1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 annotations:
6 controller-gen.kubebuilder.io/version: (unknown)
7 name: persistence.edge.ncr.com
8spec:
9 group: edge.ncr.com
10 names:
11 kind: Persistence
12 listKind: PersistenceList
13 plural: persistence
14 singular: persistence
15 scope: Namespaced
16 versions:
17 - name: v1alpha1
18 schema:
19 openAPIV3Schema:
20 description: Persistence is the Schema for the Persistence API
21 properties:
22 apiVersion:
23 description: |-
24 APIVersion defines the versioned schema of this representation of an object.
25 Servers should convert recognized schemas to the latest internal value, and
26 may reject unrecognized values.
27 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
28 type: string
29 kind:
30 description: |-
31 Kind is a string value representing the REST resource this object represents.
32 Servers may infer this from the endpoint the client submits requests to.
33 Cannot be updated.
34 In CamelCase.
35 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
36 type: string
37 metadata:
38 type: object
39 spec:
40 description: PersistencSpec defines the desired state of Persistence
41 properties:
42 nameSubstitution:
43 type: string
44 nodeSelectorTerms:
45 items:
46 description: |-
47 A null or empty node selector term matches no objects. The requirements of
48 them are ANDed.
49 The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
50 properties:
51 matchExpressions:
52 description: A list of node selector requirements by node's
53 labels.
54 items:
55 description: |-
56 A node selector requirement is a selector that contains values, a key, and an operator
57 that relates the key and values.
58 properties:
59 key:
60 description: The label key that the selector applies to.
61 type: string
62 operator:
63 description: |-
64 Represents a key's relationship to a set of values.
65 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
66 type: string
67 values:
68 description: |-
69 An array of string values. If the operator is In or NotIn,
70 the values array must be non-empty. If the operator is Exists or DoesNotExist,
71 the values array must be empty. If the operator is Gt or Lt, the values
72 array must have a single element, which will be interpreted as an integer.
73 This array is replaced during a strategic merge patch.
74 items:
75 type: string
76 type: array
77 x-kubernetes-list-type: atomic
78 required:
79 - key
80 - operator
81 type: object
82 type: array
83 x-kubernetes-list-type: atomic
84 matchFields:
85 description: A list of node selector requirements by node's
86 fields.
87 items:
88 description: |-
89 A node selector requirement is a selector that contains values, a key, and an operator
90 that relates the key and values.
91 properties:
92 key:
93 description: The label key that the selector applies to.
94 type: string
95 operator:
96 description: |-
97 Represents a key's relationship to a set of values.
98 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
99 type: string
100 values:
101 description: |-
102 An array of string values. If the operator is In or NotIn,
103 the values array must be non-empty. If the operator is Exists or DoesNotExist,
104 the values array must be empty. If the operator is Gt or Lt, the values
105 array must have a single element, which will be interpreted as an integer.
106 This array is replaced during a strategic merge patch.
107 items:
108 type: string
109 type: array
110 x-kubernetes-list-type: atomic
111 required:
112 - key
113 - operator
114 type: object
115 type: array
116 x-kubernetes-list-type: atomic
117 type: object
118 x-kubernetes-map-type: atomic
119 type: array
120 statefulSet:
121 description: |-
122 StatefulSet represents a set of pods with consistent identities.
123 Identities are defined as:
124 - Network: A single stable DNS and hostname.
125 - Storage: As many VolumeClaims as requested.
126
127
128 The StatefulSet guarantees that a given network identity will always
129 map to the same storage identity.
130 properties:
131 apiVersion:
132 description: |-
133 APIVersion defines the versioned schema of this representation of an object.
134 Servers should convert recognized schemas to the latest internal value, and
135 may reject unrecognized values.
136 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
137 type: string
138 kind:
139 description: |-
140 Kind is a string value representing the REST resource this object represents.
141 Servers may infer this from the endpoint the client submits requests to.
142 Cannot be updated.
143 In CamelCase.
144 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
145 type: string
146 metadata:
147 description: |-
148 Standard object's metadata.
149 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
150 properties:
151 annotations:
152 additionalProperties:
153 type: string
154 type: object
155 finalizers:
156 items:
157 type: string
158 type: array
159 labels:
160 additionalProperties:
161 type: string
162 type: object
163 name:
164 type: string
165 namespace:
166 type: string
167 type: object
168 spec:
169 description: Spec defines the desired identities of pods in this
170 set.
171 properties:
172 minReadySeconds:
173 description: |-
174 Minimum number of seconds for which a newly created pod should be ready
175 without any of its container crashing for it to be considered available.
176 Defaults to 0 (pod will be considered available as soon as it is ready)
177 format: int32
178 type: integer
179 ordinals:
180 description: |-
181 ordinals controls the numbering of replica indices in a StatefulSet. The
182 default ordinals behavior assigns a "0" index to the first replica and
183 increments the index by one for each additional replica requested. Using
184 the ordinals field requires the StatefulSetStartOrdinal feature gate to be
185 enabled, which is beta.
186 properties:
187 start:
188 description: |-
189 start is the number representing the first replica's index. It may be used
190 to number replicas from an alternate index (eg: 1-indexed) over the default
191 0-indexed names, or to orchestrate progressive movement of replicas from
192 one StatefulSet to another.
193 If set, replica indices will be in the range:
194 [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas).
195 If unset, defaults to 0. Replica indices will be in the range:
196 [0, .spec.replicas).
197 format: int32
198 type: integer
199 type: object
200 persistentVolumeClaimRetentionPolicy:
201 description: |-
202 persistentVolumeClaimRetentionPolicy describes the lifecycle of persistent
203 volume claims created from volumeClaimTemplates. By default, all persistent
204 volume claims are created as needed and retained until manually deleted. This
205 policy allows the lifecycle to be altered, for example by deleting persistent
206 volume claims when their stateful set is deleted, or when their pod is scaled
207 down. This requires the StatefulSetAutoDeletePVC feature gate to be enabled,
208 which is alpha. +optional
209 properties:
210 whenDeleted:
211 description: |-
212 WhenDeleted specifies what happens to PVCs created from StatefulSet
213 VolumeClaimTemplates when the StatefulSet is deleted. The default policy
214 of `Retain` causes PVCs to not be affected by StatefulSet deletion. The
215 `Delete` policy causes those PVCs to be deleted.
216 type: string
217 whenScaled:
218 description: |-
219 WhenScaled specifies what happens to PVCs created from StatefulSet
220 VolumeClaimTemplates when the StatefulSet is scaled down. The default
221 policy of `Retain` causes PVCs to not be affected by a scaledown. The
222 `Delete` policy causes the associated PVCs for any excess pods above
223 the replica count to be deleted.
224 type: string
225 type: object
226 podManagementPolicy:
227 description: |-
228 podManagementPolicy controls how pods are created during initial scale up,
229 when replacing pods on nodes, or when scaling down. The default policy is
230 `OrderedReady`, where pods are created in increasing order (pod-0, then
231 pod-1, etc) and the controller will wait until each pod is ready before
232 continuing. When scaling down, the pods are removed in the opposite order.
233 The alternative policy is `Parallel` which will create pods in parallel
234 to match the desired scale without waiting, and on scale down will delete
235 all pods at once.
236 type: string
237 replicas:
238 description: |-
239 replicas is the desired number of replicas of the given Template.
240 These are replicas in the sense that they are instantiations of the
241 same Template, but individual replicas also have a consistent identity.
242 If unspecified, defaults to 1.
243 TODO: Consider a rename of this field.
244 format: int32
245 type: integer
246 revisionHistoryLimit:
247 description: |-
248 revisionHistoryLimit is the maximum number of revisions that will
249 be maintained in the StatefulSet's revision history. The revision history
250 consists of all revisions not represented by a currently applied
251 StatefulSetSpec version. The default value is 10.
252 format: int32
253 type: integer
254 selector:
255 description: |-
256 selector is a label query over pods that should match the replica count.
257 It must match the pod template's labels.
258 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
259 properties:
260 matchExpressions:
261 description: matchExpressions is a list of label selector
262 requirements. The requirements are ANDed.
263 items:
264 description: |-
265 A label selector requirement is a selector that contains values, a key, and an operator that
266 relates the key and values.
267 properties:
268 key:
269 description: key is the label key that the selector
270 applies to.
271 type: string
272 operator:
273 description: |-
274 operator represents a key's relationship to a set of values.
275 Valid operators are In, NotIn, Exists and DoesNotExist.
276 type: string
277 values:
278 description: |-
279 values is an array of string values. If the operator is In or NotIn,
280 the values array must be non-empty. If the operator is Exists or DoesNotExist,
281 the values array must be empty. This array is replaced during a strategic
282 merge patch.
283 items:
284 type: string
285 type: array
286 x-kubernetes-list-type: atomic
287 required:
288 - key
289 - operator
290 type: object
291 type: array
292 x-kubernetes-list-type: atomic
293 matchLabels:
294 additionalProperties:
295 type: string
296 description: |-
297 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
298 map is equivalent to an element of matchExpressions, whose key field is "key", the
299 operator is "In", and the values array contains only "value". The requirements are ANDed.
300 type: object
301 type: object
302 x-kubernetes-map-type: atomic
303 serviceName:
304 description: |-
305 serviceName is the name of the service that governs this StatefulSet.
306 This service must exist before the StatefulSet, and is responsible for
307 the network identity of the set. Pods get DNS/hostnames that follow the
308 pattern: pod-specific-string.serviceName.default.svc.cluster.local
309 where "pod-specific-string" is managed by the StatefulSet controller.
310 type: string
311 template:
312 description: |-
313 template is the object that describes the pod that will be created if
314 insufficient replicas are detected. Each pod stamped out by the StatefulSet
315 will fulfill this Template, but have a unique identity from the rest
316 of the StatefulSet. Each pod will be named with the format
317 <statefulsetname>-<podindex>. For example, a pod in a StatefulSet named
318 "web" with index number "3" would be named "web-3".
319 The only allowed template.spec.restartPolicy value is "Always".
320 properties:
321 metadata:
322 description: |-
323 Standard object's metadata.
324 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
325 properties:
326 annotations:
327 additionalProperties:
328 type: string
329 type: object
330 finalizers:
331 items:
332 type: string
333 type: array
334 labels:
335 additionalProperties:
336 type: string
337 type: object
338 name:
339 type: string
340 namespace:
341 type: string
342 type: object
343 spec:
344 description: |-
345 Specification of the desired behavior of the pod.
346 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
347 properties:
348 activeDeadlineSeconds:
349 description: |-
350 Optional duration in seconds the pod may be active on the node relative to
351 StartTime before the system will actively try to mark it failed and kill associated containers.
352 Value must be a positive integer.
353 format: int64
354 type: integer
355 affinity:
356 description: If specified, the pod's scheduling constraints
357 properties:
358 nodeAffinity:
359 description: Describes node affinity scheduling
360 rules for the pod.
361 properties:
362 preferredDuringSchedulingIgnoredDuringExecution:
363 description: |-
364 The scheduler will prefer to schedule pods to nodes that satisfy
365 the affinity expressions specified by this field, but it may choose
366 a node that violates one or more of the expressions. The node that is
367 most preferred is the one with the greatest sum of weights, i.e.
368 for each node that meets all of the scheduling requirements (resource
369 request, requiredDuringScheduling affinity expressions, etc.),
370 compute a sum by iterating through the elements of this field and adding
371 "weight" to the sum if the node matches the corresponding matchExpressions; the
372 node(s) with the highest sum are the most preferred.
373 items:
374 description: |-
375 An empty preferred scheduling term matches all objects with implicit weight 0
376 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
377 properties:
378 preference:
379 description: A node selector term, associated
380 with the corresponding weight.
381 properties:
382 matchExpressions:
383 description: A list of node selector
384 requirements by node's labels.
385 items:
386 description: |-
387 A node selector requirement is a selector that contains values, a key, and an operator
388 that relates the key and values.
389 properties:
390 key:
391 description: The label key
392 that the selector applies
393 to.
394 type: string
395 operator:
396 description: |-
397 Represents a key's relationship to a set of values.
398 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
399 type: string
400 values:
401 description: |-
402 An array of string values. If the operator is In or NotIn,
403 the values array must be non-empty. If the operator is Exists or DoesNotExist,
404 the values array must be empty. If the operator is Gt or Lt, the values
405 array must have a single element, which will be interpreted as an integer.
406 This array is replaced during a strategic merge patch.
407 items:
408 type: string
409 type: array
410 x-kubernetes-list-type: atomic
411 required:
412 - key
413 - operator
414 type: object
415 type: array
416 x-kubernetes-list-type: atomic
417 matchFields:
418 description: A list of node selector
419 requirements by node's fields.
420 items:
421 description: |-
422 A node selector requirement is a selector that contains values, a key, and an operator
423 that relates the key and values.
424 properties:
425 key:
426 description: The label key
427 that the selector applies
428 to.
429 type: string
430 operator:
431 description: |-
432 Represents a key's relationship to a set of values.
433 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
434 type: string
435 values:
436 description: |-
437 An array of string values. If the operator is In or NotIn,
438 the values array must be non-empty. If the operator is Exists or DoesNotExist,
439 the values array must be empty. If the operator is Gt or Lt, the values
440 array must have a single element, which will be interpreted as an integer.
441 This array is replaced during a strategic merge patch.
442 items:
443 type: string
444 type: array
445 x-kubernetes-list-type: atomic
446 required:
447 - key
448 - operator
449 type: object
450 type: array
451 x-kubernetes-list-type: atomic
452 type: object
453 x-kubernetes-map-type: atomic
454 weight:
455 description: Weight associated with
456 matching the corresponding nodeSelectorTerm,
457 in the range 1-100.
458 format: int32
459 type: integer
460 required:
461 - preference
462 - weight
463 type: object
464 type: array
465 x-kubernetes-list-type: atomic
466 requiredDuringSchedulingIgnoredDuringExecution:
467 description: |-
468 If the affinity requirements specified by this field are not met at
469 scheduling time, the pod will not be scheduled onto the node.
470 If the affinity requirements specified by this field cease to be met
471 at some point during pod execution (e.g. due to an update), the system
472 may or may not try to eventually evict the pod from its node.
473 properties:
474 nodeSelectorTerms:
475 description: Required. A list of node
476 selector terms. The terms are ORed.
477 items:
478 description: |-
479 A null or empty node selector term matches no objects. The requirements of
480 them are ANDed.
481 The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
482 properties:
483 matchExpressions:
484 description: A list of node selector
485 requirements by node's labels.
486 items:
487 description: |-
488 A node selector requirement is a selector that contains values, a key, and an operator
489 that relates the key and values.
490 properties:
491 key:
492 description: The label key
493 that the selector applies
494 to.
495 type: string
496 operator:
497 description: |-
498 Represents a key's relationship to a set of values.
499 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
500 type: string
501 values:
502 description: |-
503 An array of string values. If the operator is In or NotIn,
504 the values array must be non-empty. If the operator is Exists or DoesNotExist,
505 the values array must be empty. If the operator is Gt or Lt, the values
506 array must have a single element, which will be interpreted as an integer.
507 This array is replaced during a strategic merge patch.
508 items:
509 type: string
510 type: array
511 x-kubernetes-list-type: atomic
512 required:
513 - key
514 - operator
515 type: object
516 type: array
517 x-kubernetes-list-type: atomic
518 matchFields:
519 description: A list of node selector
520 requirements by node's fields.
521 items:
522 description: |-
523 A node selector requirement is a selector that contains values, a key, and an operator
524 that relates the key and values.
525 properties:
526 key:
527 description: The label key
528 that the selector applies
529 to.
530 type: string
531 operator:
532 description: |-
533 Represents a key's relationship to a set of values.
534 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
535 type: string
536 values:
537 description: |-
538 An array of string values. If the operator is In or NotIn,
539 the values array must be non-empty. If the operator is Exists or DoesNotExist,
540 the values array must be empty. If the operator is Gt or Lt, the values
541 array must have a single element, which will be interpreted as an integer.
542 This array is replaced during a strategic merge patch.
543 items:
544 type: string
545 type: array
546 x-kubernetes-list-type: atomic
547 required:
548 - key
549 - operator
550 type: object
551 type: array
552 x-kubernetes-list-type: atomic
553 type: object
554 x-kubernetes-map-type: atomic
555 type: array
556 x-kubernetes-list-type: atomic
557 required:
558 - nodeSelectorTerms
559 type: object
560 x-kubernetes-map-type: atomic
561 type: object
562 podAffinity:
563 description: Describes pod affinity scheduling
564 rules (e.g. co-locate this pod in the same node,
565 zone, etc. as some other pod(s)).
566 properties:
567 preferredDuringSchedulingIgnoredDuringExecution:
568 description: |-
569 The scheduler will prefer to schedule pods to nodes that satisfy
570 the affinity expressions specified by this field, but it may choose
571 a node that violates one or more of the expressions. The node that is
572 most preferred is the one with the greatest sum of weights, i.e.
573 for each node that meets all of the scheduling requirements (resource
574 request, requiredDuringScheduling affinity expressions, etc.),
575 compute a sum by iterating through the elements of this field and adding
576 "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
577 node(s) with the highest sum are the most preferred.
578 items:
579 description: The weights of all of the matched
580 WeightedPodAffinityTerm fields are added
581 per-node to find the most preferred node(s)
582 properties:
583 podAffinityTerm:
584 description: Required. A pod affinity
585 term, associated with the corresponding
586 weight.
587 properties:
588 labelSelector:
589 description: |-
590 A label query over a set of resources, in this case pods.
591 If it's null, this PodAffinityTerm matches with no Pods.
592 properties:
593 matchExpressions:
594 description: matchExpressions
595 is a list of label selector
596 requirements. The requirements
597 are ANDed.
598 items:
599 description: |-
600 A label selector requirement is a selector that contains values, a key, and an operator that
601 relates the key and values.
602 properties:
603 key:
604 description: key is the
605 label key that the selector
606 applies to.
607 type: string
608 operator:
609 description: |-
610 operator represents a key's relationship to a set of values.
611 Valid operators are In, NotIn, Exists and DoesNotExist.
612 type: string
613 values:
614 description: |-
615 values is an array of string values. If the operator is In or NotIn,
616 the values array must be non-empty. If the operator is Exists or DoesNotExist,
617 the values array must be empty. This array is replaced during a strategic
618 merge patch.
619 items:
620 type: string
621 type: array
622 x-kubernetes-list-type: atomic
623 required:
624 - key
625 - operator
626 type: object
627 type: array
628 x-kubernetes-list-type: atomic
629 matchLabels:
630 additionalProperties:
631 type: string
632 description: |-
633 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
634 map is equivalent to an element of matchExpressions, whose key field is "key", the
635 operator is "In", and the values array contains only "value". The requirements are ANDed.
636 type: object
637 type: object
638 x-kubernetes-map-type: atomic
639 matchLabelKeys:
640 description: |-
641 MatchLabelKeys is a set of pod label keys to select which pods will
642 be taken into consideration. The keys are used to lookup values from the
643 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
644 to select the group of existing pods which pods will be taken into consideration
645 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
646 pod labels will be ignored. The default value is empty.
647 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
648 Also, matchLabelKeys cannot be set when labelSelector isn't set.
649 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
650 items:
651 type: string
652 type: array
653 x-kubernetes-list-type: atomic
654 mismatchLabelKeys:
655 description: |-
656 MismatchLabelKeys is a set of pod label keys to select which pods will
657 be taken into consideration. The keys are used to lookup values from the
658 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
659 to select the group of existing pods which pods will be taken into consideration
660 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
661 pod labels will be ignored. The default value is empty.
662 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
663 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
664 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
665 items:
666 type: string
667 type: array
668 x-kubernetes-list-type: atomic
669 namespaceSelector:
670 description: |-
671 A label query over the set of namespaces that the term applies to.
672 The term is applied to the union of the namespaces selected by this field
673 and the ones listed in the namespaces field.
674 null selector and null or empty namespaces list means "this pod's namespace".
675 An empty selector ({}) matches all namespaces.
676 properties:
677 matchExpressions:
678 description: matchExpressions
679 is a list of label selector
680 requirements. The requirements
681 are ANDed.
682 items:
683 description: |-
684 A label selector requirement is a selector that contains values, a key, and an operator that
685 relates the key and values.
686 properties:
687 key:
688 description: key is the
689 label key that the selector
690 applies to.
691 type: string
692 operator:
693 description: |-
694 operator represents a key's relationship to a set of values.
695 Valid operators are In, NotIn, Exists and DoesNotExist.
696 type: string
697 values:
698 description: |-
699 values is an array of string values. If the operator is In or NotIn,
700 the values array must be non-empty. If the operator is Exists or DoesNotExist,
701 the values array must be empty. This array is replaced during a strategic
702 merge patch.
703 items:
704 type: string
705 type: array
706 x-kubernetes-list-type: atomic
707 required:
708 - key
709 - operator
710 type: object
711 type: array
712 x-kubernetes-list-type: atomic
713 matchLabels:
714 additionalProperties:
715 type: string
716 description: |-
717 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
718 map is equivalent to an element of matchExpressions, whose key field is "key", the
719 operator is "In", and the values array contains only "value". The requirements are ANDed.
720 type: object
721 type: object
722 x-kubernetes-map-type: atomic
723 namespaces:
724 description: |-
725 namespaces specifies a static list of namespace names that the term applies to.
726 The term is applied to the union of the namespaces listed in this field
727 and the ones selected by namespaceSelector.
728 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
729 items:
730 type: string
731 type: array
732 x-kubernetes-list-type: atomic
733 topologyKey:
734 description: |-
735 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
736 the labelSelector in the specified namespaces, where co-located is defined as running on a node
737 whose value of the label with key topologyKey matches that of any node on which any of the
738 selected pods is running.
739 Empty topologyKey is not allowed.
740 type: string
741 required:
742 - topologyKey
743 type: object
744 weight:
745 description: |-
746 weight associated with matching the corresponding podAffinityTerm,
747 in the range 1-100.
748 format: int32
749 type: integer
750 required:
751 - podAffinityTerm
752 - weight
753 type: object
754 type: array
755 x-kubernetes-list-type: atomic
756 requiredDuringSchedulingIgnoredDuringExecution:
757 description: |-
758 If the affinity requirements specified by this field are not met at
759 scheduling time, the pod will not be scheduled onto the node.
760 If the affinity requirements specified by this field cease to be met
761 at some point during pod execution (e.g. due to a pod label update), the
762 system may or may not try to eventually evict the pod from its node.
763 When there are multiple elements, the lists of nodes corresponding to each
764 podAffinityTerm are intersected, i.e. all terms must be satisfied.
765 items:
766 description: |-
767 Defines a set of pods (namely those matching the labelSelector
768 relative to the given namespace(s)) that this pod should be
769 co-located (affinity) or not co-located (anti-affinity) with,
770 where co-located is defined as running on a node whose value of
771 the label with key <topologyKey> matches that of any node on which
772 a pod of the set of pods is running
773 properties:
774 labelSelector:
775 description: |-
776 A label query over a set of resources, in this case pods.
777 If it's null, this PodAffinityTerm matches with no Pods.
778 properties:
779 matchExpressions:
780 description: matchExpressions is
781 a list of label selector requirements.
782 The requirements are ANDed.
783 items:
784 description: |-
785 A label selector requirement is a selector that contains values, a key, and an operator that
786 relates the key and values.
787 properties:
788 key:
789 description: key is the label
790 key that the selector applies
791 to.
792 type: string
793 operator:
794 description: |-
795 operator represents a key's relationship to a set of values.
796 Valid operators are In, NotIn, Exists and DoesNotExist.
797 type: string
798 values:
799 description: |-
800 values is an array of string values. If the operator is In or NotIn,
801 the values array must be non-empty. If the operator is Exists or DoesNotExist,
802 the values array must be empty. This array is replaced during a strategic
803 merge patch.
804 items:
805 type: string
806 type: array
807 x-kubernetes-list-type: atomic
808 required:
809 - key
810 - operator
811 type: object
812 type: array
813 x-kubernetes-list-type: atomic
814 matchLabels:
815 additionalProperties:
816 type: string
817 description: |-
818 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
819 map is equivalent to an element of matchExpressions, whose key field is "key", the
820 operator is "In", and the values array contains only "value". The requirements are ANDed.
821 type: object
822 type: object
823 x-kubernetes-map-type: atomic
824 matchLabelKeys:
825 description: |-
826 MatchLabelKeys is a set of pod label keys to select which pods will
827 be taken into consideration. The keys are used to lookup values from the
828 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
829 to select the group of existing pods which pods will be taken into consideration
830 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
831 pod labels will be ignored. The default value is empty.
832 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
833 Also, matchLabelKeys cannot be set when labelSelector isn't set.
834 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
835 items:
836 type: string
837 type: array
838 x-kubernetes-list-type: atomic
839 mismatchLabelKeys:
840 description: |-
841 MismatchLabelKeys is a set of pod label keys to select which pods will
842 be taken into consideration. The keys are used to lookup values from the
843 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
844 to select the group of existing pods which pods will be taken into consideration
845 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
846 pod labels will be ignored. The default value is empty.
847 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
848 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
849 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
850 items:
851 type: string
852 type: array
853 x-kubernetes-list-type: atomic
854 namespaceSelector:
855 description: |-
856 A label query over the set of namespaces that the term applies to.
857 The term is applied to the union of the namespaces selected by this field
858 and the ones listed in the namespaces field.
859 null selector and null or empty namespaces list means "this pod's namespace".
860 An empty selector ({}) matches all namespaces.
861 properties:
862 matchExpressions:
863 description: matchExpressions is
864 a list of label selector requirements.
865 The requirements are ANDed.
866 items:
867 description: |-
868 A label selector requirement is a selector that contains values, a key, and an operator that
869 relates the key and values.
870 properties:
871 key:
872 description: key is the label
873 key that the selector applies
874 to.
875 type: string
876 operator:
877 description: |-
878 operator represents a key's relationship to a set of values.
879 Valid operators are In, NotIn, Exists and DoesNotExist.
880 type: string
881 values:
882 description: |-
883 values is an array of string values. If the operator is In or NotIn,
884 the values array must be non-empty. If the operator is Exists or DoesNotExist,
885 the values array must be empty. This array is replaced during a strategic
886 merge patch.
887 items:
888 type: string
889 type: array
890 x-kubernetes-list-type: atomic
891 required:
892 - key
893 - operator
894 type: object
895 type: array
896 x-kubernetes-list-type: atomic
897 matchLabels:
898 additionalProperties:
899 type: string
900 description: |-
901 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
902 map is equivalent to an element of matchExpressions, whose key field is "key", the
903 operator is "In", and the values array contains only "value". The requirements are ANDed.
904 type: object
905 type: object
906 x-kubernetes-map-type: atomic
907 namespaces:
908 description: |-
909 namespaces specifies a static list of namespace names that the term applies to.
910 The term is applied to the union of the namespaces listed in this field
911 and the ones selected by namespaceSelector.
912 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
913 items:
914 type: string
915 type: array
916 x-kubernetes-list-type: atomic
917 topologyKey:
918 description: |-
919 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
920 the labelSelector in the specified namespaces, where co-located is defined as running on a node
921 whose value of the label with key topologyKey matches that of any node on which any of the
922 selected pods is running.
923 Empty topologyKey is not allowed.
924 type: string
925 required:
926 - topologyKey
927 type: object
928 type: array
929 x-kubernetes-list-type: atomic
930 type: object
931 podAntiAffinity:
932 description: Describes pod anti-affinity scheduling
933 rules (e.g. avoid putting this pod in the same
934 node, zone, etc. as some other pod(s)).
935 properties:
936 preferredDuringSchedulingIgnoredDuringExecution:
937 description: |-
938 The scheduler will prefer to schedule pods to nodes that satisfy
939 the anti-affinity expressions specified by this field, but it may choose
940 a node that violates one or more of the expressions. The node that is
941 most preferred is the one with the greatest sum of weights, i.e.
942 for each node that meets all of the scheduling requirements (resource
943 request, requiredDuringScheduling anti-affinity expressions, etc.),
944 compute a sum by iterating through the elements of this field and adding
945 "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
946 node(s) with the highest sum are the most preferred.
947 items:
948 description: The weights of all of the matched
949 WeightedPodAffinityTerm fields are added
950 per-node to find the most preferred node(s)
951 properties:
952 podAffinityTerm:
953 description: Required. A pod affinity
954 term, associated with the corresponding
955 weight.
956 properties:
957 labelSelector:
958 description: |-
959 A label query over a set of resources, in this case pods.
960 If it's null, this PodAffinityTerm matches with no Pods.
961 properties:
962 matchExpressions:
963 description: matchExpressions
964 is a list of label selector
965 requirements. The requirements
966 are ANDed.
967 items:
968 description: |-
969 A label selector requirement is a selector that contains values, a key, and an operator that
970 relates the key and values.
971 properties:
972 key:
973 description: key is the
974 label key that the selector
975 applies to.
976 type: string
977 operator:
978 description: |-
979 operator represents a key's relationship to a set of values.
980 Valid operators are In, NotIn, Exists and DoesNotExist.
981 type: string
982 values:
983 description: |-
984 values is an array of string values. If the operator is In or NotIn,
985 the values array must be non-empty. If the operator is Exists or DoesNotExist,
986 the values array must be empty. This array is replaced during a strategic
987 merge patch.
988 items:
989 type: string
990 type: array
991 x-kubernetes-list-type: atomic
992 required:
993 - key
994 - operator
995 type: object
996 type: array
997 x-kubernetes-list-type: atomic
998 matchLabels:
999 additionalProperties:
1000 type: string
1001 description: |-
1002 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
1003 map is equivalent to an element of matchExpressions, whose key field is "key", the
1004 operator is "In", and the values array contains only "value". The requirements are ANDed.
1005 type: object
1006 type: object
1007 x-kubernetes-map-type: atomic
1008 matchLabelKeys:
1009 description: |-
1010 MatchLabelKeys is a set of pod label keys to select which pods will
1011 be taken into consideration. The keys are used to lookup values from the
1012 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
1013 to select the group of existing pods which pods will be taken into consideration
1014 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
1015 pod labels will be ignored. The default value is empty.
1016 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
1017 Also, matchLabelKeys cannot be set when labelSelector isn't set.
1018 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
1019 items:
1020 type: string
1021 type: array
1022 x-kubernetes-list-type: atomic
1023 mismatchLabelKeys:
1024 description: |-
1025 MismatchLabelKeys is a set of pod label keys to select which pods will
1026 be taken into consideration. The keys are used to lookup values from the
1027 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
1028 to select the group of existing pods which pods will be taken into consideration
1029 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
1030 pod labels will be ignored. The default value is empty.
1031 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
1032 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
1033 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
1034 items:
1035 type: string
1036 type: array
1037 x-kubernetes-list-type: atomic
1038 namespaceSelector:
1039 description: |-
1040 A label query over the set of namespaces that the term applies to.
1041 The term is applied to the union of the namespaces selected by this field
1042 and the ones listed in the namespaces field.
1043 null selector and null or empty namespaces list means "this pod's namespace".
1044 An empty selector ({}) matches all namespaces.
1045 properties:
1046 matchExpressions:
1047 description: matchExpressions
1048 is a list of label selector
1049 requirements. The requirements
1050 are ANDed.
1051 items:
1052 description: |-
1053 A label selector requirement is a selector that contains values, a key, and an operator that
1054 relates the key and values.
1055 properties:
1056 key:
1057 description: key is the
1058 label key that the selector
1059 applies to.
1060 type: string
1061 operator:
1062 description: |-
1063 operator represents a key's relationship to a set of values.
1064 Valid operators are In, NotIn, Exists and DoesNotExist.
1065 type: string
1066 values:
1067 description: |-
1068 values is an array of string values. If the operator is In or NotIn,
1069 the values array must be non-empty. If the operator is Exists or DoesNotExist,
1070 the values array must be empty. This array is replaced during a strategic
1071 merge patch.
1072 items:
1073 type: string
1074 type: array
1075 x-kubernetes-list-type: atomic
1076 required:
1077 - key
1078 - operator
1079 type: object
1080 type: array
1081 x-kubernetes-list-type: atomic
1082 matchLabels:
1083 additionalProperties:
1084 type: string
1085 description: |-
1086 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
1087 map is equivalent to an element of matchExpressions, whose key field is "key", the
1088 operator is "In", and the values array contains only "value". The requirements are ANDed.
1089 type: object
1090 type: object
1091 x-kubernetes-map-type: atomic
1092 namespaces:
1093 description: |-
1094 namespaces specifies a static list of namespace names that the term applies to.
1095 The term is applied to the union of the namespaces listed in this field
1096 and the ones selected by namespaceSelector.
1097 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
1098 items:
1099 type: string
1100 type: array
1101 x-kubernetes-list-type: atomic
1102 topologyKey:
1103 description: |-
1104 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
1105 the labelSelector in the specified namespaces, where co-located is defined as running on a node
1106 whose value of the label with key topologyKey matches that of any node on which any of the
1107 selected pods is running.
1108 Empty topologyKey is not allowed.
1109 type: string
1110 required:
1111 - topologyKey
1112 type: object
1113 weight:
1114 description: |-
1115 weight associated with matching the corresponding podAffinityTerm,
1116 in the range 1-100.
1117 format: int32
1118 type: integer
1119 required:
1120 - podAffinityTerm
1121 - weight
1122 type: object
1123 type: array
1124 x-kubernetes-list-type: atomic
1125 requiredDuringSchedulingIgnoredDuringExecution:
1126 description: |-
1127 If the anti-affinity requirements specified by this field are not met at
1128 scheduling time, the pod will not be scheduled onto the node.
1129 If the anti-affinity requirements specified by this field cease to be met
1130 at some point during pod execution (e.g. due to a pod label update), the
1131 system may or may not try to eventually evict the pod from its node.
1132 When there are multiple elements, the lists of nodes corresponding to each
1133 podAffinityTerm are intersected, i.e. all terms must be satisfied.
