{"id":36731829,"url":"https://github.com/nutanix-cloud-native/ndb-operator","last_synced_at":"2026-01-12T12:13:42.289Z","repository":{"id":60312863,"uuid":"520644356","full_name":"nutanix-cloud-native/ndb-operator","owner":"nutanix-cloud-native","description":"Nutanix NDB Kubernetes Operator","archived":false,"fork":false,"pushed_at":"2024-04-25T22:31:08.000Z","size":620,"stargazers_count":12,"open_issues_count":21,"forks_count":22,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-06-19T23:15:31.578Z","etag":null,"topics":["database","kubernetes","ndb","nutanix","operator"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nutanix-cloud-native.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-02T20:43:51.000Z","updated_at":"2024-05-21T15:52:15.000Z","dependencies_parsed_at":"2023-10-03T10:36:20.447Z","dependency_job_id":"5169aa9c-1bb7-40dc-be2f-cc20b4caccbb","html_url":"https://github.com/nutanix-cloud-native/ndb-operator","commit_stats":{"total_commits":72,"total_committers":8,"mean_commits":9.0,"dds":0.7222222222222222,"last_synced_commit":"0ab7d1e226a70bbdca9e730d1b0787e7608e5793"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/nutanix-cloud-native/ndb-operator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nutanix-cloud-native%2Fndb-operator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nutanix-cloud-native%2Fndb-operator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nutanix-cloud-native%2Fndb-operator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nutanix-cloud-native%2Fndb-operator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nutanix-cloud-native","download_url":"https://codeload.github.com/nutanix-cloud-native/ndb-operator/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nutanix-cloud-native%2Fndb-operator/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28338975,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T10:58:46.209Z","status":"ssl_error","status_checked_at":"2026-01-12T10:58:42.742Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["database","kubernetes","ndb","nutanix","operator"],"created_at":"2026-01-12T12:13:42.213Z","updated_at":"2026-01-12T12:13:42.275Z","avatar_url":"https://github.com/nutanix-cloud-native.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Nutanix Database Service Operator for Kubernetes\nThe NDB operator brings automated and simplified database administration, provisioning, and life-cycle management to Kubernetes.\n\n---\n\n[![Go Report Card](https://goreportcard.com/badge/github.com/nutanix-cloud-native/ndb-operator)](https://goreportcard.com/report/github.com/nutanix-cloud-native/ndb-operator)\n![CI](https://github.com/nutanix-cloud-native/ndb-operator/actions/workflows/build-dev.yaml/badge.svg)\n![Release](https://github.com/nutanix-cloud-native/ndb-operator/actions/workflows/release.yaml/badge.svg)\n\n[![release](https://img.shields.io/github/release-pre/nutanix-cloud-native/ndb-operator.svg)](https://github.com/nutanix-cloud-native/ndb-operator/releases)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/nutanix-cloud-native/ndb-operator/blob/master/LICENSE)\n![Proudly written in Golang](https://img.shields.io/badge/written%20in-Golang-92d1e7.svg)\n\n---\n## Installation / Deployment\n### Pre-requisites\n1. Access to an NDB Server.\n2. A Kubernetes cluster to run against, which should have network connectivity to the NDB server. The operator will automatically use the current context in your kubeconfig file (i.e. whatever cluster `kubectl cluster-info` shows).\n3. The [operator-sdk installed](https://sdk.operatorframework.io/docs/installation/).\n4. A clone of the source code ([this](https://github.com/nutanix-cloud-native/ndb-operator) repository).\n5. Cert-manager (only when running in non OpenShift clusters). Follow the instructions [here](https://cert-manager.io/docs/installation/).\n\nWith the pre-requisites completed, the NDB Operator can be deployed in one of the following ways: \n\n### Outside Kubernetes\nRuns the controller outside the Kubernetes cluster as a process, but installs the CRDs, services and RBAC entities within the Kubernetes cluster. Generally used while development (without running webhooks):\n```sh\nmake install run\n```\n\n### Within Kubernetes \nRuns the controller pod, installs the CRDs, services and RBAC entities within the Kubernetes cluster. Used to run the operator from the container image defined in the Makefile. Make sure that the cert-manager is installed if not using OpenShift.