cbopcfg

      +

      The cbopcfg binary is deprecated and will be removed in a later release. Please use the cao binary that features all the same sub commands.

      Installation

      Make sure that you have downloaded the Operator package and unpacked it.

      After you unpack the download, the resulting directory will be titled something like couchbase-autonomous-operator-kubernetes_x.x.x-linux_x86_64.

      • macOS

      • Linux

      • Windows

      1. Open a Terminal window and go to the directory where the cbopcfg binary is located:

        $ cd couchbase-autonomous-operator-kubernetes_x.x.x-macos_x86_64/bin/
      2. Make the cbopcfg binary executable:

        $ chmod +x ./cbopcfg
      3. Move the binary into your PATH:

        $ sudo mv ./cbopcfg /usr/local/bin/cbopcfg
      On newer versions of macOS, you may encounter errors such as cannot execute binary file when trying to use the tools included in the Autonomous Operator package. If you encounter such an error, you’ll need to update your security settings as outlined in Apple’s support article on macOS Gatekeeper. In System Preferences, click Security & Privacy, then click General. Click the lock and enter your password to make changes. Select App Store and identified developers under the header “Allow apps downloaded from.”
      1. Open a command prompt and go to the directory where the cbopcfg binary is located:

        $ cd couchbase-autonomous-operator-kubernetes_x.x.x-linux_x86_64/bin/
      2. Make the cbopcfg binary executable:

        $ chmod +x ./cbopcfg
      3. Move the binary into your PATH:

        $ sudo mv ./cbopcfg /usr/local/bin/cbopcfg
      1. Open a command prompt and go to the directory where the cbopcfg binary is located:

        $ cd couchbase-autonomous-operator-kubernetes_x.x.x-windows_x86_64\bin\
      2. Add the cbopcfg binary into your PATH.

      cbopcfg

      Couchbase Autonomous Operator configuration utility.

      The cbopcfg tool is used to automate the life-cycle of the Autonomous Operator. It is responsible for creation and deletion of Autonomous Operator components. A typical installation involves installing the Couchbase custom resource definitions, then the Dynamic Admission Controller, and finally the Operator itself.

      Additional details for each component are documented under each sub-command.

      Alternative methods of life-cycle management are available in the form of Helm charts and the Couchbase Open Service Broker.

      cbopcfg create

      Creates Couchbase Autonomous Operator components

      cbopcfg create admission [flags]

      Creates the dynamic admission controller.

      The DAC is designed to be deployed at the cluster scope (default). It monitors Couchbase resources as they are created and modified, accepting, or rejecting them, before they are persisted in etcd.

      Use of the DAC is encouraged as it will report any configuration errors that are specific to deployment of Couchbase resources that aren’t available by default in the Kubernetes API. For example, this includes validating memory quotas are satisfiable, TLS certificates are correctly configured, and any resources referenced actually exist.

      Examples

      # Create admission controller (recommended).
      cbopcfg create admission
      
      # Create admission controller scoped to a namespace.
      cbopcfg create admission --scope namespace --namespace-selector key=value
      
      # Create admission controller with custom image and secure image registry.
      cbopcfg create admission --image acme.corp/admission:1.0.0 --image-pull-secret secret-name
      
      # Create admission controller without secret access.
      cbopcfg create admission --validate-secrets=false
      
      # Create admission controller with debug logging.
      cbopcfg create admission --log-level debug

      Flags

      --cpu-limit

      Type: quantity

      Default: 1

      CPU limit for constraining, only valid when used with --with-resources

      --cpu-request

      Type: quantity

      Default: 500m

      CPU requested for scheduling, only valid when used with --with-resources

      --image

      Type: string

      Default: couchbase/admission-controller:

      Operator image to use

      --image-pull-policy

      Type: string

      Default: IfNotPresent

      Image pull policy to affect when the image is downloaded.

      --image-pull-secret

      Type: string

      Image pull secret to allow access to the operator image

      --log-level

      Type: string

      Default: info

      Log level to generate logs at. "info", or "0", prints basic operations. "debug", or "1" prints extended information.

      --memory-limit

      Type: quantity

      Default: 200Mi

      Memory limit for constraining, only valid when used with --with-resources

      --memory-request

      Type: quantity

      Default: 100Mi

      Memory requested for scheduling, only valid when used with --with-resources

      --namespace-selector

      Type: map

      Required namespace selector to use when scope is set to 'namespace'. Format label=value[,label=value].

      --replicas

      Type: int

      Default: 1

      The number of replicas in the deployment

      --scope

      Type: string

      Default: cluster

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      --validate-secrets

      Type: bool

      Default: true

      Validates secrets referenced by Couchbase resources, and their contents e.g. TLS configuration, for validity

      --validate-storage-classes

      Type: bool

      Default: true

      Validates storage classes referenced by Couchbase resources

      --with-resources

      Type: bool

      Default: false

      Populates pod resource requests and limits

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg create backup [flags]

      Creates backup roles.