1134 items:
1135 description: |-
1136 Defines a set of pods (namely those matching the labelSelector
1137 relative to the given namespace(s)) that this pod should be
1138 co-located (affinity) or not co-located (anti-affinity) with,
1139 where co-located is defined as running on a node whose value of
1140 the label with key <topologyKey> matches that of any node on which
1141 a pod of the set of pods is running
1142 properties:
1143 labelSelector:
1144 description: |-
1145 A label query over a set of resources, in this case pods.
1146 If it's null, this PodAffinityTerm matches with no Pods.
1147 properties:
1148 matchExpressions:
1149 description: matchExpressions is
1150 a list of label selector requirements.
1151 The requirements are ANDed.
1152 items:
1153 description: |-
1154 A label selector requirement is a selector that contains values, a key, and an operator that
1155 relates the key and values.
1156 properties:
1157 key:
1158 description: key is the label
1159 key that the selector applies
1160 to.
1161 type: string
1162 operator:
1163 description: |-
1164 operator represents a key's relationship to a set of values.
1165 Valid operators are In, NotIn, Exists and DoesNotExist.
1166 type: string
1167 values:
1168 description: |-
1169 values is an array of string values. If the operator is In or NotIn,
1170 the values array must be non-empty. If the operator is Exists or DoesNotExist,
1171 the values array must be empty. This array is replaced during a strategic
1172 merge patch.
1173 items:
1174 type: string
1175 type: array
1176 x-kubernetes-list-type: atomic
1177 required:
1178 - key
1179 - operator
1180 type: object
1181 type: array
1182 x-kubernetes-list-type: atomic
1183 matchLabels:
1184 additionalProperties:
1185 type: string
1186 description: |-
1187 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
1188 map is equivalent to an element of matchExpressions, whose key field is "key", the
1189 operator is "In", and the values array contains only "value". The requirements are ANDed.
1190 type: object
1191 type: object
1192 x-kubernetes-map-type: atomic
1193 matchLabelKeys:
1194 description: |-
1195 MatchLabelKeys is a set of pod label keys to select which pods will
1196 be taken into consideration. The keys are used to lookup values from the
1197 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
1198 to select the group of existing pods which pods will be taken into consideration
1199 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
1200 pod labels will be ignored. The default value is empty.
1201 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
1202 Also, matchLabelKeys cannot be set when labelSelector isn't set.
1203 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
1204 items:
1205 type: string
1206 type: array
1207 x-kubernetes-list-type: atomic
1208 mismatchLabelKeys:
1209 description: |-
1210 MismatchLabelKeys is a set of pod label keys to select which pods will
1211 be taken into consideration. The keys are used to lookup values from the
1212 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
1213 to select the group of existing pods which pods will be taken into consideration
1214 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
1215 pod labels will be ignored. The default value is empty.
1216 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
1217 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
1218 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
1219 items:
1220 type: string
1221 type: array
1222 x-kubernetes-list-type: atomic
1223 namespaceSelector:
1224 description: |-
1225 A label query over the set of namespaces that the term applies to.
1226 The term is applied to the union of the namespaces selected by this field
1227 and the ones listed in the namespaces field.
1228 null selector and null or empty namespaces list means "this pod's namespace".
1229 An empty selector ({}) matches all namespaces.
1230 properties:
1231 matchExpressions:
1232 description: matchExpressions is
1233 a list of label selector requirements.
1234 The requirements are ANDed.
1235 items:
1236 description: |-
1237 A label selector requirement is a selector that contains values, a key, and an operator that
1238 relates the key and values.
1239 properties:
1240 key:
1241 description: key is the label
1242 key that the selector applies
1243 to.
1244 type: string
1245 operator:
1246 description: |-
1247 operator represents a key's relationship to a set of values.
1248 Valid operators are In, NotIn, Exists and DoesNotExist.
1249 type: string
1250 values:
1251 description: |-
1252 values is an array of string values. If the operator is In or NotIn,
1253 the values array must be non-empty. If the operator is Exists or DoesNotExist,
1254 the values array must be empty. This array is replaced during a strategic
1255 merge patch.
1256 items:
1257 type: string
1258 type: array
1259 x-kubernetes-list-type: atomic
1260 required:
1261 - key
1262 - operator
1263 type: object
1264 type: array
1265 x-kubernetes-list-type: atomic
1266 matchLabels:
1267 additionalProperties:
1268 type: string
1269 description: |-
1270 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
1271 map is equivalent to an element of matchExpressions, whose key field is "key", the
1272 operator is "In", and the values array contains only "value". The requirements are ANDed.
1273 type: object
1274 type: object
1275 x-kubernetes-map-type: atomic
1276 namespaces:
1277 description: |-
1278 namespaces specifies a static list of namespace names that the term applies to.
1279 The term is applied to the union of the namespaces listed in this field
1280 and the ones selected by namespaceSelector.
1281 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
1282 items:
1283 type: string
1284 type: array
1285 x-kubernetes-list-type: atomic
1286 topologyKey:
1287 description: |-
1288 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
1289 the labelSelector in the specified namespaces, where co-located is defined as running on a node
1290 whose value of the label with key topologyKey matches that of any node on which any of the
1291 selected pods is running.
1292 Empty topologyKey is not allowed.
1293 type: string
1294 required:
1295 - topologyKey
1296 type: object
1297 type: array
1298 x-kubernetes-list-type: atomic
1299 type: object
1300 type: object
1301 automountServiceAccountToken:
1302 description: AutomountServiceAccountToken indicates
1303 whether a service account token should be automatically
1304 mounted.
1305 type: boolean
1306 containers:
1307 description: |-
1308 List of containers belonging to the pod.
1309 Containers cannot currently be added or removed.
1310 There must be at least one container in a Pod.
1311 Cannot be updated.
1312 items:
1313 description: A single application container that
1314 you want to run within a pod.
1315 properties:
1316 args:
1317 description: |-
1318 Arguments to the entrypoint.
1319 The container image's CMD is used if this is not provided.
1320 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
1321 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
1322 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
1323 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
1324 of whether the variable exists or not. Cannot be updated.
1325 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
1326 items:
1327 type: string
1328 type: array
1329 x-kubernetes-list-type: atomic
1330 command:
1331 description: |-
1332 Entrypoint array. Not executed within a shell.
1333 The container image's ENTRYPOINT is used if this is not provided.
1334 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
1335 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
1336 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
1337 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
1338 of whether the variable exists or not. Cannot be updated.
1339 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
1340 items:
1341 type: string
1342 type: array
1343 x-kubernetes-list-type: atomic
1344 env:
1345 description: |-
1346 List of environment variables to set in the container.
1347 Cannot be updated.
1348 items:
1349 description: EnvVar represents an environment
1350 variable present in a Container.
1351 properties:
1352 name:
1353 description: Name of the environment variable.
1354 Must be a C_IDENTIFIER.
1355 type: string
1356 value:
1357 description: |-
1358 Variable references $(VAR_NAME) are expanded
1359 using the previously defined environment variables in the container and
1360 any service environment variables. If a variable cannot be resolved,
1361 the reference in the input string will be unchanged. Double $$ are reduced
1362 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
1363 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
1364 Escaped references will never be expanded, regardless of whether the variable
1365 exists or not.
1366 Defaults to "".
1367 type: string
1368 valueFrom:
1369 description: Source for the environment
1370 variable's value. Cannot be used if
1371 value is not empty.
1372 properties:
1373 configMapKeyRef:
1374 description: Selects a key of a ConfigMap.
1375 properties:
1376 key:
1377 description: The key to select.
1378 type: string
1379 name:
1380 default: ""
1381 description: |-
1382 Name of the referent.
1383 This field is effectively required, but due to backwards compatibility is
1384 allowed to be empty. Instances of this type with an empty value here are
1385 almost certainly wrong.
1386 TODO: Add other useful fields. apiVersion, kind, uid?
1387 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1388 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1389 type: string
1390 optional:
1391 description: Specify whether the
1392 ConfigMap or its key must be
1393 defined
1394 type: boolean
1395 required:
1396 - key
1397 type: object
1398 x-kubernetes-map-type: atomic
1399 fieldRef:
1400 description: |-
1401 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
1402 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
1403 properties:
1404 apiVersion:
1405 description: Version of the schema
1406 the FieldPath is written in
1407 terms of, defaults to "v1".
1408 type: string
1409 fieldPath:
1410 description: Path of the field
1411 to select in the specified API
1412 version.
1413 type: string
1414 required:
1415 - fieldPath
1416 type: object
1417 x-kubernetes-map-type: atomic
1418 resourceFieldRef:
1419 description: |-
1420 Selects a resource of the container: only resources limits and requests
1421 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
1422 properties:
1423 containerName:
1424 description: 'Container name:
1425 required for volumes, optional
1426 for env vars'
1427 type: string
1428 divisor:
1429 anyOf:
1430 - type: integer
1431 - type: string
1432 description: Specifies the output
1433 format of the exposed resources,
1434 defaults to "1"
1435 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1436 x-kubernetes-int-or-string: true
1437 resource:
1438 description: 'Required: resource
1439 to select'
1440 type: string
1441 required:
1442 - resource
1443 type: object
1444 x-kubernetes-map-type: atomic
1445 secretKeyRef:
1446 description: Selects a key of a secret
1447 in the pod's namespace
1448 properties:
1449 key:
1450 description: The key of the secret
1451 to select from. Must be a valid
1452 secret key.
1453 type: string
1454 name:
1455 default: ""
1456 description: |-
1457 Name of the referent.
1458 This field is effectively required, but due to backwards compatibility is
1459 allowed to be empty. Instances of this type with an empty value here are
1460 almost certainly wrong.
1461 TODO: Add other useful fields. apiVersion, kind, uid?
1462 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1463 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1464 type: string
1465 optional:
1466 description: Specify whether the
1467 Secret or its key must be defined
1468 type: boolean
1469 required:
1470 - key
1471 type: object
1472 x-kubernetes-map-type: atomic
1473 type: object
1474 required:
1475 - name
1476 type: object
1477 type: array
1478 x-kubernetes-list-map-keys:
1479 - name
1480 x-kubernetes-list-type: map
1481 envFrom:
1482 description: |-
1483 List of sources to populate environment variables in the container.
1484 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
1485 will be reported as an event when the container is starting. When a key exists in multiple
1486 sources, the value associated with the last source will take precedence.
1487 Values defined by an Env with a duplicate key will take precedence.
1488 Cannot be updated.
1489 items:
1490 description: EnvFromSource represents the
1491 source of a set of ConfigMaps
1492 properties:
1493 configMapRef:
1494 description: The ConfigMap to select from
1495 properties:
1496 name:
1497 default: ""
1498 description: |-
1499 Name of the referent.
1500 This field is effectively required, but due to backwards compatibility is
1501 allowed to be empty. Instances of this type with an empty value here are
1502 almost certainly wrong.
1503 TODO: Add other useful fields. apiVersion, kind, uid?
1504 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1505 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1506 type: string
1507 optional:
1508 description: Specify whether the ConfigMap
1509 must be defined
1510 type: boolean
1511 type: object
1512 x-kubernetes-map-type: atomic
1513 prefix:
1514 description: An optional identifier to
1515 prepend to each key in the ConfigMap.
1516 Must be a C_IDENTIFIER.
1517 type: string
1518 secretRef:
1519 description: The Secret to select from
1520 properties:
1521 name:
1522 default: ""
1523 description: |-
1524 Name of the referent.
1525 This field is effectively required, but due to backwards compatibility is
1526 allowed to be empty. Instances of this type with an empty value here are
1527 almost certainly wrong.
1528 TODO: Add other useful fields. apiVersion, kind, uid?
1529 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1530 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1531 type: string
1532 optional:
1533 description: Specify whether the Secret
1534 must be defined
1535 type: boolean
1536 type: object
1537 x-kubernetes-map-type: atomic
1538 type: object
1539 type: array
1540 x-kubernetes-list-type: atomic
1541 image:
1542 description: |-
1543 Container image name.
1544 More info: https://kubernetes.io/docs/concepts/containers/images
1545 This field is optional to allow higher level config management to default or override
1546 container images in workload controllers like Deployments and StatefulSets.
1547 type: string
1548 imagePullPolicy:
1549 description: |-
1550 Image pull policy.
1551 One of Always, Never, IfNotPresent.
1552 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
1553 Cannot be updated.
1554 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
1555 type: string
1556 lifecycle:
1557 description: |-
1558 Actions that the management system should take in response to container lifecycle events.
1559 Cannot be updated.
1560 properties:
1561 postStart:
1562 description: |-
1563 PostStart is called immediately after a container is created. If the handler fails,
1564 the container is terminated and restarted according to its restart policy.
1565 Other management of the container blocks until the hook completes.
1566 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
1567 properties:
1568 exec:
1569 description: Exec specifies the action
1570 to take.
1571 properties:
1572 command:
1573 description: |-
1574 Command is the command line to execute inside the container, the working directory for the
1575 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1576 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1577 a shell, you need to explicitly call out to that shell.
1578 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1579 items:
1580 type: string
1581 type: array
1582 x-kubernetes-list-type: atomic
1583 type: object
1584 httpGet:
1585 description: HTTPGet specifies the http
1586 request to perform.
1587 properties:
1588 host:
1589 description: |-
1590 Host name to connect to, defaults to the pod IP. You probably want to set
1591 "Host" in httpHeaders instead.
1592 type: string
1593 httpHeaders:
1594 description: Custom headers to set
1595 in the request. HTTP allows repeated
1596 headers.
1597 items:
1598 description: HTTPHeader describes
1599 a custom header to be used in
1600 HTTP probes
1601 properties:
1602 name:
1603 description: |-
1604 The header field name.
1605 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1606 type: string
1607 value:
1608 description: The header field
1609 value
1610 type: string
1611 required:
1612 - name
1613 - value
1614 type: object
1615 type: array
1616 x-kubernetes-list-type: atomic
1617 path:
1618 description: Path to access on the
1619 HTTP server.
1620 type: string
1621 port:
1622 anyOf:
1623 - type: integer
1624 - type: string
1625 description: |-
1626 Name or number of the port to access on the container.
1627 Number must be in the range 1 to 65535.
1628 Name must be an IANA_SVC_NAME.
1629 x-kubernetes-int-or-string: true
1630 scheme:
1631 description: |-
1632 Scheme to use for connecting to the host.
1633 Defaults to HTTP.
1634 type: string
1635 required:
1636 - port
1637 type: object
1638 sleep:
1639 description: Sleep represents the duration
1640 that the container should sleep before
1641 being terminated.
1642 properties:
1643 seconds:
1644 description: Seconds is the number
1645 of seconds to sleep.
1646 format: int64
1647 type: integer
1648 required:
1649 - seconds
1650 type: object
1651 tcpSocket:
1652 description: |-
1653 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
1654 for the backward compatibility. There are no validation of this field and
1655 lifecycle hooks will fail in runtime when tcp handler is specified.
1656 properties:
1657 host:
1658 description: 'Optional: Host name
1659 to connect to, defaults to the
1660 pod IP.'
1661 type: string
1662 port:
1663 anyOf:
1664 - type: integer
1665 - type: string
1666 description: |-
1667 Number or name of the port to access on the container.
1668 Number must be in the range 1 to 65535.
1669 Name must be an IANA_SVC_NAME.
1670 x-kubernetes-int-or-string: true
1671 required:
1672 - port
1673 type: object
1674 type: object
1675 preStop:
1676 description: |-
1677 PreStop is called immediately before a container is terminated due to an
1678 API request or management event such as liveness/startup probe failure,
1679 preemption, resource contention, etc. The handler is not called if the
1680 container crashes or exits. The Pod's termination grace period countdown begins before the
1681 PreStop hook is executed. Regardless of the outcome of the handler, the
1682 container will eventually terminate within the Pod's termination grace
1683 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
1684 or until the termination grace period is reached.
1685 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
1686 properties:
1687 exec:
1688 description: Exec specifies the action
1689 to take.
1690 properties:
1691 command:
1692 description: |-
1693 Command is the command line to execute inside the container, the working directory for the
1694 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1695 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1696 a shell, you need to explicitly call out to that shell.
1697 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1698 items:
1699 type: string
1700 type: array
1701 x-kubernetes-list-type: atomic
1702 type: object
1703 httpGet:
1704 description: HTTPGet specifies the http
1705 request to perform.
1706 properties:
1707 host:
1708 description: |-
1709 Host name to connect to, defaults to the pod IP. You probably want to set
1710 "Host" in httpHeaders instead.
1711 type: string
1712 httpHeaders:
1713 description: Custom headers to set
1714 in the request. HTTP allows repeated
1715 headers.
1716 items:
1717 description: HTTPHeader describes
1718 a custom header to be used in
1719 HTTP probes
1720 properties:
1721 name:
1722 description: |-
1723 The header field name.
1724 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1725 type: string
1726 value:
1727 description: The header field
1728 value
1729 type: string
1730 required:
1731 - name
1732 - value
1733 type: object
1734 type: array
1735 x-kubernetes-list-type: atomic
1736 path:
1737 description: Path to access on the
1738 HTTP server.
1739 type: string
1740 port:
1741 anyOf:
1742 - type: integer
1743 - type: string
1744 description: |-
1745 Name or number of the port to access on the container.
1746 Number must be in the range 1 to 65535.
1747 Name must be an IANA_SVC_NAME.
1748 x-kubernetes-int-or-string: true
1749 scheme:
1750 description: |-
1751 Scheme to use for connecting to the host.
1752 Defaults to HTTP.
1753 type: string
1754 required:
1755 - port
1756 type: object
1757 sleep:
1758 description: Sleep represents the duration
1759 that the container should sleep before
1760 being terminated.
1761 properties:
1762 seconds:
1763 description: Seconds is the number
1764 of seconds to sleep.
1765 format: int64
1766 type: integer
1767 required:
1768 - seconds
1769 type: object
1770 tcpSocket:
1771 description: |-
1772 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
1773 for the backward compatibility. There are no validation of this field and
1774 lifecycle hooks will fail in runtime when tcp handler is specified.
1775 properties:
1776 host:
1777 description: 'Optional: Host name
1778 to connect to, defaults to the
1779 pod IP.'
1780 type: string
1781 port:
1782 anyOf:
1783 - type: integer
1784 - type: string
1785 description: |-
1786 Number or name of the port to access on the container.
1787 Number must be in the range 1 to 65535.
1788 Name must be an IANA_SVC_NAME.
1789 x-kubernetes-int-or-string: true
1790 required:
1791 - port
1792 type: object
1793 type: object
1794 type: object
1795 livenessProbe:
1796 description: |-
1797 Periodic probe of container liveness.
1798 Container will be restarted if the probe fails.
1799 Cannot be updated.
1800 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1801 properties:
1802 exec:
1803 description: Exec specifies the action to
1804 take.
1805 properties:
1806 command:
1807 description: |-
1808 Command is the command line to execute inside the container, the working directory for the
1809 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1810 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1811 a shell, you need to explicitly call out to that shell.
1812 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1813 items:
1814 type: string
1815 type: array
1816 x-kubernetes-list-type: atomic
1817 type: object
1818 failureThreshold:
1819 description: |-
1820 Minimum consecutive failures for the probe to be considered failed after having succeeded.
1821 Defaults to 3. Minimum value is 1.
1822 format: int32
1823 type: integer
1824 grpc:
1825 description: GRPC specifies an action involving
1826 a GRPC port.
1827 properties:
1828 port:
1829 description: Port number of the gRPC
1830 service. Number must be in the range
1831 1 to 65535.
1832 format: int32
1833 type: integer
1834 service:
1835 description: |-
1836 Service is the name of the service to place in the gRPC HealthCheckRequest
1837 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
1838
1839
1840 If this is not specified, the default behavior is defined by gRPC.
1841 type: string
1842 required:
1843 - port
1844 type: object
1845 httpGet:
1846 description: HTTPGet specifies the http
1847 request to perform.
1848 properties:
1849 host:
1850 description: |-
1851 Host name to connect to, defaults to the pod IP. You probably want to set
1852 "Host" in httpHeaders instead.
1853 type: string
1854 httpHeaders:
1855 description: Custom headers to set in
1856 the request. HTTP allows repeated
1857 headers.
1858 items:
1859 description: HTTPHeader describes
1860 a custom header to be used in HTTP
1861 probes
1862 properties:
1863 name:
1864 description: |-
1865 The header field name.
1866 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1867 type: string
1868 value:
1869 description: The header field
1870 value
1871 type: string
1872 required:
1873 - name
1874 - value
1875 type: object
1876 type: array
1877 x-kubernetes-list-type: atomic
1878 path:
1879 description: Path to access on the HTTP
1880 server.
1881 type: string
1882 port:
1883 anyOf:
1884 - type: integer
1885 - type: string
1886 description: |-
1887 Name or number of the port to access on the container.
1888 Number must be in the range 1 to 65535.
1889 Name must be an IANA_SVC_NAME.
1890 x-kubernetes-int-or-string: true
1891 scheme:
1892 description: |-
1893 Scheme to use for connecting to the host.
1894 Defaults to HTTP.
1895 type: string
1896 required:
1897 - port
1898 type: object
1899 initialDelaySeconds:
1900 description: |-
1901 Number of seconds after the container has started before liveness probes are initiated.
1902 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1903 format: int32
1904 type: integer
1905 periodSeconds:
1906 description: |-
1907 How often (in seconds) to perform the probe.
1908 Default to 10 seconds. Minimum value is 1.
1909 format: int32
1910 type: integer
1911 successThreshold:
1912 description: |-
1913 Minimum consecutive successes for the probe to be considered successful after having failed.
1914 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
1915 format: int32
1916 type: integer
1917 tcpSocket:
1918 description: TCPSocket specifies an action
1919 involving a TCP port.
1920 properties:
1921 host:
1922 description: 'Optional: Host name to
1923 connect to, defaults to the pod IP.'
1924 type: string
1925 port:
1926 anyOf:
1927 - type: integer
1928 - type: string
1929 description: |-
1930 Number or name of the port to access on the container.
1931 Number must be in the range 1 to 65535.
1932 Name must be an IANA_SVC_NAME.
1933 x-kubernetes-int-or-string: true
1934 required:
1935 - port
1936 type: object
1937 terminationGracePeriodSeconds:
1938 description: |-
1939 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
1940 The grace period is the duration in seconds after the processes running in the pod are sent
1941 a termination signal and the time when the processes are forcibly halted with a kill signal.
1942 Set this value longer than the expected cleanup time for your process.
1943 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
1944 value overrides the value provided by the pod spec.
1945 Value must be non-negative integer. The value zero indicates stop immediately via
1946 the kill signal (no opportunity to shut down).
1947 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
1948 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
1949 format: int64
1950 type: integer
1951 timeoutSeconds:
1952 description: |-
1953 Number of seconds after which the probe times out.
1954 Defaults to 1 second. Minimum value is 1.
1955 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1956 format: int32
1957 type: integer
1958 type: object
1959 name:
1960 description: |-
1961 Name of the container specified as a DNS_LABEL.
1962 Each container in a pod must have a unique name (DNS_LABEL).
1963 Cannot be updated.
1964 type: string
1965 ports:
1966 description: |-
1967 List of ports to expose from the container. Not specifying a port here
1968 DOES NOT prevent that port from being exposed. Any port which is
1969 listening on the default "0.0.0.0" address inside a container will be
1970 accessible from the network.
1971 Modifying this array with strategic merge patch may corrupt the data.
1972 For more information See https://github.com/kubernetes/kubernetes/issues/108255.
1973 Cannot be updated.
1974 items:
1975 description: ContainerPort represents a network
1976 port in a single container.
1977 properties:
1978 containerPort:
1979 description: |-
1980 Number of port to expose on the pod's IP address.
1981 This must be a valid port number, 0 < x < 65536.
1982 format: int32
1983 type: integer
1984 hostIP:
1985 description: What host IP to bind the
1986 external port to.
1987 type: string
1988 hostPort:
1989 description: |-
1990 Number of port to expose on the host.
1991 If specified, this must be a valid port number, 0 < x < 65536.
1992 If HostNetwork is specified, this must match ContainerPort.
1993 Most containers do not need this.
1994 format: int32
1995 type: integer
1996 name:
1997 description: |-
1998 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
1999 named port in a pod must have a unique name. Name for the port that can be
2000 referred to by services.
2001 type: string
2002 protocol:
2003 default: TCP
2004 description: |-
2005 Protocol for port. Must be UDP, TCP, or SCTP.
2006 Defaults to "TCP".
2007 type: string
2008 required:
2009 - containerPort
2010 type: object
2011 type: array
2012 x-kubernetes-list-map-keys:
2013 - containerPort
2014 - protocol
2015 x-kubernetes-list-type: map
2016 readinessProbe:
2017 description: |-
2018 Periodic probe of container service readiness.
2019 Container will be removed from service endpoints if the probe fails.
2020 Cannot be updated.
2021 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2022 properties:
2023 exec:
2024 description: Exec specifies the action to
2025 take.
2026 properties:
2027 command:
2028 description: |-
2029 Command is the command line to execute inside the container, the working directory for the
2030 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2031 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2032 a shell, you need to explicitly call out to that shell.
2033 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2034 items:
2035 type: string
2036 type: array
2037 x-kubernetes-list-type: atomic
2038 type: object
2039 failureThreshold:
2040 description: |-
2041 Minimum consecutive failures for the probe to be considered failed after having succeeded.
2042 Defaults to 3. Minimum value is 1.
2043 format: int32
2044 type: integer
2045 grpc:
2046 description: GRPC specifies an action involving
2047 a GRPC port.
2048 properties:
2049 port:
2050 description: Port number of the gRPC
2051 service. Number must be in the range
2052 1 to 65535.
2053 format: int32
2054 type: integer
2055 service:
2056 description: |-
2057 Service is the name of the service to place in the gRPC HealthCheckRequest
2058 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
2059
2060
2061 If this is not specified, the default behavior is defined by gRPC.
2062 type: string
2063 required:
2064 - port
2065 type: object
2066 httpGet:
2067 description: HTTPGet specifies the http
2068 request to perform.
2069 properties:
2070 host:
2071 description: |-
2072 Host name to connect to, defaults to the pod IP. You probably want to set
2073 "Host" in httpHeaders instead.
2074 type: string
2075 httpHeaders:
2076 description: Custom headers to set in
2077 the request. HTTP allows repeated
2078 headers.
2079 items:
2080 description: HTTPHeader describes
2081 a custom header to be used in HTTP
2082 probes
2083 properties:
2084 name:
2085 description: |-
2086 The header field name.
2087 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2088 type: string
2089 value:
2090 description: The header field
2091 value
2092 type: string
2093 required:
2094 - name
2095 - value
2096 type: object
2097 type: array
2098 x-kubernetes-list-type: atomic
2099 path:
2100 description: Path to access on the HTTP
2101 server.
2102 type: string
2103 port:
2104 anyOf:
2105 - type: integer
2106 - type: string
2107 description: |-
2108 Name or number of the port to access on the container.
2109 Number must be in the range 1 to 65535.
2110 Name must be an IANA_SVC_NAME.
2111 x-kubernetes-int-or-string: true
2112 scheme:
2113 description: |-
2114 Scheme to use for connecting to the host.
2115 Defaults to HTTP.
2116 type: string
2117 required:
2118 - port
2119 type: object
2120 initialDelaySeconds:
2121 description: |-
2122 Number of seconds after the container has started before liveness probes are initiated.
2123 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2124 format: int32
2125 type: integer
2126 periodSeconds:
2127 description: |-
2128 How often (in seconds) to perform the probe.
2129 Default to 10 seconds. Minimum value is 1.
2130 format: int32
2131 type: integer
2132 successThreshold:
2133 description: |-
2134 Minimum consecutive successes for the probe to be considered successful after having failed.
2135 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
2136 format: int32
2137 type: integer
2138 tcpSocket:
2139 description: TCPSocket specifies an action
2140 involving a TCP port.
2141 properties:
2142 host:
2143 description: 'Optional: Host name to
2144 connect to, defaults to the pod IP.'
2145 type: string
2146 port:
2147 anyOf:
2148 - type: integer
2149 - type: string
2150 description: |-
2151 Number or name of the port to access on the container.
2152 Number must be in the range 1 to 65535.
2153 Name must be an IANA_SVC_NAME.
2154 x-kubernetes-int-or-string: true
2155 required:
2156 - port
2157 type: object
2158 terminationGracePeriodSeconds:
2159 description: |-
2160 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
2161 The grace period is the duration in seconds after the processes running in the pod are sent
2162 a termination signal and the time when the processes are forcibly halted with a kill signal.
2163 Set this value longer than the expected cleanup time for your process.
2164 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
2165 value overrides the value provided by the pod spec.
2166 Value must be non-negative integer. The value zero indicates stop immediately via
2167 the kill signal (no opportunity to shut down).
2168 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
2169 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
2170 format: int64
2171 type: integer
2172 timeoutSeconds:
2173 description: |-
2174 Number of seconds after which the probe times out.
2175 Defaults to 1 second. Minimum value is 1.
2176 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2177 format: int32
2178 type: integer
2179 type: object
2180 resizePolicy:
2181 description: Resources resize policy for the
2182 container.
2183 items:
2184 description: ContainerResizePolicy represents
2185 resource resize policy for the container.
2186 properties:
2187 resourceName:
2188 description: |-
2189 Name of the resource to which this resource resize policy applies.
2190 Supported values: cpu, memory.
2191 type: string
2192 restartPolicy:
2193 description: |-
2194 Restart policy to apply when specified resource is resized.
2195 If not specified, it defaults to NotRequired.
2196 type: string
2197 required:
2198 - resourceName
2199 - restartPolicy
2200 type: object
2201 type: array
2202 x-kubernetes-list-type: atomic
2203 resources:
2204 description: |-
2205 Compute Resources required by this container.
2206 Cannot be updated.
2207 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2208 properties:
2209 claims:
2210 description: |-
2211 Claims lists the names of resources, defined in spec.resourceClaims,
2212 that are used by this container.
2213
2214
2215 This is an alpha field and requires enabling the
2216 DynamicResourceAllocation feature gate.
2217
2218
2219 This field is immutable. It can only be set for containers.
2220 items:
2221 description: ResourceClaim references
2222 one entry in PodSpec.ResourceClaims.
2223 properties:
2224 name:
2225 description: |-
2226 Name must match the name of one entry in pod.spec.resourceClaims of
2227 the Pod where this field is used. It makes that resource available
2228 inside a container.
2229 type: string
2230 required:
2231 - name
2232 type: object
2233 type: array
2234 x-kubernetes-list-map-keys:
2235 - name
2236 x-kubernetes-list-type: map
2237 limits:
2238 additionalProperties:
2239 anyOf:
2240 - type: integer
2241 - type: string
2242 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2243 x-kubernetes-int-or-string: true
2244 description: |-
2245 Limits describes the maximum amount of compute resources allowed.
2246 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2247 type: object
2248 requests:
2249 additionalProperties:
2250 anyOf:
2251 - type: integer
2252 - type: string
2253 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2254 x-kubernetes-int-or-string: true
2255 description: |-
2256 Requests describes the minimum amount of compute resources required.
2257 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
2258 otherwise to an implementation-defined value. Requests cannot exceed Limits.
2259 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2260 type: object
2261 type: object
2262 restartPolicy:
2263 description: |-
2264 RestartPolicy defines the restart behavior of individual containers in a pod.
2265 This field may only be set for init containers, and the only allowed value is "Always".
2266 For non-init containers or when this field is not specified,
2267 the restart behavior is defined by the Pod's restart policy and the container type.
2268 Setting the RestartPolicy as "Always" for the init container will have the following effect:
2269 this init container will be continually restarted on
2270 exit until all regular containers have terminated. Once all regular
2271 containers have completed, all init containers with restartPolicy "Always"
2272 will be shut down. This lifecycle differs from normal init containers and
2273 is often referred to as a "sidecar" container. Although this init
2274 container still starts in the init container sequence, it does not wait
2275 for the container to complete before proceeding to the next init
2276 container. Instead, the next init container starts immediately after this
2277 init container is started, or after any startupProbe has successfully
2278 completed.
2279 type: string
2280 securityContext:
2281 description: |-
2282 SecurityContext defines the security options the container should be run with.
2283 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
2284 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
2285 properties:
2286 allowPrivilegeEscalation:
2287 description: |-
2288 AllowPrivilegeEscalation controls whether a process can gain more
2289 privileges than its parent process. This bool directly controls if
2290 the no_new_privs flag will be set on the container process.
2291 AllowPrivilegeEscalation is true always when the container is:
2292 1) run as Privileged
2293 2) has CAP_SYS_ADMIN
2294 Note that this field cannot be set when spec.os.name is windows.
2295 type: boolean
2296 appArmorProfile:
2297 description: |-
2298 appArmorProfile is the AppArmor options to use by this container. If set, this profile
2299 overrides the pod's appArmorProfile.
2300 Note that this field cannot be set when spec.os.name is windows.
2301 properties:
2302 localhostProfile:
2303 description: |-
2304 localhostProfile indicates a profile loaded on the node that should be used.
2305 The profile must be preconfigured on the node to work.
2306 Must match the loaded name of the profile.
2307 Must be set if and only if type is "Localhost".
2308 type: string
2309 type:
2310 description: |-
2311 type indicates which kind of AppArmor profile will be applied.
2312 Valid options are:
2313 Localhost - a profile pre-loaded on the node.
2314 RuntimeDefault - the container runtime's default profile.
2315 Unconfined - no AppArmor enforcement.
2316 type: string
2317 required:
2318 - type
2319 type: object
2320 capabilities:
2321 description: |-
2322 The capabilities to add/drop when running containers.
2323 Defaults to the default set of capabilities granted by the container runtime.
2324 Note that this field cannot be set when spec.os.name is windows.
2325 properties:
2326 add:
2327 description: Added capabilities
2328 items:
2329 description: Capability represent
2330 POSIX capabilities type
2331 type: string
2332 type: array
2333 x-kubernetes-list-type: atomic
2334 drop:
2335 description: Removed capabilities
2336 items:
2337 description: Capability represent
2338 POSIX capabilities type
2339 type: string
2340 type: array
2341 x-kubernetes-list-type: atomic
2342 type: object
2343 privileged:
2344 description: |-
2345 Run container in privileged mode.
2346 Processes in privileged containers are essentially equivalent to root on the host.
2347 Defaults to false.
2348 Note that this field cannot be set when spec.os.name is windows.
2349 type: boolean
2350 procMount:
2351 description: |-
2352 procMount denotes the type of proc mount to use for the containers.
