# sdb-cluster.yaml This generates a `MemsqlCluster` object (from the [custom resource definition](https://docs.singlestore.com/db/v9.1/deploy/kubernetes/create-the-object-definition-files/sdb-cluster-crd-yaml.md)) that spawns the cluster and all associated necessary objects/resources based on the configurations supplied within. Create a MemsqlCluster definition file to specify the configuration settings for your cluster. ```yaml apiVersion: memsql.com/v1alpha1 kind: MemsqlCluster metadata: name: sdb-cluster spec: license: license_key adminHashedPassword: "hashed_password" nodeImage: repository: singlestore/node tag: node_tag redundancyLevel: 2 childAggregatorSpec: count: 1 cores: 4 coresLimit: 4 memoryMB: 32768 memoryMBLimit: 32768 storageGB: 256 storageClass: standard objectMetaOverrides: annotations: optional: annotation labels: optional: label masterAggregatorSpec: count: 2 cores: 4 coresLimit: 4 memoryMB: 32768 memoryMBLimit: 32768 storageGB: 256 storageClass: standard objectMetaOverrides: annotations: optional: annotation labels: optional: label leafSpec: count: 2 cores: 8 coresLimit: 8 memoryMB: 65536 memoryLimitMB: 65536 storageGB: 1024 storageClass: standard objectMetaOverrides: annotations: optional: annotation labels: optional: label ``` You must edit the following placeholders in this file to properly set up your cluster: * Replace `license_key` with your license from the [Cloud Portal](https://portal.singlestore.com). Note that license checks are now `cgroup`-aware and respect container resource boundaries for containerized deployments. While this does not change how license checks are performed, nor does it change how capacity is allocated, it does change how the resources allocated to the container are checked. * Replace `hashed_password` with a hashed version of a secure password for the `admin` database user on the cluster. The `admin` user is the default user you can use when logging into your cluster. The account is created by the Operator during cluster deployment and has an explicit set of grants (defined at the end of this step) to reduce the scope of this user. The following python script shows how to create a hashed password. Note that the asterisk (`*`) must be included in the final password. ```python from hashlib import sha1 print("*" + sha1(sha1('secretpass'.encode('utf-8')).digest()).hexdigest().upper()) ``` * Under `nodeImage`, `tag` specifies the version of `singlestore/node` that will be deployed in your cluster. This value aligns with the version number of the SingleStore database engine that is running in the container. For example, `alma-9.1` contains version 9.1 of SingleStore. You can use different versions of the engine by going to the [Docker Hub page](https://hub.docker.com/r/singlestore/node/tags) for `singlestore/node` and selecting a different tag, with the exception of the `latest` tag. Because of recent updates to the `singlestore/node` container, you should select a tag that is `6.8.9-24b9cbd386` or later. Also, running different versions of the SingleStore engine in one cluster is **not** supported, so you must ensure that each node in your Kubernetes cluster has the same `tag` value. * By default, the `redundancyLevel` is set to `2` to enable high availability (HA), which is **highly** **recommended** for production deployments. To disable high availability, set this value to `1`. Refer to [Managing High Availability](https://docs.singlestore.com/db/v9.1/user-and-cluster-administration/high-availability-and-disaster-recovery/managing-high-availability.md) for more information. * The `serviceSpec` section is optional and allows you to customize the Kubernetes Service that fronts the cluster. ```yaml serviceSpec: objectMetaOverrides: labels: custom: label annotations: custom: annotations ``` * The `objectMetaOverrides` sections are optional. By including these sections, you can override the metadata annotations and labels at either the node or service layer (`objectMetaOverrides`). * Change `count` to alter the number of Master Aggregators, child aggregators, or leaf nodes in your cluster. * The following values govern the number of license units used by the