackup_viewer_role.yaml │ ├── autonomousdatabaserestore_editor_role.yaml │ ├── autonomousdatabaserestore_viewer_role.yaml │ ├── cdb_editor_role.yaml │ ├── cdb_viewer_role.yaml │ ├── databaseobserver_editor_role.yaml │ ├── databaseobserver_viewer_role.yaml │ ├── dataguardbroker_editor_role.yaml │ ├── dataguardbroker_viewer_role.yaml │ ├── dbcssystem_editor_role.yaml │ ├── dbcssystem_viewer_role.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── lrest_editor_role.yaml │ ├── lrest_viewer_role.yaml │ ├── lrpdb_editor_role.yaml │ ├── lrpdb_viewer_role.yaml │ ├── oraclerestdataservice_editor_role.yaml │ ├── oraclerestdataservice_viewer_role.yaml │ ├── ordssrvs_editor_role.yaml │ ├── ordssrvs_viewer_role.yaml │ ├── pdb_editor_role.yaml │ ├── pdb_viewer_role.yaml │ ├── provshard_editor_role.yaml │ ├── provshard_viewer_role.yaml │ ├── role.yaml │ ├── role_binding.yaml │ ├── shardingdatabase_editor_role.yaml │ ├── shardingdatabase_viewer_role.yaml │ ├── singleinstancedatabase_editor_role.yaml │ └── singleinstancedatabase_viewer_role.yaml ├── samples │ ├── acd │ │ ├── autonomouscontainerdatabase_bind.yaml │ │ ├── autonomouscontainerdatabase_change_displayname.yaml │ │ ├── autonomouscontainerdatabase_create.yaml │ │ ├── autonomouscontainerdatabase_delete_resource.yaml │ │ └── autonomouscontainerdatabase_restart_terminate.yaml │ ├── adb │ │ ├── autonomousdatabase_backup.yaml │ │ ├── autonomousdatabase_bind.yaml │ │ ├── autonomousdatabase_clone.yaml │ │ ├── autonomousdatabase_create.yaml │ │ ├── autonomousdatabase_delete_resource.yaml │ │ ├── autonomousdatabase_rename.yaml │ │ ├── autonomousdatabase_restore.yaml │ │ ├── autonomousdatabase_scale.yaml │ │ ├── autonomousdatabase_stop_start_terminate.yaml │ │ ├── autonomousdatabase_update_admin_password.yaml │ │ ├── autonomousdatabase_update_mtls.yaml │ │ ├── autonomousdatabase_update_network_access.yaml │ │ └── autonomousdatabase_wallet.yaml │ ├── dbcs │ │ └── database_v1alpha1_dbcssystem.yaml │ ├── kustomization.yaml │ ├── multitenant │ │ ├── cdb.yaml │ │ ├── cdb_secret.yaml │ │ ├── pdb_clone.yaml │ │ ├── pdb_create.yaml │ │ ├── pdb_delete.yaml │ │ ├── pdb_modify.yaml │ │ ├── pdb_plug.yaml │ │ ├── pdb_secret.yaml │ │ └── pdb_unplug.yaml │ ├── observability │ │ ├── databaseobserver.yaml │ │ ├── databaseobserver_custom_config.yaml │ │ ├── databaseobserver_minimal.yaml │ │ ├── databaseobserver_vault.yaml │ │ ├── sample-dashboard.json │ │ ├── sample_config.toml │ │ ├── v1 │ │ │ ├── databaseobserver.yaml │ │ │ ├── databaseobserver_customization_fields.yaml │ │ │ └── databaseobserver_logs_promtail.yaml │ │ ├── v1alpha1 │ │ │ ├── databaseobserver.yaml │ │ │ ├── databaseobserver_custom_config.yaml │ │ │ ├── databaseobserver_logs_promtail.yaml │ │ │ ├── databaseobserver_minimal.yaml │ │ │ └── databaseobserver_vault.yaml │ │ └── v4 │ │ │ ├── databaseobserver.yaml │ │ │ ├── databaseobserver_custom_config.yaml │ │ │ ├── databaseobserver_logs_promtail.yaml │ │ │ ├── databaseobserver_minimal.yaml │ │ │ └── databaseobserver_vault.yaml │ ├── sharding │ │ ├── sharding_v1alpha1_provshard.yaml │ │ ├── sharding_v1alpha1_provshard_clonespec.yaml │ │ ├── sharding_v1alpha1_provshard_clonespec1.yaml │ │ ├── sharding_v1alpha1_provshard_orig.yaml │ │ └── shardingdatabase.yaml │ └── sidb │ │ ├── dataguardbroker.yaml │ │ ├── openshift_rbac.yaml │ │ ├── oraclerestdataservice.yaml │ │ ├── oraclerestdataservice_create.yaml │ │ ├── oraclerestdataservice_secrets.yaml │ │ ├── singleinstancedatabase.yaml │ │ ├── singleinstancedatabase_clone.yaml │ │ ├── singleinstancedatabase_create.yaml │ │ ├── singleinstancedatabase_express.yaml │ │ ├── singleinstancedatabase_free-lite.yaml │ │ ├── singleinstancedatabase_free-truecache.yaml │ │ ├── singleinstancedatabase_free.yaml │ │ ├── singleinstancedatabase_patch.yaml │ │ ├── singleinstancedatabase_prebuiltdb.yaml │ │ ├── singleinstancedatabase_secrets.yaml │ │ ├── singleinstancedatabase_standby.yaml │ │ └── singleinstancedatabase_tcps.yaml ├── scorecard │ ├── bases │ │ └── config.yaml │ ├── kustomization.yaml │ └── patches │ │ ├── basic.config.yaml │ │ └── olm.config.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ ├── manifests.yaml │ └── service.yaml ├── controllers ├── database │ ├── autonomouscontainerdatabase_controller.go │ ├── autonomousdatabase_controller.go │ ├── autonomousdatabasebackup_controller.go │ ├── autonomousdatabaserestore_controller.go │ ├── cdb_controller.go │ ├── dbcssystem_controller.go │ ├── lrest_controller.go │ ├── lrpdb_controller.go │ ├── oraclerestdataservice_controller.go │ ├── ordssrvs_controller.go │ ├── ordssrvs_ordsconfig.go │ ├── pdb_controller.go │ ├── shardingdatabase_controller.go │ ├── singleinstancedatabase_controller.go │ └── suite_test.go ├── dataguard │ ├── datagauard_errors.go │ ├── dataguard_utils.go │ └── dataguardbroker_controller.go └── observability │ ├── databaseobserver_controller.go │ ├── databaseobserver_resource.go │ └── suite_test.go ├── docs ├── adb │ ├── ACD.md │ ├── ADB_LONG_TERM_BACKUP.md │ ├── ADB_PREREQUISITES.md │ ├── ADB_RESTORE.md │ ├── NETWORK_ACCESS_OPTIONS.md │ └── README.md ├── dbcs │ ├── README.md │ ├── provisioning │ │ ├── bind_to_existing_dbcs_system.md │ │ ├── bind_to_existing_dbcs_system.yaml │ │ ├── bind_to_existing_dbcs_system_sample_output.log │ │ ├── clone_dbcs_system.yaml │ │ ├── clone_dbcs_system_from_backup.yaml │ │ ├── clone_dbcs_system_from_backup_sample_output.log │ │ ├── clone_dbcs_system_from_database.yaml │ │ ├── clone_dbcs_system_from_database_sample_output.log │ │ ├── clone_dbcs_system_sample_output.log │ │ ├── clone_from_backup_dbcs.md │ │ ├── clone_from_database.md │ │ ├── clone_from_existing_dbcs.md │ │ ├── create_dbcs_with_kms.md │ │ ├── create_dbcs_with_pdb.md │ │ ├── create_kms.md │ │ ├── create_pdb.md │ │ ├── create_pdb_to_existing_dbcs_system.md │ │ ├── createkms_in_existing_dbcs_system_sample_output.log │ │ ├── createpdb_in_existing_dbcs_system_list.yaml │ │ ├── createpdb_in_existing_dbcs_system_list_sample_output.log │ │ ├── database_connection.md │ │ ├── dbcs_controller_parameters.md │ │ ├── dbcs_service_migrate_to_kms.log │ │ ├── dbcs_service_migrate_to_kms.yaml │ │ ├── dbcs_service_with_2_node_rac.md │ │ ├── dbcs_service_with_2_node_rac.yaml │ │ ├── dbcs_service_with_2_node_rac_sample_output.log │ │ ├── dbcs_service_with_all_parameters_asm.md │ │ ├── dbcs_service_with_all_parameters_asm.yaml │ │ ├── dbcs_service_with_all_parameters_asm_sample_output.log │ │ ├── dbcs_service_with_all_parameters_lvm.md │ │ ├── dbcs_service_with_all_parameters_lvm.yaml │ │ ├── dbcs_service_with_all_parameters_lvm_sample_output.log │ │ ├── dbcs_service_with_kms.yaml │ │ ├── dbcs_service_with_kms_sample_output.log │ │ ├── dbcs_service_with_minimal_parameters.md │ │ ├── dbcs_service_with_minimal_parameters.yaml │ │ ├── dbcs_service_with_minimal_parameters_sample_output.log │ │ ├── dbcs_service_with_pdb.yaml │ │ ├── dbcs_service_with_pdb_sample_output.log │ │ ├── delete_pdb.md │ │ ├── deletepdb_in_existing_dbcs_system_list.yaml │ │ ├── deletepdb_in_existing_dbcs_system_list_sample_output.log │ │ ├── known_issues.md │ │ ├── migrate_to_kms.md │ │ ├── scale_down_dbcs_system_shape.md │ │ ├── scale_down_dbcs_system_shape.yaml │ │ ├── scale_down_dbcs_system_shape_sample_output.log │ │ ├── scale_up_dbcs_system_shape.md │ │ ├── scale_up_dbcs_system_shape.yaml │ │ ├── scale_up_dbcs_system_shape_sample_output.log │ │ ├── scale_up_storage.md │ │ ├── scale_up_storage.yaml │ │ ├── scale_up_storage_sample_output.log │ │ ├── terminate_dbcs_system.md │ │ ├── terminate_dbcs_system.yaml │ │ ├── terminate_dbcs_system_sample_output.log │ │ ├── update_license.md │ │ ├── update_license.yaml │ │ └── update_license_sample_output.log │ └── usecase01 │ │ └── README.md ├── installation │ └── OPERATOR_INSTALLATION_README.md ├── multitenant │ ├── NamespaceSeg.md │ ├── README.md │ ├── lrest-based │ │ ├── README.md │ │ ├── images │ │ │ ├── Generalschema2.jpg │ │ │ └── UsecaseSchema.jpg │ │ └── usecase │ │ │ ├── README.md │ │ │ ├── altersystem_pdb1_resource.yaml │ │ │ ├── cdbnamespace_binding.yaml │ │ │ ├── clone_pdb1_resource.yaml │ │ │ ├── clone_pdb2_resource.yaml │ │ │ ├── close_pdb1_resource.yaml │ │ │ ├── close_pdb2_resource.yaml │ │ │ ├── close_pdb3_resource.yaml │ │ │ ├── config-map-pdb.yaml │ │ │ ├── config_map_pdb.yaml │ │ │ ├── create_lrest_pod.yaml │ │ │ ├── create_pdb1_resource.yaml │ │ │ ├── create_pdb2_resource.yaml │ │ │ ├── delete_pdb1_resource.yaml │ │ │ ├── delete_pdb2_resource.yaml │ │ │ ├── makefile │ │ │ ├── map_pdb1_resource.yaml │ │ │ ├── map_pdb2_resource.yaml │ │ │ ├── map_pdb3_resource.yaml │ │ │ ├── open_pdb1_resource.yaml │ │ │ ├── open_pdb2_resource.yaml │ │ │ ├── open_pdb3_resource.yaml │ │ │ ├── parameters.txt │ │ │ ├── pdbnamespace_binding.yaml │ │ │ ├── plug_pdb1_resource.yaml │ │ │ └── unplug_pdb1_resource.yaml │ ├── ords-based │ │ ├── NamespaceSeg.md │ │ ├── README.md │ │ ├── images │ │ │ ├── K8S_NAMESPACE_SEG.png │ │ │ ├── K8S_SECURE1.png │ │ │ ├── K8S_SECURE2.png │ │ │ ├── K8S_SECURE3.png │ │ │ ├── K8S_SECURE4.png │ │ │ ├── makerunall.png │ │ │ └── makesecrets_1_1.png │ │ ├── openssl_schema.jpg │ │ ├── provisioning │ │ │ ├── example_setup_using_oci_oke_cluster.md │ │ │ ├── multinamespace │ │ │ │ ├── cdb_create.yaml │ │ │ │ ├── pdb_clone.yaml │ │ │ │ ├── pdb_close.yaml │ │ │ │ ├── pdb_create.yaml │ │ │ │ ├── pdb_delete.yaml │ │ │ │ ├── pdb_open.yaml │ │ │ │ ├── pdb_plug.yaml │ │ │ │ └── pdb_unplug.yaml │ │ │ ├── ords_image.md │ │ │ ├── quickOKEcreation.md │ │ │ └── singlenamespace │ │ │ │ ├── cdb_create.yaml │ │ │ │ ├── cdb_secret.yaml │ │ │ │ ├── pdb_clone.yaml │ │ │ │ ├── pdb_close.yaml │ │ │ │ ├── pdb_create.yaml │ │ │ │ ├── pdb_delete.yaml │ │ │ │ ├── pdb_open.yaml │ │ │ │ ├── pdb_plug.yaml │ │ │ │ ├── pdb_secret.yaml │ │ │ │ └── pdb_unplug.yaml │ │ ├── usecase │ │ │ ├── README.md │ │ │ ├── cdbnamespace_binding.yaml │ │ │ ├── clone_pdb1_resource.yaml │ │ │ ├── clone_pdb2_resource.yaml │ │ │ ├── close_pdb1_resource.yaml │ │ │ ├── close_pdb2_resource.yaml │ │ │ ├── close_pdb3_resource.yaml │ │ │ ├── create_ords_pod.yaml │ │ │ ├── create_pdb1_resource.yaml │ │ │ ├── create_pdb2_resource.yaml │ │ │ ├── delete_pdb1_resource.yaml │ │ │ ├── delete_pdb2_resource.yaml │ │ │ ├── makefile │ │ │ ├── map_pdb1_resource.yaml │ │ │ ├── map_pdb2_resource.yaml │ │ │ ├── map_pdb3_resource.yaml │ │ │ ├── open_pdb1_resource.yaml │ │ │ ├── open_pdb2_resource.yaml │ │ │ ├── open_pdb3_resource.yaml │ │ │ ├── parameters.txt │ │ │ ├── pdbnamespace_binding.yaml │ │ │ ├── plug_pdb1_resource.yaml │ │ │ └── unplug_pdb1_resource.yaml │ │ ├── usecase01 │ │ │ ├── README.md │ │ │ ├── ca.crt │ │ │ ├── ca.key │ │ │ ├── ca.srl │ │ │ ├── cdb_create.yaml │ │ │ ├── cdb_secret.yaml │ │ │ ├── clone_pdb1_resource.yaml │ │ │ ├── clone_pdb2_resource.yaml │ │ │ ├── close_pdb1_resource.yaml │ │ │ ├── close_pdb2_resource.yaml │ │ │ ├── close_pdb3_resource.yaml │ │ │ ├── create_ords_pod.yaml │ │ │ ├── create_pdb1_resource.yaml │ │ │ ├── create_pdb2_resource.yaml │ │ │ ├── delete_pdb1_resource.yaml │ │ │ ├── delete_pdb2_resource.yaml │ │ │ ├── extfile.txt │ │ │ ├── logfiles │ │ │ │ ├── BuildImage.log │ │ │ │ ├── ImagePush.log │ │ │ │ ├── cdb.log │ │ │ │ ├── cdb_creation.log │ │ │ │ ├── openssl_execution.log │ │ │ │ ├── ordsconfig.log │ │ │ │ ├── tagandpush.log │ │ │ │ └── testapi.log │ │ │ ├── makefile │ │ │ ├── map_pdb1_resource.yaml │ │ │ ├── map_pdb2_resource.yaml │ │ │ ├── map_pdb3_resource.yaml │ │ │ ├── open_pdb1_resource.yaml │ │ │ ├── open_pdb2_resource.yaml │ │ │ ├── open_pdb3_resource.yaml │ │ │ ├── oracle-database-operator-system_binding.yaml │ │ │ ├── oracle-database-operator.yaml │ │ │ ├── parameters.txt │ │ │ ├── pdb_close.yaml │ │ │ ├── pdb_create.yaml │ │ │ ├── pdb_delete.yaml │ │ │ ├── pdb_map.yaml │ │ │ ├── pdb_open.yaml │ │ │ ├── pdb_secret.yaml │ │ │ ├── plug_pdb1_resource.yaml │ │ │ ├── server.csr │ │ │ ├── tde_secret.yaml │ │ │ ├── tls.crt │ │ │ ├── tls.key │ │ │ └── unplug_pdb1_resource.yaml │ │ └── usecase02 │ │ │ ├── README.md │ │ │ ├── pdb_clone.yaml │ │ │ ├── pdb_plug.yaml │ │ │ ├── pdb_plugtde.yaml │ │ │ ├── pdb_unplug.yaml │ │ │ └── pdb_unplugtde.yaml │ ├── provisioning │ │ └── ords_image.md │ ├── usecase01 │ │ ├── logfiles │ │ │ ├── BuildImage.log │ │ │ ├── openssl_execution.log │ │ │ └── ordsconfig.log │ │ └── makefile │ └── usecase03 │ │ ├── Dockerfile │ │ ├── NamespaceSegregation.png │ │ ├── README.md │ │ ├── cdb_create.yaml │ │ ├── cdb_creation_log.txt │ │ ├── cdb_secret.yaml │ │ ├── gentlscert.sh │ │ ├── makefile │ │ ├── ns_namespace_cdb.yaml │ │ ├── ns_namespace_pdb.yaml │ │ ├── operator_creation_log.txt │ │ ├── pdb_create.yaml │ │ ├── pdb_creation_log.txt │ │ ├── pdb_secret.yaml │ │ └── runOrdsSSL.sh ├── observability │ └── README.md ├── ordsservices │ ├── README.md │ ├── TROUBLESHOOTING.md │ ├── api.md │ ├── autoupgrade.md │ ├── examples │ │ ├── adb.md │ │ ├── adb_oraoper.md │ │ ├── existing_db.md │ │ ├── mongo_api.md │ │ ├── multi_pool.md │ │ ├── ordsnamespace-role-binding.yaml │ │ └── sidb_container.md │ └── usecase01 │ │ ├── create_mong_schema.sql │ │ ├── help │ │ ├── makefile │ │ └── tnsadmin │ │ ├── tnsnames.ora │ │ └── tnsnames.ora.offline ├── sharding │ ├── README.md │ └── provisioning │ │ ├── create_kubernetes_secret_for_db_user.md │ │ ├── database_connection.md │ │ ├── debugging.md │ │ ├── debugging │ │ ├── sharding_provisioning_with_db_events.md │ │ └── sharding_provisioning_with_db_events.yaml │ │ ├── free │ │ ├── sharding_provisioning_with_free_images.md │ │ └── sharding_provisioning_with_free_images.yaml │ │ ├── oraclesi.yaml │ │ ├── oraclesi_pvc_commented.yaml │ │ ├── provisioning_persistent_volume_having_db_gold_image.md │ │ ├── snr_system_sharding │ │ ├── snr_ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md │ │ ├── snr_ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md │ │ ├── snr_ssharding_provisioning_with_chunks_specified.md │ │ ├── snr_ssharding_provisioning_with_control_on_resources.md │ │ ├── snr_ssharding_provisioning_with_notification_using_oci_notification.md │ │ ├── snr_ssharding_provisioning_without_db_gold_image.md │ │ ├── snr_ssharding_scale_in_delete_an_existing_shard.md │ │ ├── snr_ssharding_scale_out_add_shards.md │ │ ├── snr_ssharding_shard_prov.yaml │ │ ├── snr_ssharding_shard_prov_chunks.yaml │ │ ├── snr_ssharding_shard_prov_clone.yaml │ │ ├── snr_ssharding_shard_prov_clone_across_ads.yaml │ │ ├── snr_ssharding_shard_prov_delshard.yaml │ │ ├── snr_ssharding_shard_prov_extshard.yaml │ │ ├── snr_ssharding_shard_prov_memory_cpu.yaml │ │ └── snr_ssharding_shard_prov_send_notification.yaml │ │ ├── system_sharding │ │ ├── ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md │ │ ├── ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md │ │ ├── ssharding_provisioning_with_chunks_specified.md │ │ ├── ssharding_provisioning_with_control_on_resources.md │ │ ├── ssharding_provisioning_with_notification_using_oci_notification.md │ │ ├── ssharding_provisioning_without_db_gold_image.md │ │ ├── ssharding_scale_in_delete_an_existing_shard.md │ │ ├── ssharding_scale_out_add_shards.md │ │ ├── ssharding_shard_prov.yaml │ │ ├── ssharding_shard_prov_chunks.yaml │ │ ├── ssharding_shard_prov_clone.yaml │ │ ├── ssharding_shard_prov_clone_across_ads.yaml │ │ ├── ssharding_shard_prov_delshard.yaml │ │ ├── ssharding_shard_prov_extshard.yaml │ │ ├── ssharding_shard_prov_memory_cpu.yaml │ │ └── ssharding_shard_prov_send_notification.yaml │ │ └── user-defined-sharding │ │ ├── udsharding_provisioning_by_cloning_db_from_gold_image_across_ads.md │ │ ├── udsharding_provisioning_by_cloning_db_gold_image_in_same_ad.md │ │ ├── udsharding_provisioning_with_control_on_resources.md │ │ ├── udsharding_provisioning_with_notification_using_oci_notification.md │ │ ├── udsharding_provisioning_without_db_gold_image.md │ │ ├── udsharding_scale_in_delete_an_existing_shard.md │ │ ├── udsharding_scale_out_add_shards.md │ │ ├── udsharding_shard_prov.yaml │ │ ├── udsharding_shard_prov_clone.yaml │ │ ├── udsharding_shard_prov_clone_across_ads.yaml │ │ ├── udsharding_shard_prov_delshard.yaml │ │ ├── udsharding_shard_prov_extshard.yaml │ │ ├── udsharding_shard_prov_memory_cpu.yaml │ │ └── udsharding_shard_prov_send_notification.yaml └── sidb │ ├── PREREQUISITES.md │ └── README.md ├── go.mod ├── go.sum ├── hack └── boilerplate.go.txt ├── image.png ├── images ├── adb │ ├── acd-id-1.png │ ├── acd-id-2.png │ ├── adb-id-1.png │ ├── adb-id-2.png │ ├── aei-id-1.png │ ├── aei-id-2.png │ ├── compartment-1.png │ ├── compartment-2.png │ ├── instance-principal-1.png │ ├── instance-principal-2.png │ ├── instance-principal-3.png │ ├── instance-principal-4.png │ └── instance-principal-5.png └── sidb │ ├── application-express-admin-home.png │ └── database-actions-home.png ├── main.go ├── oracle-database-operator.yaml ├── ords ├── Dockerfile ├── ords_init.sh └── runOrdsSSL.sh ├── rbac ├── cluster-role-binding.yaml ├── default-ns-role-binding.yaml ├── node-rbac.yaml ├── persistent-volume-rbac.yaml └── storage-class-rbac.yaml ├── set_ocicredentials.sh └── test └── e2e ├── autonomouscontainerdatabase_test.go ├── autonomousdatabase_controller_bind_test.go ├── autonomousdatabase_controller_create_test.go ├── backup.sql ├── behavior └── shared_behaviors.go ├── resource └── test_config.yaml ├── suite_test.go ├── util ├── oci_acd_request.go ├── oci_config_util.go ├── oci_db_request.go ├── oci_work_request.go └── util.go └── verify_connection.sql /.gitignore: -------------------------------------------------------------------------------- 1 | operator.tgz 2 | cover.out 3 | bin 4 | testbin/* 5 | onpremtest/* 6 | ords/*zip 7 | .gitattributes 8 | .vscode 9 | .gitlab-ci.yml 10 | .DS_Store 11 | # development 12 | .idea 13 | .local 14 | -------------------------------------------------------------------------------- /apis/database/v1alpha1/dataguardbroker_conversion.go: -------------------------------------------------------------------------------- 1 | package v1alpha1 2 | 3 | import ( 4 | "sigs.k8s.io/controller-runtime/pkg/conversion" 5 | ) 6 | 7 | func (src *DataguardBroker) ConvertTo(dst conversion.Hub) error { 8 | return nil 9 | } 10 | 11 | // ConvertFrom converts v1 to v1alpha1 12 | func (dst *DataguardBroker) ConvertFrom(src conversion.Hub) error { 13 | return nil 14 | } 15 | -------------------------------------------------------------------------------- /apis/database/v1alpha1/dbcssystem_conversion.go: -------------------------------------------------------------------------------- 1 | package v1alpha1 2 | 3 | import ( 4 | "sigs.k8s.io/controller-runtime/pkg/conversion" 5 | ) 6 | 7 | func (src *DbcsSystem) ConvertTo(dst conversion.Hub) error { 8 | return nil 9 | } 10 | 11 | // ConvertFrom converts v1 to v1alpha1 12 | func (dst *DbcsSystem) ConvertFrom(src conversion.Hub) error { 13 | return nil 14 | } 15 | -------------------------------------------------------------------------------- /apis/database/v1alpha1/oraclerestdataservice_conversion.go: -------------------------------------------------------------------------------- 1 | package v1alpha1 2 | 3 | import ( 4 | "sigs.k8s.io/controller-runtime/pkg/conversion" 5 | ) 6 | 7 | func (src *OracleRestDataService) ConvertTo(dst conversion.Hub) error { 8 | return nil 9 | } 10 | 11 | // ConvertFrom converts v1 to v1alpha1 12 | func (dst *OracleRestDataService) ConvertFrom(src conversion.Hub) error { 13 | return nil 14 | } 15 | -------------------------------------------------------------------------------- /apis/database/v1alpha1/shardingdatabase_conversion.go: -------------------------------------------------------------------------------- 1 | package v1alpha1 2 | 3 | import ( 4 | "sigs.k8s.io/controller-runtime/pkg/conversion" 5 | ) 6 | 7 | func (src *ShardingDatabase) ConvertTo(dst conversion.Hub) error { 8 | return nil 9 | } 10 | 11 | // ConvertFrom converts v1 to v1alpha1 12 | func (dst *ShardingDatabase) ConvertFrom(src conversion.Hub) error { 13 | return nil 14 | } 15 | -------------------------------------------------------------------------------- /apis/database/v1alpha1/singleinstancedatabase_conversion.go: -------------------------------------------------------------------------------- 1 | package v1alpha1 2 | 3 | import ( 4 | "sigs.k8s.io/controller-runtime/pkg/conversion" 5 | ) 6 | 7 | func (src *SingleInstanceDatabase) ConvertTo(dst conversion.Hub) error { 8 | return nil 9 | } 10 | 11 | // ConvertFrom converts v1 to v1alpha1 12 | func (dst *SingleInstanceDatabase) ConvertFrom(src conversion.Hub) error { 13 | return nil 14 | } 15 | -------------------------------------------------------------------------------- /apis/database/v4/dataguardbroker_conversion.go: -------------------------------------------------------------------------------- 1 | package v4 2 | 3 | // Hub defines v1 as the hub version 4 | func (*DataguardBroker) Hub() {} 5 | -------------------------------------------------------------------------------- /apis/database/v4/dbcssystem_conversion.go: -------------------------------------------------------------------------------- 1 | package v4 2 | 3 | // Hub defines v1 as the hub version 4 | func (*DbcsSystem) Hub() {} 5 | -------------------------------------------------------------------------------- /apis/database/v4/oraclerestdataservice_conversion.go: -------------------------------------------------------------------------------- 1 | package v4 2 | 3 | // Hub defines v1 as the hub version 4 | func (*OracleRestDataService) Hub() {} 5 | -------------------------------------------------------------------------------- /apis/database/v4/shardingdatabase_conversion.go: -------------------------------------------------------------------------------- 1 | package v4 2 | 3 | // Hub defines v1 as the hub version 4 | func (*ShardingDatabase) Hub() {} 5 | -------------------------------------------------------------------------------- /apis/database/v4/singleinstancedatabase_conversion.go: -------------------------------------------------------------------------------- 1 | package v4 2 | 3 | // Hub defines v1 as the hub version 4 | func (*SingleInstanceDatabase) Hub() {} 5 | -------------------------------------------------------------------------------- /bundle.Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright (c) 2022, Oracle and/or its affiliates. 2 | # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 | # 4 | 5 | FROM scratch 6 | 7 | # Core bundle labels. 8 | LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 9 | LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ 10 | LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ 11 | LABEL operators.operatorframework.io.bundle.package.v1=oracle-database-operator 12 | LABEL operators.operatorframework.io.bundle.channels.v1=alpha 13 | LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha 14 | LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 15 | LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.6.1+git 16 | LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v2 17 | 18 | # Labels for testing. 19 | LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 20 | LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ 21 | 22 | # Copy files to locations specified by labels. 23 | COPY bundle/manifests /manifests/ 24 | COPY bundle/metadata /metadata/ 25 | COPY bundle/tests/scorecard /tests/scorecard/ 26 | -------------------------------------------------------------------------------- /config/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # The following manifests contain a self-signed issuer CR and a certificate CR. 7 | # More document can be found at https://docs.cert-manager.io 8 | # WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for 9 | # breaking changes 10 | apiVersion: cert-manager.io/v1 11 | kind: Issuer 12 | metadata: 13 | name: selfsigned-issuer 14 | namespace: system 15 | spec: 16 | selfSigned: {} 17 | --- 18 | apiVersion: cert-manager.io/v1 19 | kind: Certificate 20 | metadata: 21 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 22 | namespace: system 23 | spec: 24 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 25 | dnsNames: 26 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 27 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 28 | issuerRef: 29 | kind: Issuer 30 | name: selfsigned-issuer 31 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize 32 | -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | resources: 6 | - certificate.yaml 7 | 8 | configurations: 9 | - kustomizeconfig.yaml 10 | -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # This configuration is for teaching kustomize how to update name ref and var substitution 7 | nameReference: 8 | - kind: Issuer 9 | group: cert-manager.io 10 | fieldSpecs: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/issuerRef/name 14 | 15 | varReference: 16 | - kind: Certificate 17 | group: cert-manager.io 18 | path: spec/commonName 19 | - kind: Certificate 20 | group: cert-manager.io 21 | path: spec/dnsNames 22 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 6 | nameReference: 7 | - kind: Service 8 | version: v1 9 | fieldSpecs: 10 | - kind: CustomResourceDefinition 11 | group: apiextensions.k8s.io 12 | path: spec/conversion/webhookClientConfig/service/name 13 | 14 | namespace: 15 | - kind: CustomResourceDefinition 16 | group: apiextensions.k8s.io 17 | path: spec/conversion/webhookClientConfig/service/namespace 18 | create: false 19 | 20 | varReference: 21 | - path: metadata/annotations 22 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_autonomouscontainerdatabases.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: autonomouscontainerdatabases.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_autonomousdatabasebackups.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: autonomousdatabasebackups.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_autonomousdatabaserestores.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: autonomousdatabaserestores.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_autonomousdatabases.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # The following patch adds a directive for certmanager to inject CA into the CRD 6 | # CRD conversion requires k8s 1.13 or later. 7 | apiVersion: apiextensions.k8s.io/v1 8 | kind: CustomResourceDefinition 9 | metadata: 10 | annotations: 11 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 12 | name: autonomousdatabases.database.oracle.com 13 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_cdbs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: cdbs.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_database_dataguardbrokers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: dataguardbrokers.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_database_lrests.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: lrests.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_database_lrpdbs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: lrpdbs.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_database_oraclerestdataservices.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: oraclerestdataservices.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_database_ordssrvs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: ordssrvs.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_database_singleinstancedatabases.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: singleinstancedatabases.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_dataguardbrokers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: dataguardbrokers.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_dbcssystems.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: dbcssystems.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_observability_databaseobservers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: databaseobservers.observability.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_oraclerestdataservices.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: oraclerestdataservices.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_pdbs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: pdbs.database.oracle.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_shardingdatabases.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # The following patch adds a directive for certmanager to inject CA into the CRD 6 | # CRD conversion requires k8s 1.13 or later. 7 | apiVersion: apiextensions.k8s.io/v1 8 | kind: CustomResourceDefinition 9 | metadata: 10 | annotations: 11 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 12 | name: shardingdatabases.database.oracle.com 13 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_singleinstancedatabases.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # The following patch adds a directive for certmanager to inject CA into the CRD 6 | # CRD conversion requires k8s 1.13 or later. 7 | apiVersion: apiextensions.k8s.io/v1 8 | kind: CustomResourceDefinition 9 | metadata: 10 | annotations: 11 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 12 | name: singleinstancedatabases.database.oracle.com 13 | -------------------------------------------------------------------------------- /config/crd/patches/cainjenction_in_databaseobservers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: databaseobservers.observability.oracle.com -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_autonomouscontainerdatabases.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: autonomouscontainerdatabases.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | clientConfig: 12 | service: 13 | namespace: oracle-database-operator-system 14 | name: oracle-database-operator-webhook-service 15 | path: /convert 16 | conversionReviewVersions: 17 | - v1alpha1 18 | - v1 19 | - v4 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_autonomousdatabasebackups.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: autonomousdatabasebackups.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | clientConfig: 12 | service: 13 | namespace: oracle-database-operator-system 14 | name: oracle-database-operator-webhook-service 15 | path: /convert 16 | conversionReviewVersions: 17 | - v1alpha1 18 | - v1 19 | - v4 -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_autonomousdatabaserestores.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: autonomousdatabaserestores.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhook: 11 | clientConfig: 12 | service: 13 | namespace: oracle-database-operator-system 14 | name: oracle-database-operator-webhook-service 15 | path: /convert 16 | conversionReviewVersions: 17 | - v1alpha1 18 | - v1 19 | - v4 -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_autonomousdatabases.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # The following patch enables conversion webhook for CRD 6 | # CRD conversion requires k8s 1.13 or later. 7 | apiVersion: apiextensions.k8s.io/v1 8 | kind: CustomResourceDefinition 9 | metadata: 10 | name: autonomousdatabases.database.oracle.com 11 | spec: 12 | conversion: 13 | strategy: Webhook 14 | webhook: 15 | clientConfig: 16 | service: 17 | namespace: oracle-database-operator-system 18 | name: oracle-database-operator-webhook-service 19 | path: /convert 20 | conversionReviewVersions: 21 | - v1alpha1 22 | - v1 23 | - v4 24 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_cdbs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: cdbs.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_databaseobservers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: databaseobservers.observability.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_dataguardbrokers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: dataguardbrokers.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_dbcssystems.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: dbcssystems.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_lrests.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: lrests.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_lrpdbs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: lrpdbs.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_oraclerestdataservices.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: oraclerestdataservices.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_ordssrvs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: ordssrvs.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_pdbs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: pdbs.database.oracle.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_shardingdatabases.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # The following patch enables conversion webhook for CRD 6 | # CRD conversion requires k8s 1.13 or later. 7 | apiVersion: apiextensions.k8s.io/v1 8 | kind: CustomResourceDefinition 9 | metadata: 10 | name: shardingdatabases.database.oracle.com 11 | spec: 12 | conversion: 13 | strategy: Webhook 14 | webhookClientConfig: 15 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 16 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 17 | caBundle: Cg== 18 | service: 19 | namespace: system 20 | name: webhook-service 21 | path: /convert 22 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_singleinstancedatabases.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | # The following patch enables conversion webhook for CRD 6 | # CRD conversion requires k8s 1.13 or later. 7 | apiVersion: apiextensions.k8s.io/v1 8 | kind: CustomResourceDefinition 9 | metadata: 10 | name: singleinstancedatabases.database.oracle.com 11 | spec: 12 | conversion: 13 | strategy: Webhook 14 | webhookClientConfig: 15 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 16 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 17 | caBundle: Cg== 18 | service: 19 | namespace: system 20 | name: webhook-service 21 | path: /convert 22 | -------------------------------------------------------------------------------- /config/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # This patch inject a sidecar container which is a HTTP proxy for the 7 | # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | metadata: 11 | name: controller-manager 12 | namespace: system 13 | spec: 14 | template: 15 | spec: 16 | containers: 17 | - name: kube-rbac-proxy 18 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 19 | args: 20 | - "--secure-listen-address=0.0.0.0:8443" 21 | - "--upstream=http://127.0.0.1:8080/" 22 | - "--logtostderr=true" 23 | - "--v=10" 24 | ports: 25 | - containerPort: 8443 26 | name: https 27 | - name: manager 28 | args: 29 | - "--metrics-addr=127.0.0.1:8080" 30 | - "--enable-leader-election" 31 | -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: apps/v1 6 | kind: Deployment 7 | metadata: 8 | name: controller-manager 9 | namespace: system 10 | spec: 11 | template: 12 | spec: 13 | containers: 14 | - name: manager 15 | ports: 16 | - containerPort: 9443 17 | name: webhook-server 18 | protocol: TCP 19 | volumeMounts: 20 | - mountPath: /tmp/k8s-webhook-server/serving-certs 21 | name: cert 22 | readOnly: true 23 | volumes: 24 | - name: cert 25 | secret: 26 | defaultMode: 420 27 | secretName: webhook-server-cert 28 | -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # This patch add annotation to admission webhook config and 7 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 8 | apiVersion: admissionregistration.k8s.io/v1 9 | kind: MutatingWebhookConfiguration 10 | metadata: 11 | name: mutating-webhook-configuration 12 | annotations: 13 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 14 | --- 15 | apiVersion: admissionregistration.k8s.io/v1 16 | kind: ValidatingWebhookConfiguration 17 | metadata: 18 | name: validating-webhook-configuration 19 | annotations: 20 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 21 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | resources: 6 | - manager.yaml 7 | apiVersion: kustomize.config.k8s.io/v1beta1 8 | kind: Kustomization 9 | images: 10 | - name: controller 11 | newName: container-registry.oracle.com/database/operator 12 | newTag: 1.2.0 13 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Namespace 7 | metadata: 8 | labels: 9 | control-plane: controller-manager 10 | name: system 11 | --- 12 | apiVersion: apps/v1 13 | kind: Deployment 14 | metadata: 15 | name: controller-manager 16 | namespace: system 17 | labels: 18 | control-plane: controller-manager 19 | spec: 20 | selector: 21 | matchLabels: 22 | control-plane: controller-manager 23 | replicas: 3 24 | template: 25 | metadata: 26 | labels: 27 | control-plane: controller-manager 28 | spec: 29 | containers: 30 | - command: 31 | - /manager 32 | args: 33 | - --enable-leader-election 34 | image: controller:latest 35 | imagePullPolicy: Always 36 | name: manager 37 | resources: 38 | limits: 39 | cpu: 400m 40 | memory: 400Mi 41 | requests: 42 | cpu: 400m 43 | memory: 400Mi 44 | env: 45 | - name : WATCH_NAMESPACE 46 | value : "" 47 | terminationGracePeriodSeconds: 10 48 | -------------------------------------------------------------------------------- /config/manifests/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | resources: 6 | - ../default 7 | - ../samples 8 | - ../scorecard 9 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_client_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: rbac.authorization.k8s.io/v1 6 | kind: ClusterRole 7 | metadata: 8 | name: metrics-reader 9 | rules: 10 | - nonResourceURLs: ["/metrics"] 11 | verbs: ["get"] 12 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: rbac.authorization.k8s.io/v1 6 | kind: ClusterRole 7 | metadata: 8 | name: oracle-database-operator-proxy-role 9 | rules: 10 | - apiGroups: ["authentication.k8s.io"] 11 | resources: 12 | - tokenreviews 13 | verbs: ["create"] 14 | - apiGroups: ["authorization.k8s.io"] 15 | resources: 16 | - subjectaccessreviews 17 | verbs: ["create"] 18 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: rbac.authorization.k8s.io/v1 6 | kind: ClusterRoleBinding 7 | metadata: 8 | name: proxy-rolebinding 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: oracle-database-operator-proxy-role 13 | subjects: 14 | - kind: ServiceAccount 15 | name: default 16 | namespace: system 17 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Service 7 | metadata: 8 | labels: 9 | control-plane: controller-manager 10 | name: controller-manager-metrics-service 11 | namespace: system 12 | spec: 13 | ports: 14 | - name: https 15 | port: 8443 16 | targetPort: https 17 | selector: 18 | control-plane: controller-manager 19 | -------------------------------------------------------------------------------- /config/rbac/autonomouscontainerdatabase_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit autonomouscontainerdatabases. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: autonomouscontainerdatabase-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - autonomouscontainerdatabases 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - autonomouscontainerdatabases/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/autonomouscontainerdatabase_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view autonomouscontainerdatabases. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: autonomouscontainerdatabase-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - autonomouscontainerdatabases 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - autonomouscontainerdatabases/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/autonomousdatabase_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to edit autonomousdatabases. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: autonomousdatabase-editor-role 11 | rules: 12 | - apiGroups: 13 | - database.oracle.com 14 | resources: 15 | - autonomousdatabases 16 | verbs: 17 | - create 18 | - delete 19 | - get 20 | - list 21 | - patch 22 | - update 23 | - watch 24 | - apiGroups: 25 | - database.oracle.com 26 | resources: 27 | - autonomousdatabases/status 28 | verbs: 29 | - get 30 | -------------------------------------------------------------------------------- /config/rbac/autonomousdatabase_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to view autonomousdatabases. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: autonomousdatabase-viewer-role 11 | rules: 12 | - apiGroups: 13 | - database.oracle.com 14 | resources: 15 | - autonomousdatabases 16 | verbs: 17 | - get 18 | - list 19 | - watch 20 | - apiGroups: 21 | - database.oracle.com 22 | resources: 23 | - autonomousdatabases/status 24 | verbs: 25 | - get 26 | -------------------------------------------------------------------------------- /config/rbac/autonomousdatabasebackup_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit autonomousdatabasebackups. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: autonomousdatabasebackup-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - autonomousdatabasebackups 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - autonomousdatabasebackups/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/autonomousdatabasebackup_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view autonomousdatabasebackups. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: autonomousdatabasebackup-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - autonomousdatabasebackups 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - autonomousdatabasebackups/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/autonomousdatabaserestore_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit autonomousdatabaserestores. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: autonomousdatabaserestore-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - autonomousdatabaserestores 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - autonomousdatabaserestores/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/autonomousdatabaserestore_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view autonomousdatabaserestores. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: autonomousdatabaserestore-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - autonomousdatabaserestores 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - autonomousdatabaserestores/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/cdb_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit cdbs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: cdb-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - cdbs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - cdbs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/cdb_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view cdbs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: cdb-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - cdbs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - cdbs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/databaseobserver_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit databaseobservers. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: databaseobserver-editor-role 6 | rules: 7 | - apiGroups: 8 | - observability.oracle.com 9 | resources: 10 | - databaseobservers 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - observability.oracle.com 21 | resources: 22 | - databaseobservers/status 23 | verbs: 24 | - get -------------------------------------------------------------------------------- /config/rbac/databaseobserver_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view databaseobservers. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: databaseobserver-viewer-role 6 | rules: 7 | - apiGroups: 8 | - observability.oracle.com 9 | resources: 10 | - databaseobservers 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - observability.oracle.com 17 | resources: 18 | - databaseobservers/status 19 | verbs: 20 | - get -------------------------------------------------------------------------------- /config/rbac/dataguardbroker_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit dataguardbrokers. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: dataguardbroker-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - dataguardbrokers 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - dataguardbrokers/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/dataguardbroker_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view dataguardbrokers. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: dataguardbroker-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - dataguardbrokers 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - dataguardbrokers/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/dbcssystem_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit dbcssystems. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: dbcssystem-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - dbcssystems 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - dbcssystems/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/dbcssystem_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view dbcssystems. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: dbcssystem-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - dbcssystems 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - dbcssystems/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | resources: 6 | - role.yaml 7 | - role_binding.yaml 8 | - leader_election_role.yaml 9 | - leader_election_role_binding.yaml 10 | # Comment the following 4 lines if you want to disable 11 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 12 | # which protects your /metrics endpoint. 13 | - auth_proxy_service.yaml 14 | - auth_proxy_role.yaml 15 | - auth_proxy_role_binding.yaml 16 | - auth_proxy_client_clusterrole.yaml 17 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions to do leader election. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: Role 9 | metadata: 10 | name: leader-election-role 11 | rules: 12 | - apiGroups: 13 | - "" 14 | resources: 15 | - configmaps 16 | verbs: 17 | - get 18 | - list 19 | - watch 20 | - create 21 | - update 22 | - patch 23 | - delete 24 | - apiGroups: 25 | - coordination.k8s.io 26 | resources: 27 | - leases 28 | verbs: 29 | - get 30 | - list 31 | - watch 32 | - create 33 | - update 34 | - patch 35 | - delete 36 | - apiGroups: 37 | - "" 38 | resources: 39 | - configmaps/status 40 | verbs: 41 | - get 42 | - update 43 | - patch 44 | - apiGroups: 45 | - "" 46 | resources: 47 | - events 48 | verbs: 49 | - create 50 | - patch 51 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: rbac.authorization.k8s.io/v1 6 | kind: RoleBinding 7 | metadata: 8 | name: oracle-database-operator-leader-election-rolebinding 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: Role 12 | name: leader-election-role 13 | subjects: 14 | - kind: ServiceAccount 15 | name: default 16 | namespace: oracle-db 17 | -------------------------------------------------------------------------------- /config/rbac/lrest_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit lrests. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: lrest-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - lrests 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - lrests/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/lrest_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view lrests. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: lrest-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - lrests 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - lrests/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/lrpdb_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit lrpdbs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: lrpdb-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - lrpdbs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - lrpdbs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/lrpdb_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view lrpdbs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: lrpdb-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - lrpdbs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - lrpdbs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/oraclerestdataservice_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit oraclerestdataservices. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oraclerestdataservice-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - oraclerestdataservices 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - oraclerestdataservices/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/oraclerestdataservice_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view oraclerestdataservices. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oraclerestdataservice-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - oraclerestdataservices 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - oraclerestdataservices/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/ordssrvs_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit ordssrvs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ordssrvs-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - ordssrvs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - ordssrvs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/ordssrvs_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view ordssrvs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: ordssrvs-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - ordssrvs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - ordssrvs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/pdb_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit pdbs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: pdb-editor-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - pdbs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - database.oracle.com 21 | resources: 22 | - pdbs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/pdb_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view pdbs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: pdb-viewer-role 6 | rules: 7 | - apiGroups: 8 | - database.oracle.com 9 | resources: 10 | - pdbs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - database.oracle.com 17 | resources: 18 | - pdbs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/provshard_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to edit provshards. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: provshard-editor-role 11 | rules: 12 | - apiGroups: 13 | - sharding.oracle.com 14 | resources: 15 | - provshards 16 | verbs: 17 | - create 18 | - delete 19 | - get 20 | - list 21 | - patch 22 | - update 23 | - watch 24 | - apiGroups: 25 | - sharding.oracle.com 26 | resources: 27 | - provshards/status 28 | verbs: 29 | - get 30 | -------------------------------------------------------------------------------- /config/rbac/provshard_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to view provshards. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: provshard-viewer-role 11 | rules: 12 | - apiGroups: 13 | - sharding.oracle.com 14 | resources: 15 | - provshards 16 | verbs: 17 | - get 18 | - list 19 | - watch 20 | - apiGroups: 21 | - sharding.oracle.com 22 | resources: 23 | - provshards/status 24 | verbs: 25 | - get 26 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: rbac.authorization.k8s.io/v1 6 | kind: RoleBinding 7 | metadata: 8 | name: oracle-database-operator-manager-rolebinding 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: manager-role 13 | subjects: 14 | - kind: ServiceAccount 15 | name: default 16 | namespace: oracle-db 17 | -------------------------------------------------------------------------------- /config/rbac/shardingdatabase_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to edit shardingdatabases. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: shardingdatabase-editor-role 11 | rules: 12 | - apiGroups: 13 | - database.oracle.com 14 | resources: 15 | - shardingdatabases 16 | verbs: 17 | - create 18 | - delete 19 | - get 20 | - list 21 | - patch 22 | - update 23 | - watch 24 | - apiGroups: 25 | - database.oracle.com 26 | resources: 27 | - shardingdatabases/status 28 | verbs: 29 | - get 30 | -------------------------------------------------------------------------------- /config/rbac/shardingdatabase_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to view shardingdatabases. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: shardingdatabase-viewer-role 11 | rules: 12 | - apiGroups: 13 | - database.oracle.com 14 | resources: 15 | - shardingdatabases 16 | verbs: 17 | - get 18 | - list 19 | - watch 20 | - apiGroups: 21 | - database.oracle.com 22 | resources: 23 | - shardingdatabases/status 24 | verbs: 25 | - get 26 | -------------------------------------------------------------------------------- /config/rbac/singleinstancedatabase_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to edit singleinstancedatabases. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: singleinstancedatabase-editor-role 11 | rules: 12 | - apiGroups: 13 | - database.oracle.com 14 | resources: 15 | - singleinstancedatabases 16 | verbs: 17 | - create 18 | - delete 19 | - get 20 | - list 21 | - patch 22 | - update 23 | - watch 24 | - apiGroups: 25 | - database.oracle.com 26 | resources: 27 | - singleinstancedatabases/status 28 | verbs: 29 | - get 30 | -------------------------------------------------------------------------------- /config/rbac/singleinstancedatabase_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # permissions for end users to view singleinstancedatabases. 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: singleinstancedatabase-viewer-role 11 | rules: 12 | - apiGroups: 13 | - database.oracle.com 14 | resources: 15 | - singleinstancedatabases 16 | verbs: 17 | - get 18 | - list 19 | - watch 20 | - apiGroups: 21 | - database.oracle.com 22 | resources: 23 | - singleinstancedatabases/status 24 | verbs: 25 | - get 26 | -------------------------------------------------------------------------------- /config/samples/acd/autonomouscontainerdatabase_bind.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousContainerDatabase 7 | metadata: 8 | name: autonomouscontainerdatabase-sample 9 | spec: 10 | autonomousContainerDatabaseOCID: ocid1.autonomouscontainerdatabase... 11 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 12 | ociConfig: 13 | configMapName: oci-cred 14 | secretName: oci-privatekey 15 | -------------------------------------------------------------------------------- /config/samples/acd/autonomouscontainerdatabase_change_displayname.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousContainerDatabase 7 | metadata: 8 | name: autonomouscontainerdatabase-sample 9 | spec: 10 | # Update compartmentOCID with your compartment OCID. 11 | compartmentOCID: ocid1.compartment... OR ocid1.tenancy... 