2353 The default is DefaultProcMount which uses the container runtime defaults for
2354 readonly paths and masked paths.
2355 This requires the ProcMountType feature flag to be enabled.
2356 Note that this field cannot be set when spec.os.name is windows.
2357 type: string
2358 readOnlyRootFilesystem:
2359 description: |-
2360 Whether this container has a read-only root filesystem.
2361 Default is false.
2362 Note that this field cannot be set when spec.os.name is windows.
2363 type: boolean
2364 runAsGroup:
2365 description: |-
2366 The GID to run the entrypoint of the container process.
2367 Uses runtime default if unset.
2368 May also be set in PodSecurityContext. If set in both SecurityContext and
2369 PodSecurityContext, the value specified in SecurityContext takes precedence.
2370 Note that this field cannot be set when spec.os.name is windows.
2371 format: int64
2372 type: integer
2373 runAsNonRoot:
2374 description: |-
2375 Indicates that the container must run as a non-root user.
2376 If true, the Kubelet will validate the image at runtime to ensure that it
2377 does not run as UID 0 (root) and fail to start the container if it does.
2378 If unset or false, no such validation will be performed.
2379 May also be set in PodSecurityContext. If set in both SecurityContext and
2380 PodSecurityContext, the value specified in SecurityContext takes precedence.
2381 type: boolean
2382 runAsUser:
2383 description: |-
2384 The UID to run the entrypoint of the container process.
2385 Defaults to user specified in image metadata if unspecified.
2386 May also be set in PodSecurityContext. If set in both SecurityContext and
2387 PodSecurityContext, the value specified in SecurityContext takes precedence.
2388 Note that this field cannot be set when spec.os.name is windows.
2389 format: int64
2390 type: integer
2391 seLinuxOptions:
2392 description: |-
2393 The SELinux context to be applied to the container.
2394 If unspecified, the container runtime will allocate a random SELinux context for each
2395 container. May also be set in PodSecurityContext. If set in both SecurityContext and
2396 PodSecurityContext, the value specified in SecurityContext takes precedence.
2397 Note that this field cannot be set when spec.os.name is windows.
2398 properties:
2399 level:
2400 description: Level is SELinux level
2401 label that applies to the container.
2402 type: string
2403 role:
2404 description: Role is a SELinux role
2405 label that applies to the container.
2406 type: string
2407 type:
2408 description: Type is a SELinux type
2409 label that applies to the container.
2410 type: string
2411 user:
2412 description: User is a SELinux user
2413 label that applies to the container.
2414 type: string
2415 type: object
2416 seccompProfile:
2417 description: |-
2418 The seccomp options to use by this container. If seccomp options are
2419 provided at both the pod & container level, the container options
2420 override the pod options.
2421 Note that this field cannot be set when spec.os.name is windows.
2422 properties:
2423 localhostProfile:
2424 description: |-
2425 localhostProfile indicates a profile defined in a file on the node should be used.
2426 The profile must be preconfigured on the node to work.
2427 Must be a descending path, relative to the kubelet's configured seccomp profile location.
2428 Must be set if type is "Localhost". Must NOT be set for any other type.
2429 type: string
2430 type:
2431 description: |-
2432 type indicates which kind of seccomp profile will be applied.
2433 Valid options are:
2434
2435
2436 Localhost - a profile defined in a file on the node should be used.
2437 RuntimeDefault - the container runtime default profile should be used.
2438 Unconfined - no profile should be applied.
2439 type: string
2440 required:
2441 - type
2442 type: object
2443 windowsOptions:
2444 description: |-
2445 The Windows specific settings applied to all containers.
2446 If unspecified, the options from the PodSecurityContext will be used.
2447 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
2448 Note that this field cannot be set when spec.os.name is linux.
2449 properties:
2450 gmsaCredentialSpec:
2451 description: |-
2452 GMSACredentialSpec is where the GMSA admission webhook
2453 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
2454 GMSA credential spec named by the GMSACredentialSpecName field.
2455 type: string
2456 gmsaCredentialSpecName:
2457 description: GMSACredentialSpecName
2458 is the name of the GMSA credential
2459 spec to use.
2460 type: string
2461 hostProcess:
2462 description: |-
2463 HostProcess determines if a container should be run as a 'Host Process' container.
2464 All of a Pod's containers must have the same effective HostProcess value
2465 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
2466 In addition, if HostProcess is true then HostNetwork must also be set to true.
2467 type: boolean
2468 runAsUserName:
2469 description: |-
2470 The UserName in Windows to run the entrypoint of the container process.
2471 Defaults to the user specified in image metadata if unspecified.
2472 May also be set in PodSecurityContext. If set in both SecurityContext and
2473 PodSecurityContext, the value specified in SecurityContext takes precedence.
2474 type: string
2475 type: object
2476 type: object
2477 startupProbe:
2478 description: |-
2479 StartupProbe indicates that the Pod has successfully initialized.
2480 If specified, no other probes are executed until this completes successfully.
2481 If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
2482 This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
2483 when it might take a long time to load data or warm a cache, than during steady-state operation.
2484 This cannot be updated.
2485 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2486 properties:
2487 exec:
2488 description: Exec specifies the action to
2489 take.
2490 properties:
2491 command:
2492 description: |-
2493 Command is the command line to execute inside the container, the working directory for the
2494 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2495 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2496 a shell, you need to explicitly call out to that shell.
2497 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2498 items:
2499 type: string
2500 type: array
2501 x-kubernetes-list-type: atomic
2502 type: object
2503 failureThreshold:
2504 description: |-
2505 Minimum consecutive failures for the probe to be considered failed after having succeeded.
2506 Defaults to 3. Minimum value is 1.
2507 format: int32
2508 type: integer
2509 grpc:
2510 description: GRPC specifies an action involving
2511 a GRPC port.
2512 properties:
2513 port:
2514 description: Port number of the gRPC
2515 service. Number must be in the range
2516 1 to 65535.
2517 format: int32
2518 type: integer
2519 service:
2520 description: |-
2521 Service is the name of the service to place in the gRPC HealthCheckRequest
2522 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
2523
2524
2525 If this is not specified, the default behavior is defined by gRPC.
2526 type: string
2527 required:
2528 - port
2529 type: object
2530 httpGet:
2531 description: HTTPGet specifies the http
2532 request to perform.
2533 properties:
2534 host:
2535 description: |-
2536 Host name to connect to, defaults to the pod IP. You probably want to set
2537 "Host" in httpHeaders instead.
2538 type: string
2539 httpHeaders:
2540 description: Custom headers to set in
2541 the request. HTTP allows repeated
2542 headers.
2543 items:
2544 description: HTTPHeader describes
2545 a custom header to be used in HTTP
2546 probes
2547 properties:
2548 name:
2549 description: |-
2550 The header field name.
2551 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2552 type: string
2553 value:
2554 description: The header field
2555 value
2556 type: string
2557 required:
2558 - name
2559 - value
2560 type: object
2561 type: array
2562 x-kubernetes-list-type: atomic
2563 path:
2564 description: Path to access on the HTTP
2565 server.
2566 type: string
2567 port:
2568 anyOf:
2569 - type: integer
2570 - type: string
2571 description: |-
2572 Name or number of the port to access on the container.
2573 Number must be in the range 1 to 65535.
2574 Name must be an IANA_SVC_NAME.
2575 x-kubernetes-int-or-string: true
2576 scheme:
2577 description: |-
2578 Scheme to use for connecting to the host.
2579 Defaults to HTTP.
2580 type: string
2581 required:
2582 - port
2583 type: object
2584 initialDelaySeconds:
2585 description: |-
2586 Number of seconds after the container has started before liveness probes are initiated.
2587 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2588 format: int32
2589 type: integer
2590 periodSeconds:
2591 description: |-
2592 How often (in seconds) to perform the probe.
2593 Default to 10 seconds. Minimum value is 1.
2594 format: int32
2595 type: integer
2596 successThreshold:
2597 description: |-
2598 Minimum consecutive successes for the probe to be considered successful after having failed.
2599 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
2600 format: int32
2601 type: integer
2602 tcpSocket:
2603 description: TCPSocket specifies an action
2604 involving a TCP port.
2605 properties:
2606 host:
2607 description: 'Optional: Host name to
2608 connect to, defaults to the pod IP.'
2609 type: string
2610 port:
2611 anyOf:
2612 - type: integer
2613 - type: string
2614 description: |-
2615 Number or name of the port to access on the container.
2616 Number must be in the range 1 to 65535.
2617 Name must be an IANA_SVC_NAME.
2618 x-kubernetes-int-or-string: true
2619 required:
2620 - port
2621 type: object
2622 terminationGracePeriodSeconds:
2623 description: |-
2624 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
2625 The grace period is the duration in seconds after the processes running in the pod are sent
2626 a termination signal and the time when the processes are forcibly halted with a kill signal.
2627 Set this value longer than the expected cleanup time for your process.
2628 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
2629 value overrides the value provided by the pod spec.
2630 Value must be non-negative integer. The value zero indicates stop immediately via
2631 the kill signal (no opportunity to shut down).
2632 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
2633 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
2634 format: int64
2635 type: integer
2636 timeoutSeconds:
2637 description: |-
2638 Number of seconds after which the probe times out.
2639 Defaults to 1 second. Minimum value is 1.
2640 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2641 format: int32
2642 type: integer
2643 type: object
2644 stdin:
2645 description: |-
2646 Whether this container should allocate a buffer for stdin in the container runtime. If this
2647 is not set, reads from stdin in the container will always result in EOF.
2648 Default is false.
2649 type: boolean
2650 stdinOnce:
2651 description: |-
2652 Whether the container runtime should close the stdin channel after it has been opened by
2653 a single attach. When stdin is true the stdin stream will remain open across multiple attach
2654 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
2655 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
2656 at which time stdin is closed and remains closed until the container is restarted. If this
2657 flag is false, a container processes that reads from stdin will never receive an EOF.
2658 Default is false
2659 type: boolean
2660 terminationMessagePath:
2661 description: |-
2662 Optional: Path at which the file to which the container's termination message
2663 will be written is mounted into the container's filesystem.
2664 Message written is intended to be brief final status, such as an assertion failure message.
2665 Will be truncated by the node if greater than 4096 bytes. The total message length across
2666 all containers will be limited to 12kb.
2667 Defaults to /dev/termination-log.
2668 Cannot be updated.
2669 type: string
2670 terminationMessagePolicy:
2671 description: |-
2672 Indicate how the termination message should be populated. File will use the contents of
2673 terminationMessagePath to populate the container status message on both success and failure.
2674 FallbackToLogsOnError will use the last chunk of container log output if the termination
2675 message file is empty and the container exited with an error.
2676 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
2677 Defaults to File.
2678 Cannot be updated.
2679 type: string
2680 tty:
2681 description: |-
2682 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
2683 Default is false.
2684 type: boolean
2685 volumeDevices:
2686 description: volumeDevices is the list of block
2687 devices to be used by the container.
2688 items:
2689 description: volumeDevice describes a mapping
2690 of a raw block device within a container.
2691 properties:
2692 devicePath:
2693 description: devicePath is the path inside
2694 of the container that the device will
2695 be mapped to.
2696 type: string
2697 name:
2698 description: name must match the name
2699 of a persistentVolumeClaim in the pod
2700 type: string
2701 required:
2702 - devicePath
2703 - name
2704 type: object
2705 type: array
2706 x-kubernetes-list-map-keys:
2707 - devicePath
2708 x-kubernetes-list-type: map
2709 volumeMounts:
2710 description: |-
2711 Pod volumes to mount into the container's filesystem.
2712 Cannot be updated.
2713 items:
2714 description: VolumeMount describes a mounting
2715 of a Volume within a container.
2716 properties:
2717 mountPath:
2718 description: |-
2719 Path within the container at which the volume should be mounted. Must
2720 not contain ':'.
2721 type: string
2722 mountPropagation:
2723 description: |-
2724 mountPropagation determines how mounts are propagated from the host
2725 to container and the other way around.
2726 When not set, MountPropagationNone is used.
2727 This field is beta in 1.10.
2728 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
2729 (which defaults to None).
2730 type: string
2731 name:
2732 description: This must match the Name
2733 of a Volume.
2734 type: string
2735 readOnly:
2736 description: |-
2737 Mounted read-only if true, read-write otherwise (false or unspecified).
2738 Defaults to false.
2739 type: boolean
2740 recursiveReadOnly:
2741 description: |-
2742 RecursiveReadOnly specifies whether read-only mounts should be handled
2743 recursively.
2744
2745
2746 If ReadOnly is false, this field has no meaning and must be unspecified.
2747
2748
2749 If ReadOnly is true, and this field is set to Disabled, the mount is not made
2750 recursively read-only. If this field is set to IfPossible, the mount is made
2751 recursively read-only, if it is supported by the container runtime. If this
2752 field is set to Enabled, the mount is made recursively read-only if it is
2753 supported by the container runtime, otherwise the pod will not be started and
2754 an error will be generated to indicate the reason.
2755
2756
2757 If this field is set to IfPossible or Enabled, MountPropagation must be set to
2758 None (or be unspecified, which defaults to None).
2759
2760
2761 If this field is not specified, it is treated as an equivalent of Disabled.
2762 type: string
2763 subPath:
2764 description: |-
2765 Path within the volume from which the container's volume should be mounted.
2766 Defaults to "" (volume's root).
2767 type: string
2768 subPathExpr:
2769 description: |-
2770 Expanded path within the volume from which the container's volume should be mounted.
2771 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
2772 Defaults to "" (volume's root).
2773 SubPathExpr and SubPath are mutually exclusive.
2774 type: string
2775 required:
2776 - mountPath
2777 - name
2778 type: object
2779 type: array
2780 x-kubernetes-list-map-keys:
2781 - mountPath
2782 x-kubernetes-list-type: map
2783 workingDir:
2784 description: |-
2785 Container's working directory.
2786 If not specified, the container runtime's default will be used, which
2787 might be configured in the container image.
2788 Cannot be updated.
2789 type: string
2790 required:
2791 - name
2792 type: object
2793 type: array
2794 x-kubernetes-list-map-keys:
2795 - name
2796 x-kubernetes-list-type: map
2797 dnsConfig:
2798 description: |-
2799 Specifies the DNS parameters of a pod.
2800 Parameters specified here will be merged to the generated DNS
2801 configuration based on DNSPolicy.
2802 properties:
2803 nameservers:
2804 description: |-
2805 A list of DNS name server IP addresses.
2806 This will be appended to the base nameservers generated from DNSPolicy.
2807 Duplicated nameservers will be removed.
2808 items:
2809 type: string
2810 type: array
2811 x-kubernetes-list-type: atomic
2812 options:
2813 description: |-
2814 A list of DNS resolver options.
2815 This will be merged with the base options generated from DNSPolicy.
2816 Duplicated entries will be removed. Resolution options given in Options
2817 will override those that appear in the base DNSPolicy.
2818 items:
2819 description: PodDNSConfigOption defines DNS
2820 resolver options of a pod.
2821 properties:
2822 name:
2823 description: Required.
2824 type: string
2825 value:
2826 type: string
2827 type: object
2828 type: array
2829 x-kubernetes-list-type: atomic
2830 searches:
2831 description: |-
2832 A list of DNS search domains for host-name lookup.
2833 This will be appended to the base search paths generated from DNSPolicy.
2834 Duplicated search paths will be removed.
2835 items:
2836 type: string
2837 type: array
2838 x-kubernetes-list-type: atomic
2839 type: object
2840 dnsPolicy:
2841 description: |-
2842 Set DNS policy for the pod.
2843 Defaults to "ClusterFirst".
2844 Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.
2845 DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.
2846 To have DNS options set along with hostNetwork, you have to specify DNS policy
2847 explicitly to 'ClusterFirstWithHostNet'.
2848 type: string
2849 enableServiceLinks:
2850 description: |-
2851 EnableServiceLinks indicates whether information about services should be injected into pod's
2852 environment variables, matching the syntax of Docker links.
2853 Optional: Defaults to true.
2854 type: boolean
2855 ephemeralContainers:
2856 description: |-
2857 List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing
2858 pod to perform user-initiated actions such as debugging. This list cannot be specified when
2859 creating a pod, and it cannot be modified by updating the pod spec. In order to add an
2860 ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource.
2861 items:
2862 description: |-
2863 An EphemeralContainer is a temporary container that you may add to an existing Pod for
2864 user-initiated activities such as debugging. Ephemeral containers have no resource or
2865 scheduling guarantees, and they will not be restarted when they exit or when a Pod is
2866 removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the
2867 Pod to exceed its resource allocation.
2868
2869
2870 To add an ephemeral container, use the ephemeralcontainers subresource of an existing
2871 Pod. Ephemeral containers may not be removed or restarted.
2872 properties:
2873 args:
2874 description: |-
2875 Arguments to the entrypoint.
2876 The image's CMD is used if this is not provided.
2877 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
2878 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
2879 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
2880 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
2881 of whether the variable exists or not. Cannot be updated.
2882 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
2883 items:
2884 type: string
2885 type: array
2886 x-kubernetes-list-type: atomic
2887 command:
2888 description: |-
2889 Entrypoint array. Not executed within a shell.
2890 The image's ENTRYPOINT is used if this is not provided.
2891 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
2892 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
2893 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
2894 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
2895 of whether the variable exists or not. Cannot be updated.
2896 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
2897 items:
2898 type: string
2899 type: array
2900 x-kubernetes-list-type: atomic
2901 env:
2902 description: |-
2903 List of environment variables to set in the container.
2904 Cannot be updated.
2905 items:
2906 description: EnvVar represents an environment
2907 variable present in a Container.
2908 properties:
2909 name:
2910 description: Name of the environment variable.
2911 Must be a C_IDENTIFIER.
2912 type: string
2913 value:
2914 description: |-
2915 Variable references $(VAR_NAME) are expanded
2916 using the previously defined environment variables in the container and
2917 any service environment variables. If a variable cannot be resolved,
2918 the reference in the input string will be unchanged. Double $$ are reduced
2919 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
2920 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
2921 Escaped references will never be expanded, regardless of whether the variable
2922 exists or not.
2923 Defaults to "".
2924 type: string
2925 valueFrom:
2926 description: Source for the environment
2927 variable's value. Cannot be used if
2928 value is not empty.
2929 properties:
2930 configMapKeyRef:
2931 description: Selects a key of a ConfigMap.
2932 properties:
2933 key:
2934 description: The key to select.
2935 type: string
2936 name:
2937 default: ""
2938 description: |-
2939 Name of the referent.
2940 This field is effectively required, but due to backwards compatibility is
2941 allowed to be empty. Instances of this type with an empty value here are
2942 almost certainly wrong.
2943 TODO: Add other useful fields. apiVersion, kind, uid?
2944 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2945 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2946 type: string
2947 optional:
2948 description: Specify whether the
2949 ConfigMap or its key must be
2950 defined
2951 type: boolean
2952 required:
2953 - key
2954 type: object
2955 x-kubernetes-map-type: atomic
2956 fieldRef:
2957 description: |-
2958 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
2959 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
2960 properties:
2961 apiVersion:
2962 description: Version of the schema
2963 the FieldPath is written in
2964 terms of, defaults to "v1".
2965 type: string
2966 fieldPath:
2967 description: Path of the field
2968 to select in the specified API
2969 version.
2970 type: string
2971 required:
2972 - fieldPath
2973 type: object
2974 x-kubernetes-map-type: atomic
2975 resourceFieldRef:
2976 description: |-
2977 Selects a resource of the container: only resources limits and requests
2978 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
2979 properties:
2980 containerName:
2981 description: 'Container name:
2982 required for volumes, optional
2983 for env vars'
2984 type: string
2985 divisor:
2986 anyOf:
2987 - type: integer
2988 - type: string
2989 description: Specifies the output
2990 format of the exposed resources,
2991 defaults to "1"
2992 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2993 x-kubernetes-int-or-string: true
2994 resource:
2995 description: 'Required: resource
2996 to select'
2997 type: string
2998 required:
2999 - resource
3000 type: object
3001 x-kubernetes-map-type: atomic
3002 secretKeyRef:
3003 description: Selects a key of a secret
3004 in the pod's namespace
3005 properties:
3006 key:
3007 description: The key of the secret
3008 to select from. Must be a valid
3009 secret key.
3010 type: string
3011 name:
3012 default: ""
3013 description: |-
3014 Name of the referent.
3015 This field is effectively required, but due to backwards compatibility is
3016 allowed to be empty. Instances of this type with an empty value here are
3017 almost certainly wrong.
3018 TODO: Add other useful fields. apiVersion, kind, uid?
3019 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3020 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3021 type: string
3022 optional:
3023 description: Specify whether the
3024 Secret or its key must be defined
3025 type: boolean
3026 required:
3027 - key
3028 type: object
3029 x-kubernetes-map-type: atomic
3030 type: object
3031 required:
3032 - name
3033 type: object
3034 type: array
3035 x-kubernetes-list-map-keys:
3036 - name
3037 x-kubernetes-list-type: map
3038 envFrom:
3039 description: |-
3040 List of sources to populate environment variables in the container.
3041 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
3042 will be reported as an event when the container is starting. When a key exists in multiple
3043 sources, the value associated with the last source will take precedence.
3044 Values defined by an Env with a duplicate key will take precedence.
3045 Cannot be updated.
3046 items:
3047 description: EnvFromSource represents the
3048 source of a set of ConfigMaps
3049 properties:
3050 configMapRef:
3051 description: The ConfigMap to select from
3052 properties:
3053 name:
3054 default: ""
3055 description: |-
3056 Name of the referent.
3057 This field is effectively required, but due to backwards compatibility is
3058 allowed to be empty. Instances of this type with an empty value here are
3059 almost certainly wrong.
3060 TODO: Add other useful fields. apiVersion, kind, uid?
3061 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3062 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3063 type: string
3064 optional:
3065 description: Specify whether the ConfigMap
3066 must be defined
3067 type: boolean
3068 type: object
3069 x-kubernetes-map-type: atomic
3070 prefix:
3071 description: An optional identifier to
3072 prepend to each key in the ConfigMap.
3073 Must be a C_IDENTIFIER.
3074 type: string
3075 secretRef:
3076 description: The Secret to select from
3077 properties:
3078 name:
3079 default: ""
3080 description: |-
3081 Name of the referent.
3082 This field is effectively required, but due to backwards compatibility is
3083 allowed to be empty. Instances of this type with an empty value here are
3084 almost certainly wrong.
3085 TODO: Add other useful fields. apiVersion, kind, uid?
3086 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3087 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3088 type: string
3089 optional:
3090 description: Specify whether the Secret
3091 must be defined
3092 type: boolean
3093 type: object
3094 x-kubernetes-map-type: atomic
3095 type: object
3096 type: array
3097 x-kubernetes-list-type: atomic
3098 image:
3099 description: |-
3100 Container image name.
3101 More info: https://kubernetes.io/docs/concepts/containers/images
3102 type: string
3103 imagePullPolicy:
3104 description: |-
3105 Image pull policy.
3106 One of Always, Never, IfNotPresent.
3107 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
3108 Cannot be updated.
3109 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
3110 type: string
3111 lifecycle:
3112 description: Lifecycle is not allowed for ephemeral
3113 containers.
3114 properties:
3115 postStart:
3116 description: |-
3117 PostStart is called immediately after a container is created. If the handler fails,
3118 the container is terminated and restarted according to its restart policy.
3119 Other management of the container blocks until the hook completes.
3120 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
3121 properties:
3122 exec:
3123 description: Exec specifies the action
3124 to take.
3125 properties:
3126 command:
3127 description: |-
3128 Command is the command line to execute inside the container, the working directory for the
3129 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3130 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3131 a shell, you need to explicitly call out to that shell.
3132 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3133 items:
3134 type: string
3135 type: array
3136 x-kubernetes-list-type: atomic
3137 type: object
3138 httpGet:
3139 description: HTTPGet specifies the http
3140 request to perform.
3141 properties:
3142 host:
3143 description: |-
3144 Host name to connect to, defaults to the pod IP. You probably want to set
3145 "Host" in httpHeaders instead.
3146 type: string
3147 httpHeaders:
3148 description: Custom headers to set
3149 in the request. HTTP allows repeated
3150 headers.
3151 items:
3152 description: HTTPHeader describes
3153 a custom header to be used in
3154 HTTP probes
3155 properties:
3156 name:
3157 description: |-
3158 The header field name.
3159 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3160 type: string
3161 value:
3162 description: The header field
3163 value
3164 type: string
3165 required:
3166 - name
3167 - value
3168 type: object
3169 type: array
3170 x-kubernetes-list-type: atomic
3171 path:
3172 description: Path to access on the
3173 HTTP server.
3174 type: string
3175 port:
3176 anyOf:
3177 - type: integer
3178 - type: string
3179 description: |-
3180 Name or number of the port to access on the container.
3181 Number must be in the range 1 to 65535.
3182 Name must be an IANA_SVC_NAME.
3183 x-kubernetes-int-or-string: true
3184 scheme:
3185 description: |-
3186 Scheme to use for connecting to the host.
3187 Defaults to HTTP.
3188 type: string
3189 required:
3190 - port
3191 type: object
3192 sleep:
3193 description: Sleep represents the duration
3194 that the container should sleep before
3195 being terminated.
3196 properties:
3197 seconds:
3198 description: Seconds is the number
3199 of seconds to sleep.
3200 format: int64
3201 type: integer
3202 required:
3203 - seconds
3204 type: object
3205 tcpSocket:
3206 description: |-
3207 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
3208 for the backward compatibility. There are no validation of this field and
3209 lifecycle hooks will fail in runtime when tcp handler is specified.
3210 properties:
3211 host:
3212 description: 'Optional: Host name
3213 to connect to, defaults to the
3214 pod IP.'
3215 type: string
3216 port:
3217 anyOf:
3218 - type: integer
3219 - type: string
3220 description: |-
3221 Number or name of the port to access on the container.
3222 Number must be in the range 1 to 65535.
3223 Name must be an IANA_SVC_NAME.
3224 x-kubernetes-int-or-string: true
3225 required:
3226 - port
3227 type: object
3228 type: object
3229 preStop:
3230 description: |-
3231 PreStop is called immediately before a container is terminated due to an
3232 API request or management event such as liveness/startup probe failure,
3233 preemption, resource contention, etc. The handler is not called if the
3234 container crashes or exits. The Pod's termination grace period countdown begins before the
3235 PreStop hook is executed. Regardless of the outcome of the handler, the
3236 container will eventually terminate within the Pod's termination grace
3237 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
3238 or until the termination grace period is reached.
3239 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
3240 properties:
3241 exec:
3242 description: Exec specifies the action
3243 to take.
3244 properties:
3245 command:
3246 description: |-
3247 Command is the command line to execute inside the container, the working directory for the
3248 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3249 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3250 a shell, you need to explicitly call out to that shell.
3251 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3252 items:
3253 type: string
3254 type: array
3255 x-kubernetes-list-type: atomic
3256 type: object
3257 httpGet:
3258 description: HTTPGet specifies the http
3259 request to perform.
3260 properties:
3261 host:
3262 description: |-
3263 Host name to connect to, defaults to the pod IP. You probably want to set
3264 "Host" in httpHeaders instead.
3265 type: string
3266 httpHeaders:
3267 description: Custom headers to set
3268 in the request. HTTP allows repeated
3269 headers.
3270 items:
3271 description: HTTPHeader describes
3272 a custom header to be used in
3273 HTTP probes
3274 properties:
3275 name:
3276 description: |-
3277 The header field name.
3278 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3279 type: string
3280 value:
3281 description: The header field
3282 value
3283 type: string
3284 required:
3285 - name
3286 - value
3287 type: object
3288 type: array
3289 x-kubernetes-list-type: atomic
3290 path:
3291 description: Path to access on the
3292 HTTP server.
3293 type: string
3294 port:
3295 anyOf:
3296 - type: integer
3297 - type: string
3298 description: |-
3299 Name or number of the port to access on the container.
3300 Number must be in the range 1 to 65535.
3301 Name must be an IANA_SVC_NAME.
3302 x-kubernetes-int-or-string: true
3303 scheme:
3304 description: |-
3305 Scheme to use for connecting to the host.
3306 Defaults to HTTP.
3307 type: string
3308 required:
3309 - port
3310 type: object
3311 sleep:
3312 description: Sleep represents the duration
3313 that the container should sleep before
3314 being terminated.
3315 properties:
3316 seconds:
3317 description: Seconds is the number
3318 of seconds to sleep.
3319 format: int64
3320 type: integer
3321 required:
3322 - seconds
3323 type: object
3324 tcpSocket:
3325 description: |-
3326 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
3327 for the backward compatibility. There are no validation of this field and
3328 lifecycle hooks will fail in runtime when tcp handler is specified.
3329 properties:
3330 host:
3331 description: 'Optional: Host name
3332 to connect to, defaults to the
3333 pod IP.'
3334 type: string
3335 port:
3336 anyOf:
3337 - type: integer
3338 - type: string
3339 description: |-
3340 Number or name of the port to access on the container.
3341 Number must be in the range 1 to 65535.
3342 Name must be an IANA_SVC_NAME.
3343 x-kubernetes-int-or-string: true
3344 required:
3345 - port
3346 type: object
3347 type: object
3348 type: object
3349 livenessProbe:
3350 description: Probes are not allowed for ephemeral
3351 containers.
3352 properties:
3353 exec:
3354 description: Exec specifies the action to
3355 take.
3356 properties:
3357 command:
3358 description: |-
3359 Command is the command line to execute inside the container, the working directory for the
3360 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3361 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3362 a shell, you need to explicitly call out to that shell.
3363 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3364 items:
3365 type: string
3366 type: array
3367 x-kubernetes-list-type: atomic
3368 type: object
3369 failureThreshold:
3370 description: |-
3371 Minimum consecutive failures for the probe to be considered failed after having succeeded.
3372 Defaults to 3. Minimum value is 1.
3373 format: int32
3374 type: integer
3375 grpc:
3376 description: GRPC specifies an action involving
3377 a GRPC port.
3378 properties:
3379 port:
3380 description: Port number of the gRPC
3381 service. Number must be in the range
3382 1 to 65535.
3383 format: int32
3384 type: integer
3385 service:
3386 description: |-
3387 Service is the name of the service to place in the gRPC HealthCheckRequest
3388 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3389
3390
3391 If this is not specified, the default behavior is defined by gRPC.
3392 type: string
3393 required:
3394 - port
3395 type: object
3396 httpGet:
3397 description: HTTPGet specifies the http
3398 request to perform.
3399 properties:
3400 host:
3401 description: |-
3402 Host name to connect to, defaults to the pod IP. You probably want to set
3403 "Host" in httpHeaders instead.
3404 type: string
3405 httpHeaders:
3406 description: Custom headers to set in
3407 the request. HTTP allows repeated
3408 headers.
3409 items:
3410 description: HTTPHeader describes
3411 a custom header to be used in HTTP
3412 probes
3413 properties:
3414 name:
3415 description: |-
3416 The header field name.
3417 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3418 type: string
3419 value:
3420 description: The header field
3421 value
3422 type: string
3423 required:
3424 - name
3425 - value
3426 type: object
3427 type: array
3428 x-kubernetes-list-type: atomic
3429 path:
3430 description: Path to access on the HTTP
3431 server.
3432 type: string
3433 port:
3434 anyOf:
3435 - type: integer
3436 - type: string
3437 description: |-
3438 Name or number of the port to access on the container.
3439 Number must be in the range 1 to 65535.
3440 Name must be an IANA_SVC_NAME.
3441 x-kubernetes-int-or-string: true
3442 scheme:
3443 description: |-
3444 Scheme to use for connecting to the host.
3445 Defaults to HTTP.
3446 type: string
3447 required:
3448 - port
3449 type: object
3450 initialDelaySeconds:
3451 description: |-
3452 Number of seconds after the container has started before liveness probes are initiated.
3453 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3454 format: int32
3455 type: integer
3456 periodSeconds:
3457 description: |-
3458 How often (in seconds) to perform the probe.
3459 Default to 10 seconds. Minimum value is 1.
3460 format: int32
3461 type: integer
3462 successThreshold:
3463 description: |-
3464 Minimum consecutive successes for the probe to be considered successful after having failed.
3465 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3466 format: int32
3467 type: integer
3468 tcpSocket:
3469 description: TCPSocket specifies an action
3470 involving a TCP port.
3471 properties:
3472 host:
3473 description: 'Optional: Host name to
3474 connect to, defaults to the pod IP.'
3475 type: string
3476 port:
3477 anyOf:
3478 - type: integer
3479 - type: string
3480 description: |-
3481 Number or name of the port to access on the container.
3482 Number must be in the range 1 to 65535.
3483 Name must be an IANA_SVC_NAME.
3484 x-kubernetes-int-or-string: true
3485 required:
3486 - port
3487 type: object
3488 terminationGracePeriodSeconds:
3489 description: |-
3490 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
3491 The grace period is the duration in seconds after the processes running in the pod are sent
3492 a termination signal and the time when the processes are forcibly halted with a kill signal.
3493 Set this value longer than the expected cleanup time for your process.
3494 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
3495 value overrides the value provided by the pod spec.
3496 Value must be non-negative integer. The value zero indicates stop immediately via
3497 the kill signal (no opportunity to shut down).
3498 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
3499 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3500 format: int64
3501 type: integer
3502 timeoutSeconds:
3503 description: |-
3504 Number of seconds after which the probe times out.
3505 Defaults to 1 second. Minimum value is 1.
3506 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3507 format: int32
3508 type: integer
3509 type: object
3510 name:
3511 description: |-
3512 Name of the ephemeral container specified as a DNS_LABEL.
3513 This name must be unique among all containers, init containers and ephemeral containers.
3514 type: string
3515 ports:
3516 description: Ports are not allowed for ephemeral
3517 containers.
