crate.operator.grand_central module

async crate.operator.grand_central.create_grand_central_backend(namespace, name, spec, meta, logger, use_traefik=False)
Parameters:
Return type:

None

async crate.operator.grand_central.create_grand_central_exposure(namespace, name, spec, meta, logger, use_traefik=False)

Create only the routing resources for grand-central (HTTPRoute and Traefik Middlewares, or nginx Ingress), without touching the Deployment or Service.

This is used when resuming a suspended cluster or when switching the spec.cluster.exposure field, where the Deployment and Service already exist and only the routing layer needs to be (re-)created.

Parameters:

  • namespace (str) – The Kubernetes namespace to create resources in.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • spec (Spec) – The spec section of the CrateDB custom resource.

  • meta (Meta) – The metadata section of the CrateDB custom resource.

  • logger (Logger) – Logger for operation tracking.

  • use_traefik (bool) – When True, create an HTTPRoute and Traefik Middlewares. When False (default), create an nginx Ingress.

Return type:

None

async crate.operator.grand_central.create_grand_central_user(namespace, name, meta, logger)
Parameters:
async crate.operator.grand_central.delete_grand_central_ingress(namespace, name, logger)

Delete the nginx Ingress resource for grand-central.

A 404 response is treated as success so that the function is safe to call even when the Ingress has already been removed.

Parameters:

  • namespace (str) – The Kubernetes namespace where the Ingress resides.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • logger (Logger) – Logger for operation tracking.

Return type:

None

async crate.operator.grand_central.delete_grand_central_traefik_resources(namespace, name, logger)

Delete the HTTPRoute and all three Traefik Middlewares for grand-central.

Resources are deleted in order: HTTPRoute first, then grand-central-cors, grand-central-compress-js, grand-central-buffering, and grand-central-ip-allowlist. A 404 response for any resource is treated as success.

Parameters:

  • namespace (str) – The Kubernetes namespace where the resources reside.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • logger (Logger) – Logger for operation tracking.

Return type:

None

crate.operator.grand_central.get_grand_central_deployment(owner_references, name, labels, image_pull_secrets, spec)
Parameters:
Return type:

V1Deployment

crate.operator.grand_central.get_grand_central_httproute(owner_references, name, labels, hostname, spec)

Build the HTTPRoute manifest for grand-central.

Creates two rules: one matching /api (with JS compression, buffering, and IP allowlist middlewares) and one matching /socket.io (with buffering and IP allowlist only). Both rules set security and CORS response headers via a ResponseHeaderModifier filter.

Parameters:

  • owner_references (Optional[List[V1OwnerReference]]) – Owner references to set on the resource.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • labels (Dict[str, str]) – Kubernetes labels to apply to the resource.

  • hostname (str) – The external hostname the HTTPRoute should match.

  • spec (Spec) – The spec section of the CrateDB custom resource.

Return type:

Dict[str, Any]

crate.operator.grand_central.get_grand_central_ingress(owner_references, name, labels, hostname, spec, cidrs=None)
Parameters:
Return type:

V1Ingress

crate.operator.grand_central.get_grand_central_labels(name, meta)
Parameters:
Return type:

Dict[str, Any]

crate.operator.grand_central.get_grand_central_middleware_buffering(owner_references, name, labels)

Build the grand-central-buffering Traefik Middleware manifest.

Configures request/response buffering with a 1 GiB maximum request body, replacing the nginx proxy-body-size: 1G annotation from the legacy Ingress.

Parameters:

  • owner_references (Optional[List[V1OwnerReference]]) – Owner references to set on the resource.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • labels (Dict[str, str]) – Kubernetes labels to apply to the resource.

Return type:

Dict[str, Any]

crate.operator.grand_central.get_grand_central_middleware_compress_js(owner_references, name, labels)

Build the grand-central-compress-js Traefik Middleware manifest.

Configures Traefik to gzip-compress application/javascript and text/javascript responses, replacing the nginx gzip configuration snippet from the legacy Ingress.

Parameters:

  • owner_references (Optional[List[V1OwnerReference]]) – Owner references to set on the resource.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • labels (Dict[str, str]) – Kubernetes labels to apply to the resource.

Return type:

Dict[str, Any]

crate.operator.grand_central.get_grand_central_middleware_cors(owner_references, name, labels, spec)

Build the grand-central-cors Traefik Middleware manifest.

The CrateDB setting accepts a comma-separated list of origins; these are split into individual entries. Falls back to ["*"] when the setting is absent.

Parameters:

  • owner_references (Optional[List[V1OwnerReference]]) – Owner references to set on the resource.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • labels (Dict[str, str]) – Kubernetes labels to apply to the resource.

  • spec (Spec) – The spec section of the CrateDB custom resource, used to read cluster.settings.http.cors.allow-origin.

Return type:

Dict[str, Any]

crate.operator.grand_central.get_grand_central_middleware_ip_allowlist(owner_references, name, labels, cidrs=None)

Build the grand-central-ip-allowlist Traefik Middleware manifest.

Restricts access to the listed CIDR ranges, replacing the nginx whitelist-source-range annotation from the legacy Ingress. When cidrs is empty or None, all traffic is allowed (0.0.0.0/0 and ::/0).

Parameters:

  • owner_references (Optional[List[V1OwnerReference]]) – Owner references to set on the resource.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • labels (Dict[str, str]) – Kubernetes labels to apply to the resource.

  • cidrs (Optional[List[str]]) – Optional list of CIDR ranges to allow. Defaults to open access when not provided.

Return type:

Dict[str, Any]

crate.operator.grand_central.get_grand_central_service(owner_references, name, labels)
Parameters:
Return type:

V1Service

async crate.operator.grand_central.read_grand_central_deployment(namespace, name)
Parameters:
Return type:

Optional[V1Deployment]

async crate.operator.grand_central.read_grand_central_httproute(namespace, name)

Return the HTTPRoute object for grand-central, or None if it does not exist or cannot be read.

Parameters:

  • namespace (str) – The Kubernetes namespace to look up the HTTPRoute in.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

Return type:

Optional[Dict[str, Any]]

async crate.operator.grand_central.read_grand_central_ingress(namespace, name)
Parameters:
Return type:

Optional[V1Ingress]

async crate.operator.grand_central.update_grand_central_deployment_image(namespace, name, image, logger)
Parameters:
async crate.operator.grand_central.update_grand_central_ip_allowlist(namespace, name, cidrs, logger)

Patch the grand-central-ip-allowlist Middleware in place with a new set of CIDR ranges.

When cidrs is empty, the middleware is set to allow all traffic (0.0.0.0/0 and ::/0) rather than blocking everything.

Parameters:

  • namespace (str) – The Kubernetes namespace where the Middleware resides.

  • name (str) – The CrateDB custom resource name defining the CrateDB cluster.

  • cidrs (List[str]) – New list of CIDR ranges. Pass an empty list to remove all restrictions.

  • logger (Logger) – Logger for operation tracking.

Return type:

None