12 | displayName: newACD 13 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 14 | ociConfig: 15 | configMapName: oci-cred 16 | secretName: oci-privatekey 17 | -------------------------------------------------------------------------------- /config/samples/acd/autonomouscontainerdatabase_create.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousContainerDatabase 7 | metadata: 8 | name: autonomouscontainerdatabase-sample 9 | spec: 10 | # Update compartmentOCID with your compartment OCID. 11 | compartmentOCID: ocid1.compartment... OR ocid1.tenancy... 12 | autonomousExadataVMClusterOCID: ocid1.autonomousexainfrastructure... 13 | displayName: newACD 14 | # # An optional field for Database Patch model preference. Should be either RELEASE_UPDATES or RELEASE_UPDATE_REVISIONS 15 | # patchModel: RELEASE_UPDATES 16 | 17 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 18 | ociConfig: 19 | configMapName: oci-cred 20 | secretName: oci-privatekey 21 | -------------------------------------------------------------------------------- /config/samples/acd/autonomouscontainerdatabase_delete_resource.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousContainerDatabase 7 | metadata: 8 | name: autonomouscontainerdatabase-sample 9 | spec: 10 | autonomousContainerDatabaseOCID: ocid1.autonomouscontainerdatabase... 11 | # Delete this resource to terminate database after the changes applied 12 | hardLink: true 13 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 14 | ociConfig: 15 | configMapName: oci-cred 16 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/acd/autonomouscontainerdatabase_restart_terminate.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousContainerDatabase 7 | metadata: 8 | name: autonomouscontainerdatabase-sample 9 | spec: 10 | autonomousContainerDatabaseOCID: ocid1.autonomouscontainerdatabase... 11 | # Change the action to "TERMINATE" to terminate the database 12 | action: RESTART 13 | 14 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 15 | ociConfig: 16 | configMapName: oci-cred 17 | secretName: oci-privatekey 18 | -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_backup.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabaseBackup 7 | metadata: 8 | name: autonomousdatabasebackup-sample 9 | spec: 10 | # Before you can create on-demand backups, you must have an Object Storage bucket and your database must be configured to connect to it. This is a one-time operation. 11 | # See https://docs.oracle.com/en-us/iaas/Content/Database/Tasks/adbbackingup.htm#creatingbucket 12 | target: 13 | k8sADB: 14 | name: autonomousdatabase-sample 15 | # # Uncomment the below block if you use ADB OCID as the input of the target ADB 16 | # ociADB: 17 | # ocid: ocid1.autonomousdatabase... 18 | displayName: autonomousdatabasebackup-sample 19 | isLongTermBackup: true 20 | retentionPeriodInDays: 90 # minimum retention period is 90 days 21 | 22 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 23 | ociConfig: 24 | configMapName: oci-cred 25 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_bind.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | action: Sync 11 | details: 12 | id: ocid1.autonomousdatabase... 13 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 14 | ociConfig: 15 | configMapName: oci-cred 16 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_delete_resource.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | details: 11 | id: ocid1.autonomousdatabase... 12 | # Delete this resource to terminate database after the changes applied 13 | hardLink: true 14 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 15 | ociConfig: 16 | configMapName: oci-cred 17 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_rename.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | action: Update 11 | details: 12 | id: ocid1.autonomousdatabase... 13 | # The database name 14 | dbName: RenamedADB 15 | # The user-friendly name for the Autonomous Database 16 | displayName: RenamedADB 17 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 18 | ociConfig: 19 | configMapName: oci-cred 20 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_scale.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | action: Update 11 | details: 12 | id: ocid1.autonomousdatabase... 13 | # Your database's OPCU core count 14 | cpuCoreCount: 2 15 | # Your database's storage size in TB 16 | dataStorageSizeInTBs: 2 17 | # Enable/Disable auto scaling for your database 18 | isAutoScalingEnabled: true 19 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 20 | ociConfig: 21 | configMapName: oci-cred 22 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_stop_start_terminate.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | 11 | action: Stop # Use the value "Start" to start the database 12 | details: 13 | id: ocid1.autonomousdatabase... 14 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 15 | ociConfig: 16 | configMapName: oci-cred 17 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_update_admin_password.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | action: Update 11 | details: 12 | id: ocid1.autonomousdatabase... 13 | adminPassword: 14 | # Comment out k8sSecret and uncomment ociSecret if you pass the admin password using OCI Secret. 15 | k8sSecret: 16 | # The Name of the K8s secret where you want to hold the password of the ADMIN account. 17 | name: new-admin-password 18 | # ociSecret: 19 | # # The OCID of the OCI Secret that holds the password of the ADMIN account. It should start with ocid1.vaultsecret... . 20 | # id: ocid1.vaultsecret... 21 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 22 | ociConfig: 23 | configMapName: oci-cred 24 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/adb/autonomousdatabase_update_mtls.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: AutonomousDatabase 7 | metadata: 8 | name: autonomousdatabase-sample 9 | spec: 10 | action: Update 11 | details: 12 | id: ocid1.autonomousdatabase... 13 | # Set the patameter to false to allow both TLS and mutual TLS (mTLS) authentication, or true to require mTLS connections and disallow TLS connections. 14 | isMTLSConnectionRequired: true 15 | 16 | # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal. 17 | ociConfig: 18 | configMapName: oci-cred 19 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/dbcs/database_v1alpha1_dbcssystem.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/samples/multitenant/cdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: cdb1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | ords_pwd: "[base64 encode value]" 13 | sysadmin_pwd: "[base64 encode value]" 14 | cdbadmin_user: "[base64 encode value]" 15 | cdbadmin_pwd: "[base64 encode value]" 16 | webserver_user: "[base64 encode values]" 17 | webserver_pwd: "[base64 encode values]" 18 | -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_clone.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: PDB 7 | metadata: 8 | name: pdb1-clone 9 | namespace: oracle-database-operator-system 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | cdbName: "devcdb" 15 | pdbName: "pdbdevclone" 16 | adminName: 17 | secret: 18 | secretName: "pdb1-secret" 19 | key: "sysadmin_user" 20 | adminPwd: 21 | secret: 22 | secretName: "pdb1-secret" 23 | key: "sysadmin_pwd" 24 | fileNameConversions: "NONE" 25 | totalSize: "1G" 26 | tempSize: "100M" 27 | action: "Clone" 28 | -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_create.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: PDB 7 | metadata: 8 | name: pdb1 9 | namespace: oracle-database-operator-system 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | cdbName: "devcdb" 15 | pdbName: "pdbdev" 16 | adminName: 17 | secret: 18 | secretName: "pdb1-secret" 19 | key: "sysadmin_user" 20 | adminPwd: 21 | secret: 22 | secretName: "pdb1-secret" 23 | key: "sysadmin_pwd" 24 | fileNameConversions: "NONE" 25 | totalSize: "1G" 26 | tempSize: "100M" 27 | action: "Create" 28 | -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_delete.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: PDB 7 | metadata: 8 | name: pdb1 9 | namespace: oracle-database-operator-system 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | pdbName: "pdbdev" 15 | action: "Delete" 16 | dropAction: "INCLUDING" -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_modify.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: PDB 7 | metadata: 8 | name: pdb1 9 | namespace: oracle-database-operator-system 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | cdbName: "democdb" 15 | pdbName: "demotest" 16 | action: "Modify" 17 | pdbState: "CLOSE" 18 | modifyOption: "IMMEDIATE" 19 | 20 | # To Open an existing PDB, uncomment the below lines and comment the two lines above 21 | #pdbState: "OPEN" 22 | #modifyOption: "READ WRITE" -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_plug.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: PDB 7 | metadata: 8 | name: pdb1 9 | namespace: oracle-database-operator-system 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | pdbName: "pdbdev" 15 | xmlFileName: "/opt/oracle/oradata/pdbdev.xml" 16 | sourceFileNameConversions: "NONE" 17 | fileNameConversions: "NONE" 18 | copyAction: "NOCOPY" 19 | action: "Plug" -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: pdb1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | sysadmin_user: "[ base64 encode value]" 13 | sysadmin_pwd: "[ base64 encode value]" 14 | -------------------------------------------------------------------------------- /config/samples/multitenant/pdb_unplug.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: PDB 7 | metadata: 8 | name: pdb1 9 | namespace: oracle-database-operator-system 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | pdbName: "pdbdev" 15 | xmlFileName: "/opt/oracle/oradata/demotest_pdb.xml" 16 | action: "Unplug" 17 | tdeExport: true 18 | tdeSecret: 19 | secret: 20 | secretName: "pdb1-secret" 21 | key: "tde_secret" 22 | tdeKeystorePath: "/opt/oracle/test" 23 | tdePassword: 24 | secret: 25 | secretName: "pdb1-secret" 26 | key: "tde_pwd" 27 | getScript: true -------------------------------------------------------------------------------- /config/samples/observability/databaseobserver.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | spec: 7 | database: 8 | dbUser: 9 | key: "username" 10 | secret: db-secret 11 | 12 | dbPassword: 13 | key: "password" 14 | secret: db-secret 15 | 16 | dbConnectionString: 17 | key: "connection" 18 | secret: db-secret 19 | 20 | dbWallet: 21 | secret: instance-wallet 22 | 23 | exporter: 24 | image: "container-registry.oracle.com/database/observability-exporter:latest" 25 | configuration: 26 | configmap: 27 | key: "config.toml" 28 | configmapName: "devcm-oradevdb-config" 29 | 30 | service: 31 | port: 9161 32 | 33 | prometheus: 34 | port: metrics 35 | labels: 36 | app: app-sample-label 37 | 38 | replicas: 1 39 | 40 | ociConfig: 41 | configMapName: oci-cred 42 | secretName: oci-privatekey 43 | 44 | 45 | -------------------------------------------------------------------------------- /config/samples/observability/databaseobserver_custom_config.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | namespace: observer 7 | spec: 8 | database: 9 | dbUser: 10 | key: "username" 11 | secret: db-secret 12 | 13 | dbPassword: 14 | key: "password" 15 | secret: db-secret 16 | 17 | dbConnectionString: 18 | key: "connection" 19 | secret: db-secret 20 | 21 | dbWallet: 22 | secret: instance-wallet 23 | 24 | exporter: 25 | configuration: 26 | configmap: 27 | key: "config.toml" 28 | configmapName: "devcm-oradevdb-config" -------------------------------------------------------------------------------- /config/samples/observability/databaseobserver_minimal.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | namespace: observer 7 | spec: 8 | database: 9 | dbUser: 10 | key: "username" 11 | secret: db-secret 12 | 13 | dbPassword: 14 | key: "password" 15 | secret: db-secret 16 | 17 | dbConnectionString: 18 | key: "connection" 19 | secret: db-secret 20 | 21 | dbWallet: 22 | secret: instance-wallets -------------------------------------------------------------------------------- /config/samples/observability/databaseobserver_vault.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | spec: 7 | database: 8 | dbUser: 9 | key: "username" 10 | secret: db-secret 11 | 12 | dbPassword: 13 | vaultSecretName: sample_secret 14 | vaultOCID: ocid1.vault.oc1.. 15 | 16 | dbConnectionString: 17 | key: "connection" 18 | secret: db-secret 19 | 20 | dbWallet: 21 | secret: instance-wallet 22 | 23 | ociConfig: 24 | configMapName: oci-cred 25 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/observability/sample_config.toml: -------------------------------------------------------------------------------- 1 | [[metric]] 2 | context = "obaas_db_system" 3 | labels = [ "name" ] 4 | metricsdesc = { value = "Database system resources metric" } 5 | request = ''' 6 | select name, value 7 | from v$parameter 8 | where name in ('cpu_count', 'sga_max_size', 'pga_aggregate_limit') 9 | ''' 10 | 11 | [[metric]] 12 | context = "obaas_db_platform" 13 | labels = [ "platform_name" ] 14 | metricsdesc = { value = "Database platform" } 15 | request = ''' 16 | SELECT platform_name, 1 as value FROM v$database 17 | ''' 18 | 19 | [[metric]] 20 | context = "obaas_top_sql" 21 | labels = [ "sql_id", "sql_text" ] 22 | metricsdesc = { elapsed = "SQL statement elapsed time running" } 23 | request = ''' 24 | select * from ( 25 | select sql_id, elapsed_time / 1000000 as elapsed, SUBSTRB(REPLACE(sql_text,'',' '),1,55) as sql_text 26 | from V$SQLSTATS 27 | order by elapsed_time desc 28 | ) where ROWNUM <= 15 29 | ''' 30 | -------------------------------------------------------------------------------- /config/samples/observability/v1alpha1/databaseobserver_custom_config.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | labels: 7 | app.kubernetes.io/name: observability-exporter 8 | app.kubernetes.io/instance: obs-sample 9 | app.kubernetes.io/version: 1.5.1 10 | spec: 11 | database: 12 | dbUser: 13 | key: "username" 14 | secret: db-secret 15 | 16 | dbPassword: 17 | key: "password" 18 | secret: db-secret 19 | 20 | dbConnectionString: 21 | key: "connection" 22 | secret: db-secret 23 | 24 | dbWallet: 25 | secret: instance-wallet 26 | 27 | inherit_labels: 28 | - app.kubernetes.io/name 29 | - app.kubernetes.io/instance 30 | - app.kubernetes.io/version 31 | 32 | exporter: 33 | deployment: 34 | image: "container-registry.oracle.com/database/observability-exporter:1.5.1" 35 | args: [ "--log.level=info" ] 36 | commands: [ "/oracledb_exporter" ] 37 | 38 | prometheus: 39 | serviceMonitor: 40 | labels: 41 | release: prometheus 42 | 43 | configuration: 44 | configMap: 45 | key: "config.toml" 46 | name: "devcm-oradevdb-config" -------------------------------------------------------------------------------- /config/samples/observability/v1alpha1/databaseobserver_minimal.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | spec: 7 | database: 8 | dbUser: 9 | key: "username" 10 | secret: db-secret 11 | 12 | dbPassword: 13 | key: "password" 14 | secret: db-secret 15 | 16 | dbConnectionString: 17 | key: "connection" 18 | secret: db-secret 19 | 20 | dbWallet: 21 | secret: instance-wallets 22 | 23 | prometheus: 24 | serviceMonitor: 25 | labels: 26 | release: prometheus -------------------------------------------------------------------------------- /config/samples/observability/v1alpha1/databaseobserver_vault.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v1alpha1 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | spec: 7 | database: 8 | dbUser: 9 | key: "username" 10 | secret: db-secret 11 | 12 | dbPassword: 13 | vaultSecretName: sample_secret 14 | vaultOCID: ocid1.vault.oc1.. 15 | 16 | dbConnectionString: 17 | key: "connection" 18 | secret: db-secret 19 | 20 | dbWallet: 21 | secret: instance-wallet 22 | 23 | prometheus: 24 | serviceMonitor: 25 | labels: 26 | release: prometheus 27 | 28 | ociConfig: 29 | configMapName: oci-cred 30 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/observability/v4/databaseobserver_custom_config.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v4 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | labels: 7 | app.kubernetes.io/name: observability-exporter 8 | app.kubernetes.io/instance: obs-sample 9 | app.kubernetes.io/version: latest 10 | spec: 11 | database: 12 | dbUser: 13 | key: "username" 14 | secret: db-secret 15 | 16 | dbPassword: 17 | key: "password" 18 | secret: db-secret 19 | 20 | dbConnectionString: 21 | key: "connection" 22 | secret: db-secret 23 | 24 | dbWallet: 25 | secret: instance-wallet 26 | 27 | inherit_labels: 28 | - app.kubernetes.io/name 29 | - app.kubernetes.io/instance 30 | - app.kubernetes.io/version 31 | 32 | exporter: 33 | deployment: 34 | image: "container-registry.oracle.com/database/observability-exporter:1.5.1" 35 | args: [ "--log.level=info" ] 36 | commands: [ "/oracledb_exporter" ] 37 | 38 | configuration: 39 | configMap: 40 | key: "config.toml" 41 | name: "devcm-oradevdb-config" 42 | 43 | prometheus: 44 | serviceMonitor: 45 | labels: 46 | release: prometheus -------------------------------------------------------------------------------- /config/samples/observability/v4/databaseobserver_minimal.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v4 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | spec: 7 | database: 8 | dbUser: 9 | key: "username" 10 | secret: db-secret 11 | 12 | dbPassword: 13 | key: "password" 14 | secret: db-secret 15 | 16 | dbConnectionString: 17 | key: "connection" 18 | secret: db-secret 19 | 20 | dbWallet: 21 | secret: instance-wallets 22 | 23 | prometheus: 24 | serviceMonitor: 25 | labels: 26 | release: prometheus 27 | -------------------------------------------------------------------------------- /config/samples/observability/v4/databaseobserver_vault.yaml: -------------------------------------------------------------------------------- 1 | # example 2 | apiVersion: observability.oracle.com/v4 3 | kind: DatabaseObserver 4 | metadata: 5 | name: obs-sample 6 | labels: 7 | app.kubernetes.io/name: observability-exporter 8 | app.kubernetes.io/instance: obs-sample 9 | app.kubernetes.io/version: latest 10 | spec: 11 | database: 12 | dbUser: 13 | key: "username" 14 | secret: db-secret 15 | 16 | dbPassword: 17 | vaultSecretName: sample_secret 18 | vaultOCID: ocid1.vault.oc1.. 