3518 items:
3519 description: ContainerPort represents a network
3520 port in a single container.
3521 properties:
3522 containerPort:
3523 description: |-
3524 Number of port to expose on the pod's IP address.
3525 This must be a valid port number, 0 < x < 65536.
3526 format: int32
3527 type: integer
3528 hostIP:
3529 description: What host IP to bind the
3530 external port to.
3531 type: string
3532 hostPort:
3533 description: |-
3534 Number of port to expose on the host.
3535 If specified, this must be a valid port number, 0 < x < 65536.
3536 If HostNetwork is specified, this must match ContainerPort.
3537 Most containers do not need this.
3538 format: int32
3539 type: integer
3540 name:
3541 description: |-
3542 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
3543 named port in a pod must have a unique name. Name for the port that can be
3544 referred to by services.
3545 type: string
3546 protocol:
3547 default: TCP
3548 description: |-
3549 Protocol for port. Must be UDP, TCP, or SCTP.
3550 Defaults to "TCP".
3551 type: string
3552 required:
3553 - containerPort
3554 type: object
3555 type: array
3556 x-kubernetes-list-map-keys:
3557 - containerPort
3558 - protocol
3559 x-kubernetes-list-type: map
3560 readinessProbe:
3561 description: Probes are not allowed for ephemeral
3562 containers.
3563 properties:
3564 exec:
3565 description: Exec specifies the action to
3566 take.
3567 properties:
3568 command:
3569 description: |-
3570 Command is the command line to execute inside the container, the working directory for the
3571 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3572 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3573 a shell, you need to explicitly call out to that shell.
3574 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3575 items:
3576 type: string
3577 type: array
3578 x-kubernetes-list-type: atomic
3579 type: object
3580 failureThreshold:
3581 description: |-
3582 Minimum consecutive failures for the probe to be considered failed after having succeeded.
3583 Defaults to 3. Minimum value is 1.
3584 format: int32
3585 type: integer
3586 grpc:
3587 description: GRPC specifies an action involving
3588 a GRPC port.
3589 properties:
3590 port:
3591 description: Port number of the gRPC
3592 service. Number must be in the range
3593 1 to 65535.
3594 format: int32
3595 type: integer
3596 service:
3597 description: |-
3598 Service is the name of the service to place in the gRPC HealthCheckRequest
3599 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3600
3601
3602 If this is not specified, the default behavior is defined by gRPC.
3603 type: string
3604 required:
3605 - port
3606 type: object
3607 httpGet:
3608 description: HTTPGet specifies the http
3609 request to perform.
3610 properties:
3611 host:
3612 description: |-
3613 Host name to connect to, defaults to the pod IP. You probably want to set
3614 "Host" in httpHeaders instead.
3615 type: string
3616 httpHeaders:
3617 description: Custom headers to set in
3618 the request. HTTP allows repeated
3619 headers.
3620 items:
3621 description: HTTPHeader describes
3622 a custom header to be used in HTTP
3623 probes
3624 properties:
3625 name:
3626 description: |-
3627 The header field name.
3628 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3629 type: string
3630 value:
3631 description: The header field
3632 value
3633 type: string
3634 required:
3635 - name
3636 - value
3637 type: object
3638 type: array
3639 x-kubernetes-list-type: atomic
3640 path:
3641 description: Path to access on the HTTP
3642 server.
3643 type: string
3644 port:
3645 anyOf:
3646 - type: integer
3647 - type: string
3648 description: |-
3649 Name or number of the port to access on the container.
3650 Number must be in the range 1 to 65535.
3651 Name must be an IANA_SVC_NAME.
3652 x-kubernetes-int-or-string: true
3653 scheme:
3654 description: |-
3655 Scheme to use for connecting to the host.
3656 Defaults to HTTP.
3657 type: string
3658 required:
3659 - port
3660 type: object
3661 initialDelaySeconds:
3662 description: |-
3663 Number of seconds after the container has started before liveness probes are initiated.
3664 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3665 format: int32
3666 type: integer
3667 periodSeconds:
3668 description: |-
3669 How often (in seconds) to perform the probe.
3670 Default to 10 seconds. Minimum value is 1.
3671 format: int32
3672 type: integer
3673 successThreshold:
3674 description: |-
3675 Minimum consecutive successes for the probe to be considered successful after having failed.
3676 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3677 format: int32
3678 type: integer
3679 tcpSocket:
3680 description: TCPSocket specifies an action
3681 involving a TCP port.
3682 properties:
3683 host:
3684 description: 'Optional: Host name to
3685 connect to, defaults to the pod IP.'
3686 type: string
3687 port:
3688 anyOf:
3689 - type: integer
3690 - type: string
3691 description: |-
3692 Number or name of the port to access on the container.
3693 Number must be in the range 1 to 65535.
3694 Name must be an IANA_SVC_NAME.
3695 x-kubernetes-int-or-string: true
3696 required:
3697 - port
3698 type: object
3699 terminationGracePeriodSeconds:
3700 description: |-
3701 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
3702 The grace period is the duration in seconds after the processes running in the pod are sent
3703 a termination signal and the time when the processes are forcibly halted with a kill signal.
3704 Set this value longer than the expected cleanup time for your process.
3705 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
3706 value overrides the value provided by the pod spec.
3707 Value must be non-negative integer. The value zero indicates stop immediately via
3708 the kill signal (no opportunity to shut down).
3709 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
3710 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3711 format: int64
3712 type: integer
3713 timeoutSeconds:
3714 description: |-
3715 Number of seconds after which the probe times out.
3716 Defaults to 1 second. Minimum value is 1.
3717 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3718 format: int32
3719 type: integer
3720 type: object
3721 resizePolicy:
3722 description: Resources resize policy for the
3723 container.
3724 items:
3725 description: ContainerResizePolicy represents
3726 resource resize policy for the container.
3727 properties:
3728 resourceName:
3729 description: |-
3730 Name of the resource to which this resource resize policy applies.
3731 Supported values: cpu, memory.
3732 type: string
3733 restartPolicy:
3734 description: |-
3735 Restart policy to apply when specified resource is resized.
3736 If not specified, it defaults to NotRequired.
3737 type: string
3738 required:
3739 - resourceName
3740 - restartPolicy
3741 type: object
3742 type: array
3743 x-kubernetes-list-type: atomic
3744 resources:
3745 description: |-
3746 Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
3747 already allocated to the pod.
3748 properties:
3749 claims:
3750 description: |-
3751 Claims lists the names of resources, defined in spec.resourceClaims,
3752 that are used by this container.
3753
3754
3755 This is an alpha field and requires enabling the
3756 DynamicResourceAllocation feature gate.
3757
3758
3759 This field is immutable. It can only be set for containers.
3760 items:
3761 description: ResourceClaim references
3762 one entry in PodSpec.ResourceClaims.
3763 properties:
3764 name:
3765 description: |-
3766 Name must match the name of one entry in pod.spec.resourceClaims of
3767 the Pod where this field is used. It makes that resource available
3768 inside a container.
3769 type: string
3770 required:
3771 - name
3772 type: object
3773 type: array
3774 x-kubernetes-list-map-keys:
3775 - name
3776 x-kubernetes-list-type: map
3777 limits:
3778 additionalProperties:
3779 anyOf:
3780 - type: integer
3781 - type: string
3782 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3783 x-kubernetes-int-or-string: true
3784 description: |-
3785 Limits describes the maximum amount of compute resources allowed.
3786 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
3787 type: object
3788 requests:
3789 additionalProperties:
3790 anyOf:
3791 - type: integer
3792 - type: string
3793 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3794 x-kubernetes-int-or-string: true
3795 description: |-
3796 Requests describes the minimum amount of compute resources required.
3797 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
3798 otherwise to an implementation-defined value. Requests cannot exceed Limits.
3799 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
3800 type: object
3801 type: object
3802 restartPolicy:
3803 description: |-
3804 Restart policy for the container to manage the restart behavior of each
3805 container within a pod.
3806 This may only be set for init containers. You cannot set this field on
3807 ephemeral containers.
3808 type: string
3809 securityContext:
3810 description: |-
3811 Optional: SecurityContext defines the security options the ephemeral container should be run with.
3812 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
3813 properties:
3814 allowPrivilegeEscalation:
3815 description: |-
3816 AllowPrivilegeEscalation controls whether a process can gain more
3817 privileges than its parent process. This bool directly controls if
3818 the no_new_privs flag will be set on the container process.
3819 AllowPrivilegeEscalation is true always when the container is:
3820 1) run as Privileged
3821 2) has CAP_SYS_ADMIN
3822 Note that this field cannot be set when spec.os.name is windows.
3823 type: boolean
3824 appArmorProfile:
3825 description: |-
3826 appArmorProfile is the AppArmor options to use by this container. If set, this profile
3827 overrides the pod's appArmorProfile.
3828 Note that this field cannot be set when spec.os.name is windows.
3829 properties:
3830 localhostProfile:
3831 description: |-
3832 localhostProfile indicates a profile loaded on the node that should be used.
3833 The profile must be preconfigured on the node to work.
3834 Must match the loaded name of the profile.
3835 Must be set if and only if type is "Localhost".
3836 type: string
3837 type:
3838 description: |-
3839 type indicates which kind of AppArmor profile will be applied.
3840 Valid options are:
3841 Localhost - a profile pre-loaded on the node.
3842 RuntimeDefault - the container runtime's default profile.
3843 Unconfined - no AppArmor enforcement.
3844 type: string
3845 required:
3846 - type
3847 type: object
3848 capabilities:
3849 description: |-
3850 The capabilities to add/drop when running containers.
3851 Defaults to the default set of capabilities granted by the container runtime.
3852 Note that this field cannot be set when spec.os.name is windows.
3853 properties:
3854 add:
3855 description: Added capabilities
3856 items:
3857 description: Capability represent
3858 POSIX capabilities type
3859 type: string
3860 type: array
3861 x-kubernetes-list-type: atomic
3862 drop:
3863 description: Removed capabilities
3864 items:
3865 description: Capability represent
3866 POSIX capabilities type
3867 type: string
3868 type: array
3869 x-kubernetes-list-type: atomic
3870 type: object
3871 privileged:
3872 description: |-
3873 Run container in privileged mode.
3874 Processes in privileged containers are essentially equivalent to root on the host.
3875 Defaults to false.
3876 Note that this field cannot be set when spec.os.name is windows.
3877 type: boolean
3878 procMount:
3879 description: |-
3880 procMount denotes the type of proc mount to use for the containers.
3881 The default is DefaultProcMount which uses the container runtime defaults for
3882 readonly paths and masked paths.
3883 This requires the ProcMountType feature flag to be enabled.
3884 Note that this field cannot be set when spec.os.name is windows.
3885 type: string
3886 readOnlyRootFilesystem:
3887 description: |-
3888 Whether this container has a read-only root filesystem.
3889 Default is false.
3890 Note that this field cannot be set when spec.os.name is windows.
3891 type: boolean
3892 runAsGroup:
3893 description: |-
3894 The GID to run the entrypoint of the container process.
3895 Uses runtime default if unset.
3896 May also be set in PodSecurityContext. If set in both SecurityContext and
3897 PodSecurityContext, the value specified in SecurityContext takes precedence.
3898 Note that this field cannot be set when spec.os.name is windows.
3899 format: int64
3900 type: integer
3901 runAsNonRoot:
3902 description: |-
3903 Indicates that the container must run as a non-root user.
3904 If true, the Kubelet will validate the image at runtime to ensure that it
3905 does not run as UID 0 (root) and fail to start the container if it does.
3906 If unset or false, no such validation will be performed.
3907 May also be set in PodSecurityContext. If set in both SecurityContext and
3908 PodSecurityContext, the value specified in SecurityContext takes precedence.
3909 type: boolean
3910 runAsUser:
3911 description: |-
3912 The UID to run the entrypoint of the container process.
3913 Defaults to user specified in image metadata if unspecified.
3914 May also be set in PodSecurityContext. If set in both SecurityContext and
3915 PodSecurityContext, the value specified in SecurityContext takes precedence.
3916 Note that this field cannot be set when spec.os.name is windows.
3917 format: int64
3918 type: integer
3919 seLinuxOptions:
3920 description: |-
3921 The SELinux context to be applied to the container.
3922 If unspecified, the container runtime will allocate a random SELinux context for each
3923 container. May also be set in PodSecurityContext. If set in both SecurityContext and
3924 PodSecurityContext, the value specified in SecurityContext takes precedence.
3925 Note that this field cannot be set when spec.os.name is windows.
3926 properties:
3927 level:
3928 description: Level is SELinux level
3929 label that applies to the container.
3930 type: string
3931 role:
3932 description: Role is a SELinux role
3933 label that applies to the container.
3934 type: string
3935 type:
3936 description: Type is a SELinux type
3937 label that applies to the container.
3938 type: string
3939 user:
3940 description: User is a SELinux user
3941 label that applies to the container.
3942 type: string
3943 type: object
3944 seccompProfile:
3945 description: |-
3946 The seccomp options to use by this container. If seccomp options are
3947 provided at both the pod & container level, the container options
3948 override the pod options.
3949 Note that this field cannot be set when spec.os.name is windows.
3950 properties:
3951 localhostProfile:
3952 description: |-
3953 localhostProfile indicates a profile defined in a file on the node should be used.
3954 The profile must be preconfigured on the node to work.
3955 Must be a descending path, relative to the kubelet's configured seccomp profile location.
3956 Must be set if type is "Localhost". Must NOT be set for any other type.
3957 type: string
3958 type:
3959 description: |-
3960 type indicates which kind of seccomp profile will be applied.
3961 Valid options are:
3962
3963
3964 Localhost - a profile defined in a file on the node should be used.
3965 RuntimeDefault - the container runtime default profile should be used.
3966 Unconfined - no profile should be applied.
3967 type: string
3968 required:
3969 - type
3970 type: object
3971 windowsOptions:
3972 description: |-
3973 The Windows specific settings applied to all containers.
3974 If unspecified, the options from the PodSecurityContext will be used.
3975 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
3976 Note that this field cannot be set when spec.os.name is linux.
3977 properties:
3978 gmsaCredentialSpec:
3979 description: |-
3980 GMSACredentialSpec is where the GMSA admission webhook
3981 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
3982 GMSA credential spec named by the GMSACredentialSpecName field.
3983 type: string
3984 gmsaCredentialSpecName:
3985 description: GMSACredentialSpecName
3986 is the name of the GMSA credential
3987 spec to use.
3988 type: string
3989 hostProcess:
3990 description: |-
3991 HostProcess determines if a container should be run as a 'Host Process' container.
3992 All of a Pod's containers must have the same effective HostProcess value
3993 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
3994 In addition, if HostProcess is true then HostNetwork must also be set to true.
3995 type: boolean
3996 runAsUserName:
3997 description: |-
3998 The UserName in Windows to run the entrypoint of the container process.
3999 Defaults to the user specified in image metadata if unspecified.
4000 May also be set in PodSecurityContext. If set in both SecurityContext and
4001 PodSecurityContext, the value specified in SecurityContext takes precedence.
4002 type: string
4003 type: object
4004 type: object
4005 startupProbe:
4006 description: Probes are not allowed for ephemeral
4007 containers.
4008 properties:
4009 exec:
4010 description: Exec specifies the action to
4011 take.
4012 properties:
4013 command:
4014 description: |-
4015 Command is the command line to execute inside the container, the working directory for the
4016 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
4017 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
4018 a shell, you need to explicitly call out to that shell.
4019 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4020 items:
4021 type: string
4022 type: array
4023 x-kubernetes-list-type: atomic
4024 type: object
4025 failureThreshold:
4026 description: |-
4027 Minimum consecutive failures for the probe to be considered failed after having succeeded.
4028 Defaults to 3. Minimum value is 1.
4029 format: int32
4030 type: integer
4031 grpc:
4032 description: GRPC specifies an action involving
4033 a GRPC port.
4034 properties:
4035 port:
4036 description: Port number of the gRPC
4037 service. Number must be in the range
4038 1 to 65535.
4039 format: int32
4040 type: integer
4041 service:
4042 description: |-
4043 Service is the name of the service to place in the gRPC HealthCheckRequest
4044 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
4045
4046
4047 If this is not specified, the default behavior is defined by gRPC.
4048 type: string
4049 required:
4050 - port
4051 type: object
4052 httpGet:
4053 description: HTTPGet specifies the http
4054 request to perform.
4055 properties:
4056 host:
4057 description: |-
4058 Host name to connect to, defaults to the pod IP. You probably want to set
4059 "Host" in httpHeaders instead.
4060 type: string
4061 httpHeaders:
4062 description: Custom headers to set in
4063 the request. HTTP allows repeated
4064 headers.
4065 items:
4066 description: HTTPHeader describes
4067 a custom header to be used in HTTP
4068 probes
4069 properties:
4070 name:
4071 description: |-
4072 The header field name.
4073 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4074 type: string
4075 value:
4076 description: The header field
4077 value
4078 type: string
4079 required:
4080 - name
4081 - value
4082 type: object
4083 type: array
4084 x-kubernetes-list-type: atomic
4085 path:
4086 description: Path to access on the HTTP
4087 server.
4088 type: string
4089 port:
4090 anyOf:
4091 - type: integer
4092 - type: string
4093 description: |-
4094 Name or number of the port to access on the container.
4095 Number must be in the range 1 to 65535.
4096 Name must be an IANA_SVC_NAME.
4097 x-kubernetes-int-or-string: true
4098 scheme:
4099 description: |-
4100 Scheme to use for connecting to the host.
4101 Defaults to HTTP.
4102 type: string
4103 required:
4104 - port
4105 type: object
4106 initialDelaySeconds:
4107 description: |-
4108 Number of seconds after the container has started before liveness probes are initiated.
4109 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4110 format: int32
4111 type: integer
4112 periodSeconds:
4113 description: |-
4114 How often (in seconds) to perform the probe.
4115 Default to 10 seconds. Minimum value is 1.
4116 format: int32
4117 type: integer
4118 successThreshold:
4119 description: |-
4120 Minimum consecutive successes for the probe to be considered successful after having failed.
4121 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4122 format: int32
4123 type: integer
4124 tcpSocket:
4125 description: TCPSocket specifies an action
4126 involving a TCP port.
4127 properties:
4128 host:
4129 description: 'Optional: Host name to
4130 connect to, defaults to the pod IP.'
4131 type: string
4132 port:
4133 anyOf:
4134 - type: integer
4135 - type: string
4136 description: |-
4137 Number or name of the port to access on the container.
4138 Number must be in the range 1 to 65535.
4139 Name must be an IANA_SVC_NAME.
4140 x-kubernetes-int-or-string: true
4141 required:
4142 - port
4143 type: object
4144 terminationGracePeriodSeconds:
4145 description: |-
4146 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
4147 The grace period is the duration in seconds after the processes running in the pod are sent
4148 a termination signal and the time when the processes are forcibly halted with a kill signal.
4149 Set this value longer than the expected cleanup time for your process.
4150 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
4151 value overrides the value provided by the pod spec.
4152 Value must be non-negative integer. The value zero indicates stop immediately via
4153 the kill signal (no opportunity to shut down).
4154 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
4155 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4156 format: int64
4157 type: integer
4158 timeoutSeconds:
4159 description: |-
4160 Number of seconds after which the probe times out.
4161 Defaults to 1 second. Minimum value is 1.
4162 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4163 format: int32
4164 type: integer
4165 type: object
4166 stdin:
4167 description: |-
4168 Whether this container should allocate a buffer for stdin in the container runtime. If this
4169 is not set, reads from stdin in the container will always result in EOF.
4170 Default is false.
4171 type: boolean
4172 stdinOnce:
4173 description: |-
4174 Whether the container runtime should close the stdin channel after it has been opened by
4175 a single attach. When stdin is true the stdin stream will remain open across multiple attach
4176 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
4177 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
4178 at which time stdin is closed and remains closed until the container is restarted. If this
4179 flag is false, a container processes that reads from stdin will never receive an EOF.
4180 Default is false
4181 type: boolean
4182 targetContainerName:
4183 description: |-
4184 If set, the name of the container from PodSpec that this ephemeral container targets.
4185 The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.
4186 If not set then the ephemeral container uses the namespaces configured in the Pod spec.
4187
4188
4189 The container runtime must implement support for this feature. If the runtime does not
4190 support namespace targeting then the result of setting this field is undefined.
4191 type: string
4192 terminationMessagePath:
4193 description: |-
4194 Optional: Path at which the file to which the container's termination message
4195 will be written is mounted into the container's filesystem.
4196 Message written is intended to be brief final status, such as an assertion failure message.
4197 Will be truncated by the node if greater than 4096 bytes. The total message length across
4198 all containers will be limited to 12kb.
4199 Defaults to /dev/termination-log.
4200 Cannot be updated.
4201 type: string
4202 terminationMessagePolicy:
4203 description: |-
4204 Indicate how the termination message should be populated. File will use the contents of
4205 terminationMessagePath to populate the container status message on both success and failure.
4206 FallbackToLogsOnError will use the last chunk of container log output if the termination
4207 message file is empty and the container exited with an error.
4208 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
4209 Defaults to File.
4210 Cannot be updated.
4211 type: string
4212 tty:
4213 description: |-
4214 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
4215 Default is false.
4216 type: boolean
4217 volumeDevices:
4218 description: volumeDevices is the list of block
4219 devices to be used by the container.
4220 items:
4221 description: volumeDevice describes a mapping
4222 of a raw block device within a container.
4223 properties:
4224 devicePath:
4225 description: devicePath is the path inside
4226 of the container that the device will
4227 be mapped to.
4228 type: string
4229 name:
4230 description: name must match the name
4231 of a persistentVolumeClaim in the pod
4232 type: string
4233 required:
4234 - devicePath
4235 - name
4236 type: object
4237 type: array
4238 x-kubernetes-list-map-keys:
4239 - devicePath
4240 x-kubernetes-list-type: map
4241 volumeMounts:
4242 description: |-
4243 Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.
4244 Cannot be updated.
4245 items:
4246 description: VolumeMount describes a mounting
4247 of a Volume within a container.
4248 properties:
4249 mountPath:
4250 description: |-
4251 Path within the container at which the volume should be mounted. Must
4252 not contain ':'.
4253 type: string
4254 mountPropagation:
4255 description: |-
4256 mountPropagation determines how mounts are propagated from the host
4257 to container and the other way around.
4258 When not set, MountPropagationNone is used.
4259 This field is beta in 1.10.
4260 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
4261 (which defaults to None).
4262 type: string
4263 name:
4264 description: This must match the Name
4265 of a Volume.
4266 type: string
4267 readOnly:
4268 description: |-
4269 Mounted read-only if true, read-write otherwise (false or unspecified).
4270 Defaults to false.
4271 type: boolean
4272 recursiveReadOnly:
4273 description: |-
4274 RecursiveReadOnly specifies whether read-only mounts should be handled
4275 recursively.
4276
4277
4278 If ReadOnly is false, this field has no meaning and must be unspecified.
4279
4280
4281 If ReadOnly is true, and this field is set to Disabled, the mount is not made
4282 recursively read-only. If this field is set to IfPossible, the mount is made
4283 recursively read-only, if it is supported by the container runtime. If this
4284 field is set to Enabled, the mount is made recursively read-only if it is
4285 supported by the container runtime, otherwise the pod will not be started and
4286 an error will be generated to indicate the reason.
4287
4288
4289 If this field is set to IfPossible or Enabled, MountPropagation must be set to
4290 None (or be unspecified, which defaults to None).
4291
4292
4293 If this field is not specified, it is treated as an equivalent of Disabled.
4294 type: string
4295 subPath:
4296 description: |-
4297 Path within the volume from which the container's volume should be mounted.
4298 Defaults to "" (volume's root).
4299 type: string
4300 subPathExpr:
4301 description: |-
4302 Expanded path within the volume from which the container's volume should be mounted.
4303 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
4304 Defaults to "" (volume's root).
4305 SubPathExpr and SubPath are mutually exclusive.
4306 type: string
4307 required:
4308 - mountPath
4309 - name
4310 type: object
4311 type: array
4312 x-kubernetes-list-map-keys:
4313 - mountPath
4314 x-kubernetes-list-type: map
4315 workingDir:
4316 description: |-
4317 Container's working directory.
4318 If not specified, the container runtime's default will be used, which
4319 might be configured in the container image.
4320 Cannot be updated.
4321 type: string
4322 required:
4323 - name
4324 type: object
4325 type: array
4326 x-kubernetes-list-map-keys:
4327 - name
4328 x-kubernetes-list-type: map
4329 hostAliases:
4330 description: |-
4331 HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
4332 file if specified.
4333 items:
4334 description: |-
4335 HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the
4336 pod's hosts file.
4337 properties:
4338 hostnames:
4339 description: Hostnames for the above IP address.
4340 items:
4341 type: string
4342 type: array
4343 x-kubernetes-list-type: atomic
4344 ip:
4345 description: IP address of the host file entry.
4346 type: string
4347 required:
4348 - ip
4349 type: object
4350 type: array
4351 x-kubernetes-list-map-keys:
4352 - ip
4353 x-kubernetes-list-type: map
4354 hostIPC:
4355 description: |-
4356 Use the host's ipc namespace.
4357 Optional: Default to false.
4358 type: boolean
4359 hostNetwork:
4360 description: |-
4361 Host networking requested for this pod. Use the host's network namespace.
4362 If this option is set, the ports that will be used must be specified.
4363 Default to false.
4364 type: boolean
4365 hostPID:
4366 description: |-
4367 Use the host's pid namespace.
4368 Optional: Default to false.
4369 type: boolean
4370 hostUsers:
4371 description: |-
4372 Use the host's user namespace.
4373 Optional: Default to true.
4374 If set to true or not present, the pod will be run in the host user namespace, useful
4375 for when the pod needs a feature only available to the host user namespace, such as
4376 loading a kernel module with CAP_SYS_MODULE.
4377 When set to false, a new userns is created for the pod. Setting false is useful for
4378 mitigating container breakout vulnerabilities even allowing users to run their
4379 containers as root without actually having root privileges on the host.
4380 This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.
4381 type: boolean
4382 hostname:
4383 description: |-
4384 Specifies the hostname of the Pod
4385 If not specified, the pod's hostname will be set to a system-defined value.
4386 type: string
4387 imagePullSecrets:
4388 description: |-
4389 ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
4390 If specified, these secrets will be passed to individual puller implementations for them to use.
4391 More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
4392 items:
4393 description: |-
4394 LocalObjectReference contains enough information to let you locate the
4395 referenced object inside the same namespace.
4396 properties:
4397 name:
4398 default: ""
4399 description: |-
4400 Name of the referent.
4401 This field is effectively required, but due to backwards compatibility is
4402 allowed to be empty. Instances of this type with an empty value here are
4403 almost certainly wrong.
4404 TODO: Add other useful fields. apiVersion, kind, uid?
4405 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4406 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4407 type: string
4408 type: object
4409 x-kubernetes-map-type: atomic
4410 type: array
4411 x-kubernetes-list-map-keys:
4412 - name
4413 x-kubernetes-list-type: map
4414 initContainers:
4415 description: |-
4416 List of initialization containers belonging to the pod.
4417 Init containers are executed in order prior to containers being started. If any
4418 init container fails, the pod is considered to have failed and is handled according
4419 to its restartPolicy. The name for an init container or normal container must be
4420 unique among all containers.
4421 Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
4422 The resourceRequirements of an init container are taken into account during scheduling
4423 by finding the highest request/limit for each resource type, and then using the max of
4424 of that value or the sum of the normal containers. Limits are applied to init containers
4425 in a similar fashion.
4426 Init containers cannot currently be added or removed.
4427 Cannot be updated.
4428 More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
4429 items:
4430 description: A single application container that
4431 you want to run within a pod.
4432 properties:
4433 args:
4434 description: |-
4435 Arguments to the entrypoint.
4436 The container image's CMD is used if this is not provided.
4437 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
4438 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
4439 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
4440 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
4441 of whether the variable exists or not. Cannot be updated.
4442 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
4443 items:
4444 type: string
4445 type: array
4446 x-kubernetes-list-type: atomic
4447 command:
4448 description: |-
4449 Entrypoint array. Not executed within a shell.
4450 The container image's ENTRYPOINT is used if this is not provided.
4451 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
4452 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
4453 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
4454 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
4455 of whether the variable exists or not. Cannot be updated.
4456 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
4457 items:
4458 type: string
4459 type: array
4460 x-kubernetes-list-type: atomic
4461 env:
4462 description: |-
4463 List of environment variables to set in the container.
4464 Cannot be updated.
4465 items:
4466 description: EnvVar represents an environment
4467 variable present in a Container.
4468 properties:
4469 name:
4470 description: Name of the environment variable.
4471 Must be a C_IDENTIFIER.
4472 type: string
4473 value:
4474 description: |-
4475 Variable references $(VAR_NAME) are expanded
4476 using the previously defined environment variables in the container and
4477 any service environment variables. If a variable cannot be resolved,
4478 the reference in the input string will be unchanged. Double $$ are reduced
4479 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
4480 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
4481 Escaped references will never be expanded, regardless of whether the variable
4482 exists or not.
4483 Defaults to "".
4484 type: string
4485 valueFrom:
4486 description: Source for the environment
4487 variable's value. Cannot be used if
4488 value is not empty.
4489 properties:
4490 configMapKeyRef:
4491 description: Selects a key of a ConfigMap.
4492 properties:
4493 key:
4494 description: The key to select.
4495 type: string
4496 name:
4497 default: ""
4498 description: |-
4499 Name of the referent.
4500 This field is effectively required, but due to backwards compatibility is
4501 allowed to be empty. Instances of this type with an empty value here are
4502 almost certainly wrong.
4503 TODO: Add other useful fields. apiVersion, kind, uid?
4504 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4505 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4506 type: string
4507 optional:
4508 description: Specify whether the
4509 ConfigMap or its key must be
4510 defined
4511 type: boolean
4512 required:
4513 - key
4514 type: object
4515 x-kubernetes-map-type: atomic
4516 fieldRef:
4517 description: |-
4518 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
4519 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
4520 properties:
4521 apiVersion:
4522 description: Version of the schema
4523 the FieldPath is written in
4524 terms of, defaults to "v1".
4525 type: string
4526 fieldPath:
4527 description: Path of the field
4528 to select in the specified API
4529 version.
4530 type: string
4531 required:
4532 - fieldPath
4533 type: object
4534 x-kubernetes-map-type: atomic
4535 resourceFieldRef:
4536 description: |-
4537 Selects a resource of the container: only resources limits and requests
4538 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
4539 properties:
4540 containerName:
4541 description: 'Container name:
4542 required for volumes, optional
4543 for env vars'
4544 type: string
4545 divisor:
4546 anyOf:
4547 - type: integer
4548 - type: string
4549 description: Specifies the output
4550 format of the exposed resources,
4551 defaults to "1"
4552 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4553 x-kubernetes-int-or-string: true
4554 resource:
4555 description: 'Required: resource
4556 to select'
4557 type: string
4558 required:
4559 - resource
4560 type: object
4561 x-kubernetes-map-type: atomic
4562 secretKeyRef:
4563 description: Selects a key of a secret
4564 in the pod's namespace
4565 properties:
4566 key:
4567 description: The key of the secret
4568 to select from. Must be a valid
4569 secret key.
4570 type: string
4571 name:
4572 default: ""
4573 description: |-
4574 Name of the referent.
4575 This field is effectively required, but due to backwards compatibility is
4576 allowed to be empty. Instances of this type with an empty value here are
4577 almost certainly wrong.
4578 TODO: Add other useful fields. apiVersion, kind, uid?
4579 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4580 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4581 type: string
4582 optional:
4583 description: Specify whether the
4584 Secret or its key must be defined
4585 type: boolean
4586 required:
4587 - key
4588 type: object
4589 x-kubernetes-map-type: atomic
4590 type: object
4591 required:
4592 - name
4593 type: object
4594 type: array
4595 x-kubernetes-list-map-keys:
4596 - name
4597 x-kubernetes-list-type: map
4598 envFrom:
4599 description: |-
4600 List of sources to populate environment variables in the container.
4601 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
4602 will be reported as an event when the container is starting. When a key exists in multiple
4603 sources, the value associated with the last source will take precedence.
4604 Values defined by an Env with a duplicate key will take precedence.
4605 Cannot be updated.
4606 items:
4607 description: EnvFromSource represents the
4608 source of a set of ConfigMaps
4609 properties:
4610 configMapRef:
4611 description: The ConfigMap to select from
4612 properties:
4613 name:
4614 default: ""
4615 description: |-
4616 Name of the referent.
4617 This field is effectively required, but due to backwards compatibility is
4618 allowed to be empty. Instances of this type with an empty value here are
4619 almost certainly wrong.
4620 TODO: Add other useful fields. apiVersion, kind, uid?
4621 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4622 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4623 type: string
4624 optional:
4625 description: Specify whether the ConfigMap
4626 must be defined
4627 type: boolean
4628 type: object
4629 x-kubernetes-map-type: atomic
4630 prefix:
4631 description: An optional identifier to
4632 prepend to each key in the ConfigMap.
4633 Must be a C_IDENTIFIER.
4634 type: string
4635 secretRef:
4636 description: The Secret to select from
4637 properties:
4638 name:
4639 default: ""
4640 description: |-
4641 Name of the referent.
4642 This field is effectively required, but due to backwards compatibility is
4643 allowed to be empty. Instances of this type with an empty value here are
4644 almost certainly wrong.
4645 TODO: Add other useful fields. apiVersion, kind, uid?
4646 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4647 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4648 type: string
4649 optional:
4650 description: Specify whether the Secret
4651 must be defined
4652 type: boolean
4653 type: object
4654 x-kubernetes-map-type: atomic
4655 type: object
4656 type: array
4657 x-kubernetes-list-type: atomic
4658 image:
4659 description: |-
4660 Container image name.
4661 More info: https://kubernetes.io/docs/concepts/containers/images
4662 This field is optional to allow higher level config management to default or override
4663 container images in workload controllers like Deployments and StatefulSets.