\n\n```sh\nmake deploy\n```\n\n### Using Helm Charts\nThe Helm charts for the NDB Operator project are available on artifacthub.io and can be installed by following the instructions [here](https://artifacthub.io/packages/helm/nutanix/ndb-operator?modal=install).\n\n### On OpenShift\nTo deploy the operator from this repository on an OpenShift cluster, create a bundle and then install the operator via the operator-sdk.\n```sh\n# Export these environment variables to overwrite the variables set in the Makefile\nexport DOCKER_USERNAME=dockerhub-username\nexport VERSION=x.y.z\nexport IMG=docker.io/$DOCKER_USERNAME/ndb-operator:v$VERSION\nexport BUNDLE_IMG=docker.io/$DOCKER_USERNAME/ndb-operator-bundle:v$VERSION\n\n# Build and push the container image to the container registry\nmake docker-build docker-push\n\n# Build the bundle following the prompts for input, build and push the bundle image to the container registry\nmake bundle bundle-build bundle-push\n\n# Install the operator (run on the OpenShift cluster)\noperator-sdk run bundle $BUNDLE_IMG\n\nNOTE: \nThe container and bundle image creation steps can be skipped if existing images are present in the container registry.\n```\n\n---\n\n## Usage\n### Create secrets to be used by the NDBServer and Database resources using the manifest:\n\n```yaml\napiVersion: v1\nkind: Secret\nmetadata:\n name: ndb-secret-name\ntype: Opaque\nstringData:\n username: username-for-ndb-server\n password: password-for-ndb-server\n ca_certificate: |\n -----BEGIN CERTIFICATE-----\n CA CERTIFICATE (ca_certificate is optional)\n -----END CERTIFICATE-----\n---\napiVersion: v1\nkind: Secret\nmetadata:\n name: db-instance-secret-name\ntype: Opaque\nstringData:\n password: password-for-the-database-instance\n ssh_public_key: SSH-PUBLIC-KEY\n\n```\n\nCreate the secrets:\n\n```\nkubectl apply -f \u003cpath/to/secrets-manifest.yaml\u003e\n```\n\n### Create the NDBServer resource. The manifest for NDBServer is described as follows:\n\n```yaml\napiVersion: ndb.nutanix.com/v1alpha1\nkind: NDBServer\nmetadata:\n labels:\n app.kubernetes.io/name: ndbserver\n app.kubernetes.io/instance: ndbserver\n app.kubernetes.io/part-of: ndb-operator\n app.kubernetes.io/managed-by: kustomize\n app.kubernetes.io/created-by: ndb-operator\n name: ndb\nspec:\n # Name of the secret that holds the credentials for NDB: username, password and ca_certificate created earlier\n credentialSecret: ndb-secret-name\n # NDB Server's API URL\n server: https://[NDB IP]:8443/era/v0.9\n # Set to true to skip SSL certificate validation, should be false if ca_certificate is provided in the credential secret.\n skipCertificateVerification: true\n\n```\nCreate the NDBServer resource using:\n```sh\nkubectl apply -f \u003cpath/to/NDBServer-manifest.yaml\u003e\n```\n\n### Create a Database Resource. A database can either be provisioned or cloned on NDB based on the inputs specified in the database manifest.\n\n#### Provisioning manifest\n```yaml\napiVersion: ndb.nutanix.com/v1alpha1\nkind: Database\nmetadata:\n # This name that will be used within the kubernetes cluster\n name: db\nspec:\n # Name of the NDBServer resource created earlier\n ndbRef: ndb\n isClone: false\n # Database instance specific details (that is to be provisioned)\n databaseInstance:\n # Cluster id of the cluster where the Database has to be provisioned\n # Can be fetched from the GET /clusters endpoint\n clusterId: \"Nutanix Cluster Id\"\n # The database instance name on NDB\n name: \"Database-Instance-Name\"\n # The description of the database instance\n description: Database Description\n # Names of the databases on that instance\n databaseNames:\n - database_one\n - database_two\n - database_three\n # Credentials secret name for NDB installation\n # data: password, ssh_public_key\n credentialSecret: db-instance-secret-name\n size: 10\n timezone: \"UTC\"\n type: postgres\n\n # You can specify any (or none) of these types of profiles: compute, software, network, dbParam\n # If not specified, the corresponding Out-of-Box (OOB) profile will be used wherever applicable\n # Name is case-sensitive. ID is the UUID of the profile. Profile should be in the \"READY\" state\n # \"id\" \u0026 \"name\" are optional. If none provided, OOB may be resolved to any profile of that type\n profiles:\n compute:\n id: \"\"\n name: \"\"\n # A Software profile is a mandatory input for closed-source