19 | 20 | dbConnectionString: 21 | key: "connection" 22 | secret: db-secret 23 | 24 | dbWallet: 25 | secret: instance-wallet 26 | 27 | inherit_labels: 28 | - app.kubernetes.io/name 29 | - app.kubernetes.io/instance 30 | - app.kubernetes.io/version 31 | 32 | prometheus: 33 | serviceMonitor: 34 | labels: 35 | release: prometheus 36 | 37 | ociConfig: 38 | configMapName: oci-cred 39 | secretName: oci-privatekey -------------------------------------------------------------------------------- /config/samples/sharding/sharding_v1alpha1_provshard.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: sharding.oracle.com/v1alpha1 6 | kind: ProvShard 7 | metadata: 8 | name: provshard-sample 9 | spec: 10 | shard: 11 | - name: prod 12 | storageSizeInGb: 50 13 | catalog: 14 | - name: catalog 15 | storageSizeInGb: 50 16 | gsm: 17 | - name: gsm1 18 | storageSizeInGb: 50 19 | replicas: 1 20 | - name: gsm2 21 | storageSizeInGb: 50 22 | replicas: 1 23 | storageClass: oci 24 | dbImage: phx.ocir.io/intsanjaysingh/db-repo/oracle/database:21.3.0-ee 25 | gsmImage: phx.ocir.io/intsanjaysingh/db-repo/oracle/database-gsm:21.3.0 26 | secret: db-user-pass 27 | isExternalSvc: false 28 | namespace: sample-shard 29 | -------------------------------------------------------------------------------- /config/samples/sharding/shardingdatabase.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v1alpha1 6 | kind: ShardingDatabase 7 | metadata: 8 | name: shardingdatabase-sample 9 | spec: 10 | # Add fields here 11 | foo: bar 12 | -------------------------------------------------------------------------------- /config/samples/sidb/oraclerestdataservice_secrets.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | ## ORDS password secret 7 | apiVersion: v1 8 | kind: Secret 9 | metadata: 10 | name: ords-secret 11 | namespace: default 12 | type: Opaque 13 | stringData: 14 | ## Specify your ORDS password here 15 | oracle_pwd: 16 | -------------------------------------------------------------------------------- /config/samples/sidb/singleinstancedatabase_prebuiltdb.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2023, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | apiVersion: database.oracle.com/v4 7 | kind: SingleInstanceDatabase 8 | metadata: 9 | name: prebuiltdb-sample 10 | namespace: default 11 | spec: 12 | 13 | ## DB edition 14 | edition: free 15 | 16 | ## Secret containing SIDB password mapped to secretKey 17 | adminPassword: 18 | secretName: prebuiltdb-admin-secret 19 | 20 | ## Database Image 21 | image: 22 | pullFrom: container-registry.oracle.com/database/free:latest 23 | prebuiltDB: true 24 | 25 | ## Persistence is optional for prebuilt DB image 26 | ## if specified, the prebuilt DB datafiles are copied over to the persistant volume before DB startup 27 | #persistence: 28 | # size: 50Gi 29 | # storageClass: "oci-bv" 30 | # accessMode: "ReadWriteOnce" 31 | 32 | ## Count of Database Pods. 33 | replicas: 1 34 | -------------------------------------------------------------------------------- /config/scorecard/bases/config.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | kind: Configuration 6 | apiversion: scorecard.operatorframework.io/v1alpha3 7 | metadata: 8 | name: config 9 | stages: 10 | - parallel: true 11 | tests: 12 | - image: quay.io/operator-framework/scorecard-test:latest 13 | entrypoint: 14 | - scorecard-test 15 | - basic-check-spec 16 | labels: 17 | suite: basic 18 | test: basic-check-spec-test 19 | - image: quay.io/operator-framework/scorecard-test:latest 20 | entrypoint: 21 | - scorecard-test 22 | - olm-bundle-validation 23 | labels: 24 | suite: olm 25 | test: olm-bundle-validation-test 26 | -------------------------------------------------------------------------------- /config/scorecard/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | resources: 6 | - bases/config.yaml 7 | patchesJson6902: 8 | - path: patches/basic.config.yaml 9 | target: 10 | group: scorecard.operatorframework.io 11 | version: v1alpha3 12 | kind: Configuration 13 | name: config 14 | - path: patches/olm.config.yaml 15 | target: 16 | group: scorecard.operatorframework.io 17 | version: v1alpha3 18 | kind: Configuration 19 | name: config 20 | # +kubebuilder:scaffold:patchesJson6902 21 | -------------------------------------------------------------------------------- /config/scorecard/patches/basic.config.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | - op: add 6 | path: /stages/0/tests/- 7 | value: 8 | entrypoint: 9 | - scorecard-test 10 | - basic-check-spec 11 | image: quay.io/operator-framework/scorecard-test:v1.2.0 12 | labels: 13 | suite: basic 14 | test: basic-check-spec-test 15 | -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | resources: 6 | - manifests.yaml 7 | - service.yaml 8 | 9 | configurations: 10 | - kustomizeconfig.yaml 11 | -------------------------------------------------------------------------------- /config/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | 6 | # the following config is for teaching kustomize where to look at when substituting vars. 7 | # It requires kustomize v2.1.0 or newer to work properly. 8 | nameReference: 9 | - kind: Service 10 | version: v1 11 | fieldSpecs: 12 | - kind: MutatingWebhookConfiguration 13 | group: admissionregistration.k8s.io 14 | path: webhooks/clientConfig/service/name 15 | - kind: ValidatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/name 18 | 19 | namespace: 20 | - kind: MutatingWebhookConfiguration 21 | group: admissionregistration.k8s.io 22 | path: webhooks/clientConfig/service/namespace 23 | create: true 24 | - kind: ValidatingWebhookConfiguration 25 | group: admissionregistration.k8s.io 26 | path: webhooks/clientConfig/service/namespace 27 | create: true 28 | 29 | varReference: 30 | - path: metadata/annotations 31 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Service 7 | metadata: 8 | name: webhook-service 9 | namespace: system 10 | spec: 11 | ports: 12 | - port: 443 13 | protocol: TCP 14 | targetPort: 9443 15 | selector: 16 | control-plane: controller-manager 17 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/bind_to_existing_dbcs_system.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/clone_dbcs_system.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-clone 5 | namespace: default 6 | spec: 7 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaqui4hoqdyzmzl65jwkncyp3bnohengniqienetsdzw2q" 8 | ociConfigMap: "oci-cred" 9 | ociSecret: "oci-privatekey" 10 | setupDBCloning: true 11 | dbClone: 12 | dbAdminPasswordSecret: "admin-password" 13 | dbName: "db1212" 14 | hostName: "host1213" 15 | displayName: "dbsystem01312" 16 | licenseModel: "BRING_YOUR_OWN_LICENSE" 17 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 18 | sshPublicKeys: 19 | - "oci-publickey" 20 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" -------------------------------------------------------------------------------- /docs/dbcs/provisioning/clone_dbcs_system_from_backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-clone 5 | namespace: default 6 | spec: 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | setupDBCloning: true 10 | dbBackupId: "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyaae3fmnpacavkuwt2zqaj5q3gol2g6m6tirriveytoarq" 11 | dbClone: 12 | dbAdminPasswordSecret: "admin-password" 13 | tdeWalletPasswordSecret: "tde-password" 14 | dbName: "db1212" 15 | hostName: "host1213" 16 | displayName: "dbsystem01312" 17 | licenseModel: "BRING_YOUR_OWN_LICENSE" 18 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 19 | sshPublicKeys: 20 | - "oci-publickey" 21 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 22 | initialDataStorageSizeInGB: 256 -------------------------------------------------------------------------------- /docs/dbcs/provisioning/clone_dbcs_system_from_database.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-clone 5 | namespace: default 6 | spec: 7 | databaseId: "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyapxtsgw6hy3kyosmrawefq2csm4kjv4d5au7biuiaabsq" 8 | ociConfigMap: "oci-cred" 9 | ociSecret: "oci-privatekey" 10 | setupDBCloning: true 11 | dbClone: 12 | dbAdminPasswordSecret: "admin-password" 13 | tdeWalletPasswordSecret: "tde-password" 14 | dbName: "db1212" 15 | hostName: "host1213" 16 | displayName: "dbsystem01312" 17 | licenseModel: "BRING_YOUR_OWN_LICENSE" 18 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 19 | sshPublicKeys: 20 | - "oci-publickey" 21 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 22 | initialDataStorageSizeInGB: 256 -------------------------------------------------------------------------------- /docs/dbcs/provisioning/createkms_in_existing_dbcs_system_sample_output.log: -------------------------------------------------------------------------------- 1 | # To be added -------------------------------------------------------------------------------- /docs/dbcs/provisioning/createpdb_in_existing_dbcs_system_list.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | pdbConfigs: 10 | - pdbName: "pdb_sauahuja_sdk_13" 11 | tdeWalletPassword: "tde-password" 12 | pdbAdminPassword: "pdb-password" 13 | shouldPdbAdminAccountBeLocked: false 14 | freeformTags: 15 | Department: "Finance" 16 | - pdbName: "pdb_sauahuja_sdk_14" 17 | tdeWalletPassword: "tde-password" 18 | pdbAdminPassword: "pdb-password" 19 | shouldPdbAdminAccountBeLocked: false 20 | freeformTags: 21 | Department: "HR" 22 | - pdbName: "pdb_sauahuja_sdk_15" 23 | tdeWalletPassword: "tde-password" 24 | pdbAdminPassword: "pdb-password" 25 | shouldPdbAdminAccountBeLocked: false 26 | freeformTags: 27 | Department: "IT" -------------------------------------------------------------------------------- /docs/dbcs/provisioning/dbcs_service_migrate_to_kms.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyafdoaarkuhhxjfgjrzjtxpbcaycib3woadfmcz545mwua" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | dbSystem: 10 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 11 | dbAdminPasswordSecret: "admin-password" 12 | tdeWalletPasswordSecret: "tde-password" 13 | kmsConfig: 14 | vaultName: "dbvault" 15 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 16 | keyName: "dbkey" -------------------------------------------------------------------------------- /docs/dbcs/provisioning/dbcs_service_with_kms.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-create 5 | spec: 6 | ociConfigMap: "oci-cred" 7 | ociSecret: "oci-privatekey" 8 | dbSystem: 9 | availabilityDomain: "OLou:AP-MUMBAI-1-AD-1" 10 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 11 | dbAdminPasswordSecret: "admin-password" 12 | dbEdition: "ENTERPRISE_EDITION_HIGH_PERFORMANCE" 13 | dbName: "kmsdb" 14 | displayName: "kmsdbsystem" 15 | licenseModel: "BRING_YOUR_OWN_LICENSE" 16 | dbVersion: "19c" 17 | dbWorkload: "OLTP" 18 | hostName: "kmshost" 19 | shape: "VM.Standard2.2" 20 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 21 | sshPublicKeys: 22 | - "oci-publickey" 23 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 24 | kmsConfig: 25 | vaultName: "dbvault" 26 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 27 | keyName: "dbkey" -------------------------------------------------------------------------------- /docs/dbcs/provisioning/dbcs_service_with_minimal_parameters.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-create 5 | spec: 6 | ociConfigMap: "oci-cred" 7 | ociSecret: "oci-privatekey" 8 | dbSystem: 9 | availabilityDomain: "OLou:AP-MUMBAI-1-AD-1" 10 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 11 | dbAdminPasswordSecret: "admin-password" 12 | dbEdition: "ENTERPRISE_EDITION_HIGH_PERFORMANCE" 13 | dbName: "cdb1" 14 | displayName: "dbsystem1234" 15 | licenseModel: "BRING_YOUR_OWN_LICENSE" 16 | dbVersion: "19c" 17 | dbWorkload: "OLTP" 18 | hostName: "host1234" 19 | shape: "VM.Standard2.1" 20 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 21 | sshPublicKeys: 22 | - "oci-publickey" 23 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 24 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/deletepdb_in_existing_dbcs_system_list.yaml: -------------------------------------------------------------------------------- 1 | kind: DbcsSystem 2 | metadata: 3 | name: dbcssystem-existing 4 | namespace: default 5 | spec: 6 | id: "ocid1.dbsystem.oc1.iad.anuwcljsabf7htyag4akvoakzw4qk7cae55qyp7hlffbouozvyl5ngoputza" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | pdbConfigs: 10 | - pdbName: "pdb_sauahuja_11" 11 | isDelete: true 12 | - pdbName: "pdb_sauahuja_12" 13 | isDelete: true -------------------------------------------------------------------------------- /docs/dbcs/provisioning/known_issues.md: -------------------------------------------------------------------------------- 1 | # Known Issues - Oracle DB Operator DBCS Controller 2 | 3 | Below are the known issues using the Oracle DB Operator DBCS Controller: 4 | 5 | 1. There is a known issue related to the DB Version 19c, 12c and 11g when used with the Oracle DB Operator DBCS Controller. DB Version 21c and 18c work with the controller. 6 | 2. In order to scale up storage of an existing DBCS system, the steps will be: 7 | * Bind the existing DBCS System to DBCS Controller. 8 | * Apply the change to scale up its storage. 9 | This causes issue. The actual real step sequence that work is 10 | * Bind 11 | * Apply Shape change 12 | * Apply scale storage change 13 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/scale_down_dbcs_system_shape.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | dbSystem: 10 | availabilityDomain: "OLou:AP-MUMBAI-1-AD-1" 11 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 12 | dbAdminPasswordSecret: "admin-password" 13 | hostName: "host1234" 14 | shape: "VM.Standard2.1" 15 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 16 | sshPublicKeys: 17 | - "oci-publickey" 18 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 19 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/scale_up_dbcs_system_shape.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | dbSystem: 10 | availabilityDomain: "OLou:AP-MUMBAI-1-AD-1" 11 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 12 | dbAdminPasswordSecret: "admin-password" 13 | hostName: "host1234" 14 | shape: "VM.Standard2.2" 15 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 16 | sshPublicKeys: 17 | - "oci-publickey" 18 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 19 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/scale_up_storage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | dbSystem: 10 | availabilityDomain: "OLou:AP-MUMBAI-1-AD-1" 11 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 12 | dbAdminPasswordSecret: "admin-password" 13 | hostName: "host1234" 14 | shape: "VM.Standard2.1" 15 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 16 | initialDataStorageSizeInGB: 512 17 | sshPublicKeys: 18 | - "oci-publickey" 19 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" -------------------------------------------------------------------------------- /docs/dbcs/provisioning/terminate_dbcs_system.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-terminate 5 | spec: 6 | hardLink: True 7 | id: "ocid1.dbsystem.oc1.phx.anyhqljrabf7htyanr3lnp6wtu5ld7qwszohiteodvwahonr2yymrftarkqa" 8 | ociConfigMap: "oci-cred" 9 | ociSecret: "oci-privatekey" 10 | -------------------------------------------------------------------------------- /docs/dbcs/provisioning/update_license.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: DbcsSystem 3 | metadata: 4 | name: dbcssystem-existing 5 | spec: 6 | id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa" 7 | ociConfigMap: "oci-cred" 8 | ociSecret: "oci-privatekey" 9 | dbSystem: 10 | availabilityDomain: "OLou:AP-MUMBAI-1-AD-1" 11 | compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a" 12 | dbAdminPasswordSecret: "admin-password" 13 | hostName: "host1234" 14 | licenseModel: "BRING_YOUR_OWN_LICENSE" 15 | shape: "VM.Standard2.1" 16 | domain: "subdda0b5eaa.cluster1.oraclevcn.com" 17 | initialDataStorageSizeInGB: 512 18 | sshPublicKeys: 19 | - "oci-publickey" 20 | subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq" 21 | -------------------------------------------------------------------------------- /docs/multitenant/NamespaceSeg.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Namespace segregation 4 | 5 | With the namespace segregation pdb controller and cdb controller run in different namespaces. The new functionality introduces a new parameter (the cdb namespace) in pdb crd definition. In case you don't need the namespace segregation you have to sepcify the namespace name that you are using for yours crd and pods anyway. Refer to usercase01 and usecase02 to see single namespace configuration. Refer to usecase03 to see examples of namespace segregation. 6 | 7 | # Secrets 8 | 9 | In order to use multiple namespace we need to create approriate secrets in each namespace. Tls certificate secrets must be created in all namespaces (db-ca db-tls). 10 | 11 | ![general_schema](./images/K8S_NAMESPACE_SEG.png) 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/images/Generalschema2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/lrest-based/images/Generalschema2.jpg -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/images/UsecaseSchema.