4664 type: string
4665 imagePullPolicy:
4666 description: |-
4667 Image pull policy.
4668 One of Always, Never, IfNotPresent.
4669 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
4670 Cannot be updated.
4671 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
4672 type: string
4673 lifecycle:
4674 description: |-
4675 Actions that the management system should take in response to container lifecycle events.
4676 Cannot be updated.
4677 properties:
4678 postStart:
4679 description: |-
4680 PostStart is called immediately after a container is created. If the handler fails,
4681 the container is terminated and restarted according to its restart policy.
4682 Other management of the container blocks until the hook completes.
4683 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
4684 properties:
4685 exec:
4686 description: Exec specifies the action
4687 to take.
4688 properties:
4689 command:
4690 description: |-
4691 Command is the command line to execute inside the container, the working directory for the
4692 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
4693 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
4694 a shell, you need to explicitly call out to that shell.
4695 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4696 items:
4697 type: string
4698 type: array
4699 x-kubernetes-list-type: atomic
4700 type: object
4701 httpGet:
4702 description: HTTPGet specifies the http
4703 request to perform.
4704 properties:
4705 host:
4706 description: |-
4707 Host name to connect to, defaults to the pod IP. You probably want to set
4708 "Host" in httpHeaders instead.
4709 type: string
4710 httpHeaders:
4711 description: Custom headers to set
4712 in the request. HTTP allows repeated
4713 headers.
4714 items:
4715 description: HTTPHeader describes
4716 a custom header to be used in
4717 HTTP probes
4718 properties:
4719 name:
4720 description: |-
4721 The header field name.
4722 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4723 type: string
4724 value:
4725 description: The header field
4726 value
4727 type: string
4728 required:
4729 - name
4730 - value
4731 type: object
4732 type: array
4733 x-kubernetes-list-type: atomic
4734 path:
4735 description: Path to access on the
4736 HTTP server.
4737 type: string
4738 port:
4739 anyOf:
4740 - type: integer
4741 - type: string
4742 description: |-
4743 Name or number of the port to access on the container.
4744 Number must be in the range 1 to 65535.
4745 Name must be an IANA_SVC_NAME.
4746 x-kubernetes-int-or-string: true
4747 scheme:
4748 description: |-
4749 Scheme to use for connecting to the host.
4750 Defaults to HTTP.
4751 type: string
4752 required:
4753 - port
4754 type: object
4755 sleep:
4756 description: Sleep represents the duration
4757 that the container should sleep before
4758 being terminated.
4759 properties:
4760 seconds:
4761 description: Seconds is the number
4762 of seconds to sleep.
4763 format: int64
4764 type: integer
4765 required:
4766 - seconds
4767 type: object
4768 tcpSocket:
4769 description: |-
4770 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
4771 for the backward compatibility. There are no validation of this field and
4772 lifecycle hooks will fail in runtime when tcp handler is specified.
4773 properties:
4774 host:
4775 description: 'Optional: Host name
4776 to connect to, defaults to the
4777 pod IP.'
4778 type: string
4779 port:
4780 anyOf:
4781 - type: integer
4782 - type: string
4783 description: |-
4784 Number or name of the port to access on the container.
4785 Number must be in the range 1 to 65535.
4786 Name must be an IANA_SVC_NAME.
4787 x-kubernetes-int-or-string: true
4788 required:
4789 - port
4790 type: object
4791 type: object
4792 preStop:
4793 description: |-
4794 PreStop is called immediately before a container is terminated due to an
4795 API request or management event such as liveness/startup probe failure,
4796 preemption, resource contention, etc. The handler is not called if the
4797 container crashes or exits. The Pod's termination grace period countdown begins before the
4798 PreStop hook is executed. Regardless of the outcome of the handler, the
4799 container will eventually terminate within the Pod's termination grace
4800 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
4801 or until the termination grace period is reached.
4802 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
4803 properties:
4804 exec:
4805 description: Exec specifies the action
4806 to take.
4807 properties:
4808 command:
4809 description: |-
4810 Command is the command line to execute inside the container, the working directory for the
4811 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
4812 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
4813 a shell, you need to explicitly call out to that shell.
4814 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4815 items:
4816 type: string
4817 type: array
4818 x-kubernetes-list-type: atomic
4819 type: object
4820 httpGet:
4821 description: HTTPGet specifies the http
4822 request to perform.
4823 properties:
4824 host:
4825 description: |-
4826 Host name to connect to, defaults to the pod IP. You probably want to set
4827 "Host" in httpHeaders instead.
4828 type: string
4829 httpHeaders:
4830 description: Custom headers to set
4831 in the request. HTTP allows repeated
4832 headers.
4833 items:
4834 description: HTTPHeader describes
4835 a custom header to be used in
4836 HTTP probes
4837 properties:
4838 name:
4839 description: |-
4840 The header field name.
4841 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4842 type: string
4843 value:
4844 description: The header field
4845 value
4846 type: string
4847 required:
4848 - name
4849 - value
4850 type: object
4851 type: array
4852 x-kubernetes-list-type: atomic
4853 path:
4854 description: Path to access on the
4855 HTTP server.
4856 type: string
4857 port:
4858 anyOf:
4859 - type: integer
4860 - type: string
4861 description: |-
4862 Name or number of the port to access on the container.
4863 Number must be in the range 1 to 65535.
4864 Name must be an IANA_SVC_NAME.
4865 x-kubernetes-int-or-string: true
4866 scheme:
4867 description: |-
4868 Scheme to use for connecting to the host.
4869 Defaults to HTTP.
4870 type: string
4871 required:
4872 - port
4873 type: object
4874 sleep:
4875 description: Sleep represents the duration
4876 that the container should sleep before
4877 being terminated.
4878 properties:
4879 seconds:
4880 description: Seconds is the number
4881 of seconds to sleep.
4882 format: int64
4883 type: integer
4884 required:
4885 - seconds
4886 type: object
4887 tcpSocket:
4888 description: |-
4889 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
4890 for the backward compatibility. There are no validation of this field and
4891 lifecycle hooks will fail in runtime when tcp handler is specified.
4892 properties:
4893 host:
4894 description: 'Optional: Host name
4895 to connect to, defaults to the
4896 pod IP.'
4897 type: string
4898 port:
4899 anyOf:
4900 - type: integer
4901 - type: string
4902 description: |-
4903 Number or name of the port to access on the container.
4904 Number must be in the range 1 to 65535.
4905 Name must be an IANA_SVC_NAME.
4906 x-kubernetes-int-or-string: true
4907 required:
4908 - port
4909 type: object
4910 type: object
4911 type: object
4912 livenessProbe:
4913 description: |-
4914 Periodic probe of container liveness.
4915 Container will be restarted if the probe fails.
4916 Cannot be updated.
4917 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4918 properties:
4919 exec:
4920 description: Exec specifies the action to
4921 take.
4922 properties:
4923 command:
4924 description: |-
4925 Command is the command line to execute inside the container, the working directory for the
4926 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
4927 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
4928 a shell, you need to explicitly call out to that shell.
4929 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4930 items:
4931 type: string
4932 type: array
4933 x-kubernetes-list-type: atomic
4934 type: object
4935 failureThreshold:
4936 description: |-
4937 Minimum consecutive failures for the probe to be considered failed after having succeeded.
4938 Defaults to 3. Minimum value is 1.
4939 format: int32
4940 type: integer
4941 grpc:
4942 description: GRPC specifies an action involving
4943 a GRPC port.
4944 properties:
4945 port:
4946 description: Port number of the gRPC
4947 service. Number must be in the range
4948 1 to 65535.
4949 format: int32
4950 type: integer
4951 service:
4952 description: |-
4953 Service is the name of the service to place in the gRPC HealthCheckRequest
4954 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
4955
4956
4957 If this is not specified, the default behavior is defined by gRPC.
4958 type: string
4959 required:
4960 - port
4961 type: object
4962 httpGet:
4963 description: HTTPGet specifies the http
4964 request to perform.
4965 properties:
4966 host:
4967 description: |-
4968 Host name to connect to, defaults to the pod IP. You probably want to set
4969 "Host" in httpHeaders instead.
4970 type: string
4971 httpHeaders:
4972 description: Custom headers to set in
4973 the request. HTTP allows repeated
4974 headers.
4975 items:
4976 description: HTTPHeader describes
4977 a custom header to be used in HTTP
4978 probes
4979 properties:
4980 name:
4981 description: |-
4982 The header field name.
4983 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4984 type: string
4985 value:
4986 description: The header field
4987 value
4988 type: string
4989 required:
4990 - name
4991 - value
4992 type: object
4993 type: array
4994 x-kubernetes-list-type: atomic
4995 path:
4996 description: Path to access on the HTTP
4997 server.
4998 type: string
4999 port:
5000 anyOf:
5001 - type: integer
5002 - type: string
5003 description: |-
5004 Name or number of the port to access on the container.
5005 Number must be in the range 1 to 65535.
5006 Name must be an IANA_SVC_NAME.
5007 x-kubernetes-int-or-string: true
5008 scheme:
5009 description: |-
5010 Scheme to use for connecting to the host.
5011 Defaults to HTTP.
5012 type: string
5013 required:
5014 - port
5015 type: object
5016 initialDelaySeconds:
5017 description: |-
5018 Number of seconds after the container has started before liveness probes are initiated.
5019 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5020 format: int32
5021 type: integer
5022 periodSeconds:
5023 description: |-
5024 How often (in seconds) to perform the probe.
5025 Default to 10 seconds. Minimum value is 1.
5026 format: int32
5027 type: integer
5028 successThreshold:
5029 description: |-
5030 Minimum consecutive successes for the probe to be considered successful after having failed.
5031 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
5032 format: int32
5033 type: integer
5034 tcpSocket:
5035 description: TCPSocket specifies an action
5036 involving a TCP port.
5037 properties:
5038 host:
5039 description: 'Optional: Host name to
5040 connect to, defaults to the pod IP.'
5041 type: string
5042 port:
5043 anyOf:
5044 - type: integer
5045 - type: string
5046 description: |-
5047 Number or name of the port to access on the container.
5048 Number must be in the range 1 to 65535.
5049 Name must be an IANA_SVC_NAME.
5050 x-kubernetes-int-or-string: true
5051 required:
5052 - port
5053 type: object
5054 terminationGracePeriodSeconds:
5055 description: |-
5056 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
5057 The grace period is the duration in seconds after the processes running in the pod are sent
5058 a termination signal and the time when the processes are forcibly halted with a kill signal.
5059 Set this value longer than the expected cleanup time for your process.
5060 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
5061 value overrides the value provided by the pod spec.
5062 Value must be non-negative integer. The value zero indicates stop immediately via
5063 the kill signal (no opportunity to shut down).
5064 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
5065 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
5066 format: int64
5067 type: integer
5068 timeoutSeconds:
5069 description: |-
5070 Number of seconds after which the probe times out.
5071 Defaults to 1 second. Minimum value is 1.
5072 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5073 format: int32
5074 type: integer
5075 type: object
5076 name:
5077 description: |-
5078 Name of the container specified as a DNS_LABEL.
5079 Each container in a pod must have a unique name (DNS_LABEL).
5080 Cannot be updated.
5081 type: string
5082 ports:
5083 description: |-
5084 List of ports to expose from the container. Not specifying a port here
5085 DOES NOT prevent that port from being exposed. Any port which is
5086 listening on the default "0.0.0.0" address inside a container will be
5087 accessible from the network.
5088 Modifying this array with strategic merge patch may corrupt the data.
5089 For more information See https://github.com/kubernetes/kubernetes/issues/108255.
5090 Cannot be updated.
5091 items:
5092 description: ContainerPort represents a network
5093 port in a single container.
5094 properties:
5095 containerPort:
5096 description: |-
5097 Number of port to expose on the pod's IP address.
5098 This must be a valid port number, 0 < x < 65536.
5099 format: int32
5100 type: integer
5101 hostIP:
5102 description: What host IP to bind the
5103 external port to.
5104 type: string
5105 hostPort:
5106 description: |-
5107 Number of port to expose on the host.
5108 If specified, this must be a valid port number, 0 < x < 65536.
5109 If HostNetwork is specified, this must match ContainerPort.
5110 Most containers do not need this.
5111 format: int32
5112 type: integer
5113 name:
5114 description: |-
5115 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
5116 named port in a pod must have a unique name. Name for the port that can be
5117 referred to by services.
5118 type: string
5119 protocol:
5120 default: TCP
5121 description: |-
5122 Protocol for port. Must be UDP, TCP, or SCTP.
5123 Defaults to "TCP".
5124 type: string
5125 required:
5126 - containerPort
5127 type: object
5128 type: array
5129 x-kubernetes-list-map-keys:
5130 - containerPort
5131 - protocol
5132 x-kubernetes-list-type: map
5133 readinessProbe:
5134 description: |-
5135 Periodic probe of container service readiness.
5136 Container will be removed from service endpoints if the probe fails.
5137 Cannot be updated.
5138 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5139 properties:
5140 exec:
5141 description: Exec specifies the action to
5142 take.
5143 properties:
5144 command:
5145 description: |-
5146 Command is the command line to execute inside the container, the working directory for the
5147 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
5148 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
5149 a shell, you need to explicitly call out to that shell.
5150 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
5151 items:
5152 type: string
5153 type: array
5154 x-kubernetes-list-type: atomic
5155 type: object
5156 failureThreshold:
5157 description: |-
5158 Minimum consecutive failures for the probe to be considered failed after having succeeded.
5159 Defaults to 3. Minimum value is 1.
5160 format: int32
5161 type: integer
5162 grpc:
5163 description: GRPC specifies an action involving
5164 a GRPC port.
5165 properties:
5166 port:
5167 description: Port number of the gRPC
5168 service. Number must be in the range
5169 1 to 65535.
5170 format: int32
5171 type: integer
5172 service:
5173 description: |-
5174 Service is the name of the service to place in the gRPC HealthCheckRequest
5175 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
5176
5177
5178 If this is not specified, the default behavior is defined by gRPC.
5179 type: string
5180 required:
5181 - port
5182 type: object
5183 httpGet:
5184 description: HTTPGet specifies the http
5185 request to perform.
5186 properties:
5187 host:
5188 description: |-
5189 Host name to connect to, defaults to the pod IP. You probably want to set
5190 "Host" in httpHeaders instead.
5191 type: string
5192 httpHeaders:
5193 description: Custom headers to set in
5194 the request. HTTP allows repeated
5195 headers.
5196 items:
5197 description: HTTPHeader describes
5198 a custom header to be used in HTTP
5199 probes
5200 properties:
5201 name:
5202 description: |-
5203 The header field name.
5204 This will be canonicalized upon output, so case-variant names will be understood as the same header.
5205 type: string
5206 value:
5207 description: The header field
5208 value
5209 type: string
5210 required:
5211 - name
5212 - value
5213 type: object
5214 type: array
5215 x-kubernetes-list-type: atomic
5216 path:
5217 description: Path to access on the HTTP
5218 server.
5219 type: string
5220 port:
5221 anyOf:
5222 - type: integer
5223 - type: string
5224 description: |-
5225 Name or number of the port to access on the container.
5226 Number must be in the range 1 to 65535.
5227 Name must be an IANA_SVC_NAME.
5228 x-kubernetes-int-or-string: true
5229 scheme:
5230 description: |-
5231 Scheme to use for connecting to the host.
5232 Defaults to HTTP.
5233 type: string
5234 required:
5235 - port
5236 type: object
5237 initialDelaySeconds:
5238 description: |-
5239 Number of seconds after the container has started before liveness probes are initiated.
5240 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5241 format: int32
5242 type: integer
5243 periodSeconds:
5244 description: |-
5245 How often (in seconds) to perform the probe.
5246 Default to 10 seconds. Minimum value is 1.
5247 format: int32
5248 type: integer
5249 successThreshold:
5250 description: |-
5251 Minimum consecutive successes for the probe to be considered successful after having failed.
5252 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
5253 format: int32
5254 type: integer
5255 tcpSocket:
5256 description: TCPSocket specifies an action
5257 involving a TCP port.
5258 properties:
5259 host:
5260 description: 'Optional: Host name to
5261 connect to, defaults to the pod IP.'
5262 type: string
5263 port:
5264 anyOf:
5265 - type: integer
5266 - type: string
5267 description: |-
5268 Number or name of the port to access on the container.
5269 Number must be in the range 1 to 65535.
5270 Name must be an IANA_SVC_NAME.
5271 x-kubernetes-int-or-string: true
5272 required:
5273 - port
5274 type: object
5275 terminationGracePeriodSeconds:
5276 description: |-
5277 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
5278 The grace period is the duration in seconds after the processes running in the pod are sent
5279 a termination signal and the time when the processes are forcibly halted with a kill signal.
5280 Set this value longer than the expected cleanup time for your process.
5281 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
5282 value overrides the value provided by the pod spec.
5283 Value must be non-negative integer. The value zero indicates stop immediately via
5284 the kill signal (no opportunity to shut down).
5285 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
5286 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
5287 format: int64
5288 type: integer
5289 timeoutSeconds:
5290 description: |-
5291 Number of seconds after which the probe times out.
5292 Defaults to 1 second. Minimum value is 1.
5293 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5294 format: int32
5295 type: integer
5296 type: object
5297 resizePolicy:
5298 description: Resources resize policy for the
5299 container.
5300 items:
5301 description: ContainerResizePolicy represents
5302 resource resize policy for the container.
5303 properties:
5304 resourceName:
5305 description: |-
5306 Name of the resource to which this resource resize policy applies.
5307 Supported values: cpu, memory.
5308 type: string
5309 restartPolicy:
5310 description: |-
5311 Restart policy to apply when specified resource is resized.
5312 If not specified, it defaults to NotRequired.
5313 type: string
5314 required:
5315 - resourceName
5316 - restartPolicy
5317 type: object
5318 type: array
5319 x-kubernetes-list-type: atomic
5320 resources:
5321 description: |-
5322 Compute Resources required by this container.
5323 Cannot be updated.
5324 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5325 properties:
5326 claims:
5327 description: |-
5328 Claims lists the names of resources, defined in spec.resourceClaims,
5329 that are used by this container.
5330
5331
5332 This is an alpha field and requires enabling the
5333 DynamicResourceAllocation feature gate.
5334
5335
5336 This field is immutable. It can only be set for containers.
5337 items:
5338 description: ResourceClaim references
5339 one entry in PodSpec.ResourceClaims.
5340 properties:
5341 name:
5342 description: |-
5343 Name must match the name of one entry in pod.spec.resourceClaims of
5344 the Pod where this field is used. It makes that resource available
5345 inside a container.
5346 type: string
5347 required:
5348 - name
5349 type: object
5350 type: array
5351 x-kubernetes-list-map-keys:
5352 - name
5353 x-kubernetes-list-type: map
5354 limits:
5355 additionalProperties:
5356 anyOf:
5357 - type: integer
5358 - type: string
5359 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5360 x-kubernetes-int-or-string: true
5361 description: |-
5362 Limits describes the maximum amount of compute resources allowed.
5363 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5364 type: object
5365 requests:
5366 additionalProperties:
5367 anyOf:
5368 - type: integer
5369 - type: string
5370 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5371 x-kubernetes-int-or-string: true
5372 description: |-
5373 Requests describes the minimum amount of compute resources required.
5374 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
5375 otherwise to an implementation-defined value. Requests cannot exceed Limits.
5376 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5377 type: object
5378 type: object
5379 restartPolicy:
5380 description: |-
5381 RestartPolicy defines the restart behavior of individual containers in a pod.
5382 This field may only be set for init containers, and the only allowed value is "Always".
5383 For non-init containers or when this field is not specified,
5384 the restart behavior is defined by the Pod's restart policy and the container type.
5385 Setting the RestartPolicy as "Always" for the init container will have the following effect:
5386 this init container will be continually restarted on
5387 exit until all regular containers have terminated. Once all regular
5388 containers have completed, all init containers with restartPolicy "Always"
5389 will be shut down. This lifecycle differs from normal init containers and
5390 is often referred to as a "sidecar" container. Although this init
5391 container still starts in the init container sequence, it does not wait
5392 for the container to complete before proceeding to the next init
5393 container. Instead, the next init container starts immediately after this
5394 init container is started, or after any startupProbe has successfully
5395 completed.
5396 type: string
5397 securityContext:
5398 description: |-
5399 SecurityContext defines the security options the container should be run with.
5400 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
5401 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
5402 properties:
5403 allowPrivilegeEscalation:
5404 description: |-
5405 AllowPrivilegeEscalation controls whether a process can gain more
5406 privileges than its parent process. This bool directly controls if
5407 the no_new_privs flag will be set on the container process.
5408 AllowPrivilegeEscalation is true always when the container is:
5409 1) run as Privileged
5410 2) has CAP_SYS_ADMIN
5411 Note that this field cannot be set when spec.os.name is windows.
5412 type: boolean
5413 appArmorProfile:
5414 description: |-
5415 appArmorProfile is the AppArmor options to use by this container. If set, this profile
5416 overrides the pod's appArmorProfile.
5417 Note that this field cannot be set when spec.os.name is windows.
5418 properties:
5419 localhostProfile:
5420 description: |-
5421 localhostProfile indicates a profile loaded on the node that should be used.
5422 The profile must be preconfigured on the node to work.
5423 Must match the loaded name of the profile.
5424 Must be set if and only if type is "Localhost".
5425 type: string
5426 type:
5427 description: |-
5428 type indicates which kind of AppArmor profile will be applied.
5429 Valid options are:
5430 Localhost - a profile pre-loaded on the node.
5431 RuntimeDefault - the container runtime's default profile.
5432 Unconfined - no AppArmor enforcement.
5433 type: string
5434 required:
5435 - type
5436 type: object
5437 capabilities:
5438 description: |-
5439 The capabilities to add/drop when running containers.
5440 Defaults to the default set of capabilities granted by the container runtime.
5441 Note that this field cannot be set when spec.os.name is windows.
5442 properties:
5443 add:
5444 description: Added capabilities
5445 items:
5446 description: Capability represent
5447 POSIX capabilities type
5448 type: string
5449 type: array
5450 x-kubernetes-list-type: atomic
5451 drop:
5452 description: Removed capabilities
5453 items:
5454 description: Capability represent
5455 POSIX capabilities type
5456 type: string
5457 type: array
5458 x-kubernetes-list-type: atomic
5459 type: object
5460 privileged:
5461 description: |-
5462 Run container in privileged mode.
5463 Processes in privileged containers are essentially equivalent to root on the host.
5464 Defaults to false.
5465 Note that this field cannot be set when spec.os.name is windows.
5466 type: boolean
5467 procMount:
5468 description: |-
5469 procMount denotes the type of proc mount to use for the containers.
5470 The default is DefaultProcMount which uses the container runtime defaults for
5471 readonly paths and masked paths.
5472 This requires the ProcMountType feature flag to be enabled.
5473 Note that this field cannot be set when spec.os.name is windows.
5474 type: string
5475 readOnlyRootFilesystem:
5476 description: |-
5477 Whether this container has a read-only root filesystem.
5478 Default is false.
5479 Note that this field cannot be set when spec.os.name is windows.
5480 type: boolean
5481 runAsGroup:
5482 description: |-
5483 The GID to run the entrypoint of the container process.
5484 Uses runtime default if unset.
5485 May also be set in PodSecurityContext. If set in both SecurityContext and
5486 PodSecurityContext, the value specified in SecurityContext takes precedence.
5487 Note that this field cannot be set when spec.os.name is windows.
5488 format: int64
5489 type: integer
5490 runAsNonRoot:
5491 description: |-
5492 Indicates that the container must run as a non-root user.
5493 If true, the Kubelet will validate the image at runtime to ensure that it
5494 does not run as UID 0 (root) and fail to start the container if it does.
5495 If unset or false, no such validation will be performed.
5496 May also be set in PodSecurityContext. If set in both SecurityContext and
5497 PodSecurityContext, the value specified in SecurityContext takes precedence.
5498 type: boolean
5499 runAsUser:
5500 description: |-
5501 The UID to run the entrypoint of the container process.
5502 Defaults to user specified in image metadata if unspecified.
5503 May also be set in PodSecurityContext. If set in both SecurityContext and
5504 PodSecurityContext, the value specified in SecurityContext takes precedence.
5505 Note that this field cannot be set when spec.os.name is windows.
5506 format: int64
5507 type: integer
5508 seLinuxOptions:
5509 description: |-
5510 The SELinux context to be applied to the container.
5511 If unspecified, the container runtime will allocate a random SELinux context for each
5512 container. May also be set in PodSecurityContext. If set in both SecurityContext and
5513 PodSecurityContext, the value specified in SecurityContext takes precedence.
5514 Note that this field cannot be set when spec.os.name is windows.
5515 properties:
5516 level:
5517 description: Level is SELinux level
5518 label that applies to the container.
5519 type: string
5520 role:
5521 description: Role is a SELinux role
5522 label that applies to the container.
5523 type: string
5524 type:
5525 description: Type is a SELinux type
5526 label that applies to the container.
5527 type: string
5528 user:
5529 description: User is a SELinux user
5530 label that applies to the container.
5531 type: string
5532 type: object
5533 seccompProfile:
5534 description: |-
5535 The seccomp options to use by this container. If seccomp options are
5536 provided at both the pod & container level, the container options
5537 override the pod options.
5538 Note that this field cannot be set when spec.os.name is windows.
5539 properties:
5540 localhostProfile:
5541 description: |-
5542 localhostProfile indicates a profile defined in a file on the node should be used.
5543 The profile must be preconfigured on the node to work.
5544 Must be a descending path, relative to the kubelet's configured seccomp profile location.
5545 Must be set if type is "Localhost". Must NOT be set for any other type.
5546 type: string
5547 type:
5548 description: |-
5549 type indicates which kind of seccomp profile will be applied.
5550 Valid options are:
5551
5552
5553 Localhost - a profile defined in a file on the node should be used.
5554 RuntimeDefault - the container runtime default profile should be used.
5555 Unconfined - no profile should be applied.
5556 type: string
5557 required:
5558 - type
5559 type: object
5560 windowsOptions:
5561 description: |-
5562 The Windows specific settings applied to all containers.
5563 If unspecified, the options from the PodSecurityContext will be used.
5564 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
5565 Note that this field cannot be set when spec.os.name is linux.
5566 properties:
5567 gmsaCredentialSpec:
5568 description: |-
5569 GMSACredentialSpec is where the GMSA admission webhook
5570 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
5571 GMSA credential spec named by the GMSACredentialSpecName field.
5572 type: string
5573 gmsaCredentialSpecName:
5574 description: GMSACredentialSpecName
5575 is the name of the GMSA credential
5576 spec to use.
5577 type: string
5578 hostProcess:
5579 description: |-
5580 HostProcess determines if a container should be run as a 'Host Process' container.
5581 All of a Pod's containers must have the same effective HostProcess value
5582 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
5583 In addition, if HostProcess is true then HostNetwork must also be set to true.
5584 type: boolean
5585 runAsUserName:
5586 description: |-
5587 The UserName in Windows to run the entrypoint of the container process.
5588 Defaults to the user specified in image metadata if unspecified.
5589 May also be set in PodSecurityContext. If set in both SecurityContext and
5590 PodSecurityContext, the value specified in SecurityContext takes precedence.
5591 type: string
5592 type: object
5593 type: object
5594 startupProbe:
5595 description: |-
5596 StartupProbe indicates that the Pod has successfully initialized.
5597 If specified, no other probes are executed until this completes successfully.
5598 If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
5599 This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
5600 when it might take a long time to load data or warm a cache, than during steady-state operation.
5601 This cannot be updated.
5602 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5603 properties:
5604 exec:
5605 description: Exec specifies the action to
5606 take.
5607 properties:
5608 command:
5609 description: |-
5610 Command is the command line to execute inside the container, the working directory for the
5611 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
5612 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
5613 a shell, you need to explicitly call out to that shell.
5614 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
5615 items:
5616 type: string
5617 type: array
5618 x-kubernetes-list-type: atomic
5619 type: object
5620 failureThreshold:
5621 description: |-
5622 Minimum consecutive failures for the probe to be considered failed after having succeeded.
5623 Defaults to 3. Minimum value is 1.
5624 format: int32
5625 type: integer
5626 grpc:
5627 description: GRPC specifies an action involving
5628 a GRPC port.
5629 properties:
5630 port:
5631 description: Port number of the gRPC
5632 service. Number must be in the range
5633 1 to 65535.
5634 format: int32
5635 type: integer
5636 service:
5637 description: |-
5638 Service is the name of the service to place in the gRPC HealthCheckRequest
5639 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
5640
5641
5642 If this is not specified, the default behavior is defined by gRPC.
5643 type: string
5644 required:
5645 - port
5646 type: object
5647 httpGet:
5648 description: HTTPGet specifies the http
5649 request to perform.
5650 properties:
5651 host:
5652 description: |-
5653 Host name to connect to, defaults to the pod IP. You probably want to set
5654 "Host" in httpHeaders instead.
5655 type: string
5656 httpHeaders:
5657 description: Custom headers to set in
5658 the request. HTTP allows repeated
5659 headers.
5660 items:
5661 description: HTTPHeader describes
5662 a custom header to be used in HTTP
5663 probes
5664 properties:
5665 name:
5666 description: |-
5667 The header field name.
5668 This will be canonicalized upon output, so case-variant names will be understood as the same header.
5669 type: string
5670 value:
5671 description: The header field
5672 value
5673 type: string
5674 required:
5675 - name
5676 - value
5677 type: object
5678 type: array
5679 x-kubernetes-list-type: atomic
5680 path:
5681 description: Path to access on the HTTP
5682 server.
5683 type: string
5684 port:
5685 anyOf:
5686 - type: integer
5687 - type: string
5688 description: |-
5689 Name or number of the port to access on the container.
5690 Number must be in the range 1 to 65535.
5691 Name must be an IANA_SVC_NAME.
5692 x-kubernetes-int-or-string: true
5693 scheme:
5694 description: |-
5695 Scheme to use for connecting to the host.
5696 Defaults to HTTP.
5697 type: string
5698 required:
5699 - port
5700 type: object
5701 initialDelaySeconds:
5702 description: |-
5703 Number of seconds after the container has started before liveness probes are initiated.
5704 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5705 format: int32
5706 type: integer
5707 periodSeconds:
5708 description: |-
5709 How often (in seconds) to perform the probe.
5710 Default to 10 seconds. Minimum value is 1.
5711 format: int32
5712 type: integer
5713 successThreshold:
5714 description: |-
5715 Minimum consecutive successes for the probe to be considered successful after having failed.
5716 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
5717 format: int32
5718 type: integer
5719 tcpSocket:
5720 description: TCPSocket specifies an action
5721 involving a TCP port.
5722 properties:
5723 host:
5724 description: 'Optional: Host name to
5725 connect to, defaults to the pod IP.'
5726 type: string
5727 port:
5728 anyOf:
5729 - type: integer
5730 - type: string
5731 description: |-
5732 Number or name of the port to access on the container.
5733 Number must be in the range 1 to 65535.
5734 Name must be an IANA_SVC_NAME.
5735 x-kubernetes-int-or-string: true
5736 required:
5737 - port
5738 type: object
5739 terminationGracePeriodSeconds:
5740 description: |-
5741 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
5742 The grace period is the duration in seconds after the processes running in the pod are sent
5743 a termination signal and the time when the processes are forcibly halted with a kill signal.
5744 Set this value longer than the expected cleanup time for your process.
5745 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
5746 value overrides the value provided by the pod spec.
5747 Value must be non-negative integer. The value zero indicates stop immediately via
5748 the kill signal (no opportunity to shut down).
5749 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
5750 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
5751 format: int64
5752 type: integer
5753 timeoutSeconds:
5754 description: |-
5755 Number of seconds after which the probe times out.
5756 Defaults to 1 second. Minimum value is 1.
5757 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
5758 format: int32
5759 type: integer
5760 type: object
5761 stdin:
5762 description: |-
5763 Whether this container should allocate a buffer for stdin in the container runtime. If this
5764 is not set, reads from stdin in the container will always result in EOF.
5765 Default is false.
5766 type: boolean
5767 stdinOnce:
5768 description: |-
5769 Whether the container runtime should close the stdin channel after it has been opened by
5770 a single attach. When stdin is true the stdin stream will remain open across multiple attach
5771 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
5772 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
5773 at which time stdin is closed and remains closed until the container is restarted. If this
5774 flag is false, a container processes that reads from stdin will never receive an EOF.
5775 Default is false
5776 type: boolean
5777 terminationMessagePath:
5778 description: |-
5779 Optional: Path at which the file to which the container's termination message
5780 will be written is mounted into the container's filesystem.
5781 Message written is intended to be brief final status, such as an assertion failure message.
5782 Will be truncated by the node if greater than 4096 bytes. The total message length across
5783 all containers will be limited to 12kb.
5784 Defaults to /dev/termination-log.
5785 Cannot be updated.
5786 type: string
5787 terminationMessagePolicy:
5788 description: |-
5789 Indicate how the termination message should be populated. File will use the contents of
5790 terminationMessagePath to populate the container status message on both success and failure.
5791 FallbackToLogsOnError will use the last chunk of container log output if the termination
5792 message file is empty and the container exited with an error.
5793 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
5794 Defaults to File.
5795 Cannot be updated.
5796 type: string
5797 tty:
5798 description: |-
5799 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
5800 Default is false.
5801 type: boolean
5802 volumeDevices:
5803 description: volumeDevices is the list of block
5804 devices to be used by the container.
5805 items:
5806 description: volumeDevice describes a mapping
5807 of a raw block device within a container.
5808 properties:
5809 devicePath:
5810 description: devicePath is the path inside
5811 of the container that the device will
5812 be mapped to.