      Flags

      --iam-role-arn

      Type: string

      Adds the IAM Role ARN to the backup service account’s annotation. e.g arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg create operator [flags]

      Creates the Couchbase Autonomous Operator.

      The Operator is designed to be run at the namespace scope (default). It watches for creation of CouchbaseCluster resources in that namespace and provides automated provisioning, management and disaster recovery of Couchbase Server.

      Examples

      # Create operator (recommended).
      cbopcfg create operator
      
      # Create operator scoped to the cluster.
      cbopcfg create operator --scope cluster
      
      # Create operator with a custom image and secure image registry.
      cbopcfg create operator --image acme.corp/operator:1.0.0 --image-pull-secret secret-name
      
      # Create operator with debug logging.
      cbopcfg create operator --log-level debug
      
      # Create operator with extended timeouts (for slow platforms).
      cbopcfg create operator --pod-creation-timeout 1h

      Flags

      --cpu-limit

      Type: quantity

      Default: 1

      CPU limit for constraining

      --cpu-request

      Type: quantity

      Default: 500m

      CPU requested for scheduling

      --image

      Type: string

      Default: couchbase/operator:

      Operator image to use.

      --image-pull-policy

      Type: string

      Default: IfNotPresent

      Image pull policy to affect when the image is downloaded.

      --image-pull-secret

      Type: string

      Image pull secret to allow access to the operator image.

      --log-level

      Type: string

      Default: info

      Log level to generate logs at. "info", or "0", prints basic operations. "debug", or "1" prints extended information and API calls. "2" prints very detailed logs, including full API payloads that may contain passwords and keys.

      --memory-limit

      Type: quantity

      Default: 400Mi

      Memory limit for constraining

      --memory-request

      Type: quantity

      Default: 200Mi

      Memory requested for scheduling

      --pod-creation-timeout

      Type: string

      Default: 10m0s

      How long to wait before declaring an error when provisioning a pod.

      --pod-delete-delay

      Type: string

      Default: 0s

      How long to wait before performing a delete on a failed pod.

      --pod-readiness-delay

      Type: string

      Default: 10s

      How long to wait before starting readiness probes on server pods.

      --pod-readiness-period

      Type: string

      Default: 20s

      How long to wait between readiness probes on server pods.

      --scope

      Type: string

      Default: namespace

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      --with-resources

      Type: bool

      Default: false

      Populates pod resource requests and limits

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg delete

      Deletes Couchbase Autonomous Operator components

      cbopcfg delete admission [flags]

      Deletes the dynamic admission controller.

      Examples

      # Delete admission controller (recommended).
      cbopcfg delete admission
      
      # Delete admission controller scoped to a namespace.
      cbopcfg delete admission --scope namespace

      Flags

      --scope

      Type: string

      Default: cluster

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg delete backup

      Deletes backup roles.

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg delete operator [flags]

      Deletes the Couchbase Autonomous Operator.

      Examples

      # Delete operator (recommended).
      cbopcfg delete operator
      
      # Delete operator scoped to the cluster.
      cbopcfg delete operator --scope cluster

      Flags

      --scope

      Type: string

      Default: namespace

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg generate

      Generates YAML manifests for various Operator components

      cbopcfg generate admission [flags]

      Generates YAML for the dynamic admission controller.

      The DAC is designed to be deployed at the cluster scope (default). It monitors Couchbase resources as they are created and modified, accepting, or rejecting them, before they are persisted in etcd.

      Use of the DAC is encouraged as it will report any configuration errors that are specific to deployment of Couchbase resources that aren’t available by default in the Kubernetes API. For example, this includes validating memory quotas are satisfiable, TLS certificates are correctly configured, and any resources referenced actually exist.

      Examples

      # Create admission controller (recommended).
      cbopcfg generate admission
      
      # Create admission controller scoped to a namespace.
      cbopcfg generate admission --scope namespace --namespace-selector key=value
      
      # Create admission controller with custom image and secure image registry.
      cbopcfg generate admission --image acme.corp/admission:1.0.0 --image-pull-secret secret-name
      
      # Create admission controller without secret access.
      cbopcfg generate admission --validate-secrets=false
      
      # Create admission controller with debug logging.
      cbopcfg generate admission --log-level debug

      Flags

      --cpu-limit

      Type: quantity

      Default: 1

      CPU limit for constraining, only valid when used with --with-resources

      --cpu-request

      Type: quantity

      Default: 500m

      CPU requested for scheduling, only valid when used with --with-resources

      --image

      Type: string

      Default: couchbase/admission-controller:

      Operator image to use

      --image-pull-policy

      Type: string

      Default: IfNotPresent

      Image pull policy to affect when the image is downloaded.

      --image-pull-secret

      Type: string

      Image pull secret to allow access to the operator image

      --log-level

      Type: string

      Default: info

      Log level to generate logs at. "info", or "0", prints basic operations. "debug", or "1" prints extended information.