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/lrest-based/images/UsecaseSchema.jpg -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/altersystem_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | action: "Alter" 14 | alterSystemParameter : "cpu_count" 15 | alterSystemValue : "3" 16 | parameterScope : "memory" 17 | 18 | 19 | adminpdbUser: 20 | secret: 21 | secretName: "pdbusr" 22 | key: "e_pdbusr.txt" 23 | adminpdbPass: 24 | secret: 25 | secretName: "pdbpwd" 26 | key: "e_pdbpwd.txt" 27 | lrpdbTlsKey: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.key" 31 | lrpdbTlsCrt: 32 | secret: 33 | secretName: "db-tls" 34 | key: "tls.crt" 35 | lrpdbTlsCat: 36 | secret: 37 | secretName: "db-ca" 38 | key: "ca.crt" 39 | webServerUser: 40 | secret: 41 | secretName: "wbuser" 42 | key: "e_wbuser.txt" 43 | webServerPwd: 44 | secret: 45 | secretName: "wbpass" 46 | key: "e_wbpass.txt" 47 | cdbPrvKey: 48 | secret: 49 | secretName: "prvkey" 50 | key: "privateKey" 51 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/cdbnamespace_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding2 5 | namespace: cdbnamespace 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: oracle-database-operator-manager-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: oracle-database-operator-system 14 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/close_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminpdbUser: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminpdbPass: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | lrpdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | lrpdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | lrpdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | cdbPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/close_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminpdbUser: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminpdbPass: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | lrpdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | lrpdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | lrpdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | cdbPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/close_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: ""new_clone" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminpdbUser: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminpdbPass: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | lrpdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | lrpdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | lrpdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | cdbPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/config-map-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: config-map-pdb 5 | namespace: pdbnamespace 6 | data: 7 | rdbmsparameters.txt: | 8 | session_cached_cursors;100;spfile 9 | open_cursors;100;spfile 10 | db_file_multiblock_read_count;16;spfile 11 | test_invalid_parameter;16;spfile 12 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/config_map_pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: config-map-pdb 5 | namespace: pdbnamespace 6 | data: 7 | rdbmsparameters.txt: | 8 | session_cached_cursors;100;spfile 9 | open_cursors;100;spfile 10 | db_file_multiblock_read_count;16;spfile 11 | test_invalid_parameter;16;spfile 12 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/delete_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | pdbName: "pdbdev" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | adminpdbUser: 15 | secret: 16 | secretName: "pdbusr" 17 | key: "e_pdbusr.txt" 18 | adminpdbPass: 19 | secret: 20 | secretName: "pdbpwd" 21 | key: "e_pdbpwd.txt" 22 | lrpdbTlsKey: 23 | secret: 24 | secretName: "db-tls" 25 | key: "tls.key" 26 | lrpdbTlsCrt: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.crt" 30 | lrpdbTlsCat: 31 | secret: 32 | secretName: "db-ca" 33 | key: "ca.crt" 34 | webServerUser: 35 | secret: 36 | secretName: "wbuser" 37 | key: "e_wbuser.txt" 38 | webServerPwd: 39 | secret: 40 | secretName: "wbpass" 41 | key: "e_wbpass.txt" 42 | cdbPrvKey: 43 | secret: 44 | secretName: "prvkey" 45 | key: "privateKey" 46 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/delete_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | pdbName: "pdbprd" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | adminpdbUser: 15 | secret: 16 | secretName: "pdbusr" 17 | key: "e_pdbusr.txt" 18 | adminpdbPass: 19 | secret: 20 | secretName: "pdbpwd" 21 | key: "e_pdbpwd.txt" 22 | lrpdbTlsKey: 23 | secret: 24 | secretName: "db-tls" 25 | key: "tls.key" 26 | lrpdbTlsCrt: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.crt" 30 | lrpdbTlsCat: 31 | secret: 32 | secretName: "db-ca" 33 | key: "ca.crt" 34 | webServerUser: 35 | secret: 36 | secretName: "wbuser" 37 | key: "e_wbuser.txt" 38 | webServerPwd: 39 | secret: 40 | secretName: "wbpass" 41 | key: "e_wbpass.txt" 42 | cdbPrvKey: 43 | secret: 44 | secretName: "prvkey" 45 | key: "privateKey" 46 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/map_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | assertiveLrpdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminpdbUser: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminpdbPass: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | lrpdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | lrpdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | lrpdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | cdbPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/map_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | assertiveLrpdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminpdbUser: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminpdbPass: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | lrpdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | lrpdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | lrpdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | cdbPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/map_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | assertiveLrpdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminpdbUser: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminpdbPass: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | lrpdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | lrpdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | lrpdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | cdbPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/open_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminpdbUser: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminpdbPass: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | lrpdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | lrpdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | lrpdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | cdbPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/open_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminpdbUser: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminpdbPass: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | lrpdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | lrpdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | lrpdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | cdbPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/open_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminpdbUser: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminpdbPass: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | lrpdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | lrpdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | lrpdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | cdbPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/pdbnamespace_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding1 5 | namespace: pdbnamespace 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: oracle-database-operator-manager-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: oracle-database-operator-system 14 | -------------------------------------------------------------------------------- /docs/multitenant/lrest-based/usecase/unplug_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: LRPDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | xmlFileName: "/tmp/pdb.xml" 14 | action: "Unplug" 15 | adminpdbUser: 16 | secret: 17 | secretName: "pdbusr" 18 | key: "e_pdbusr.txt" 19 | adminpdbPass: 20 | secret: 21 | secretName: "pdbpwd" 22 | key: "e_pdbpwd.txt" 23 | lrpdbTlsKey: 24 | secret: 25 | secretName: "db-tls" 26 | key: "tls.key" 27 | lrpdbTlsCrt: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.crt" 31 | lrpdbTlsCat: 32 | secret: 33 | secretName: "db-ca" 34 | key: "ca.crt" 35 | webServerUser: 36 | secret: 37 | secretName: "wbuser" 38 | key: "e_wbuser.txt" 39 | webServerPwd: 40 | secret: 41 | secretName: "wbpass" 42 | key: "e_wbpass.txt" 43 | cdbPrvKey: 44 | secret: 45 | secretName: "prvkey" 46 | key: "privateKey" 47 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/NamespaceSeg.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Namespace segregation 4 | 5 | With the namespace segregation pdb controller and cdb controller run in different namespaces. The new functionality introduces a new parameter (the cdb namespace) in pdb crd definition. In case you don't need the namespace segregation you have to sepcify the namespace name that you are using for yours crd and pods anyway. Refer to usercase01 and usecase02 to see single namespace configuration. Refer to usecase03 to see examples of namespace segregation. 6 | 7 | # Secrets 8 | 9 | In order to use multiple namespace we need to create approriate secrets in each namespace. Tls certificate secrets must be created in all namespaces (db-ca db-tls). 10 | 11 | ![general_schema](./images/K8S_NAMESPACE_SEG.png) 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/K8S_NAMESPACE_SEG.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/K8S_NAMESPACE_SEG.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/K8S_SECURE1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/K8S_SECURE1.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/K8S_SECURE2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/K8S_SECURE2.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/K8S_SECURE3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/K8S_SECURE3.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/K8S_SECURE4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/K8S_SECURE4.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/makerunall.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/makerunall.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/images/makesecrets_1_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/images/makesecrets_1_1.png -------------------------------------------------------------------------------- /docs/multitenant/ords-based/openssl_schema.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/ords-based/openssl_schema.jpg -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/multinamespace/cdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: CDB 3 | metadata: 4 | name: cdb-dev 5 | namespace: cdbnamespace 6 | spec: 7 | cdbName: "DB12" 8 | ordsImage: ".............your registry............./ords-dboper:latest" 9 | ordsImagePullPolicy: "Always" 10 | dbTnsurl : "...Container tns alias....." 11 | replicas: 1 12 | sysAdminPwd: 13 | secret: 14 | secretName: "[...]" 15 | key: "[...]" 16 | ordsPwd: 17 | secret: 18 | secretName: "[...]" 19 | key: "[...]" 20 | cdbAdminUser: 21 | secret: 22 | secretName: "[...]" 23 | key: "[...]" 24 | cdbAdminPwd: 25 | secret: 26 | secretName: "[...]" 27 | key: "[...]" 28 | webServerUser: 29 | secret: 30 | secretName: "[...]" 31 | key: "[...]" 32 | webServerPwd: 33 | secret: 34 | secretName: "[...]" 35 | key: "[...]" 36 | cdbTlsKey: 37 | secret: 38 | secretName: "db-tls" 39 | key: "tls.key" 40 | cdbTlsCrt: 41 | secret: 42 | secretName: "db-tls" 43 | key: "tls.crt" 44 | cdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | 49 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/multinamespace/pdb_close.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "[...]" 16 | key: "[...]" 17 | adminPwd: 18 | secret: 19 | secretName: "[...]" 20 | key: "[...]" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "[...]" 36 | key: "[...]" 37 | webServerPwd: 38 | secret: 39 | secretName: "[...]" 40 | key: "[...]" 41 | pdbOrdsPrvKey: 42 | secret: 43 | secretName: "prvkey" 44 | key: "privateKey" 45 | pdbState: "CLOSE" 46 | modifyOption: "IMMEDIATE" 47 | action: "Modify" 48 | 49 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/multinamespace/pdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "[...]" 16 | key: "[...]" 17 | adminPwd: 18 | secret: 19 | secretName: "[...]" 20 | key: "[...]" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "[...]" 36 | key: "[...]" 37 | webServerPwd: 38 | secret: 39 | secretName: "[...]" 40 | key: "[...]" 41 | pdbOrdsPrvKey: 42 | secret: 43 | secretName: "prvkey" 44 | key: "privateKey" 45 | fileNameConversions: "NONE" 46 | tdeImport: false 47 | totalSize: "1G" 48 | tempSize: "100M" 49 | action: "Create" 50 | 51 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/multinamespace/pdb_delete.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | pdbName: "pdbdev" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | pdbTlsKey: 15 | secret: 16 | secretName: "db-tls" 17 | key: "tls.key" 18 | pdbTlsCrt: 19 | secret: 20 | secretName: "db-tls" 21 | key: "tls.crt" 22 | pdbTlsCat: 23 | secret: 24 | secretName: "db-ca" 25 | key: "ca.crt" 26 | webServerUser: 27 | secret: 28 | secretName: "[...]" 29 | key: "[...]" 30 | webServerPwd: 31 | secret: 32 | secretName: "[...]" 33 | key: "[...]" 34 | pdbOrdsPrvKey: 35 | secret: 36 | secretName: "prvkey" 37 | key: "privateKey" 38 | 39 | 40 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/multinamespace/pdb_open.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "[...]" 16 | key: "[...]" 17 | adminPwd: 18 | secret: 19 | secretName: "[...]" 20 | key: "[...]" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "[...]" 36 | key: "[...]" 37 | webServerPwd: 38 | secret: 39 | secretName: "[...]" 40 | key: "[...]" 41 | pdbOrdsPrvKey: 42 | secret: 43 | secretName: "prvkey" 44 | key: "privateKey" 45 | action: "Modify" 46 | pdbState: "OPEN" 47 | modifyOption: "READ WRITE" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/multinamespace/pdb_unplug.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: database.oracle.com/v4 6 | kind: PDB 7 | metadata: 8 | name: pdb1 9 | namespace: pdbnamespace 10 | labels: 11 | cdb: cdb-dev 12 | spec: 13 | cdbResName: "cdb-dev" 14 | cdbNamespace: "cdbnamespace" 15 | cdbName: "DB12" 16 | pdbName: "pdbdev" 17 | xmlFileName: "/tmp/pdb.xml" 18 | action: "Unplug" 19 | pdbTlsKey: 20 | secret: 21 | secretName: "db-tls" 22 | key: "tls.key" 23 | pdbTlsCrt: 24 | secret: 25 | secretName: "db-tls" 26 | key: "tls.crt" 27 | pdbTlsCat: 28 | secret: 29 | secretName: "db-ca" 30 | key: "ca.crt" 31 | webServerUser: 32 | secret: 33 | secretName: "[...]" 34 | key: "[...]" 35 | webServerPwd: 36 | secret: 37 | secretName: "[...]" 38 | key: "[...]" 39 | pdbOrdsPrvKey: 40 | secret: 41 | secretName: "prvkey" 42 | key: "privateKey" 43 | 44 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/cdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: CDB 3 | metadata: 4 | name: cdb-dev 5 | namespace: oracle-database-operator-system 6 | spec: 7 | cdbName: "DB12" 8 | ordsImage: ".............your registry............./ords-dboper:latest" 9 | ordsImagePullPolicy: "Always" 10 | dbTnsurl : "...Container tns alias....." 11 | replicas: 1 12 | sysAdminPwd: 13 | secret: 14 | secretName: "[...]" 15 | key: "[...]" 16 | ordsPwd: 17 | secret: 18 | secretName: "[...]" 19 | key: "[...]" 20 | cdbAdminUser: 21 | secret: 22 | secretName: "[...]" 23 | key: "[...]" 24 | cdbAdminPwd: 25 | secret: 26 | secretName: "[...]" 27 | key: "[...]" 28 | webServerUser: 29 | secret: 30 | secretName: "[...]" 31 | key: "[...]" 32 | webServerPwd: 33 | secret: 34 | secretName: "[...]" 35 | key: "[...]" 36 | cdbTlsKey: 37 | secret: 38 | secretName: "[...]" 39 | key: "[...]" 40 | cdbTlsCrt: 41 | secret: 42 | secretName: "[...]" 43 | key: "[...]" 44 | cdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | 49 | 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/cdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: cdb1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | ords_pwd: ".....base64 encoded password...." 13 | sysadmin_pwd: ".....base64 encoded password...." 14 | cdbadmin_user: ".....base64 encoded password...." 15 | cdbadmin_pwd: ".....base64 encoded password...." 16 | webserver_user: ".....base64 encoded password...." 17 | webserver_pwd: ".....base64 encoded password...." 18 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/pdb_close.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "[...]" 16 | key: "[...]" 17 | adminPwd: 18 | secret: 19 | secretName: "[...]" 20 | key: "[...]" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "[...]" 36 | key: "[...]" 37 | webServerPwd: 38 | secret: 39 | secretName: "[...]" 40 | key: "[...]" 41 | pdbOrdsPrvKey: 42 | secret: 43 | secretName: "prvkey" 44 | key: "privateKey" 45 | pdbState: "CLOSE" 46 | modifyOption: "IMMEDIATE" 47 | action: "Modify" 48 | 49 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/pdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "[...]" 16 | key: "[...]" 17 | adminPwd: 18 | secret: 19 | secretName: "[...]" 20 | key: "[...]" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "[...]" 36 | key: "[...]" 37 | webServerPwd: 38 | secret: 39 | secretName: "[...]" 40 | key: "[...]" 41 | pdbOrdsPrvKey: 42 | secret: 43 | secretName: "prvkey" 44 | key: "privateKey" 45 | fileNameConversions: "NONE" 46 | tdeImport: false 47 | totalSize: "1G" 48 | tempSize: "100M" 49 | action: "Create" 50 | assertivePdbDeletion: true 51 | 52 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/pdb_delete.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | pdbName: "pdbdev" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | pdbTlsKey: 15 | secret: 16 | secretName: "db-tls" 17 | key: "tls.key" 18 | pdbTlsCrt: 19 | secret: 20 | secretName: "db-tls" 21 | key: "tls.crt" 22 | pdbTlsCat: 23 | secret: 24 | secretName: "db-ca" 25 | key: "ca.crt" 26 | webServerUser: 27 | secret: 28 | secretName: "[...]" 29 | key: "[...]" 30 | webServerPwd: 31 | secret: 32 | secretName: "[...]" 33 | key: "[...]" 34 | pdbOrdsPrvKey: 35 | secret: 36 | secretName: "prvkey" 37 | key: "privateKey" 38 | 39 | 40 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/pdb_open.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "[...]" 16 | key: "[...]" 17 | adminPwd: 18 | secret: 19 | secretName: "[...]" 20 | key: "[...]" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "[...]" 36 | key: "[...]" 37 | webServerPwd: 38 | secret: 39 | secretName: "[...]" 40 | key: "[...]" 41 | pdbOrdsPrvKey: 42 | secret: 43 | secretName: "prvkey" 44 | key: "privateKey" 45 | action: "Modify" 46 | pdbState: "OPEN" 47 | modifyOption: "READ WRITE" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/provisioning/singlenamespace/pdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: pdb1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | sysadmin_user: ".....base64 encoded password...." 