5813 type: string
5814 name:
5815 description: name must match the name
5816 of a persistentVolumeClaim in the pod
5817 type: string
5818 required:
5819 - devicePath
5820 - name
5821 type: object
5822 type: array
5823 x-kubernetes-list-map-keys:
5824 - devicePath
5825 x-kubernetes-list-type: map
5826 volumeMounts:
5827 description: |-
5828 Pod volumes to mount into the container's filesystem.
5829 Cannot be updated.
5830 items:
5831 description: VolumeMount describes a mounting
5832 of a Volume within a container.
5833 properties:
5834 mountPath:
5835 description: |-
5836 Path within the container at which the volume should be mounted. Must
5837 not contain ':'.
5838 type: string
5839 mountPropagation:
5840 description: |-
5841 mountPropagation determines how mounts are propagated from the host
5842 to container and the other way around.
5843 When not set, MountPropagationNone is used.
5844 This field is beta in 1.10.
5845 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
5846 (which defaults to None).
5847 type: string
5848 name:
5849 description: This must match the Name
5850 of a Volume.
5851 type: string
5852 readOnly:
5853 description: |-
5854 Mounted read-only if true, read-write otherwise (false or unspecified).
5855 Defaults to false.
5856 type: boolean
5857 recursiveReadOnly:
5858 description: |-
5859 RecursiveReadOnly specifies whether read-only mounts should be handled
5860 recursively.
5861
5862
5863 If ReadOnly is false, this field has no meaning and must be unspecified.
5864
5865
5866 If ReadOnly is true, and this field is set to Disabled, the mount is not made
5867 recursively read-only. If this field is set to IfPossible, the mount is made
5868 recursively read-only, if it is supported by the container runtime. If this
5869 field is set to Enabled, the mount is made recursively read-only if it is
5870 supported by the container runtime, otherwise the pod will not be started and
5871 an error will be generated to indicate the reason.
5872
5873
5874 If this field is set to IfPossible or Enabled, MountPropagation must be set to
5875 None (or be unspecified, which defaults to None).
5876
5877
5878 If this field is not specified, it is treated as an equivalent of Disabled.
5879 type: string
5880 subPath:
5881 description: |-
5882 Path within the volume from which the container's volume should be mounted.
5883 Defaults to "" (volume's root).
5884 type: string
5885 subPathExpr:
5886 description: |-
5887 Expanded path within the volume from which the container's volume should be mounted.
5888 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
5889 Defaults to "" (volume's root).
5890 SubPathExpr and SubPath are mutually exclusive.
5891 type: string
5892 required:
5893 - mountPath
5894 - name
5895 type: object
5896 type: array
5897 x-kubernetes-list-map-keys:
5898 - mountPath
5899 x-kubernetes-list-type: map
5900 workingDir:
5901 description: |-
5902 Container's working directory.
5903 If not specified, the container runtime's default will be used, which
5904 might be configured in the container image.
5905 Cannot be updated.
5906 type: string
5907 required:
5908 - name
5909 type: object
5910 type: array
5911 x-kubernetes-list-map-keys:
5912 - name
5913 x-kubernetes-list-type: map
5914 nodeName:
5915 description: |-
5916 NodeName is a request to schedule this pod onto a specific node. If it is non-empty,
5917 the scheduler simply schedules this pod onto that node, assuming that it fits resource
5918 requirements.
5919 type: string
5920 nodeSelector:
5921 additionalProperties:
5922 type: string
5923 description: |-
5924 NodeSelector is a selector which must be true for the pod to fit on a node.
5925 Selector which must match a node's labels for the pod to be scheduled on that node.
5926 More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
5927 type: object
5928 x-kubernetes-map-type: atomic
5929 os:
5930 description: |-
5931 Specifies the OS of the containers in the pod.
5932 Some pod and container fields are restricted if this is set.
5933
5934
5935 If the OS field is set to linux, the following fields must be unset:
5936 -securityContext.windowsOptions
5937
5938
5939 If the OS field is set to windows, following fields must be unset:
5940 - spec.hostPID
5941 - spec.hostIPC
5942 - spec.hostUsers
5943 - spec.securityContext.appArmorProfile
5944 - spec.securityContext.seLinuxOptions
5945 - spec.securityContext.seccompProfile
5946 - spec.securityContext.fsGroup
5947 - spec.securityContext.fsGroupChangePolicy
5948 - spec.securityContext.sysctls
5949 - spec.shareProcessNamespace
5950 - spec.securityContext.runAsUser
5951 - spec.securityContext.runAsGroup
5952 - spec.securityContext.supplementalGroups
5953 - spec.containers[*].securityContext.appArmorProfile
5954 - spec.containers[*].securityContext.seLinuxOptions
5955 - spec.containers[*].securityContext.seccompProfile
5956 - spec.containers[*].securityContext.capabilities
5957 - spec.containers[*].securityContext.readOnlyRootFilesystem
5958 - spec.containers[*].securityContext.privileged
5959 - spec.containers[*].securityContext.allowPrivilegeEscalation
5960 - spec.containers[*].securityContext.procMount
5961 - spec.containers[*].securityContext.runAsUser
5962 - spec.containers[*].securityContext.runAsGroup
5963 properties:
5964 name:
5965 description: |-
5966 Name is the name of the operating system. The currently supported values are linux and windows.
5967 Additional value may be defined in future and can be one of:
5968 https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration
5969 Clients should expect to handle additional values and treat unrecognized values in this field as os: null
5970 type: string
5971 required:
5972 - name
5973 type: object
5974 overhead:
5975 additionalProperties:
5976 anyOf:
5977 - type: integer
5978 - type: string
5979 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5980 x-kubernetes-int-or-string: true
5981 description: |-
5982 Overhead represents the resource overhead associated with running a pod for a given RuntimeClass.
5983 This field will be autopopulated at admission time by the RuntimeClass admission controller. If
5984 the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests.
5985 The RuntimeClass admission controller will reject Pod create requests which have the overhead already
5986 set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value
5987 defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero.
5988 More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md
5989 type: object
5990 preemptionPolicy:
5991 description: |-
5992 PreemptionPolicy is the Policy for preempting pods with lower priority.
5993 One of Never, PreemptLowerPriority.
5994 Defaults to PreemptLowerPriority if unset.
5995 type: string
5996 priority:
5997 description: |-
5998 The priority value. Various system components use this field to find the
5999 priority of the pod. When Priority Admission Controller is enabled, it
6000 prevents users from setting this field. The admission controller populates
6001 this field from PriorityClassName.
6002 The higher the value, the higher the priority.
6003 format: int32
6004 type: integer
6005 priorityClassName:
6006 description: |-
6007 If specified, indicates the pod's priority. "system-node-critical" and
6008 "system-cluster-critical" are two special keywords which indicate the
6009 highest priorities with the former being the highest priority. Any other
6010 name must be defined by creating a PriorityClass object with that name.
6011 If not specified, the pod priority will be default or zero if there is no
6012 default.
6013 type: string
6014 readinessGates:
6015 description: |-
6016 If specified, all readiness gates will be evaluated for pod readiness.
6017 A pod is ready when all its containers are ready AND
6018 all conditions specified in the readiness gates have status equal to "True"
6019 More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates
6020 items:
6021 description: PodReadinessGate contains the reference
6022 to a pod condition
6023 properties:
6024 conditionType:
6025 description: ConditionType refers to a condition
6026 in the pod's condition list with matching
6027 type.
6028 type: string
6029 required:
6030 - conditionType
6031 type: object
6032 type: array
6033 x-kubernetes-list-type: atomic
6034 resourceClaims:
6035 description: |-
6036 ResourceClaims defines which ResourceClaims must be allocated
6037 and reserved before the Pod is allowed to start. The resources
6038 will be made available to those containers which consume them
6039 by name.
6040
6041
6042 This is an alpha field and requires enabling the
6043 DynamicResourceAllocation feature gate.
6044
6045
6046 This field is immutable.
6047 items:
6048 description: |-
6049 PodResourceClaim references exactly one ResourceClaim through a ClaimSource.
6050 It adds a name to it that uniquely identifies the ResourceClaim inside the Pod.
6051 Containers that need access to the ResourceClaim reference it with this name.
6052 properties:
6053 name:
6054 description: |-
6055 Name uniquely identifies this resource claim inside the pod.
6056 This must be a DNS_LABEL.
6057 type: string
6058 source:
6059 description: Source describes where to find
6060 the ResourceClaim.
6061 properties:
6062 resourceClaimName:
6063 description: |-
6064 ResourceClaimName is the name of a ResourceClaim object in the same
6065 namespace as this pod.
6066 type: string
6067 resourceClaimTemplateName:
6068 description: |-
6069 ResourceClaimTemplateName is the name of a ResourceClaimTemplate
6070 object in the same namespace as this pod.
6071
6072
6073 The template will be used to create a new ResourceClaim, which will
6074 be bound to this pod. When this pod is deleted, the ResourceClaim
6075 will also be deleted. The pod name and resource name, along with a
6076 generated component, will be used to form a unique name for the
6077 ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.
6078
6079
6080 This field is immutable and no changes will be made to the
6081 corresponding ResourceClaim by the control plane after creating the
6082 ResourceClaim.
6083 type: string
6084 type: object
6085 required:
6086 - name
6087 type: object
6088 type: array
6089 x-kubernetes-list-map-keys:
6090 - name
6091 x-kubernetes-list-type: map
6092 restartPolicy:
6093 description: |-
6094 Restart policy for all containers within the pod.
6095 One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.
6096 Default to Always.
6097 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
6098 type: string
6099 runtimeClassName:
6100 description: |-
6101 RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
6102 to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.
6103 If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an
6104 empty definition that uses the default runtime handler.
6105 More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class
6106 type: string
6107 schedulerName:
6108 description: |-
6109 If specified, the pod will be dispatched by specified scheduler.
6110 If not specified, the pod will be dispatched by default scheduler.
6111 type: string
6112 schedulingGates:
6113 description: |-
6114 SchedulingGates is an opaque list of values that if specified will block scheduling the pod.
6115 If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the
6116 scheduler will not attempt to schedule the pod.
6117
6118
6119 SchedulingGates can only be set at pod creation time, and be removed only afterwards.
6120 items:
6121 description: PodSchedulingGate is associated to
6122 a Pod to guard its scheduling.
6123 properties:
6124 name:
6125 description: |-
6126 Name of the scheduling gate.
6127 Each scheduling gate must have a unique name field.
6128 type: string
6129 required:
6130 - name
6131 type: object
6132 type: array
6133 x-kubernetes-list-map-keys:
6134 - name
6135 x-kubernetes-list-type: map
6136 securityContext:
6137 description: |-
6138 SecurityContext holds pod-level security attributes and common container settings.
6139 Optional: Defaults to empty. See type description for default values of each field.
6140 properties:
6141 appArmorProfile:
6142 description: |-
6143 appArmorProfile is the AppArmor options to use by the containers in this pod.
6144 Note that this field cannot be set when spec.os.name is windows.
6145 properties:
6146 localhostProfile:
6147 description: |-
6148 localhostProfile indicates a profile loaded on the node that should be used.
6149 The profile must be preconfigured on the node to work.
6150 Must match the loaded name of the profile.
6151 Must be set if and only if type is "Localhost".
6152 type: string
6153 type:
6154 description: |-
6155 type indicates which kind of AppArmor profile will be applied.
6156 Valid options are:
6157 Localhost - a profile pre-loaded on the node.
6158 RuntimeDefault - the container runtime's default profile.
6159 Unconfined - no AppArmor enforcement.
6160 type: string
6161 required:
6162 - type
6163 type: object
6164 fsGroup:
6165 description: |-
6166 A special supplemental group that applies to all containers in a pod.
6167 Some volume types allow the Kubelet to change the ownership of that volume
6168 to be owned by the pod:
6169
6170
6171 1. The owning GID will be the FSGroup
6172 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
6173 3. The permission bits are OR'd with rw-rw----
6174
6175
6176 If unset, the Kubelet will not modify the ownership and permissions of any volume.
6177 Note that this field cannot be set when spec.os.name is windows.
6178 format: int64
6179 type: integer
6180 fsGroupChangePolicy:
6181 description: |-
6182 fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
6183 before being exposed inside Pod. This field will only apply to
6184 volume types which support fsGroup based ownership(and permissions).
6185 It will have no effect on ephemeral volume types such as: secret, configmaps
6186 and emptydir.
6187 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
6188 Note that this field cannot be set when spec.os.name is windows.
6189 type: string
6190 runAsGroup:
6191 description: |-
6192 The GID to run the entrypoint of the container process.
6193 Uses runtime default if unset.
6194 May also be set in SecurityContext. If set in both SecurityContext and
6195 PodSecurityContext, the value specified in SecurityContext takes precedence
6196 for that container.
6197 Note that this field cannot be set when spec.os.name is windows.
6198 format: int64
6199 type: integer
6200 runAsNonRoot:
6201 description: |-
6202 Indicates that the container must run as a non-root user.
6203 If true, the Kubelet will validate the image at runtime to ensure that it
6204 does not run as UID 0 (root) and fail to start the container if it does.
6205 If unset or false, no such validation will be performed.
6206 May also be set in SecurityContext. If set in both SecurityContext and
6207 PodSecurityContext, the value specified in SecurityContext takes precedence.
6208 type: boolean
6209 runAsUser:
6210 description: |-
6211 The UID to run the entrypoint of the container process.
6212 Defaults to user specified in image metadata if unspecified.
6213 May also be set in SecurityContext. If set in both SecurityContext and
6214 PodSecurityContext, the value specified in SecurityContext takes precedence
6215 for that container.
6216 Note that this field cannot be set when spec.os.name is windows.
6217 format: int64
6218 type: integer
6219 seLinuxOptions:
6220 description: |-
6221 The SELinux context to be applied to all containers.
6222 If unspecified, the container runtime will allocate a random SELinux context for each
6223 container. May also be set in SecurityContext. If set in
6224 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
6225 takes precedence for that container.
6226 Note that this field cannot be set when spec.os.name is windows.
6227 properties:
6228 level:
6229 description: Level is SELinux level label
6230 that applies to the container.
6231 type: string
6232 role:
6233 description: Role is a SELinux role label
6234 that applies to the container.
6235 type: string
6236 type:
6237 description: Type is a SELinux type label
6238 that applies to the container.
6239 type: string
6240 user:
6241 description: User is a SELinux user label
6242 that applies to the container.
6243 type: string
6244 type: object
6245 seccompProfile:
6246 description: |-
6247 The seccomp options to use by the containers in this pod.
6248 Note that this field cannot be set when spec.os.name is windows.
6249 properties:
6250 localhostProfile:
6251 description: |-
6252 localhostProfile indicates a profile defined in a file on the node should be used.
6253 The profile must be preconfigured on the node to work.
6254 Must be a descending path, relative to the kubelet's configured seccomp profile location.
6255 Must be set if type is "Localhost". Must NOT be set for any other type.
6256 type: string
6257 type:
6258 description: |-
6259 type indicates which kind of seccomp profile will be applied.
6260 Valid options are:
6261
6262
6263 Localhost - a profile defined in a file on the node should be used.
6264 RuntimeDefault - the container runtime default profile should be used.
6265 Unconfined - no profile should be applied.
6266 type: string
6267 required:
6268 - type
6269 type: object
6270 supplementalGroups:
6271 description: |-
6272 A list of groups applied to the first process run in each container, in addition
6273 to the container's primary GID, the fsGroup (if specified), and group memberships
6274 defined in the container image for the uid of the container process. If unspecified,
6275 no additional groups are added to any container. Note that group memberships
6276 defined in the container image for the uid of the container process are still effective,
6277 even if they are not included in this list.
6278 Note that this field cannot be set when spec.os.name is windows.
6279 items:
6280 format: int64
6281 type: integer
6282 type: array
6283 x-kubernetes-list-type: atomic
6284 sysctls:
6285 description: |-
6286 Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
6287 sysctls (by the container runtime) might fail to launch.
6288 Note that this field cannot be set when spec.os.name is windows.
6289 items:
6290 description: Sysctl defines a kernel parameter
6291 to be set
6292 properties:
6293 name:
6294 description: Name of a property to set
6295 type: string
6296 value:
6297 description: Value of a property to set
6298 type: string
6299 required:
6300 - name
6301 - value
6302 type: object
6303 type: array
6304 x-kubernetes-list-type: atomic
6305 windowsOptions:
6306 description: |-
6307 The Windows specific settings applied to all containers.
6308 If unspecified, the options within a container's SecurityContext will be used.
6309 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
6310 Note that this field cannot be set when spec.os.name is linux.
6311 properties:
6312 gmsaCredentialSpec:
6313 description: |-
6314 GMSACredentialSpec is where the GMSA admission webhook
6315 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
6316 GMSA credential spec named by the GMSACredentialSpecName field.
6317 type: string
6318 gmsaCredentialSpecName:
6319 description: GMSACredentialSpecName is the
6320 name of the GMSA credential spec to use.
6321 type: string
6322 hostProcess:
6323 description: |-
6324 HostProcess determines if a container should be run as a 'Host Process' container.
6325 All of a Pod's containers must have the same effective HostProcess value
6326 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
6327 In addition, if HostProcess is true then HostNetwork must also be set to true.
6328 type: boolean
6329 runAsUserName:
6330 description: |-
6331 The UserName in Windows to run the entrypoint of the container process.
6332 Defaults to the user specified in image metadata if unspecified.
6333 May also be set in PodSecurityContext. If set in both SecurityContext and
6334 PodSecurityContext, the value specified in SecurityContext takes precedence.
6335 type: string
6336 type: object
6337 type: object
6338 serviceAccount:
6339 description: |-
6340 DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.
6341 Deprecated: Use serviceAccountName instead.
6342 type: string
6343 serviceAccountName:
6344 description: |-
6345 ServiceAccountName is the name of the ServiceAccount to use to run this pod.
6346 More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
6347 type: string
6348 setHostnameAsFQDN:
6349 description: |-
6350 If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).
6351 In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).
6352 In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN.
6353 If a pod does not have FQDN, this has no effect.
6354 Default to false.
6355 type: boolean
6356 shareProcessNamespace:
6357 description: |-
6358 Share a single process namespace between all of the containers in a pod.
6359 When this is set containers will be able to view and signal processes from other containers
6360 in the same pod, and the first process in each container will not be assigned PID 1.
6361 HostPID and ShareProcessNamespace cannot both be set.
6362 Optional: Default to false.
6363 type: boolean
6364 subdomain:
6365 description: |-
6366 If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>".
6367 If not specified, the pod will not have a domainname at all.
6368 type: string
6369 terminationGracePeriodSeconds:
6370 description: |-
6371 Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.
6372 Value must be non-negative integer. The value zero indicates stop immediately via
6373 the kill signal (no opportunity to shut down).
6374 If this value is nil, the default grace period will be used instead.
6375 The grace period is the duration in seconds after the processes running in the pod are sent
6376 a termination signal and the time when the processes are forcibly halted with a kill signal.
6377 Set this value longer than the expected cleanup time for your process.
6378 Defaults to 30 seconds.
6379 format: int64
6380 type: integer
6381 tolerations:
6382 description: If specified, the pod's tolerations.
6383 items:
6384 description: |-
6385 The pod this Toleration is attached to tolerates any taint that matches
6386 the triple <key,value,effect> using the matching operator <operator>.
6387 properties:
6388 effect:
6389 description: |-
6390 Effect indicates the taint effect to match. Empty means match all taint effects.
6391 When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
6392 type: string
6393 key:
6394 description: |-
6395 Key is the taint key that the toleration applies to. Empty means match all taint keys.
6396 If the key is empty, operator must be Exists; this combination means to match all values and all keys.
6397 type: string
6398 operator:
6399 description: |-
6400 Operator represents a key's relationship to the value.
6401 Valid operators are Exists and Equal. Defaults to Equal.
6402 Exists is equivalent to wildcard for value, so that a pod can
6403 tolerate all taints of a particular category.
6404 type: string
6405 tolerationSeconds:
6406 description: |-
6407 TolerationSeconds represents the period of time the toleration (which must be
6408 of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
6409 it is not set, which means tolerate the taint forever (do not evict). Zero and
6410 negative values will be treated as 0 (evict immediately) by the system.
6411 format: int64
6412 type: integer
6413 value:
6414 description: |-
6415 Value is the taint value the toleration matches to.
6416 If the operator is Exists, the value should be empty, otherwise just a regular string.
6417 type: string
6418 type: object
6419 type: array
6420 x-kubernetes-list-type: atomic
6421 topologySpreadConstraints:
6422 description: |-
6423 TopologySpreadConstraints describes how a group of pods ought to spread across topology
6424 domains. Scheduler will schedule pods in a way which abides by the constraints.
6425 All topologySpreadConstraints are ANDed.
6426 items:
6427 description: TopologySpreadConstraint specifies
6428 how to spread matching pods among the given topology.
6429 properties:
6430 labelSelector:
6431 description: |-
6432 LabelSelector is used to find matching pods.
6433 Pods that match this label selector are counted to determine the number of pods
6434 in their corresponding topology domain.
6435 properties:
6436 matchExpressions:
6437 description: matchExpressions is a list
6438 of label selector requirements. The requirements
6439 are ANDed.
6440 items:
6441 description: |-
6442 A label selector requirement is a selector that contains values, a key, and an operator that
6443 relates the key and values.
6444 properties:
6445 key:
6446 description: key is the label key
6447 that the selector applies to.
6448 type: string
6449 operator:
6450 description: |-
6451 operator represents a key's relationship to a set of values.
6452 Valid operators are In, NotIn, Exists and DoesNotExist.
6453 type: string
6454 values:
6455 description: |-
6456 values is an array of string values. If the operator is In or NotIn,
6457 the values array must be non-empty. If the operator is Exists or DoesNotExist,
6458 the values array must be empty. This array is replaced during a strategic
6459 merge patch.
6460 items:
6461 type: string
6462 type: array
6463 x-kubernetes-list-type: atomic
6464 required:
6465 - key
6466 - operator
6467 type: object
6468 type: array
6469 x-kubernetes-list-type: atomic
6470 matchLabels:
6471 additionalProperties:
6472 type: string
6473 description: |-
6474 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
6475 map is equivalent to an element of matchExpressions, whose key field is "key", the
6476 operator is "In", and the values array contains only "value". The requirements are ANDed.
6477 type: object
6478 type: object
6479 x-kubernetes-map-type: atomic
6480 matchLabelKeys:
6481 description: |-
6482 MatchLabelKeys is a set of pod label keys to select the pods over which
6483 spreading will be calculated. The keys are used to lookup values from the
6484 incoming pod labels, those key-value labels are ANDed with labelSelector
6485 to select the group of existing pods over which spreading will be calculated
6486 for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
6487 MatchLabelKeys cannot be set when LabelSelector isn't set.
6488 Keys that don't exist in the incoming pod labels will
6489 be ignored. A null or empty list means only match against labelSelector.
6490
6491
6492 This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
6493 items:
6494 type: string
6495 type: array
6496 x-kubernetes-list-type: atomic
6497 maxSkew:
6498 description: |-
6499 MaxSkew describes the degree to which pods may be unevenly distributed.
6500 When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
6501 between the number of matching pods in the target topology and the global minimum.
6502 The global minimum is the minimum number of matching pods in an eligible domain
6503 or zero if the number of eligible domains is less than MinDomains.
6504 For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
6505 labelSelector spread as 2/2/1:
6506 In this case, the global minimum is 1.
6507 | zone1 | zone2 | zone3 |
6508 | P P | P P | P |
6509 - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
6510 scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
6511 violate MaxSkew(1).
6512 - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
6513 When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
6514 to topologies that satisfy it.
6515 It's a required field. Default value is 1 and 0 is not allowed.
6516 format: int32
6517 type: integer
6518 minDomains:
6519 description: |-
6520 MinDomains indicates a minimum number of eligible domains.
6521 When the number of eligible domains with matching topology keys is less than minDomains,
6522 Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
6523 And when the number of eligible domains with matching topology keys equals or greater than minDomains,
6524 this value has no effect on scheduling.
6525 As a result, when the number of eligible domains is less than minDomains,
6526 scheduler won't schedule more than maxSkew Pods to those domains.
6527 If value is nil, the constraint behaves as if MinDomains is equal to 1.
6528 Valid values are integers greater than 0.
6529 When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
6530
6531
6532 For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
6533 labelSelector spread as 2/2/2:
6534 | zone1 | zone2 | zone3 |
6535 | P P | P P | P P |
6536 The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
6537 In this situation, new pod with the same labelSelector cannot be scheduled,
6538 because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
6539 it will violate MaxSkew.
6540 format: int32
6541 type: integer
6542 nodeAffinityPolicy:
6543 description: |-
6544 NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
6545 when calculating pod topology spread skew. Options are:
6546 - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
6547 - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
6548
6549
6550 If this value is nil, the behavior is equivalent to the Honor policy.
6551 This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
6552 type: string
6553 nodeTaintsPolicy:
6554 description: |-
6555 NodeTaintsPolicy indicates how we will treat node taints when calculating
6556 pod topology spread skew. Options are:
6557 - Honor: nodes without taints, along with tainted nodes for which the incoming pod
6558 has a toleration, are included.
6559 - Ignore: node taints are ignored. All nodes are included.
6560
6561
6562 If this value is nil, the behavior is equivalent to the Ignore policy.
6563 This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
6564 type: string
6565 topologyKey:
6566 description: |-
6567 TopologyKey is the key of node labels. Nodes that have a label with this key
6568 and identical values are considered to be in the same topology.
6569 We consider each <key, value> as a "bucket", and try to put balanced number
6570 of pods into each bucket.
6571 We define a domain as a particular instance of a topology.
6572 Also, we define an eligible domain as a domain whose nodes meet the requirements of
6573 nodeAffinityPolicy and nodeTaintsPolicy.
6574 e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
6575 And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
6576 It's a required field.
6577 type: string
6578 whenUnsatisfiable:
6579 description: |-
6580 WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
6581 the spread constraint.
6582 - DoNotSchedule (default) tells the scheduler not to schedule it.
6583 - ScheduleAnyway tells the scheduler to schedule the pod in any location,
6584 but giving higher precedence to topologies that would help reduce the
6585 skew.
6586 A constraint is considered "Unsatisfiable" for an incoming pod
6587 if and only if every possible node assignment for that pod would violate
6588 "MaxSkew" on some topology.
6589 For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
6590 labelSelector spread as 3/1/1:
6591 | zone1 | zone2 | zone3 |
6592 | P P P | P | P |
6593 If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
6594 to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
6595 MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
6596 won't make it *more* imbalanced.
6597 It's a required field.
6598 type: string
6599 required:
6600 - maxSkew
6601 - topologyKey
6602 - whenUnsatisfiable
6603 type: object
6604 type: array
6605 x-kubernetes-list-map-keys:
6606 - topologyKey
6607 - whenUnsatisfiable
6608 x-kubernetes-list-type: map
6609 volumes:
6610 description: |-
6611 List of volumes that can be mounted by containers belonging to the pod.
6612 More info: https://kubernetes.io/docs/concepts/storage/volumes
6613 items:
6614 description: Volume represents a named volume in
6615 a pod that may be accessed by any container in
6616 the pod.
6617 properties:
6618 awsElasticBlockStore:
6619 description: |-
6620 awsElasticBlockStore represents an AWS Disk resource that is attached to a
6621 kubelet's host machine and then exposed to the pod.
6622 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6623 properties:
6624 fsType:
6625 description: |-
6626 fsType is the filesystem type of the volume that you want to mount.
6627 Tip: Ensure that the filesystem type is supported by the host operating system.
6628 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6629 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6630 TODO: how do we prevent errors in the filesystem from compromising the machine
6631 type: string
6632 partition:
6633 description: |-
6634 partition is the partition in the volume that you want to mount.
6635 If omitted, the default is to mount by volume name.
6636 Examples: For volume /dev/sda1, you specify the partition as "1".
6637 Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
6638 format: int32
6639 type: integer
6640 readOnly:
6641 description: |-
6642 readOnly value true will force the readOnly setting in VolumeMounts.
6643 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6644 type: boolean
6645 volumeID:
6646 description: |-
6647 volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
6648 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6649 type: string
6650 required:
6651 - volumeID
6652 type: object
6653 azureDisk:
6654 description: azureDisk represents an Azure Data
6655 Disk mount on the host and bind mount to the
6656 pod.
6657 properties:
6658 cachingMode:
6659 description: 'cachingMode is the Host Caching
6660 mode: None, Read Only, Read Write.'
6661 type: string
6662 diskName:
6663 description: diskName is the Name of the
6664 data disk in the blob storage
6665 type: string
6666 diskURI:
6667 description: diskURI is the URI of data
6668 disk in the blob storage
6669 type: string
6670 fsType:
6671 description: |-
6672 fsType is Filesystem type to mount.
6673 Must be a filesystem type supported by the host operating system.
6674 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6675 type: string
6676 kind:
6677 description: 'kind expected values are Shared:
6678 multiple blob disks per storage account Dedicated:
6679 single blob disk per storage account Managed:
6680 azure managed data disk (only in managed
6681 availability set). defaults to shared'
6682 type: string
6683 readOnly:
6684 description: |-
6685 readOnly Defaults to false (read/write). ReadOnly here will force
6686 the ReadOnly setting in VolumeMounts.
6687 type: boolean
6688 required:
6689 - diskName
6690 - diskURI
6691 type: object
6692 azureFile:
6693 description: azureFile represents an Azure File
6694 Service mount on the host and bind mount to
6695 the pod.
6696 properties:
6697 readOnly:
6698 description: |-
6699 readOnly defaults to false (read/write). ReadOnly here will force
6700 the ReadOnly setting in VolumeMounts.
6701 type: boolean
6702 secretName:
6703 description: secretName is the name of
6704 secret that contains Azure Storage Account
6705 Name and Key
6706 type: string
6707 shareName:
6708 description: shareName is the azure share
6709 Name
6710 type: string
6711 required:
6712 - secretName
6713 - shareName
6714 type: object
6715 cephfs:
6716 description: cephFS represents a Ceph FS mount
6717 on the host that shares a pod's lifetime
6718 properties:
6719 monitors:
6720 description: |-
6721 monitors is Required: Monitors is a collection of Ceph monitors
6722 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6723 items:
6724 type: string
6725 type: array
6726 x-kubernetes-list-type: atomic
6727 path:
6728 description: 'path is Optional: Used as
6729 the mounted root, rather than the full
6730 Ceph tree, default is /'
6731 type: string
6732 readOnly:
6733 description: |-
6734 readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
6735 the ReadOnly setting in VolumeMounts.
6736 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6737 type: boolean
6738 secretFile:
6739 description: |-
6740 secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
6741 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6742 type: string
6743 secretRef:
6744 description: |-
6745 secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
6746 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6747 properties:
6748 name:
6749 default: ""
6750 description: |-
6751 Name of the referent.
6752 This field is effectively required, but due to backwards compatibility is
6753 allowed to be empty. Instances of this type with an empty value here are
6754 almost certainly wrong.
6755 TODO: Add other useful fields. apiVersion, kind, uid?
6756 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6757 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6758 type: string
6759 type: object
6760 x-kubernetes-map-type: atomic
6761 user:
6762 description: |-
6763 user is optional: User is the rados user name, default is admin
6764 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6765 type: string
6766 required:
6767 - monitors
6768 type: object
6769 cinder:
6770 description: |-
6771 cinder represents a cinder volume attached and mounted on kubelets host machine.
6772 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6773 properties:
6774 fsType:
6775 description: |-
6776 fsType is the filesystem type to mount.
6777 Must be a filesystem type supported by the host operating system.
6778 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6779 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6780 type: string
6781 readOnly:
6782 description: |-
6783 readOnly defaults to false (read/write). ReadOnly here will force
6784 the ReadOnly setting in VolumeMounts.
6785 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6786 type: boolean
6787 secretRef:
6788 description: |-
6789 secretRef is optional: points to a secret object containing parameters used to connect
6790 to OpenStack.
6791 properties:
6792 name:
6793 default: ""
6794 description: |-
6795 Name of the referent.
6796 This field is effectively required, but due to backwards compatibility is
6797 allowed to be empty. Instances of this type with an empty value here are
6798 almost certainly wrong.
6799 TODO: Add other useful fields. apiVersion, kind, uid?
6800 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6801 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6802 type: string
6803 type: object
6804 x-kubernetes-map-type: atomic
6805 volumeID:
6806 description: |-
6807 volumeID used to identify the volume in cinder.
6808 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6809 type: string
6810 required:
6811 - volumeID
6812 type: object
6813 configMap:
6814 description: configMap represents a configMap
6815 that should populate this volume
6816 properties:
6817 defaultMode:
6818 description: |-
6819 defaultMode is optional: mode bits used to set permissions on created files by default.
6820 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6821 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6822 Defaults to 0644.
6823 Directories within the path are not affected by this setting.
6824 This might be in conflict with other options that affect the file
6825 mode, like fsGroup, and the result can be other mode bits set.
6826 format: int32
6827 type: integer
6828 items:
6829 description: |-
6830 items if unspecified, each key-value pair in the Data field of the referenced
6831 ConfigMap will be projected into the volume as a file whose name is the
6832 key and content is the value. If specified, the listed keys will be
6833 projected into the specified paths, and unlisted keys will not be
6834 present. If a key is specified which is not present in the ConfigMap,
6835 the volume setup will error unless it is marked optional. Paths must be
6836 relative and may not contain the '..' path or start with '..'.
6837 items:
6838 description: Maps a string key to a path
6839 within a volume.
6840 properties:
6841 key:
6842 description: key is the key to project.
6843 type: string
6844 mode:
6845 description: |-
6846 mode is Optional: mode bits used to set permissions on this file.
6847 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6848 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6849 If not specified, the volume defaultMode will be used.
6850 This might be in conflict with other options that affect the file
6851 mode, like fsGroup, and the result can be other mode bits set.
6852 format: int32
6853 type: integer
6854 path:
6855 description: |-
6856 path is the relative path of the file to map the key to.