      --memory-limit

      Type: quantity

      Default: 200Mi

      Memory limit for constraining, only valid when used with --with-resources

      --memory-request

      Type: quantity

      Default: 100Mi

      Memory requested for scheduling, only valid when used with --with-resources

      --namespace-selector

      Type: map

      Required namespace selector to use when scope is set to 'namespace'. Format label=value[,label=value].

      --replicas

      Type: int

      Default: 1

      The number of replicas in the deployment

      --scope

      Type: string

      Default: cluster

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      --validate-secrets

      Type: bool

      Default: true

      Validates secrets referenced by Couchbase resources, and their contents e.g. TLS configuration, for validity

      --validate-storage-classes

      Type: bool

      Default: true

      Validates storage classes referenced by Couchbase resources

      --with-resources

      Type: bool

      Default: false

      Populates pod resource requests and limits

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg generate backup [flags]

      Generates YAML for backup jobs.

      Flags

      --iam-role-arn

      Type: string

      Adds the IAM Role ARN to the backup service account’s annotation. e.g arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg generate operator [flags]

      Generates YAML for the Couchbase Autonomous Operator.

      The Operator is designed to be run at the namespace scope (default). It watches for creation of CouchbaseCluster resources in that namespace and provides automated provisioning, management and disaster recovery of Couchbase Server.

      Examples

      # Create operator (recommended).
      cbopcfg generate operator
      
      # Create operator scoped to the cluster.
      cbopcfg generate operator --scope cluster
      
      # Create operator with a custom image and secure image registry.
      cbopcfg generate operator --image acme.corp/operator:1.0.0 --image-pull-secret secret-name
      
      # Create operator with debug logging.
      cbopcfg generate operator --log-level debug
      
      # Create operator with extended timeouts (for slow platforms).
      cbopcfg generate operator --pod-creation-timeout 1h

      Flags

      --cpu-limit

      Type: quantity

      Default: 1

      CPU limit for constraining

      --cpu-request

      Type: quantity

      Default: 500m

      CPU requested for scheduling

      --image

      Type: string

      Default: couchbase/operator:

      Operator image to use.

      --image-pull-policy

      Type: string

      Default: IfNotPresent

      Image pull policy to affect when the image is downloaded.

      --image-pull-secret

      Type: string

      Image pull secret to allow access to the operator image.

      --log-level

      Type: string

      Default: info

      Log level to generate logs at. "info", or "0", prints basic operations. "debug", or "1" prints extended information and API calls. "2" prints very detailed logs, including full API payloads that may contain passwords and keys.

      --memory-limit

      Type: quantity

      Default: 400Mi

      Memory limit for constraining

      --memory-request

      Type: quantity

      Default: 200Mi

      Memory requested for scheduling

      --pod-creation-timeout

      Type: string

      Default: 10m0s

      How long to wait before declaring an error when provisioning a pod.

      --pod-delete-delay

      Type: string

      Default: 0s

      How long to wait before performing a delete on a failed pod.

      --pod-readiness-delay

      Type: string

      Default: 10s

      How long to wait before starting readiness probes on server pods.

      --pod-readiness-period

      Type: string

      Default: 20s

      How long to wait between readiness probes on server pods.

      --scope

      Type: string

      Default: namespace

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      --with-resources

      Type: bool

      Default: false

      Populates pod resource requests and limits

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg update

      Updates Couchbase Autonomous Operator components

      cbopcfg update webhook [flags]

      refreshes the self signed certificate used by the validating webhook.

      Flags

      --scope

      Type: string

      Default: cluster

      Whether to scope the Operator to a 'namespace' or to the 'cluster'.

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use

      cbopcfg version

      Prints the command version

      Inherited Flags

      --as

      Type: string

      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.

      --as-group

      Type: stringArray

      Default: []

      Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

      --as-uid

      Type: string

      UID to impersonate for the operation.

      --cache-dir

      Type: string

      Default: $HOME/.kube/cache

      Default cache directory

      --certificate-authority

      Type: string

      Path to a cert file for the certificate authority

      --client-certificate

      Type: string

      Path to a client certificate file for TLS

      --client-key

      Type: string

      Path to a client key file for TLS

      --cluster

      Type: string

      The name of the kubeconfig cluster to use

      --context

      Type: string

      The name of the kubeconfig context to use

      --disable-compression

      Type: bool

      Default: false

      If true, opt-out of response compression for all requests to the server

      --insecure-skip-tls-verify

      Type: bool

      Default: false

      If true, the server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

      --kubeconfig

      Type: string

      Path to the kubeconfig file to use for CLI requests.

      --namespace, -n

      Type: string

      If present, the namespace scope for this CLI request

      --request-timeout

      Type: string

      Default: 0

      The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don’t timeout requests.

      --server, -s

      Type: string

      The address and port of the Kubernetes API server

      --tls-server-name

      Type: string

      Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used

      --token

      Type: string

      Bearer token for authentication to the API server

      --user

      Type: string

      The name of the kubeconfig user to use