13 | sysadmin_pwd: ".....base64 encoded password...." 14 | webserver_user: ".....base64 encoded password...." 15 | webserver_pwd: ".....base64 encoded password...." 16 | 17 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/cdbnamespace_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding2 5 | namespace: cdbnamespace 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: oracle-database-operator-manager-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: oracle-database-operator-system 14 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/clone_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | srcPdbName: "pdbdev" 14 | fileNameConversions: "NONE" 15 | totalSize: "UNLIMITED" 16 | tempSize: "UNLIMITED" 17 | assertivePdbDeletion: true 18 | action: "Clone" 19 | adminName: 20 | secret: 21 | secretName: "pdbusr" 22 | key: "e_pdbusr.txt" 23 | adminPwd: 24 | secret: 25 | secretName: "pdbpwd" 26 | key: "e_pdbpwd.txt" 27 | pdbTlsKey: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.key" 31 | pdbTlsCrt: 32 | secret: 33 | secretName: "db-tls" 34 | key: "tls.crt" 35 | pdbTlsCat: 36 | secret: 37 | secretName: "db-ca" 38 | key: "ca.crt" 39 | webServerUser: 40 | secret: 41 | secretName: "wbuser" 42 | key: "e_wbuser.txt" 43 | webServerPwd: 44 | secret: 45 | secretName: "wbpass" 46 | key: "e_wbpass.txt" 47 | pdbOrdsPrvKey: 48 | secret: 49 | secretName: "prvkey" 50 | key: "privateKey" 51 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/clone_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb4 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone2" 13 | srcPdbName: "pdbprd" 14 | fileNameConversions: "NONE" 15 | totalSize: "UNLIMITED" 16 | tempSize: "UNLIMITED" 17 | assertivePdbDeletion: true 18 | action: "Clone" 19 | adminName: 20 | secret: 21 | secretName: "pdbusr" 22 | key: "e_pdbusr.txt" 23 | adminPwd: 24 | secret: 25 | secretName: "pdbpwd" 26 | key: "e_pdbpwd.txt" 27 | pdbTlsKey: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.key" 31 | pdbTlsCrt: 32 | secret: 33 | secretName: "db-tls" 34 | key: "tls.crt" 35 | pdbTlsCat: 36 | secret: 37 | secretName: "db-ca" 38 | key: "ca.crt" 39 | webServerUser: 40 | secret: 41 | secretName: "wbuser" 42 | key: "e_wbuser.txt" 43 | webServerPwd: 44 | secret: 45 | secretName: "wbpass" 46 | key: "e_wbpass.txt" 47 | pdbOrdsPrvKey: 48 | secret: 49 | secretName: "prvkey" 50 | key: "privateKey" 51 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/close_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/close_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/close_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: ""new_clone" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/delete_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | pdbName: "pdbdev" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | adminName: 15 | secret: 16 | secretName: "pdbusr" 17 | key: "e_pdbusr.txt" 18 | adminPwd: 19 | secret: 20 | secretName: "pdbpwd" 21 | key: "e_pdbpwd.txt" 22 | pdbTlsKey: 23 | secret: 24 | secretName: "db-tls" 25 | key: "tls.key" 26 | pdbTlsCrt: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.crt" 30 | pdbTlsCat: 31 | secret: 32 | secretName: "db-ca" 33 | key: "ca.crt" 34 | webServerUser: 35 | secret: 36 | secretName: "wbuser" 37 | key: "e_wbuser.txt" 38 | webServerPwd: 39 | secret: 40 | secretName: "wbpass" 41 | key: "e_wbpass.txt" 42 | pdbOrdsPrvKey: 43 | secret: 44 | secretName: "prvkey" 45 | key: "privateKey" 46 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/delete_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | pdbName: "pdbprd" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | adminName: 15 | secret: 16 | secretName: "pdbusr" 17 | key: "e_pdbusr.txt" 18 | adminPwd: 19 | secret: 20 | secretName: "pdbpwd" 21 | key: "e_pdbpwd.txt" 22 | pdbTlsKey: 23 | secret: 24 | secretName: "db-tls" 25 | key: "tls.key" 26 | pdbTlsCrt: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.crt" 30 | pdbTlsCat: 31 | secret: 32 | secretName: "db-ca" 33 | key: "ca.crt" 34 | webServerUser: 35 | secret: 36 | secretName: "wbuser" 37 | key: "e_wbuser.txt" 38 | webServerPwd: 39 | secret: 40 | secretName: "wbpass" 41 | key: "e_wbpass.txt" 42 | pdbOrdsPrvKey: 43 | secret: 44 | secretName: "prvkey" 45 | key: "privateKey" 46 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/map_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | assertivePdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminName: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminPwd: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | pdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | pdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | pdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | pdbOrdsPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/map_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | assertivePdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminName: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminPwd: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | pdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | pdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | pdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | pdbOrdsPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/map_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | assertivePdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminName: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminPwd: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | pdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | pdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | pdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | pdbOrdsPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/open_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/open_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/open_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/pdbnamespace_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding1 5 | namespace: pdbnamespace 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: oracle-database-operator-manager-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: oracle-database-operator-system 14 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase/unplug_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | xmlFileName: "/tmp/pdb.xml" 14 | action: "Unplug" 15 | adminName: 16 | secret: 17 | secretName: "pdbusr" 18 | key: "e_pdbusr.txt" 19 | adminPwd: 20 | secret: 21 | secretName: "pdbpwd" 22 | key: "e_pdbpwd.txt" 23 | pdbTlsKey: 24 | secret: 25 | secretName: "db-tls" 26 | key: "tls.key" 27 | pdbTlsCrt: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.crt" 31 | pdbTlsCat: 32 | secret: 33 | secretName: "db-ca" 34 | key: "ca.crt" 35 | webServerUser: 36 | secret: 37 | secretName: "wbuser" 38 | key: "e_wbuser.txt" 39 | webServerPwd: 40 | secret: 41 | secretName: "wbpass" 42 | key: "e_wbpass.txt" 43 | pdbOrdsPrvKey: 44 | secret: 45 | secretName: "prvkey" 46 | key: "privateKey" 47 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/ca.srl: -------------------------------------------------------------------------------- 1 | 77D97AB4C4B6D5A9377B84B455D3E16348C6DE04 2 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/cdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: CDB 3 | metadata: 4 | name: cdb-dev 5 | namespace: oracle-database-operator-system 6 | spec: 7 | cdbName: "DB12" 8 | ordsImage: ".............your registry............./ords-dboper:latest" 9 | ordsImagePullPolicy: "Always" 10 | dbTnsurl : "...Container tns alias....." 11 | replicas: 1 12 | sysAdminPwd: 13 | secret: 14 | secretName: "cdb1-secret" 15 | key: "sysadmin_pwd" 16 | ordsPwd: 17 | secret: 18 | secretName: "cdb1-secret" 19 | key: "ords_pwd" 20 | cdbAdminUser: 21 | secret: 22 | secretName: "cdb1-secret" 23 | key: "cdbadmin_user" 24 | cdbAdminPwd: 25 | secret: 26 | secretName: "cdb1-secret" 27 | key: "cdbadmin_pwd" 28 | webServerUser: 29 | secret: 30 | secretName: "cdb1-secret" 31 | key: "webserver_user" 32 | webServerPwd: 33 | secret: 34 | secretName: "cdb1-secret" 35 | key: "webserver_pwd" 36 | cdbTlsKey: 37 | secret: 38 | secretName: "db-tls" 39 | key: "tls.key" 40 | cdbTlsCrt: 41 | secret: 42 | secretName: "db-tls" 43 | key: "tls.crt" 44 | 45 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/cdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: cdb1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | ords_pwd: ".....base64 encoded password...." 13 | sysadmin_pwd: ".....base64 encoded password...." 14 | cdbadmin_user: ".....base64 encoded password...." 15 | cdbadmin_pwd: ".....base64 encoded password...." 16 | webserver_user: ".....base64 encoded password...." 17 | webserver_pwd: ".....base64 encoded password...." 18 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/close_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/close_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/close_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: ""new_clone" 13 | pdbState: "CLOSE" 14 | modifyOption: "IMMEDIATE" 15 | action: "Modify" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/delete_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | pdbName: "pdbdev" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | adminName: 15 | secret: 16 | secretName: "pdbusr" 17 | key: "e_pdbusr.txt" 18 | adminPwd: 19 | secret: 20 | secretName: "pdbpwd" 21 | key: "e_pdbpwd.txt" 22 | pdbTlsKey: 23 | secret: 24 | secretName: "db-tls" 25 | key: "tls.key" 26 | pdbTlsCrt: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.crt" 30 | pdbTlsCat: 31 | secret: 32 | secretName: "db-ca" 33 | key: "ca.crt" 34 | webServerUser: 35 | secret: 36 | secretName: "wbuser" 37 | key: "e_wbuser.txt" 38 | webServerPwd: 39 | secret: 40 | secretName: "wbpass" 41 | key: "e_wbpass.txt" 42 | pdbOrdsPrvKey: 43 | secret: 44 | secretName: "prvkey" 45 | key: "privateKey" 46 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/delete_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | pdbName: "pdbprd" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | adminName: 15 | secret: 16 | secretName: "pdbusr" 17 | key: "e_pdbusr.txt" 18 | adminPwd: 19 | secret: 20 | secretName: "pdbpwd" 21 | key: "e_pdbpwd.txt" 22 | pdbTlsKey: 23 | secret: 24 | secretName: "db-tls" 25 | key: "tls.key" 26 | pdbTlsCrt: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.crt" 30 | pdbTlsCat: 31 | secret: 32 | secretName: "db-ca" 33 | key: "ca.crt" 34 | webServerUser: 35 | secret: 36 | secretName: "wbuser" 37 | key: "e_wbuser.txt" 38 | webServerPwd: 39 | secret: 40 | secretName: "wbpass" 41 | key: "e_wbpass.txt" 42 | pdbOrdsPrvKey: 43 | secret: 44 | secretName: "prvkey" 45 | key: "privateKey" 46 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/extfile.txt: -------------------------------------------------------------------------------- 1 | subjectAltName=DNS:cdb-dev-ords.oracle-database-operator-system,DNS:www.example.com 2 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/logfiles/ImagePush.log: -------------------------------------------------------------------------------- 1 | /usr/bin/docker tag oracle/ords-dboper:latest /ords-dboper:latest 2 | /usr/bin/docker push /ords-dboper:latest 3 | The push refers to repository [/ords-dboper] 4 | aef18205865c: Pushing [=============================> ] 56.55MB/95.45MB 5 | 2564d855e579: Pushing [=======> ] 57.08MB/357.6MB 6 | a70a4f9a73c3: Pushed 7 | f283c83ba6ac: Pushed 8 | 8c6709989678: Pushing [=======> ] 52.58MB/332.7MB 9 | 5bfd57d8f58a: Pushing [========> ] 37.47MB/229.2MB 10 | 11 | 12 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/logfiles/tagandpush.log: -------------------------------------------------------------------------------- 1 | /usr/bin/docker tag oracle/ords-dboper:latest [.......]/ords-dboper:latest 2 | 3 | /usr/bin/docker push [your container registry]/ords-dboper:latest 4 | The push refers to repository [your container registry] 5 | 0405aac3af1c: Pushed 6 | 6be46e8e1e21: Pushed 7 | c9884830a66d: Pushed 8 | a46244557bb9: Pushing [===========================> ] 261.8MB/469.9MB 9 | f988845e261e: Pushed 10 | fe07ec0b1f5a: Layer already exists 11 | 2ac63de5f950: Layer already exists 12 | 386cd7a64c01: Layer already exists 13 | 826c69252b8b: Layer already exists 14 | 15 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/map_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | assertivePdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminName: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminPwd: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | pdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | pdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | pdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | pdbOrdsPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/map_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | assertivePdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminName: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminPwd: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | pdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | pdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | pdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | pdbOrdsPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/map_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | assertivePdbDeletion: true 14 | fileNameConversions: "NONE" 15 | totalSize: "1G" 16 | tempSize: "100M" 17 | action: "Map" 18 | adminName: 19 | secret: 20 | secretName: "pdbusr" 21 | key: "e_pdbusr.txt" 22 | adminPwd: 23 | secret: 24 | secretName: "pdbpwd" 25 | key: "e_pdbpwd.txt" 26 | pdbTlsKey: 27 | secret: 28 | secretName: "db-tls" 29 | key: "tls.key" 30 | pdbTlsCrt: 31 | secret: 32 | secretName: "db-tls" 33 | key: "tls.crt" 34 | pdbTlsCat: 35 | secret: 36 | secretName: "db-ca" 37 | key: "ca.crt" 38 | webServerUser: 39 | secret: 40 | secretName: "wbuser" 41 | key: "e_wbuser.txt" 42 | webServerPwd: 43 | secret: 44 | secretName: "wbpass" 45 | key: "e_wbpass.txt" 46 | pdbOrdsPrvKey: 47 | secret: 48 | secretName: "prvkey" 49 | key: "privateKey" 50 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/open_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/open_pdb2_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb2 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbprd" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/open_pdb3_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | action: "Modify" 14 | pdbState: "OPEN" 15 | modifyOption: "READ WRITE" 16 | adminName: 17 | secret: 18 | secretName: "pdbusr" 19 | key: "e_pdbusr.txt" 20 | adminPwd: 21 | secret: 22 | secretName: "pdbpwd" 23 | key: "e_pdbpwd.txt" 24 | pdbTlsKey: 25 | secret: 26 | secretName: "db-tls" 27 | key: "tls.key" 28 | pdbTlsCrt: 29 | secret: 30 | secretName: "db-tls" 31 | key: "tls.crt" 32 | pdbTlsCat: 33 | secret: 34 | secretName: "db-ca" 35 | key: "ca.crt" 36 | webServerUser: 37 | secret: 38 | secretName: "wbuser" 39 | key: "e_wbuser.txt" 40 | webServerPwd: 41 | secret: 42 | secretName: "wbpass" 43 | key: "e_wbpass.txt" 44 | pdbOrdsPrvKey: 45 | secret: 46 | secretName: "prvkey" 47 | key: "privateKey" 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/oracle-database-operator-system_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding2 5 | namespace: oracle-database-operator-system 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: oracle-database-operator-manager-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: oracle-database-operator-system 14 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/oracle-database-operator.yaml: -------------------------------------------------------------------------------- 1 | ../../../oracle-database-operator.yaml -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/pdb_close.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "pdb1-secret" 16 | key: "sysadmin_user" 17 | adminPwd: 18 | secret: 19 | secretName: "pdb1-secret" 20 | key: "sysadmin_pwd" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "pdb1-secret" 36 | key: "webserver_user" 37 | webServerPwd: 38 | secret: 39 | secretName: "pdb1-secret" 40 | key: "webserver_pwd" 41 | pdbState: "CLOSE" 42 | modifyOption: "IMMEDIATE" 43 | action: "Modify" 44 | 45 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/pdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "pdb1-secret" 16 | key: "sysadmin_user" 17 | adminPwd: 18 | secret: 19 | secretName: "pdb1-secret" 20 | key: "sysadmin_pwd" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "pdb1-secret" 36 | key: "webserver_user" 37 | webServerPwd: 38 | secret: 39 | secretName: "pdb1-secret" 40 | key: "webserver_pwd" 41 | fileNameConversions: "NONE" 42 | tdeImport: false 43 | totalSize: "1G" 44 | tempSize: "100M" 45 | action: "Create" 46 | assertivePdbDeletion: true 47 | 48 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/pdb_delete.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | pdbName: "pdbdev" 12 | action: "Delete" 13 | dropAction: "INCLUDING" 14 | pdbTlsKey: 15 | secret: 16 | secretName: "db-tls" 17 | key: "tls.key" 18 | pdbTlsCrt: 19 | secret: 20 | secretName: "db-tls" 21 | key: "tls.crt" 22 | pdbTlsCat: 23 | secret: 24 | secretName: "db-ca" 25 | key: "ca.crt" 26 | webServerUser: 27 | secret: 28 | secretName: "pdb1-secret" 29 | key: "webserver_user" 30 | webServerPwd: 31 | secret: 32 | secretName: "pdb1-secret" 33 | key: "webserver_pwd" 34 | 35 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/pdb_map.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "pdb1-secret" 16 | key: "sysadmin_user" 17 | adminPwd: 18 | secret: 19 | secretName: "pdb1-secret" 20 | key: "sysadmin_pwd" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "pdb1-secret" 36 | key: "webserver_user" 37 | webServerPwd: 38 | secret: 39 | secretName: "pdb1-secret" 40 | key: "webserver_pwd" 41 | fileNameConversions: "NONE" 42 | totalSize: "1G" 43 | tempSize: "100M" 44 | action: "Map" 45 | assertivePdbDeletion: true 46 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/pdb_open.