6857 May not be an absolute path.
6858 May not contain the path element '..'.
6859 May not start with the string '..'.
6860 type: string
6861 required:
6862 - key
6863 - path
6864 type: object
6865 type: array
6866 x-kubernetes-list-type: atomic
6867 name:
6868 default: ""
6869 description: |-
6870 Name of the referent.
6871 This field is effectively required, but due to backwards compatibility is
6872 allowed to be empty. Instances of this type with an empty value here are
6873 almost certainly wrong.
6874 TODO: Add other useful fields. apiVersion, kind, uid?
6875 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6876 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6877 type: string
6878 optional:
6879 description: optional specify whether the
6880 ConfigMap or its keys must be defined
6881 type: boolean
6882 type: object
6883 x-kubernetes-map-type: atomic
6884 csi:
6885 description: csi (Container Storage Interface)
6886 represents ephemeral storage that is handled
6887 by certain external CSI drivers (Beta feature).
6888 properties:
6889 driver:
6890 description: |-
6891 driver is the name of the CSI driver that handles this volume.
6892 Consult with your admin for the correct name as registered in the cluster.
6893 type: string
6894 fsType:
6895 description: |-
6896 fsType to mount. Ex. "ext4", "xfs", "ntfs".
6897 If not provided, the empty value is passed to the associated CSI driver
6898 which will determine the default filesystem to apply.
6899 type: string
6900 nodePublishSecretRef:
6901 description: |-
6902 nodePublishSecretRef is a reference to the secret object containing
6903 sensitive information to pass to the CSI driver to complete the CSI
6904 NodePublishVolume and NodeUnpublishVolume calls.
6905 This field is optional, and may be empty if no secret is required. If the
6906 secret object contains more than one secret, all secret references are passed.
6907 properties:
6908 name:
6909 default: ""
6910 description: |-
6911 Name of the referent.
6912 This field is effectively required, but due to backwards compatibility is
6913 allowed to be empty. Instances of this type with an empty value here are
6914 almost certainly wrong.
6915 TODO: Add other useful fields. apiVersion, kind, uid?
6916 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6917 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6918 type: string
6919 type: object
6920 x-kubernetes-map-type: atomic
6921 readOnly:
6922 description: |-
6923 readOnly specifies a read-only configuration for the volume.
6924 Defaults to false (read/write).
6925 type: boolean
6926 volumeAttributes:
6927 additionalProperties:
6928 type: string
6929 description: |-
6930 volumeAttributes stores driver-specific properties that are passed to the CSI
6931 driver. Consult your driver's documentation for supported values.
6932 type: object
6933 required:
6934 - driver
6935 type: object
6936 downwardAPI:
6937 description: downwardAPI represents downward
6938 API about the pod that should populate this
6939 volume
6940 properties:
6941 defaultMode:
6942 description: |-
6943 Optional: mode bits to use on created files by default. Must be a
6944 Optional: mode bits used to set permissions on created files by default.
6945 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6946 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6947 Defaults to 0644.
6948 Directories within the path are not affected by this setting.
6949 This might be in conflict with other options that affect the file
6950 mode, like fsGroup, and the result can be other mode bits set.
6951 format: int32
6952 type: integer
6953 items:
6954 description: Items is a list of downward
6955 API volume file
6956 items:
6957 description: DownwardAPIVolumeFile represents
6958 information to create the file containing
6959 the pod field
6960 properties:
6961 fieldRef:
6962 description: 'Required: Selects a
6963 field of the pod: only annotations,
6964 labels, name, namespace and uid
6965 are supported.'
6966 properties:
6967 apiVersion:
6968 description: Version of the schema
6969 the FieldPath is written in
6970 terms of, defaults to "v1".
6971 type: string
6972 fieldPath:
6973 description: Path of the field
6974 to select in the specified API
6975 version.
6976 type: string
6977 required:
6978 - fieldPath
6979 type: object
6980 x-kubernetes-map-type: atomic
6981 mode:
6982 description: |-
6983 Optional: mode bits used to set permissions on this file, must be an octal value
6984 between 0000 and 0777 or a decimal value between 0 and 511.
6985 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6986 If not specified, the volume defaultMode will be used.
6987 This might be in conflict with other options that affect the file
6988 mode, like fsGroup, and the result can be other mode bits set.
6989 format: int32
6990 type: integer
6991 path:
6992 description: 'Required: Path is the
6993 relative path name of the file to
6994 be created. Must not be absolute
6995 or contain the ''..'' path. Must
6996 be utf-8 encoded. The first item
6997 of the relative path must not start
6998 with ''..'''
6999 type: string
7000 resourceFieldRef:
7001 description: |-
7002 Selects a resource of the container: only resources limits and requests
7003 (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
7004 properties:
7005 containerName:
7006 description: 'Container name:
7007 required for volumes, optional
7008 for env vars'
7009 type: string
7010 divisor:
7011 anyOf:
7012 - type: integer
7013 - type: string
7014 description: Specifies the output
7015 format of the exposed resources,
7016 defaults to "1"
7017 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7018 x-kubernetes-int-or-string: true
7019 resource:
7020 description: 'Required: resource
7021 to select'
7022 type: string
7023 required:
7024 - resource
7025 type: object
7026 x-kubernetes-map-type: atomic
7027 required:
7028 - path
7029 type: object
7030 type: array
7031 x-kubernetes-list-type: atomic
7032 type: object
7033 emptyDir:
7034 description: |-
7035 emptyDir represents a temporary directory that shares a pod's lifetime.
7036 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
7037 properties:
7038 medium:
7039 description: |-
7040 medium represents what type of storage medium should back this directory.
7041 The default is "" which means to use the node's default medium.
7042 Must be an empty string (default) or Memory.
7043 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
7044 type: string
7045 sizeLimit:
7046 anyOf:
7047 - type: integer
7048 - type: string
7049 description: |-
7050 sizeLimit is the total amount of local storage required for this EmptyDir volume.
7051 The size limit is also applicable for memory medium.
7052 The maximum usage on memory medium EmptyDir would be the minimum value between
7053 the SizeLimit specified here and the sum of memory limits of all containers in a pod.
7054 The default is nil which means that the limit is undefined.
7055 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
7056 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7057 x-kubernetes-int-or-string: true
7058 type: object
7059 ephemeral:
7060 description: |-
7061 ephemeral represents a volume that is handled by a cluster storage driver.
7062 The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
7063 and deleted when the pod is removed.
7064
7065
7066 Use this if:
7067 a) the volume is only needed while the pod runs,
7068 b) features of normal volumes like restoring from snapshot or capacity
7069 tracking are needed,
7070 c) the storage driver is specified through a storage class, and
7071 d) the storage driver supports dynamic volume provisioning through
7072 a PersistentVolumeClaim (see EphemeralVolumeSource for more
7073 information on the connection between this volume type
7074 and PersistentVolumeClaim).
7075
7076
7077 Use PersistentVolumeClaim or one of the vendor-specific
7078 APIs for volumes that persist for longer than the lifecycle
7079 of an individual pod.
7080
7081
7082 Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
7083 be used that way - see the documentation of the driver for
7084 more information.
7085
7086
7087 A pod can use both types of ephemeral volumes and
7088 persistent volumes at the same time.
7089 properties:
7090 volumeClaimTemplate:
7091 description: |-
7092 Will be used to create a stand-alone PVC to provision the volume.
7093 The pod in which this EphemeralVolumeSource is embedded will be the
7094 owner of the PVC, i.e. the PVC will be deleted together with the
7095 pod. The name of the PVC will be `<pod name>-<volume name>` where
7096 `<volume name>` is the name from the `PodSpec.Volumes` array
7097 entry. Pod validation will reject the pod if the concatenated name
7098 is not valid for a PVC (for example, too long).
7099
7100
7101 An existing PVC with that name that is not owned by the pod
7102 will *not* be used for the pod to avoid using an unrelated
7103 volume by mistake. Starting the pod is then blocked until
7104 the unrelated PVC is removed. If such a pre-created PVC is
7105 meant to be used by the pod, the PVC has to updated with an
7106 owner reference to the pod once the pod exists. Normally
7107 this should not be necessary, but it may be useful when
7108 manually reconstructing a broken cluster.
7109
7110
7111 This field is read-only and no changes will be made by Kubernetes
7112 to the PVC after it has been created.
7113
7114
7115 Required, must not be nil.
7116 properties:
7117 metadata:
7118 description: |-
7119 May contain labels and annotations that will be copied into the PVC
7120 when creating it. No other fields are allowed and will be rejected during
7121 validation.
7122 properties:
7123 annotations:
7124 additionalProperties:
7125 type: string
7126 type: object
7127 finalizers:
7128 items:
7129 type: string
7130 type: array
7131 labels:
7132 additionalProperties:
7133 type: string
7134 type: object
7135 name:
7136 type: string
7137 namespace:
7138 type: string
7139 type: object
7140 spec:
7141 description: |-
7142 The specification for the PersistentVolumeClaim. The entire content is
7143 copied unchanged into the PVC that gets created from this
7144 template. The same fields as in a PersistentVolumeClaim
7145 are also valid here.
7146 properties:
7147 accessModes:
7148 description: |-
7149 accessModes contains the desired access modes the volume should have.
7150 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
7151 items:
7152 type: string
7153 type: array
7154 x-kubernetes-list-type: atomic
7155 dataSource:
7156 description: |-
7157 dataSource field can be used to specify either:
7158 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
7159 * An existing PVC (PersistentVolumeClaim)
7160 If the provisioner or an external controller can support the specified data source,
7161 it will create a new volume based on the contents of the specified data source.
7162 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
7163 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
7164 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
7165 properties:
7166 apiGroup:
7167 description: |-
7168 APIGroup is the group for the resource being referenced.
7169 If APIGroup is not specified, the specified Kind must be in the core API group.
7170 For any other third-party types, APIGroup is required.
7171 type: string
7172 kind:
7173 description: Kind is the type
7174 of resource being referenced
7175 type: string
7176 name:
7177 description: Name is the name
7178 of resource being referenced
7179 type: string
7180 required:
7181 - kind
7182 - name
7183 type: object
7184 x-kubernetes-map-type: atomic
7185 dataSourceRef:
7186 description: |-
7187 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
7188 volume is desired. This may be any object from a non-empty API group (non
7189 core object) or a PersistentVolumeClaim object.
7190 When this field is specified, volume binding will only succeed if the type of
7191 the specified object matches some installed volume populator or dynamic
7192 provisioner.
7193 This field will replace the functionality of the dataSource field and as such
7194 if both fields are non-empty, they must have the same value. For backwards
7195 compatibility, when namespace isn't specified in dataSourceRef,
7196 both fields (dataSource and dataSourceRef) will be set to the same
7197 value automatically if one of them is empty and the other is non-empty.
7198 When namespace is specified in dataSourceRef,
7199 dataSource isn't set to the same value and must be empty.
7200 There are three important differences between dataSource and dataSourceRef:
7201 * While dataSource only allows two specific types of objects, dataSourceRef
7202 allows any non-core object, as well as PersistentVolumeClaim objects.
7203 * While dataSource ignores disallowed values (dropping them), dataSourceRef
7204 preserves all values, and generates an error if a disallowed value is
7205 specified.
7206 * While dataSource only allows local objects, dataSourceRef allows objects
7207 in any namespaces.
7208 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
7209 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
7210 properties:
7211 apiGroup:
7212 description: |-
7213 APIGroup is the group for the resource being referenced.
7214 If APIGroup is not specified, the specified Kind must be in the core API group.
7215 For any other third-party types, APIGroup is required.
7216 type: string
7217 kind:
7218 description: Kind is the type
7219 of resource being referenced
7220 type: string
7221 name:
7222 description: Name is the name
7223 of resource being referenced
7224 type: string
7225 namespace:
7226 description: |-
7227 Namespace is the namespace of resource being referenced
7228 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
7229 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
7230 type: string
7231 required:
7232 - kind
7233 - name
7234 type: object
7235 resources:
7236 description: |-
7237 resources represents the minimum resources the volume should have.
7238 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
7239 that are lower than previous value but must still be higher than capacity recorded in the
7240 status field of the claim.
7241 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
7242 properties:
7243 limits:
7244 additionalProperties:
7245 anyOf:
7246 - type: integer
7247 - type: string
7248 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7249 x-kubernetes-int-or-string: true
7250 description: |-
7251 Limits describes the maximum amount of compute resources allowed.
7252 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
7253 type: object
7254 requests:
7255 additionalProperties:
7256 anyOf:
7257 - type: integer
7258 - type: string
7259 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7260 x-kubernetes-int-or-string: true
7261 description: |-
7262 Requests describes the minimum amount of compute resources required.
7263 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
7264 otherwise to an implementation-defined value. Requests cannot exceed Limits.
7265 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
7266 type: object
7267 type: object
7268 selector:
7269 description: selector is a label
7270 query over volumes to consider
7271 for binding.
7272 properties:
7273 matchExpressions:
7274 description: matchExpressions
7275 is a list of label selector
7276 requirements. The requirements
7277 are ANDed.
7278 items:
7279 description: |-
7280 A label selector requirement is a selector that contains values, a key, and an operator that
7281 relates the key and values.
7282 properties:
7283 key:
7284 description: key is the
7285 label key that the selector
7286 applies to.
7287 type: string
7288 operator:
7289 description: |-
7290 operator represents a key's relationship to a set of values.
7291 Valid operators are In, NotIn, Exists and DoesNotExist.
7292 type: string
7293 values:
7294 description: |-
7295 values is an array of string values. If the operator is In or NotIn,
7296 the values array must be non-empty. If the operator is Exists or DoesNotExist,
7297 the values array must be empty. This array is replaced during a strategic
7298 merge patch.
7299 items:
7300 type: string
7301 type: array
7302 x-kubernetes-list-type: atomic
7303 required:
7304 - key
7305 - operator
7306 type: object
7307 type: array
7308 x-kubernetes-list-type: atomic
7309 matchLabels:
7310 additionalProperties:
7311 type: string
7312 description: |-
7313 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
7314 map is equivalent to an element of matchExpressions, whose key field is "key", the
7315 operator is "In", and the values array contains only "value". The requirements are ANDed.
7316 type: object
7317 type: object
7318 x-kubernetes-map-type: atomic
7319 storageClassName:
7320 description: |-
7321 storageClassName is the name of the StorageClass required by the claim.
7322 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
7323 type: string
7324 volumeAttributesClassName:
7325 description: |-
7326 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
7327 If specified, the CSI driver will create or update the volume with the attributes defined
7328 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
7329 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
7330 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
7331 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
7332 will be set by the persistentvolume controller if it exists.
7333 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
7334 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
7335 exists.
7336 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
7337 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
7338 type: string
7339 volumeMode:
7340 description: |-
7341 volumeMode defines what type of volume is required by the claim.
7342 Value of Filesystem is implied when not included in claim spec.
7343 type: string
7344 volumeName:
7345 description: volumeName is the binding
7346 reference to the PersistentVolume
7347 backing this claim.
7348 type: string
7349 type: object
7350 required:
7351 - spec
7352 type: object
7353 type: object
7354 fc:
7355 description: fc represents a Fibre Channel resource
7356 that is attached to a kubelet's host machine
7357 and then exposed to the pod.
7358 properties:
7359 fsType:
7360 description: |-
7361 fsType is the filesystem type to mount.
7362 Must be a filesystem type supported by the host operating system.
7363 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7364 TODO: how do we prevent errors in the filesystem from compromising the machine
7365 type: string
7366 lun:
7367 description: 'lun is Optional: FC target
7368 lun number'
7369 format: int32
7370 type: integer
7371 readOnly:
7372 description: |-
7373 readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
7374 the ReadOnly setting in VolumeMounts.
7375 type: boolean
7376 targetWWNs:
7377 description: 'targetWWNs is Optional: FC
7378 target worldwide names (WWNs)'
7379 items:
7380 type: string
7381 type: array
7382 x-kubernetes-list-type: atomic
7383 wwids:
7384 description: |-
7385 wwids Optional: FC volume world wide identifiers (wwids)
7386 Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
7387 items:
7388 type: string
7389 type: array
7390 x-kubernetes-list-type: atomic
7391 type: object
7392 flexVolume:
7393 description: |-
7394 flexVolume represents a generic volume resource that is
7395 provisioned/attached using an exec based plugin.
7396 properties:
7397 driver:
7398 description: driver is the name of the driver
7399 to use for this volume.
7400 type: string
7401 fsType:
7402 description: |-
7403 fsType is the filesystem type to mount.
7404 Must be a filesystem type supported by the host operating system.
7405 Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
7406 type: string
7407 options:
7408 additionalProperties:
7409 type: string
7410 description: 'options is Optional: this
7411 field holds extra command options if any.'
7412 type: object
7413 readOnly:
7414 description: |-
7415 readOnly is Optional: defaults to false (read/write). ReadOnly here will force
7416 the ReadOnly setting in VolumeMounts.
7417 type: boolean
7418 secretRef:
7419 description: |-
7420 secretRef is Optional: secretRef is reference to the secret object containing
7421 sensitive information to pass to the plugin scripts. This may be
7422 empty if no secret object is specified. If the secret object
7423 contains more than one secret, all secrets are passed to the plugin
7424 scripts.
7425 properties:
7426 name:
7427 default: ""
7428 description: |-
7429 Name of the referent.
7430 This field is effectively required, but due to backwards compatibility is
7431 allowed to be empty. Instances of this type with an empty value here are
7432 almost certainly wrong.
7433 TODO: Add other useful fields. apiVersion, kind, uid?
7434 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7435 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7436 type: string
7437 type: object
7438 x-kubernetes-map-type: atomic
7439 required:
7440 - driver
7441 type: object
7442 flocker:
7443 description: flocker represents a Flocker volume
7444 attached to a kubelet's host machine. This
7445 depends on the Flocker control service being
7446 running
7447 properties:
7448 datasetName:
7449 description: |-
7450 datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
7451 should be considered as deprecated
7452 type: string
7453 datasetUUID:
7454 description: datasetUUID is the UUID of
7455 the dataset. This is unique identifier
7456 of a Flocker dataset
7457 type: string
7458 type: object
7459 gcePersistentDisk:
7460 description: |-
7461 gcePersistentDisk represents a GCE Disk resource that is attached to a
7462 kubelet's host machine and then exposed to the pod.
7463 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7464 properties:
7465 fsType:
7466 description: |-
7467 fsType is filesystem type of the volume that you want to mount.
7468 Tip: Ensure that the filesystem type is supported by the host operating system.
7469 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7470 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7471 TODO: how do we prevent errors in the filesystem from compromising the machine
7472 type: string
7473 partition:
7474 description: |-
7475 partition is the partition in the volume that you want to mount.
7476 If omitted, the default is to mount by volume name.
7477 Examples: For volume /dev/sda1, you specify the partition as "1".
7478 Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
7479 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7480 format: int32
7481 type: integer
7482 pdName:
7483 description: |-
7484 pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
7485 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7486 type: string
7487 readOnly:
7488 description: |-
7489 readOnly here will force the ReadOnly setting in VolumeMounts.
7490 Defaults to false.
7491 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7492 type: boolean
7493 required:
7494 - pdName
7495 type: object
7496 gitRepo:
7497 description: |-
7498 gitRepo represents a git repository at a particular revision.
7499 DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
7500 EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
7501 into the Pod's container.
7502 properties:
7503 directory:
7504 description: |-
7505 directory is the target directory name.
7506 Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
7507 git repository. Otherwise, if specified, the volume will contain the git repository in
7508 the subdirectory with the given name.
7509 type: string
7510 repository:
7511 description: repository is the URL
7512 type: string
7513 revision:
7514 description: revision is the commit hash
7515 for the specified revision.
7516 type: string
7517 required:
7518 - repository
7519 type: object
7520 glusterfs:
7521 description: |-
7522 glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
7523 More info: https://examples.k8s.io/volumes/glusterfs/README.md
7524 properties:
7525 endpoints:
7526 description: |-
7527 endpoints is the endpoint name that details Glusterfs topology.
7528 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
7529 type: string
7530 path:
7531 description: |-
7532 path is the Glusterfs volume path.
7533 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
7534 type: string
7535 readOnly:
7536 description: |-
7537 readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
7538 Defaults to false.
7539 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
7540 type: boolean
7541 required:
7542 - endpoints
7543 - path
7544 type: object
7545 hostPath:
7546 description: |-
7547 hostPath represents a pre-existing file or directory on the host
7548 machine that is directly exposed to the container. This is generally
7549 used for system agents or other privileged things that are allowed
7550 to see the host machine. Most containers will NOT need this.
7551 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
7552 ---
7553 TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
7554 mount host directories as read/write.
7555 properties:
7556 path:
7557 description: |-
7558 path of the directory on the host.
7559 If the path is a symlink, it will follow the link to the real path.
7560 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
7561 type: string
7562 type:
7563 description: |-
7564 type for HostPath Volume
7565 Defaults to ""
7566 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
7567 type: string
7568 required:
7569 - path
7570 type: object
7571 iscsi:
7572 description: |-
7573 iscsi represents an ISCSI Disk resource that is attached to a
7574 kubelet's host machine and then exposed to the pod.
7575 More info: https://examples.k8s.io/volumes/iscsi/README.md
7576 properties:
7577 chapAuthDiscovery:
7578 description: chapAuthDiscovery defines whether
7579 support iSCSI Discovery CHAP authentication
7580 type: boolean
7581 chapAuthSession:
7582 description: chapAuthSession defines whether
7583 support iSCSI Session CHAP authentication
7584 type: boolean
7585 fsType:
7586 description: |-
7587 fsType is the filesystem type of the volume that you want to mount.
7588 Tip: Ensure that the filesystem type is supported by the host operating system.
7589 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7590 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
7591 TODO: how do we prevent errors in the filesystem from compromising the machine
7592 type: string
7593 initiatorName:
7594 description: |-
7595 initiatorName is the custom iSCSI Initiator Name.
7596 If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
7597 <target portal>:<volume name> will be created for the connection.
7598 type: string
7599 iqn:
7600 description: iqn is the target iSCSI Qualified
7601 Name.
7602 type: string
7603 iscsiInterface:
7604 description: |-
7605 iscsiInterface is the interface Name that uses an iSCSI transport.
7606 Defaults to 'default' (tcp).
7607 type: string
7608 lun:
7609 description: lun represents iSCSI Target
7610 Lun number.
7611 format: int32
7612 type: integer
7613 portals:
7614 description: |-
7615 portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
7616 is other than default (typically TCP ports 860 and 3260).
7617 items:
7618 type: string
7619 type: array
7620 x-kubernetes-list-type: atomic
7621 readOnly:
7622 description: |-
7623 readOnly here will force the ReadOnly setting in VolumeMounts.
7624 Defaults to false.
7625 type: boolean
7626 secretRef:
7627 description: secretRef is the CHAP Secret
7628 for iSCSI target and initiator authentication
7629 properties:
7630 name:
7631 default: ""
7632 description: |-
7633 Name of the referent.
7634 This field is effectively required, but due to backwards compatibility is
7635 allowed to be empty. Instances of this type with an empty value here are
7636 almost certainly wrong.
7637 TODO: Add other useful fields. apiVersion, kind, uid?
7638 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7639 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7640 type: string
7641 type: object
7642 x-kubernetes-map-type: atomic
7643 targetPortal:
7644 description: |-
7645 targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
7646 is other than default (typically TCP ports 860 and 3260).
7647 type: string
7648 required:
7649 - iqn
7650 - lun
7651 - targetPortal
7652 type: object
7653 name:
7654 description: |-
7655 name of the volume.
7656 Must be a DNS_LABEL and unique within the pod.
7657 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7658 type: string
7659 nfs:
7660 description: |-
7661 nfs represents an NFS mount on the host that shares a pod's lifetime
7662 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7663 properties:
7664 path:
7665 description: |-
7666 path that is exported by the NFS server.
7667 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7668 type: string
7669 readOnly:
7670 description: |-
7671 readOnly here will force the NFS export to be mounted with read-only permissions.
7672 Defaults to false.
7673 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7674 type: boolean
7675 server:
7676 description: |-
7677 server is the hostname or IP address of the NFS server.
7678 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7679 type: string
7680 required:
7681 - path
7682 - server
7683 type: object
7684 persistentVolumeClaim:
7685 description: |-
7686 persistentVolumeClaimVolumeSource represents a reference to a
7687 PersistentVolumeClaim in the same namespace.
7688 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
7689 properties:
7690 claimName:
7691 description: |-
7692 claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
7693 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
7694 type: string
7695 readOnly:
7696 description: |-
7697 readOnly Will force the ReadOnly setting in VolumeMounts.
7698 Default false.
7699 type: boolean
7700 required:
7701 - claimName
7702 type: object
7703 photonPersistentDisk:
7704 description: photonPersistentDisk represents
7705 a PhotonController persistent disk attached
7706 and mounted on kubelets host machine
7707 properties:
7708 fsType:
7709 description: |-
7710 fsType is the filesystem type to mount.
7711 Must be a filesystem type supported by the host operating system.
7712 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7713 type: string
7714 pdID:
7715 description: pdID is the ID that identifies
7716 Photon Controller persistent disk
7717 type: string
7718 required:
7719 - pdID
7720 type: object
7721 portworxVolume:
7722 description: portworxVolume represents a portworx
7723 volume attached and mounted on kubelets host
7724 machine
7725 properties:
7726 fsType:
7727 description: |-
7728 fSType represents the filesystem type to mount
7729 Must be a filesystem type supported by the host operating system.
7730 Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
7731 type: string
7732 readOnly:
7733 description: |-
7734 readOnly defaults to false (read/write). ReadOnly here will force
7735 the ReadOnly setting in VolumeMounts.
7736 type: boolean
7737 volumeID:
7738 description: volumeID uniquely identifies
7739 a Portworx volume
7740 type: string
7741 required:
7742 - volumeID
7743 type: object
7744 projected:
7745 description: projected items for all in one
7746 resources secrets, configmaps, and downward
7747 API
7748 properties:
7749 defaultMode:
7750 description: |-
7751 defaultMode are the mode bits used to set permissions on created files by default.
7752 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7753 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7754 Directories within the path are not affected by this setting.
7755 This might be in conflict with other options that affect the file
7756 mode, like fsGroup, and the result can be other mode bits set.
7757 format: int32
7758 type: integer
7759 sources:
7760 description: sources is the list of volume
7761 projections
7762 items:
7763 description: Projection that may be projected
7764 along with other supported volume types
7765 properties:
7766 clusterTrustBundle:
7767 description: |-
7768 ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
7769 of ClusterTrustBundle objects in an auto-updating file.
7770
7771
7772 Alpha, gated by the ClusterTrustBundleProjection feature gate.
7773
7774
7775 ClusterTrustBundle objects can either be selected by name, or by the
7776 combination of signer name and a label selector.
7777
7778
7779 Kubelet performs aggressive normalization of the PEM contents written
7780 into the pod filesystem. Esoteric PEM features such as inter-block
7781 comments and block headers are stripped. Certificates are deduplicated.
7782 The ordering of certificates within the file is arbitrary, and Kubelet
7783 may change the order over time.
7784 properties:
7785 labelSelector:
7786 description: |-
7787 Select all ClusterTrustBundles that match this label selector. Only has
7788 effect if signerName is set. Mutually-exclusive with name. If unset,
7789 interpreted as "match nothing". If set but empty, interpreted as "match
7790 everything".
7791 properties:
7792 matchExpressions:
7793 description: matchExpressions
7794 is a list of label selector
7795 requirements. The requirements
7796 are ANDed.
7797 items:
7798 description: |-
7799 A label selector requirement is a selector that contains values, a key, and an operator that
7800 relates the key and values.
7801 properties:
7802 key:
7803 description: key is
7804 the label key that
7805 the selector applies
7806 to.
7807 type: string
7808 operator:
7809 description: |-
7810 operator represents a key's relationship to a set of values.
7811 Valid operators are In, NotIn, Exists and DoesNotExist.
7812 type: string
7813 values:
7814 description: |-
7815 values is an array of string values. If the operator is In or NotIn,
7816 the values array must be non-empty. If the operator is Exists or DoesNotExist,
7817 the values array must be empty. This array is replaced during a strategic
7818 merge patch.
7819 items:
7820 type: string
7821 type: array
7822 x-kubernetes-list-type: atomic
7823 required:
7824 - key
7825 - operator
7826 type: object
7827 type: array
7828 x-kubernetes-list-type: atomic
7829 matchLabels:
7830 additionalProperties:
7831 type: string
7832 description: |-
7833 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
7834 map is equivalent to an element of matchExpressions, whose key field is "key", the
7835 operator is "In", and the values array contains only "value". The requirements are ANDed.
7836 type: object
7837 type: object
7838 x-kubernetes-map-type: atomic
7839 name:
7840 description: |-
7841 Select a single ClusterTrustBundle by object name. Mutually-exclusive
7842 with signerName and labelSelector.
7843 type: string
7844 optional:
7845 description: |-
7846 If true, don't block pod startup if the referenced ClusterTrustBundle(s)
7847 aren't available. If using name, then the named ClusterTrustBundle is
7848 allowed not to exist. If using signerName, then the combination of
7849 signerName and labelSelector is allowed to match zero
7850 ClusterTrustBundles.
7851 type: boolean
7852 path:
7853 description: Relative path from
7854 the volume root to write the
7855 bundle.
7856 type: string
7857 signerName:
7858 description: |-
7859 Select all ClusterTrustBundles that match this signer name.
7860 Mutually-exclusive with name. The contents of all selected
7861 ClusterTrustBundles will be unified and deduplicated.
7862 type: string
7863 required:
7864 - path
7865 type: object
7866 configMap:
7867 description: configMap information
7868 about the configMap data to project
7869 properties:
7870 items:
7871 description: |-
7872 items if unspecified, each key-value pair in the Data field of the referenced
7873 ConfigMap will be projected into the volume as a file whose name is the
7874 key and content is the value. If specified, the listed keys will be
7875 projected into the specified paths, and unlisted keys will not be
7876 present. If a key is specified which is not present in the ConfigMap,
7877 the volume setup will error unless it is marked optional. Paths must be
7878 relative and may not contain the '..' path or start with '..'.
7879 items:
7880 description: Maps a string key
7881 to a path within a volume.
7882 properties:
7883 key:
7884 description: key is the
7885 key to project.
7886 type: string
7887 mode:
7888 description: |-
7889 mode is Optional: mode bits used to set permissions on this file.
7890 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7891 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7892 If not specified, the volume defaultMode will be used.
7893 This might be in conflict with other options that affect the file
7894 mode, like fsGroup, and the result can be other mode bits set.
7895 format: int32
7896 type: integer
7897 path:
7898 description: |-
7899 path is the relative path of the file to map the key to.
7900 May not be an absolute path.
7901 May not contain the path element '..'.
7902 May not start with the string '..'.
7903 type: string
7904 required:
7905 - key
7906 - path
7907 type: object
7908 type: array
7909 x-kubernetes-list-type: atomic
7910 name:
7911 default: ""
7912 description: |-
7913 Name of the referent.
7914 This field is effectively required, but due to backwards compatibility is
7915 allowed to be empty. Instances of this type with an empty value here are
7916 almost certainly wrong.
7917 TODO: Add other useful fields. apiVersion, kind, uid?
7918 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7919 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7920 type: string
7921 optional:
7922 description: optional specify
7923 whether the ConfigMap or its
7924 keys must be defined
7925 type: boolean
7926 type: object
7927 x-kubernetes-map-type: atomic
7928 downwardAPI:
7929 description: downwardAPI information
7930 about the downwardAPI data to project
7931 properties:
7932 items:
7933 description: Items is a list of
7934 DownwardAPIVolume file
7935 items:
7936 description: DownwardAPIVolumeFile
7937 represents information to
7938 create the file containing
7939 the pod field
7940 properties:
7941 fieldRef:
7942 description: 'Required:
7943 Selects a field of the
7944 pod: only annotations,
7945 labels, name, namespace
7946 and uid are supported.'
7947 properties:
7948 apiVersion:
7949 description: Version
7950 of the schema the
7951 FieldPath is written
7952 in terms of, defaults
7953 to "v1".
7954 type: string
7955 fieldPath:
7956 description: Path of
7957 the field to select
7958 in the specified API
7959 version.
7960 type: string
7961 required:
7962 - fieldPath
7963 type: object
7964 x-kubernetes-map-type: atomic
7965 mode:
7966 description: |-
7967 Optional: mode bits used to set permissions on this file, must be an octal value
7968 between 0000 and 0777 or a decimal value between 0 and 511.
7969 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7970 If not specified, the volume defaultMode will be used.
7971 This might be in conflict with other options that affect the file
7972 mode, like fsGroup, and the result can be other mode bits set.
7973 format: int32
7974 type: integer
7975 path:
7976 description: 'Required:
7977 Path is the relative
7978 path name of the file
7979 to be created. Must not
7980 be absolute or contain
7981 the ''..'' path. Must
7982 be utf-8 encoded. The
7983 first item of the relative
7984 path must not start with
7985 ''..'''
7986 type: string
7987 resourceFieldRef:
7988 description: |-
7989 Selects a resource of the container: only resources limits and requests
7990 (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
7991 properties:
7992 containerName:
7993 description: 'Container
7994 name: required for
7995 volumes, optional
7996 for env vars'
7997 type: string
7998 divisor:
7999 anyOf:
8000 - type: integer
8001 - type: string
8002 description: Specifies
8003 the output format
8004 of the exposed resources,
8005 defaults to "1"
8006 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8007 x-kubernetes-int-or-string: true
8008 resource:
8009 description: 'Required:
8010 resource to select'
8011 type: string
8012 required:
8013 - resource
8014 type: object
8015 x-kubernetes-map-type: atomic
8016 required:
8017 - path
8018 type: object
8019 type: array
8020 x-kubernetes-list-type: atomic
8021 type: object
8022 secret:
8023 description: secret information about
8024 the secret data to project
8025 properties:
8026 items:
8027 description: |-
8028 items if unspecified, each key-value pair in the Data field of the referenced
8029 Secret will be projected into the volume as a file whose name is the
8030 key and content is the value. If specified, the listed keys will be
8031 projected into the specified paths, and unlisted keys will not be
8032 present. If a key is specified which is not present in the Secret,
8033 the volume setup will error unless it is marked optional. Paths must be
8034 relative and may not contain the '..' path or start with '..'.