cluster. Refer to [General](https://docs.singlestore.com/db/v9.1/introduction/faqs/general.md) for more information. * The `cores` value * The `coresLimit` value * The `memoryMB` value * The `memoryLimitMB` value * The `storageGB` value corresponds to the amount of storage each aggregator or leaf should request for their persistent data volume. * The `storageGB` value corresponds to the amount of storage each aggregator or leaf should request for their persistent data volume. * The `storageClass` value specifies which storage class to use for the `PersistentVolume` in the Kubernetes cluster. > **📝 Note**: Ensure that the `StorageClass` exists and is properly configured before deploying your cluster. Refer to [storage configuration prerequisites](https://docs.singlestore.com/db/v9.1/reference/singlestore-operator-reference/storage-configuration/#section-id235569710057423.md) for verification steps and requirements. For production deployments requiring fault tolerance, ensure the `StorageClass` has `allowVolumeExpansion: true` to enable future storage scaling. For detailed information on high availability configurations, refer to [Fault-Tolerant Storage Configuration](https://docs.singlestore.com/db/v9.1/reference/singlestore-operator-reference/storage-configuration/#section-id235569722939843.md). For local development and testing, consider using the [SingleStore Dev Image](https://docs.singlestore.com/db/v9.1/deploy/singlestore-dev-image.md) instead of the Kubernetes Operator. * The `enableLivenessProbeOnNodes` field is optional and is disabled by default. When set to `true`, the Operator creates liveness probes on all pods in the cluster. If a pod fails the liveness probe, the container is restarted. This is disabled by default because thread, CPU, or PID exhaustion from database workload can lead to unnecessary restarts. Enable this option only in environments where automatic pod restarts on health check failures are required. * You can declare an `envVariables` section. This is an optional section that allows environment variables to be specified. The currently supported environment variables include: * `MALLOC_ARENA_MAX` ```yaml envVariables: MALLOC_ARENA_MAX: 4 ``` Once you have finished creating your definition files, you can deploy your cluster. ## Additional Configuration Options To learn more about additional configuration options while remaining on this page, open the following link in a new tab: [SingleStore Operator Reference](https://docs.singlestore.com/db/v9.1/reference/singlestore-operator-reference.md). ## User Permissions The `userSpec` section is an optional section in the `sdb-cluster.yaml` file that can be used to control `rootServiceUser` permissions in the database. Note that modifying `rootServiceUser` permissions is only supported in SingleStore v7.1.2 and later. To control these permissions, add the following section to the `sdb-cluster.yaml` file as shown below. ```yaml usersSpec: rootServiceUser: true // RequireSSL is a flag that toggles `REQUIRE SSL` // for the `admin` user // For accounts that have REQUIRE SSL, the connection // attempt fails if a secure connection cannot be established. adminRequireSsl: true # true to enable, false to disable ``` This grants `SERVICE_USER` to the SingleStore root user when `rootServiceUser` is `true` and, when root has this permission, revokes `SERVICE_USER` when `false` or left unspecified. * *Admin User Permissions* The `admin` user has the following database permissions:- `USAGE` - `SELECT` - `INSERT` - `UPDATE` - `DELETE` - `CREATE` - `DROP` - `PROCESS` - `INDEX` - `ALTER` - `SHOW METADATA` - `CREATE TEMPORARY TABLES` - `LOCK TABLES` - `CREATE VIEW` - `ALTER VIEW` - `DROP VIEW` - `SHOW VIEW` - `DROP DATABASE` - `CREATE DATABASE` - `CREATE ROUTINE` - `ALTER ROUTINE` - `EXECUTE` - `CREATE PIPELINE` - `DROP PIPELINE` - `START PIPELINE` - `ALTER PIPELINE` - `SHOW PIPELINE` *** Modified at: May 11, 2026 Source: [/db/v9.1/deploy/kubernetes/create-the-object-definition-files/sdb-cluster-yaml/](https://docs.singlestore.com/db/v9.1/deploy/kubernetes/create-the-object-definition-files/sdb-cluster-yaml/) (An index of the documentation is available at /llms.txt)