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "pdb1-secret" 16 | key: "sysadmin_user" 17 | adminPwd: 18 | secret: 19 | secretName: "pdb1-secret" 20 | key: "sysadmin_pwd" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "pdb1-secret" 36 | key: "webserver_user" 37 | webServerPwd: 38 | secret: 39 | secretName: "pdb1-secret" 40 | key: "webserver_pwd" 41 | action: "Modify" 42 | pdbState: "OPEN" 43 | modifyOption: "READ WRITE" 44 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/pdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: pdb1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | sysadmin_user: ".....base64 encoded password...." 13 | sysadmin_pwd: ".....base64 encoded password...." 14 | webserver_user: ".....base64 encoded password...." 15 | webserver_pwd: ".....base64 encoded password...." 16 | 17 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/server.csr: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE REQUEST----- 2 | MIIC3TCCAcUCAQAwgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlh 3 | MRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xEDAOBgNVBAoMB29yYWNsZSAxNjA0BgNV 4 | BAMMLWNkYi1kZXYtb3Jkcy5vcmFjbGUtZGF0YWJhc2Utb3BlcmF0b3Itc3lzdGVt 5 | IDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 6 | CgKCAQEAm9nlNSQNsPTVqH57MkWKZEyaVtzVKQ8Z3oDK6hWXfB24p0jVj6sTOJkf 7 | NVAxnqmU8DpW3odpbU6qWe/n+B5vJpqdXUGdsq9NKyus2fGb/xf1UnskpA2FUuWZ 8 | o3upyCFxDAOvE4eZUzlxIn+54XXaNAdQiU9E8VXPr5YxrvZ15T/xCXLtJPs/RCOF 9 | cJ8+gvZGcjMbdP16auJDVWZzBaur3eKbiHN7LXNCCRzGO++dv0kGY8vH7MyFfgp3 10 | qYBiSHS3WDiFUJjYIvfa8lLfP1hnlCyHn8TnU9gjGjmd1YcccSKqWIAT24wPUKVU 11 | Lme4n91jxDPp7g8nRtDw0Smj9gYCtQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEB 12 | AGOG/9IJJRvT2JLcuzE5Arai1XHc6Jh65iuDRqXQav47Bz38FFF2gZNO69gzDmhq 13 | 6k7tie+5bPcAHuuJZ0dAa71a9SLjKl+XNkkI0vS6te6OK3DCVUoMqNCk5VdwrJw0 14 | RORbKUwgLEG6mu80Gc/6wCdeR/36hoYTMeNPjm6M9e+X5ppsXqxCNsgDxasJFT82 15 | FejuJE2sZ6RCradlDToUHNS1dMLoW0WAIISqOmrDvEI6snm9ZZr3Sxo1auEtpI6v 16 | NllBM4AgEghy/2mAtke+By4WHCfXBpxEGv9S7ATqJHYrR5Qa3nwx0eojWW1vmn0/ 17 | aEzslX1tAH6oz2jA6QZ0sNo= 18 | -----END CERTIFICATE REQUEST----- 19 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/tde_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: tde1-secret 9 | namespace: oracle-database-operator-system 10 | type: Opaque 11 | data: 12 | tdepassword: "bW1hbHZlenoK" 13 | tdesecret: "bW1hbHZlenoK" 14 | 15 | 16 | 17 | 18 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase01/unplug_pdb1_resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: oracle-database-operator-system 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "oracle-database-operator-system" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | xmlFileName: "/tmp/pdb.xml" 14 | action: "Unplug" 15 | adminName: 16 | secret: 17 | secretName: "pdbusr" 18 | key: "e_pdbusr.txt" 19 | adminPwd: 20 | secret: 21 | secretName: "pdbpwd" 22 | key: "e_pdbpwd.txt" 23 | pdbTlsKey: 24 | secret: 25 | secretName: "db-tls" 26 | key: "tls.key" 27 | pdbTlsCrt: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.crt" 31 | pdbTlsCat: 32 | secret: 33 | secretName: "db-ca" 34 | key: "ca.crt" 35 | webServerUser: 36 | secret: 37 | secretName: "wbuser" 38 | key: "e_wbuser.txt" 39 | webServerPwd: 40 | secret: 41 | secretName: "wbpass" 42 | key: "e_wbpass.txt" 43 | pdbOrdsPrvKey: 44 | secret: 45 | secretName: "prvkey" 46 | key: "privateKey" 47 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase02/pdb_clone.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb3 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "new_clone" 13 | srcPdbName: "pdbdev" 14 | fileNameConversions: "NONE" 15 | totalSize: "UNLIMITED" 16 | tempSize: "UNLIMITED" 17 | assertivePdbDeletion: true 18 | action: "Clone" 19 | adminName: 20 | secret: 21 | secretName: "pdbusr" 22 | key: "e_pdbusr.txt" 23 | adminPwd: 24 | secret: 25 | secretName: "pdbpwd" 26 | key: "e_pdbpwd.txt" 27 | pdbTlsKey: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.key" 31 | pdbTlsCrt: 32 | secret: 33 | secretName: "db-tls" 34 | key: "tls.crt" 35 | pdbTlsCat: 36 | secret: 37 | secretName: "db-ca" 38 | key: "ca.crt" 39 | webServerUser: 40 | secret: 41 | secretName: "wbuser" 42 | key: "e_wbuser.txt" 43 | webServerPwd: 44 | secret: 45 | secretName: "wbpass" 46 | key: "e_wbpass.txt" 47 | pdbOrdsPrvKey: 48 | secret: 49 | secretName: "prvkey" 50 | key: "privateKey" 51 | -------------------------------------------------------------------------------- /docs/multitenant/ords-based/usecase02/pdb_unplug.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v4 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | xmlFileName: "/tmp/pdb.xml" 14 | action: "Unplug" 15 | adminName: 16 | secret: 17 | secretName: "pdbusr" 18 | key: "e_pdbusr.txt" 19 | adminPwd: 20 | secret: 21 | secretName: "pdbpwd" 22 | key: "e_pdbpwd.txt" 23 | pdbTlsKey: 24 | secret: 25 | secretName: "db-tls" 26 | key: "tls.key" 27 | pdbTlsCrt: 28 | secret: 29 | secretName: "db-tls" 30 | key: "tls.crt" 31 | pdbTlsCat: 32 | secret: 33 | secretName: "db-ca" 34 | key: "ca.crt" 35 | webServerUser: 36 | secret: 37 | secretName: "wbuser" 38 | key: "e_wbuser.txt" 39 | webServerPwd: 40 | secret: 41 | secretName: "wbpass" 42 | key: "e_wbpass.txt" 43 | pdbOrdsPrvKey: 44 | secret: 45 | secretName: "prvkey" 46 | key: "privateKey" 47 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/NamespaceSegregation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/docs/multitenant/usecase03/NamespaceSegregation.png -------------------------------------------------------------------------------- /docs/multitenant/usecase03/cdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: CDB 3 | metadata: 4 | name: cdb-dev 5 | namespace: cdbnamespace 6 | spec: 7 | cdbName: "DB12" 8 | ordsImage: ".............your registry............./ords-dboper:latest" 9 | ordsImagePullPolicy: "Always" 10 | dbTnsurl : "...Container tns alias....." 11 | replicas: 1 12 | sysAdminPwd: 13 | secret: 14 | secretName: "cdb1-secret" 15 | key: "sysadmin_pwd" 16 | ordsPwd: 17 | secret: 18 | secretName: "cdb1-secret" 19 | key: "ords_pwd" 20 | cdbAdminUser: 21 | secret: 22 | secretName: "cdb1-secret" 23 | key: "cdbadmin_user" 24 | cdbAdminPwd: 25 | secret: 26 | secretName: "cdb1-secret" 27 | key: "cdbadmin_pwd" 28 | webServerUser: 29 | secret: 30 | secretName: "cdb1-secret" 31 | key: "webserver_user" 32 | webServerPwd: 33 | secret: 34 | secretName: "cdb1-secret" 35 | key: "webserver_pwd" 36 | cdbTlsKey: 37 | secret: 38 | secretName: "db-tls" 39 | key: "tls.key" 40 | cdbTlsCrt: 41 | secret: 42 | secretName: "db-tls" 43 | key: "tls.crt" 44 | 45 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/cdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: cdb1-secret 9 | namespace: cdbnamespace 10 | type: Opaque 11 | data: 12 | ords_pwd: "[...base64 encoded password...]" 13 | sysadmin_pwd: "[...base64 encoded password...]" 14 | cdbadmin_user: "[...base64 encoded password...]" 15 | cdbadmin_pwd: "[...base64 encoded password...]" 16 | webserver_user: "[...base64 encoded password...]" 17 | webserver_pwd: "[...base64 encoded password...]" 18 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/ns_namespace_cdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: cdbnamespace 7 | 8 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/ns_namespace_pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: pdbnamespace 7 | 8 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/pdb_create.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: database.oracle.com/v1alpha1 2 | kind: PDB 3 | metadata: 4 | name: pdb1 5 | namespace: pdbnamespace 6 | labels: 7 | cdb: cdb-dev 8 | spec: 9 | cdbResName: "cdb-dev" 10 | cdbNamespace: "cdbnamespace" 11 | cdbName: "DB12" 12 | pdbName: "pdbdev" 13 | adminName: 14 | secret: 15 | secretName: "pdb1-secret" 16 | key: "sysadmin_user" 17 | adminPwd: 18 | secret: 19 | secretName: "pdb1-secret" 20 | key: "sysadmin_pwd" 21 | pdbTlsKey: 22 | secret: 23 | secretName: "db-tls" 24 | key: "tls.key" 25 | pdbTlsCrt: 26 | secret: 27 | secretName: "db-tls" 28 | key: "tls.crt" 29 | pdbTlsCat: 30 | secret: 31 | secretName: "db-ca" 32 | key: "ca.crt" 33 | webServerUser: 34 | secret: 35 | secretName: "pdb1-secret" 36 | key: "webserver_user" 37 | webServerPwd: 38 | secret: 39 | secretName: "pdb1-secret" 40 | key: "webserver_pwd" 41 | fileNameConversions: "NONE" 42 | tdeImport: false 43 | totalSize: "1G" 44 | tempSize: "100M" 45 | action: "Create" 46 | 47 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/pdb_creation_log.txt: -------------------------------------------------------------------------------- 1 | kubectl apply -f pdb_create.yaml 2 | pdb.database.oracle.com/pdb1 created 3 | 4 | kubectl get pdbs -n pdbnamespace 5 | NAME CONNECT_STRING CDB NAME PDB NAME PDB STATE PDB SIZE STATUS MESSAGE 6 | pdb1 (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdbdev))) DB12 pdbdev READ WRITE 0.78G Ready Success 7 | -------------------------------------------------------------------------------- /docs/multitenant/usecase03/pdb_secret.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. 3 | # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. 4 | # 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: pdb1-secret 9 | namespace: pdbnamespace 10 | type: Opaque 11 | data: 12 | sysadmin_user: "[...base64 encoded password...]" 13 | sysadmin_pwd: "[...base64 encoded password...]" 14 | webserver_user: "[...base64 encoded password...]" 15 | webserver_pwd: "[...base64 encoded password...]" 16 | 17 | -------------------------------------------------------------------------------- /docs/ordsservices/examples/ordsnamespace-role-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: ordsnamespace-oracle-database-operator-manager-rolebinding 5 | namespace: ordsnamespace 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: oracle-database-operator-manager-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: oracle-database-operator-system 14 | -------------------------------------------------------------------------------- /docs/ordsservices/usecase01/create_mong_schema.sql: -------------------------------------------------------------------------------- 1 | drop user MONGO cascade; 2 | set echo on 3 | set head on 4 | create user MONGO identified by "My_Password1!"; 5 | grant soda_app, create session, create table, create view, create sequence, create procedure, create job, 6 | unlimited tablespace to MONGO; 7 | conn MONGO/My_Password1!@158.180.233.248:30001/FREEPDB1 8 | exec ords.enable_schema; 9 | exit; 10 | -------------------------------------------------------------------------------- /docs/ordsservices/usecase01/help: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /docs/ordsservices/usecase01/tnsadmin/tnsnames.ora: -------------------------------------------------------------------------------- 1 | pdb1=(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdb1))) 2 | 3 | pdb2=(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdb2))) 4 | -------------------------------------------------------------------------------- /docs/ordsservices/usecase01/tnsadmin/tnsnames.ora.offline: -------------------------------------------------------------------------------- 1 | pdb1=(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS))) 2 | -------------------------------------------------------------------------------- /image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/image.png -------------------------------------------------------------------------------- /images/adb/acd-id-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/acd-id-1.png -------------------------------------------------------------------------------- /images/adb/acd-id-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/acd-id-2.png -------------------------------------------------------------------------------- /images/adb/adb-id-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/adb-id-1.png -------------------------------------------------------------------------------- /images/adb/adb-id-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/adb-id-2.png -------------------------------------------------------------------------------- /images/adb/aei-id-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/aei-id-1.png -------------------------------------------------------------------------------- /images/adb/aei-id-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/aei-id-2.png -------------------------------------------------------------------------------- /images/adb/compartment-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/compartment-1.png -------------------------------------------------------------------------------- /images/adb/compartment-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/compartment-2.png -------------------------------------------------------------------------------- /images/adb/instance-principal-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/instance-principal-1.png -------------------------------------------------------------------------------- /images/adb/instance-principal-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/instance-principal-2.png -------------------------------------------------------------------------------- /images/adb/instance-principal-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/instance-principal-3.png -------------------------------------------------------------------------------- /images/adb/instance-principal-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/instance-principal-4.png -------------------------------------------------------------------------------- /images/adb/instance-principal-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/adb/instance-principal-5.png -------------------------------------------------------------------------------- /images/sidb/application-express-admin-home.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/sidb/application-express-admin-home.png -------------------------------------------------------------------------------- /images/sidb/database-actions-home.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/oracle/oracle-database-operator/6fa98e62858527d872d5382e04bf22adb3bda021/images/sidb/database-actions-home.png -------------------------------------------------------------------------------- /rbac/cluster-role-binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding 6 | namespace: oracle-database-operator-system 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: ClusterRole 10 | name: oracle-database-operator-manager-role 11 | subjects: 12 | - kind: ServiceAccount 13 | name: default 14 | namespace: oracle-database-operator-system 15 | --- 16 | -------------------------------------------------------------------------------- /rbac/default-ns-role-binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: oracle-database-operator-oracle-database-operator-manager-rolebinding 6 | namespace: default 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: ClusterRole 10 | name: oracle-database-operator-manager-role 11 | subjects: 12 | - kind: ServiceAccount 13 | name: default 14 | namespace: oracle-database-operator-system 15 | --- 16 | -------------------------------------------------------------------------------- /rbac/node-rbac.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oracle-database-operator-manager-role-node 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - nodes 11 | verbs: 12 | - list 13 | - watch 14 | --- 15 | apiVersion: rbac.authorization.k8s.io/v1 16 | kind: ClusterRoleBinding 17 | metadata: 18 | name: oracle-database-operator-manager-role-node-cluster-role-binding 19 | roleRef: 20 | apiGroup: rbac.authorization.k8s.io 21 | kind: ClusterRole 22 | name: oracle-database-operator-manager-role-node 23 | subjects: 24 | - kind: ServiceAccount 25 | name: default 26 | namespace: oracle-database-operator-system 27 | --- 28 | -------------------------------------------------------------------------------- /rbac/persistent-volume-rbac.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oracle-database-operator-manager-role-persistent-volume 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - persistentvolumes 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | --- 16 | apiVersion: rbac.authorization.k8s.io/v1 17 | kind: ClusterRoleBinding 18 | metadata: 19 | name: oracle-database-operator-manager-role-persistent-volume-cluster-role-binding 20 | roleRef: 21 | apiGroup: rbac.authorization.k8s.io 22 | kind: ClusterRole 23 | name: oracle-database-operator-manager-role-persistent-volume 24 | subjects: 25 | - kind: ServiceAccount 26 | name: default 27 | namespace: oracle-database-operator-system 28 | --- 29 | -------------------------------------------------------------------------------- /rbac/storage-class-rbac.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: oracle-database-operator-manager-role-storage-class 6 | rules: 7 | - apiGroups: 8 | - storage.k8s.io 9 | resources: 10 | - storageclasses 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | --- 16 | apiVersion: rbac.authorization.k8s.io/v1 17 | kind: ClusterRoleBinding 18 | metadata: 19 | name: oracle-database-operator-manager-role-storage-class-cluster-role-binding 20 | roleRef: 21 | apiGroup: rbac.authorization.k8s.io 22 | kind: ClusterRole 23 | name: oracle-database-operator-manager-role-storage-class 24 | subjects: 25 | - kind: ServiceAccount 26 | name: default 27 | namespace: oracle-database-operator-system 28 | --- 29 | -------------------------------------------------------------------------------- /test/e2e/backup.sql: -------------------------------------------------------------------------------- 1 | set cloudconfig -proxy=&1 &2 2 | connect ADMIN/&3@&4 3 | ALTER DATABASE PROPERTY SET default_backup_bucket='&5'; 4 | 5 | BEGIN 6 | DBMS_CLOUD.DROP_CREDENTIAL( credential_name => 'DEF_CRED_NAME' ); 7 | END; 8 | / 9 | 10 | BEGIN 11 | DBMS_CLOUD.CREATE_CREDENTIAL( 12 | credential_name => 'DEF_CRED_NAME', 13 | username => '&6', 14 | password => '&7' 15 | ); 16 | END; 17 | / 18 | 19 | ALTER DATABASE PROPERTY SET DEFAULT_CREDENTIAL = 'ADMIN.DEF_CRED_NAME'; 20 | exit -------------------------------------------------------------------------------- /test/e2e/verify_connection.sql: -------------------------------------------------------------------------------- 1 | set cloudconfig -proxy=&1 &2 2 | connect ADMIN/&3@&4 3 | select 1 from dual; 4 | exit --------------------------------------------------------------------------------