engines: SQL Server \u0026 Oracle\n software:\n name: \"\"\n id: \"\"\n network:\n id: \"\"\n name: \"\"\n dbParam:\n name: \"\"\n id: \"\"\n # Only applicable for MSSQL databases\n dbParamInstance:\n name: \"\"\n id: \"\"\n timeMachine: # Optional block, if removed the SLA defaults to NONE\n sla : \"NAME OF THE SLA\"\n dailySnapshotTime: \"12:34:56\" # Time for daily snapshot in hh:mm:ss format\n snapshotsPerDay: 4 # Number of snapshots per day\n logCatchUpFrequency: 90 # Frequency (in minutes)\n weeklySnapshotDay: \"WEDNESDAY\" # Day of the week for weekly snapshot\n monthlySnapshotDay: 24 # Day of the month for monthly snapshot\n quarterlySnapshotMonth: \"Jan\" # Start month of the quarterly snapshot\n additionalArguments: # Optional block, can specify additional arguments that are unique to database engines.\n listener_port: \"8080\"\n\n```\n\n#### Cloning manifest\n```yaml\napiVersion: ndb.nutanix.com/v1alpha1\nkind: Database\nmetadata:\n # This name that will be used within the kubernetes cluster\n name: db\nspec:\n # Name of the NDBServer resource created earlier\n ndbRef: ndb\n isClone: true\n # Clone specific details (that is to be provisioned)\n clone:\n # Type of the database to be cloned\n type: postgres\n # The clone instance name on NDB\n name: \"Clone-Instance-Name\"\n # The description of the clone instance\n description: Database Description\n # Cluster id of the cluster where the Database has to be provisioned\n # Can be fetched from the GET /clusters endpoint\n clusterId: \"Nutanix Cluster Id\"\n # You can specify any (or none) of these types of profiles: compute, software, network, dbParam\n # If not specified, the corresponding Out-of-Box (OOB) profile will be used wherever applicable\n # Name is case-sensitive. ID is the UUID of the profile. Profile should be in the \"READY\" state\n # \"id\" \u0026 \"name\" are optional. If none provided, OOB may be resolved to any profile of that type\n profiles:\n compute:\n id: \"\"\n name: \"\"\n # A Software profile is a mandatory input for closed-source engines: SQL Server \u0026 Oracle\n software:\n name: \"\"\n id: \"\"\n network:\n id: \"\"\n name: \"\"\n dbParam:\n name: \"\"\n id: \"\"\n # Only applicable for MSSQL databases\n dbParamInstance:\n name: \"\"\n id: \"\"\n # Name of the secret with the\n # data: password, ssh_public_key\n credentialSecret: clone-instance-secret-name\n timezone: \"UTC\"\n # ID of the database to clone from, can be fetched from NDB REST API Explorer\n sourceDatabaseId: source-database-id\n # ID of the snapshot to clone from, can be fetched from NDB REST API Explorer\n snapshotId: snapshot-id\n additionalArguments: # Optional block, can specify additional arguments that are unique to database engines.\n expireInDays: 3\n\n```\n\nCreate the Database resource:\n```sh\nkubectl apply -f \u003cpath/to/database-manifest.yaml\u003e\n```\n\n### Additional Arguments for Databases\nBelow are the various optional addtionalArguments you can specify along with examples of their corresponding values. Arguments that have defaults will be indicated.\n\nProvisioning Additional Arguments: \n```yaml\n# PostGres\nadditionalArguments:\n listener_port: \"1111\" # Default: \"5432\"\n\n# MySQL\nadditionalArguments:\n listener_port: \"1111\" # Default: \"3306\" \n\n# MongoDB\nadditionalArguments:\n listener_port: \"1111\" # Default: \"27017\"\n log_size: \"150\" # Default: \"100\"\n journal_size: \"150\" # Default: \"100\"\n\n# MSSQL\nadditionalArguments:\n sql_user_name: \"mazin\" # Defualt: \"sa\".\n authentication_mode: \"mixed\" # Default: \"windows\". Options are \"windows\" or \"mixed\". Must specify sql_user.\n server_collation: \"\u003cserver-collation\u003e\" # Default: \"SQL_Latin1_General_CP1_CI_AS\".\n database_collation: \"\u003cserver-collation\u003e\" # Default: \"SQL_Latin1_General_CP1_CI_AS\".\n dbParameterProfileIdInstance: \"\u003cid-instance\u003e\" # Default: Fetched from profile.\n vm_dbserver_admin_password: \"\u003cadmin-password\u003e\" # Default: Fetched from database secret.\n sql_user_password: \"\u003csq-user-password\u003e\" # NO Default. Must specify authentication_mode as \"mixed\".\n windows_domain_profile_id: \u003cdomain-profile-id\u003e # NO Default. Must specify vm_db_server_user.\n vm_db_server_user: \u003cvm-db-server-use\u003e # NO Default. Must specify windows_domain_profile_id.\n vm_win_license_key: \u003clicenseKey\u003e # NO Default.