8035 items:
8036 description: Maps a string key
8037 to a path within a volume.
8038 properties:
8039 key:
8040 description: key is the
8041 key to project.
8042 type: string
8043 mode:
8044 description: |-
8045 mode is Optional: mode bits used to set permissions on this file.
8046 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
8047 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
8048 If not specified, the volume defaultMode will be used.
8049 This might be in conflict with other options that affect the file
8050 mode, like fsGroup, and the result can be other mode bits set.
8051 format: int32
8052 type: integer
8053 path:
8054 description: |-
8055 path is the relative path of the file to map the key to.
8056 May not be an absolute path.
8057 May not contain the path element '..'.
8058 May not start with the string '..'.
8059 type: string
8060 required:
8061 - key
8062 - path
8063 type: object
8064 type: array
8065 x-kubernetes-list-type: atomic
8066 name:
8067 default: ""
8068 description: |-
8069 Name of the referent.
8070 This field is effectively required, but due to backwards compatibility is
8071 allowed to be empty. Instances of this type with an empty value here are
8072 almost certainly wrong.
8073 TODO: Add other useful fields. apiVersion, kind, uid?
8074 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8075 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8076 type: string
8077 optional:
8078 description: optional field specify
8079 whether the Secret or its key
8080 must be defined
8081 type: boolean
8082 type: object
8083 x-kubernetes-map-type: atomic
8084 serviceAccountToken:
8085 description: serviceAccountToken is
8086 information about the serviceAccountToken
8087 data to project
8088 properties:
8089 audience:
8090 description: |-
8091 audience is the intended audience of the token. A recipient of a token
8092 must identify itself with an identifier specified in the audience of the
8093 token, and otherwise should reject the token. The audience defaults to the
8094 identifier of the apiserver.
8095 type: string
8096 expirationSeconds:
8097 description: |-
8098 expirationSeconds is the requested duration of validity of the service
8099 account token. As the token approaches expiration, the kubelet volume
8100 plugin will proactively rotate the service account token. The kubelet will
8101 start trying to rotate the token if the token is older than 80 percent of
8102 its time to live or if the token is older than 24 hours.Defaults to 1 hour
8103 and must be at least 10 minutes.
8104 format: int64
8105 type: integer
8106 path:
8107 description: |-
8108 path is the path relative to the mount point of the file to project the
8109 token into.
8110 type: string
8111 required:
8112 - path
8113 type: object
8114 type: object
8115 type: array
8116 x-kubernetes-list-type: atomic
8117 type: object
8118 quobyte:
8119 description: quobyte represents a Quobyte mount
8120 on the host that shares a pod's lifetime
8121 properties:
8122 group:
8123 description: |-
8124 group to map volume access to
8125 Default is no group
8126 type: string
8127 readOnly:
8128 description: |-
8129 readOnly here will force the Quobyte volume to be mounted with read-only permissions.
8130 Defaults to false.
8131 type: boolean
8132 registry:
8133 description: |-
8134 registry represents a single or multiple Quobyte Registry services
8135 specified as a string as host:port pair (multiple entries are separated with commas)
8136 which acts as the central registry for volumes
8137 type: string
8138 tenant:
8139 description: |-
8140 tenant owning the given Quobyte volume in the Backend
8141 Used with dynamically provisioned Quobyte volumes, value is set by the plugin
8142 type: string
8143 user:
8144 description: |-
8145 user to map volume access to
8146 Defaults to serivceaccount user
8147 type: string
8148 volume:
8149 description: volume is a string that references
8150 an already created Quobyte volume by name.
8151 type: string
8152 required:
8153 - registry
8154 - volume
8155 type: object
8156 rbd:
8157 description: |-
8158 rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
8159 More info: https://examples.k8s.io/volumes/rbd/README.md
8160 properties:
8161 fsType:
8162 description: |-
8163 fsType is the filesystem type of the volume that you want to mount.
8164 Tip: Ensure that the filesystem type is supported by the host operating system.
8165 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
8166 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
8167 TODO: how do we prevent errors in the filesystem from compromising the machine
8168 type: string
8169 image:
8170 description: |-
8171 image is the rados image name.
8172 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8173 type: string
8174 keyring:
8175 description: |-
8176 keyring is the path to key ring for RBDUser.
8177 Default is /etc/ceph/keyring.
8178 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8179 type: string
8180 monitors:
8181 description: |-
8182 monitors is a collection of Ceph monitors.
8183 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8184 items:
8185 type: string
8186 type: array
8187 x-kubernetes-list-type: atomic
8188 pool:
8189 description: |-
8190 pool is the rados pool name.
8191 Default is rbd.
8192 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8193 type: string
8194 readOnly:
8195 description: |-
8196 readOnly here will force the ReadOnly setting in VolumeMounts.
8197 Defaults to false.
8198 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8199 type: boolean
8200 secretRef:
8201 description: |-
8202 secretRef is name of the authentication secret for RBDUser. If provided
8203 overrides keyring.
8204 Default is nil.
8205 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8206 properties:
8207 name:
8208 default: ""
8209 description: |-
8210 Name of the referent.
8211 This field is effectively required, but due to backwards compatibility is
8212 allowed to be empty. Instances of this type with an empty value here are
8213 almost certainly wrong.
8214 TODO: Add other useful fields. apiVersion, kind, uid?
8215 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8216 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8217 type: string
8218 type: object
8219 x-kubernetes-map-type: atomic
8220 user:
8221 description: |-
8222 user is the rados user name.
8223 Default is admin.
8224 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
8225 type: string
8226 required:
8227 - image
8228 - monitors
8229 type: object
8230 scaleIO:
8231 description: scaleIO represents a ScaleIO persistent
8232 volume attached and mounted on Kubernetes
8233 nodes.
8234 properties:
8235 fsType:
8236 description: |-
8237 fsType is the filesystem type to mount.
8238 Must be a filesystem type supported by the host operating system.
8239 Ex. "ext4", "xfs", "ntfs".
8240 Default is "xfs".
8241 type: string
8242 gateway:
8243 description: gateway is the host address
8244 of the ScaleIO API Gateway.
8245 type: string
8246 protectionDomain:
8247 description: protectionDomain is the name
8248 of the ScaleIO Protection Domain for the
8249 configured storage.
8250 type: string
8251 readOnly:
8252 description: |-
8253 readOnly Defaults to false (read/write). ReadOnly here will force
8254 the ReadOnly setting in VolumeMounts.
8255 type: boolean
8256 secretRef:
8257 description: |-
8258 secretRef references to the secret for ScaleIO user and other
8259 sensitive information. If this is not provided, Login operation will fail.
8260 properties:
8261 name:
8262 default: ""
8263 description: |-
8264 Name of the referent.
8265 This field is effectively required, but due to backwards compatibility is
8266 allowed to be empty. Instances of this type with an empty value here are
8267 almost certainly wrong.
8268 TODO: Add other useful fields. apiVersion, kind, uid?
8269 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8270 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8271 type: string
8272 type: object
8273 x-kubernetes-map-type: atomic
8274 sslEnabled:
8275 description: sslEnabled Flag enable/disable
8276 SSL communication with Gateway, default
8277 false
8278 type: boolean
8279 storageMode:
8280 description: |-
8281 storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
8282 Default is ThinProvisioned.
8283 type: string
8284 storagePool:
8285 description: storagePool is the ScaleIO
8286 Storage Pool associated with the protection
8287 domain.
8288 type: string
8289 system:
8290 description: system is the name of the storage
8291 system as configured in ScaleIO.
8292 type: string
8293 volumeName:
8294 description: |-
8295 volumeName is the name of a volume already created in the ScaleIO system
8296 that is associated with this volume source.
8297 type: string
8298 required:
8299 - gateway
8300 - secretRef
8301 - system
8302 type: object
8303 secret:
8304 description: |-
8305 secret represents a secret that should populate this volume.
8306 More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
8307 properties:
8308 defaultMode:
8309 description: |-
8310 defaultMode is Optional: mode bits used to set permissions on created files by default.
8311 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
8312 YAML accepts both octal and decimal values, JSON requires decimal values
8313 for mode bits. Defaults to 0644.
8314 Directories within the path are not affected by this setting.
8315 This might be in conflict with other options that affect the file
8316 mode, like fsGroup, and the result can be other mode bits set.
8317 format: int32
8318 type: integer
8319 items:
8320 description: |-
8321 items If unspecified, each key-value pair in the Data field of the referenced
8322 Secret will be projected into the volume as a file whose name is the
8323 key and content is the value. If specified, the listed keys will be
8324 projected into the specified paths, and unlisted keys will not be
8325 present. If a key is specified which is not present in the Secret,
8326 the volume setup will error unless it is marked optional. Paths must be
8327 relative and may not contain the '..' path or start with '..'.
8328 items:
8329 description: Maps a string key to a path
8330 within a volume.
8331 properties:
8332 key:
8333 description: key is the key to project.
8334 type: string
8335 mode:
8336 description: |-
8337 mode is Optional: mode bits used to set permissions on this file.
8338 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
8339 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
8340 If not specified, the volume defaultMode will be used.
8341 This might be in conflict with other options that affect the file
8342 mode, like fsGroup, and the result can be other mode bits set.
8343 format: int32
8344 type: integer
8345 path:
8346 description: |-
8347 path is the relative path of the file to map the key to.
8348 May not be an absolute path.
8349 May not contain the path element '..'.
8350 May not start with the string '..'.
8351 type: string
8352 required:
8353 - key
8354 - path
8355 type: object
8356 type: array
8357 x-kubernetes-list-type: atomic
8358 optional:
8359 description: optional field specify whether
8360 the Secret or its keys must be defined
8361 type: boolean
8362 secretName:
8363 description: |-
8364 secretName is the name of the secret in the pod's namespace to use.
8365 More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
8366 type: string
8367 type: object
8368 storageos:
8369 description: storageOS represents a StorageOS
8370 volume attached and mounted on Kubernetes
8371 nodes.
8372 properties:
8373 fsType:
8374 description: |-
8375 fsType is the filesystem type to mount.
8376 Must be a filesystem type supported by the host operating system.
8377 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
8378 type: string
8379 readOnly:
8380 description: |-
8381 readOnly defaults to false (read/write). ReadOnly here will force
8382 the ReadOnly setting in VolumeMounts.
8383 type: boolean
8384 secretRef:
8385 description: |-
8386 secretRef specifies the secret to use for obtaining the StorageOS API
8387 credentials. If not specified, default values will be attempted.
8388 properties:
8389 name:
8390 default: ""
8391 description: |-
8392 Name of the referent.
8393 This field is effectively required, but due to backwards compatibility is
8394 allowed to be empty. Instances of this type with an empty value here are
8395 almost certainly wrong.
8396 TODO: Add other useful fields. apiVersion, kind, uid?
8397 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8398 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8399 type: string
8400 type: object
8401 x-kubernetes-map-type: atomic
8402 volumeName:
8403 description: |-
8404 volumeName is the human-readable name of the StorageOS volume. Volume
8405 names are only unique within a namespace.
8406 type: string
8407 volumeNamespace:
8408 description: |-
8409 volumeNamespace specifies the scope of the volume within StorageOS. If no
8410 namespace is specified then the Pod's namespace will be used. This allows the
8411 Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
8412 Set VolumeName to any name to override the default behaviour.
8413 Set to "default" if you are not using namespaces within StorageOS.
8414 Namespaces that do not pre-exist within StorageOS will be created.
8415 type: string
8416 type: object
8417 vsphereVolume:
8418 description: vsphereVolume represents a vSphere
8419 volume attached and mounted on kubelets host
8420 machine
8421 properties:
8422 fsType:
8423 description: |-
8424 fsType is filesystem type to mount.
8425 Must be a filesystem type supported by the host operating system.
8426 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
8427 type: string
8428 storagePolicyID:
8429 description: storagePolicyID is the storage
8430 Policy Based Management (SPBM) profile
8431 ID associated with the StoragePolicyName.
8432 type: string
8433 storagePolicyName:
8434 description: storagePolicyName is the storage
8435 Policy Based Management (SPBM) profile
8436 name.
8437 type: string
8438 volumePath:
8439 description: volumePath is the path that
8440 identifies vSphere volume vmdk
8441 type: string
8442 required:
8443 - volumePath
8444 type: object
8445 required:
8446 - name
8447 type: object
8448 type: array
8449 x-kubernetes-list-map-keys:
8450 - name
8451 x-kubernetes-list-type: map
8452 required:
8453 - containers
8454 type: object
8455 type: object
8456 updateStrategy:
8457 description: |-
8458 updateStrategy indicates the StatefulSetUpdateStrategy that will be
8459 employed to update Pods in the StatefulSet when a revision is made to
8460 Template.
8461 properties:
8462 rollingUpdate:
8463 description: RollingUpdate is used to communicate parameters
8464 when Type is RollingUpdateStatefulSetStrategyType.
8465 properties:
8466 maxUnavailable:
8467 anyOf:
8468 - type: integer
8469 - type: string
8470 description: |-
8471 The maximum number of pods that can be unavailable during the update.
8472 Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
8473 Absolute number is calculated from percentage by rounding up. This can not be 0.
8474 Defaults to 1. This field is alpha-level and is only honored by servers that enable the
8475 MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to
8476 Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it
8477 will be counted towards MaxUnavailable.
8478 x-kubernetes-int-or-string: true
8479 partition:
8480 description: |-
8481 Partition indicates the ordinal at which the StatefulSet should be partitioned
8482 for updates. During a rolling update, all pods from ordinal Replicas-1 to
8483 Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched.
8484 This is helpful in being able to do a canary based deployment. The default value is 0.
8485 format: int32
8486 type: integer
8487 type: object
8488 type:
8489 description: |-
8490 Type indicates the type of the StatefulSetUpdateStrategy.
8491 Default is RollingUpdate.
8492 type: string
8493 type: object
8494 volumeClaimTemplates:
8495 description: |-
8496 volumeClaimTemplates is a list of claims that pods are allowed to reference.
8497 The StatefulSet controller is responsible for mapping network identities to
8498 claims in a way that maintains the identity of a pod. Every claim in
8499 this list must have at least one matching (by name) volumeMount in one
8500 container in the template. A claim in this list takes precedence over
8501 any volumes in the template, with the same name.
8502 TODO: Define the behavior if a claim already exists with the same name.
8503 items:
8504 description: PersistentVolumeClaim is a user's request for
8505 and claim to a persistent volume
8506 properties:
8507 apiVersion:
8508 description: |-
8509 APIVersion defines the versioned schema of this representation of an object.
8510 Servers should convert recognized schemas to the latest internal value, and
8511 may reject unrecognized values.
8512 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
8513 type: string
8514 kind:
8515 description: |-
8516 Kind is a string value representing the REST resource this object represents.
8517 Servers may infer this from the endpoint the client submits requests to.
8518 Cannot be updated.
8519 In CamelCase.
8520 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
8521 type: string
8522 metadata:
8523 description: |-
8524 Standard object's metadata.
8525 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
8526 properties:
8527 annotations:
8528 additionalProperties:
8529 type: string
8530 type: object
8531 finalizers:
8532 items:
8533 type: string
8534 type: array
8535 labels:
8536 additionalProperties:
8537 type: string
8538 type: object
8539 name:
8540 type: string
8541 namespace:
8542 type: string
8543 type: object
8544 spec:
8545 description: |-
8546 spec defines the desired characteristics of a volume requested by a pod author.
8547 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
8548 properties:
8549 accessModes:
8550 description: |-
8551 accessModes contains the desired access modes the volume should have.
8552 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
8553 items:
8554 type: string
8555 type: array
8556 x-kubernetes-list-type: atomic
8557 dataSource:
8558 description: |-
8559 dataSource field can be used to specify either:
8560 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
8561 * An existing PVC (PersistentVolumeClaim)
8562 If the provisioner or an external controller can support the specified data source,
8563 it will create a new volume based on the contents of the specified data source.
8564 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
8565 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
8566 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
8567 properties:
8568 apiGroup:
8569 description: |-
8570 APIGroup is the group for the resource being referenced.
8571 If APIGroup is not specified, the specified Kind must be in the core API group.
8572 For any other third-party types, APIGroup is required.
8573 type: string
8574 kind:
8575 description: Kind is the type of resource being
8576 referenced
8577 type: string
8578 name:
8579 description: Name is the name of resource being
8580 referenced
8581 type: string
8582 required:
8583 - kind
8584 - name
8585 type: object
8586 x-kubernetes-map-type: atomic
8587 dataSourceRef:
8588 description: |-
8589 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
8590 volume is desired. This may be any object from a non-empty API group (non
8591 core object) or a PersistentVolumeClaim object.
8592 When this field is specified, volume binding will only succeed if the type of
8593 the specified object matches some installed volume populator or dynamic
8594 provisioner.
8595 This field will replace the functionality of the dataSource field and as such
8596 if both fields are non-empty, they must have the same value. For backwards
8597 compatibility, when namespace isn't specified in dataSourceRef,
8598 both fields (dataSource and dataSourceRef) will be set to the same
8599 value automatically if one of them is empty and the other is non-empty.
8600 When namespace is specified in dataSourceRef,
8601 dataSource isn't set to the same value and must be empty.
8602 There are three important differences between dataSource and dataSourceRef:
8603 * While dataSource only allows two specific types of objects, dataSourceRef
8604 allows any non-core object, as well as PersistentVolumeClaim objects.
8605 * While dataSource ignores disallowed values (dropping them), dataSourceRef
8606 preserves all values, and generates an error if a disallowed value is
8607 specified.
8608 * While dataSource only allows local objects, dataSourceRef allows objects
8609 in any namespaces.
8610 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
8611 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
8612 properties:
8613 apiGroup:
8614 description: |-
8615 APIGroup is the group for the resource being referenced.
8616 If APIGroup is not specified, the specified Kind must be in the core API group.
8617 For any other third-party types, APIGroup is required.
8618 type: string
8619 kind:
8620 description: Kind is the type of resource being
8621 referenced
8622 type: string
8623 name:
8624 description: Name is the name of resource being
8625 referenced
8626 type: string
8627 namespace:
8628 description: |-
8629 Namespace is the namespace of resource being referenced
8630 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
8631 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
8632 type: string
8633 required:
8634 - kind
8635 - name
8636 type: object
8637 resources:
8638 description: |-
8639 resources represents the minimum resources the volume should have.
8640 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
8641 that are lower than previous value but must still be higher than capacity recorded in the
8642 status field of the claim.
8643 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
8644 properties:
8645 limits:
8646 additionalProperties:
8647 anyOf:
8648 - type: integer
8649 - type: string
8650 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8651 x-kubernetes-int-or-string: true
8652 description: |-
8653 Limits describes the maximum amount of compute resources allowed.
8654 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
8655 type: object
8656 requests:
8657 additionalProperties:
8658 anyOf:
8659 - type: integer
8660 - type: string
8661 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8662 x-kubernetes-int-or-string: true
8663 description: |-
8664 Requests describes the minimum amount of compute resources required.
8665 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
8666 otherwise to an implementation-defined value. Requests cannot exceed Limits.
8667 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
8668 type: object
8669 type: object
8670 selector:
8671 description: selector is a label query over volumes
8672 to consider for binding.
8673 properties:
8674 matchExpressions:
8675 description: matchExpressions is a list of label
8676 selector requirements. The requirements are
8677 ANDed.
8678 items:
8679 description: |-
8680 A label selector requirement is a selector that contains values, a key, and an operator that
8681 relates the key and values.
8682 properties:
8683 key:
8684 description: key is the label key that
8685 the selector applies to.
8686 type: string
8687 operator:
8688 description: |-
8689 operator represents a key's relationship to a set of values.
8690 Valid operators are In, NotIn, Exists and DoesNotExist.
8691 type: string
8692 values:
8693 description: |-
8694 values is an array of string values. If the operator is In or NotIn,
8695 the values array must be non-empty. If the operator is Exists or DoesNotExist,
8696 the values array must be empty. This array is replaced during a strategic
8697 merge patch.
8698 items:
8699 type: string
8700 type: array
8701 x-kubernetes-list-type: atomic
8702 required:
8703 - key
8704 - operator
8705 type: object
8706 type: array
8707 x-kubernetes-list-type: atomic
8708 matchLabels:
8709 additionalProperties:
8710 type: string
8711 description: |-
8712 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
8713 map is equivalent to an element of matchExpressions, whose key field is "key", the
8714 operator is "In", and the values array contains only "value". The requirements are ANDed.
8715 type: object
8716 type: object
8717 x-kubernetes-map-type: atomic
8718 storageClassName:
8719 description: |-
8720 storageClassName is the name of the StorageClass required by the claim.
8721 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
8722 type: string
8723 volumeAttributesClassName:
8724 description: |-
8725 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
8726 If specified, the CSI driver will create or update the volume with the attributes defined
8727 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
8728 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
8729 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
8730 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
8731 will be set by the persistentvolume controller if it exists.
8732 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
8733 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
8734 exists.
8735 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
8736 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
8737 type: string
8738 volumeMode:
8739 description: |-
8740 volumeMode defines what type of volume is required by the claim.
8741 Value of Filesystem is implied when not included in claim spec.
8742 type: string
8743 volumeName:
8744 description: volumeName is the binding reference
8745 to the PersistentVolume backing this claim.
8746 type: string
8747 type: object
8748 status:
8749 description: |-
8750 status represents the current information/status of a persistent volume claim.
8751 Read-only.
8752 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
8753 properties:
8754 accessModes:
8755 description: |-
8756 accessModes contains the actual access modes the volume backing the PVC has.
8757 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
8758 items:
8759 type: string
8760 type: array
8761 x-kubernetes-list-type: atomic
8762 allocatedResourceStatuses:
8763 additionalProperties:
8764 description: |-
8765 When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource
8766 that it does not recognizes, then it should ignore that update and let other controllers
8767 handle it.
8768 type: string
8769 description: "allocatedResourceStatuses stores status
8770 of resource being resized for the given PVC.\nKey
8771 names follow standard Kubernetes label syntax.
8772 Valid values are either:\n\t* Un-prefixed keys:\n\t\t-
8773 storage - the capacity of the volume.\n\t* Custom
8774 resources must use implementation-defined prefixed
8775 names such as \"example.com/my-custom-resource\"\nApart
8776 from above values - keys that are unprefixed or
8777 have kubernetes.io prefix are considered\nreserved
8778 and hence may not be used.\n\n\nClaimResourceStatus
8779 can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState
8780 set when resize controller starts resizing the
8781 volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState
8782 set when resize has failed in resize controller
8783 with a terminal error.\n\t- NodeResizePending:\n\t\tState
8784 set when resize controller has finished resizing
8785 the volume but further resizing of\n\t\tvolume
8786 is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState
8787 set when kubelet starts resizing the volume.\n\t-
8788 NodeResizeFailed:\n\t\tState set when resizing
8789 has failed in kubelet with a terminal error. Transient
8790 errors don't set\n\t\tNodeResizeFailed.\nFor example:
8791 if expanding a PVC for more capacity - this field
8792 can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage']
8793 = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage']
8794 = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage']
8795 = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage']
8796 = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage']
8797 = \"NodeResizeFailed\"\nWhen this field is not
8798 set, it means that no resize operation is in progress
8799 for the given PVC.\n\n\nA controller that receives
8800 PVC update with previously unknown resourceName
8801 or ClaimResourceStatus\nshould ignore the update
8802 for the purpose it was designed. For example -
8803 a controller that\nonly is responsible for resizing
8804 capacity of the volume, should ignore PVC updates
8805 that change other valid\nresources associated
8806 with PVC.\n\n\nThis is an alpha field and requires
8807 enabling RecoverVolumeExpansionFailure feature."
8808 type: object
8809 x-kubernetes-map-type: granular
8810 allocatedResources:
8811 additionalProperties:
8812 anyOf:
8813 - type: integer
8814 - type: string
8815 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8816 x-kubernetes-int-or-string: true
8817 description: "allocatedResources tracks the resources
8818 allocated to a PVC including its capacity.\nKey
8819 names follow standard Kubernetes label syntax.
8820 Valid values are either:\n\t* Un-prefixed keys:\n\t\t-
8821 storage - the capacity of the volume.\n\t* Custom
8822 resources must use implementation-defined prefixed
8823 names such as \"example.com/my-custom-resource\"\nApart
8824 from above values - keys that are unprefixed or
8825 have kubernetes.io prefix are considered\nreserved
8826 and hence may not be used.\n\n\nCapacity reported
8827 here may be larger than the actual capacity when
8828 a volume expansion operation\nis requested.\nFor
8829 storage quota, the larger value from allocatedResources
8830 and PVC.spec.resources is used.\nIf allocatedResources
8831 is not set, PVC.spec.resources alone is used for
8832 quota calculation.\nIf a volume expansion capacity
8833 request is lowered, allocatedResources is only\nlowered
8834 if there are no expansion operations in progress
8835 and if the actual volume capacity\nis equal or
8836 lower than the requested capacity.\n\n\nA controller
8837 that receives PVC update with previously unknown
8838 resourceName\nshould ignore the update for the
8839 purpose it was designed. For example - a controller
8840 that\nonly is responsible for resizing capacity
8841 of the volume, should ignore PVC updates that
8842 change other valid\nresources associated with
8843 PVC.\n\n\nThis is an alpha field and requires
8844 enabling RecoverVolumeExpansionFailure feature."
8845 type: object
8846 capacity:
8847 additionalProperties:
8848 anyOf:
8849 - type: integer
8850 - type: string
8851 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
8852 x-kubernetes-int-or-string: true
8853 description: capacity represents the actual resources
8854 of the underlying volume.
8855 type: object
8856 conditions:
8857 description: |-
8858 conditions is the current Condition of persistent volume claim. If underlying persistent volume is being
8859 resized then the Condition will be set to 'Resizing'.
8860 items:
8861 description: PersistentVolumeClaimCondition contains
8862 details about state of pvc
8863 properties:
8864 lastProbeTime:
8865 description: lastProbeTime is the time we
8866 probed the condition.
8867 format: date-time
8868 type: string
8869 lastTransitionTime:
8870 description: lastTransitionTime is the time
8871 the condition transitioned from one status
8872 to another.
8873 format: date-time
8874 type: string
8875 message:
8876 description: message is the human-readable
8877 message indicating details about last transition.
8878 type: string
8879 reason:
8880 description: |-
8881 reason is a unique, this should be a short, machine understandable string that gives the reason
8882 for condition's last transition. If it reports "Resizing" that means the underlying
8883 persistent volume is being resized.
8884 type: string
8885 status:
8886 type: string
8887 type:
8888 description: PersistentVolumeClaimConditionType
8889 is a valid value of PersistentVolumeClaimCondition.Type
8890 type: string
8891 required:
8892 - status
8893 - type
8894 type: object
8895 type: array
8896 x-kubernetes-list-map-keys:
8897 - type
8898 x-kubernetes-list-type: map
8899 currentVolumeAttributesClassName:
8900 description: |-
8901 currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.
8902 When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim
8903 This is an alpha field and requires enabling VolumeAttributesClass feature.
8904 type: string
8905 modifyVolumeStatus:
8906 description: |-
8907 ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.
8908 When this is unset, there is no ModifyVolume operation being attempted.
8909 This is an alpha field and requires enabling VolumeAttributesClass feature.
8910 properties:
8911 status:
8912 description: "status is the status of the ControllerModifyVolume
8913 operation. It can be in any of following states:\n
8914 - Pending\n Pending indicates that the PersistentVolumeClaim
8915 cannot be modified due to unmet requirements,
8916 such as\n the specified VolumeAttributesClass
8917 not existing.\n - InProgress\n InProgress
8918 indicates that the volume is being modified.\n
8919 - Infeasible\n Infeasible indicates that
8920 the request has been rejected as invalid by
8921 the CSI driver. To\n\t resolve the error,
8922 a valid VolumeAttributesClass needs to be
8923 specified.\nNote: New statuses can be added
8924 in the future. Consumers should check for
8925 unknown statuses and fail appropriately."
8926 type: string
8927 targetVolumeAttributesClassName:
8928 description: targetVolumeAttributesClassName
8929 is the name of the VolumeAttributesClass the
8930 PVC currently being reconciled
8931 type: string
8932 required:
8933 - status
8934 type: object
8935 phase:
8936 description: phase represents the current phase
8937 of PersistentVolumeClaim.
8938 type: string
8939 type: object
8940 type: object
8941 type: array
8942 x-kubernetes-list-type: atomic
8943 required:
8944 - selector
8945 - serviceName
8946 - template
8947 type: object
8948 status:
8949 description: |-
8950 Status is the current status of Pods in this StatefulSet. This data
8951 may be out of date by some window of time.
8952 properties:
8953 availableReplicas:
8954 description: Total number of available pods (ready for at
8955 least minReadySeconds) targeted by this statefulset.
8956 format: int32
8957 type: integer
8958 collisionCount:
8959 description: |-
8960 collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller
8961 uses this field as a collision avoidance mechanism when it needs to create the name for the
8962 newest ControllerRevision.
8963 format: int32
8964 type: integer
8965 conditions:
8966 description: Represents the latest available observations
8967 of a statefulset's current state.
8968 items:
8969 description: StatefulSetCondition describes the state of
8970 a statefulset at a certain point.
8971 properties:
8972 lastTransitionTime:
8973 description: Last time the condition transitioned from
8974 one status to another.
8975 format: date-time
8976 type: string
8977 message:
8978 description: A human readable message indicating details
8979 about the transition.
8980 type: string
8981 reason:
8982 description: The reason for the condition's last transition.
8983 type: string
8984 status:
8985 description: Status of the condition, one of True, False,
8986 Unknown.
8987 type: string
8988 type:
8989 description: Type of statefulset condition.
8990 type: string
8991 required:
8992 - status
8993 - type
8994 type: object
8995 type: array
8996 x-kubernetes-list-map-keys:
8997 - type
8998 x-kubernetes-list-type: map
8999 currentReplicas:
9000 description: |-
9001 currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
9002 indicated by currentRevision.
9003 format: int32
9004 type: integer
9005 currentRevision:
9006 description: |-
9007 currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the
9008 sequence [0,currentReplicas).
9009 type: string
9010 observedGeneration:
9011 description: |-
9012 observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the
9013 StatefulSet's generation, which is updated on mutation by the API Server.
9014 format: int64
9015 type: integer
9016 readyReplicas:
9017 description: readyReplicas is the number of pods created for
9018 this StatefulSet with a Ready Condition.
9019 format: int32
9020 type: integer
9021 replicas:
9022 description: replicas is the number of Pods created by the
9023 StatefulSet controller.
9024 format: int32
9025 type: integer
9026 updateRevision:
9027 description: |-
9028 updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence
9029 [replicas-updatedReplicas,replicas)
9030 type: string
9031 updatedReplicas:
9032 description: |-
9033 updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
9034 indicated by updateRevision.
9035 format: int32
9036 type: integer
9037 required:
9038 - replicas
9039 type: object
9040 type: object
9041 required:
9042 - statefulSet
9043 type: object
9044 status:
9045 default:
9046 observedGeneration: -1
9047 description: PersistenceStatus defines the observed state of a Persistence
9048 properties:
9049 conditions:
9050 items:
9051 description: "Condition contains details for one aspect of the current
9052 state of this API Resource.\n---\nThis struct is intended for
9053 direct use as an array at the field path .status.conditions. For
9054 example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
9055 observations of a foo's current state.\n\t // Known .status.conditions.type
9056 are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
9057 +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
9058 \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
9059 patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
9060 \ // other fields\n\t}"
9061 properties:
9062 lastTransitionTime:
9063 description: |-
9064 lastTransitionTime is the last time the condition transitioned from one status to another.
9065 This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
9066 format: date-time
9067 type: string
9068 message:
9069 description: |-
9070 message is a human readable message indicating details about the transition.
9071 This may be an empty string.
9072 maxLength: 32768
9073 type: string
9074 observedGeneration:
9075 description: |-
9076 observedGeneration represents the .metadata.generation that the condition was set based upon.
9077 For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
9078 with respect to the current state of the instance.
9079 format: int64
9080 minimum: 0
9081 type: integer
9082 reason:
9083 description: |-
9084 reason contains a programmatic identifier indicating the reason for the condition's last transition.
9085 Producers of specific condition types may define expected values and meanings for this field,
9086 and whether the values are considered a guaranteed API.
9087 The value should be a CamelCase string.
9088 This field may not be empty.
9089 maxLength: 1024
9090 minLength: 1
9091 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
9092 type: string
9093 status:
9094 description: status of the condition, one of True, False, Unknown.
9095 enum:
9096 - "True"
9097 - "False"
9098 - Unknown
9099 type: string
9100 type:
9101 description: |-
9102 type of condition in CamelCase or in foo.example.com/CamelCase.
9103 ---
9104 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
9105 useful (see .node.status.conditions), the ability to deconflict is important.
9106 The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
9107 maxLength: 316
9108 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
9109 type: string
9110 required:
9111 - lastTransitionTime
9112 - message
9113 - reason
9114 - status
9115 - type
9116 type: object
9117 type: array
9118 inventory:
9119 description: |-
9120 ResourceInventory contains a list of Kubernetes resource object references
9121 that have been applied.
9122 properties:
9123 entries:
9124 description: Entries of Kubernetes resource object references.
9125 items:
9126 description: ResourceRef contains the information necessary
9127 to locate a resource within a cluster.
9128 properties:
9129 id:
9130 description: |-
9131 ID is the string representation of the Kubernetes resource object's metadata,
9132 in the format '<namespace>_<name>_<group>_<kind>'.
9133 type: string
9134 v:
9135 description: Version is the API version of the Kubernetes
9136 resource object's kind.
9137 type: string
9138 required:
9139 - id
9140 - v
9141 type: object
9142 type: array
9143 type: object
9144 observedGeneration:
9145 format: int64
9146 type: integer
9147 type: object
9148 type: object
9149 served: true
9150 storage: true
9151 subresources:
9152 status: {}
View as plain text