\n```\n\nCloning Additional Arguments: \n```yaml\nMSSQL:\n windows_domain_profile_id \n era_worker_service_user \n sql_service_startup_account \n vm_win_license_key \n target_mountpoints_location \n expireInDays \n expiryDateTimezone \n deleteDatabase \n refreshInDays \n refreshTime \n refreshDateTimezone \n\nMongoDB:\n expireInDays \n expiryDateTimezone \n deleteDatabase \n refreshInDays \n refreshTime \n refreshDateTimezone \n\nPostgres:\n expireInDays \n expiryDateTimezone \n deleteDatabase \n refreshInDays \n refreshTime \n refreshDateTimezone \n\nMySQL:\n expireInDays \n expiryDateTimezone \n deleteDatabase \n refreshInDays \n refreshTime \n refreshDateTimezone \n```\n\n\n### Deleting the Database resource\nTo deregister the database and delete the VM run:\n```sh\nkubectl delete -f \u003cpath/to/database-manifest.yaml\u003e\n```\n\n### Deleting the NDBServer resource\nTo deregister the database and delete the VM run:\n```sh\nkubectl delete -f \u003cpath/to/NDBServer-manifest.yaml\u003e\n```\n\n---\n\n## Developement\n\n### Modifying the API definitions\nIf you are editing the API definitions, generate the manifests such as CRs or CRDs using:\n\n```sh\nmake generate manifests\n```\nAdd the CRDs to the Kubernetes cluster\n```sh\nmake install\n```\nRun your controller locally (this will run in the foreground, so switch to a new terminal if you want to leave it running):\n\n```sh\nmake run\n```\n\n**NOTES:** \n1. You can also run this in one step by running: `make install run`\n2. Run `make --help` for more information on all potential `make` targets\n\nMore information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html)\n\n### Building and pushing to an image registry\nBuild and push your image to the location specified by `IMG`:\n\n```sh\nmake docker-build docker-push IMG=\u003csome-registry\u003e/ndb-operator:tag\n```\n\n### Deploy the operator pushed to an image registry\nDeploy the controller to the cluster with the image specified by `IMG`:\n\n```sh\nmake deploy IMG=\u003csome-registry\u003e/ndb-operator:tag\n```\n---\n## Uninstallation / Cleanup\nUninstall the operator based on the installation/deployment environment\n\n### Running outside the cluster\n```sh\n# Stops the controller process\nctrl + c\n# Uninstalls the CRDs\nmake uninstall\n```\n\n### Running inside the cluster\n```sh\n# Removes the deployment, crds, services and rbac entities\nmake undeploy\n```\n\n### Running using Helm charts\n```sh\n# NAME: name of the release created during installation\nhelm uninstall NAME\n```\n\n### Running on Openshift\n```sh\noperator-sdk cleanup ndb-operator --delete-all\n```\n\n---\n\n## How it works\n\nThis project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/). It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/)\nwhich provides a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster.\n\nA custom resource of the kind Database is created by the reconciler, followed by a Service and an Endpoint that maps to the IP address of the database instance provisioned. Application pods/deployments can use this service to interact with the databases provisioned on NDB through the native Kubernetes service.\n\nPods can specify an initContainer to wait for the service (and hence the database instance) to get created before they start up.\n```yaml\n initContainers:\n - name: init-db\n image: busybox:1.28\n command: ['sh', '-c', \"until nslookup \u003c\u003cDatabase CR Name\u003e\u003e-svc.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for database service; sleep 2; done\"]\n```\n---\n\n## Contributing\nSee the [contributing docs](CONTRIBUTING.md)\n\n---\n\n## Support\nThis code is developed in the open with input from the community through issues and PRs. A Nutanix engineering team serves as the maintainer. Documentation is available in the project repository. Issues and enhancement requests can be submitted in the [Issues tab of this repository](../../issues). Please search for and review the existing open issues before submitting a new issue.\n\n---\n\n## License\nCopyright 2022-2023 Nutanix, Inc.\n\nThe project is released under version 2.0 of the [Apache license](http://www.apache.org/licenses/LICENSE-2.0).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnutanix-cloud-native%2Fndb-operator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnutanix-cloud-native%2Fndb-operator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnutanix-cloud-native%2Fndb-operator/lists"}