1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 annotations:
6 controller-gen.kubebuilder.io/version: (unknown)
7 name: alertmanagers.monitoring.coreos.com
8spec:
9 group: monitoring.coreos.com
10 names:
11 categories:
12 - prometheus-operator
13 kind: Alertmanager
14 listKind: AlertmanagerList
15 plural: alertmanagers
16 shortNames:
17 - am
18 singular: alertmanager
19 scope: Namespaced
20 versions:
21 - additionalPrinterColumns:
22 - description: The version of Alertmanager
23 jsonPath: .spec.version
24 name: Version
25 type: string
26 - description: The number of desired replicas
27 jsonPath: .spec.replicas
28 name: Replicas
29 type: integer
30 - description: The number of ready replicas
31 jsonPath: .status.availableReplicas
32 name: Ready
33 type: integer
34 - jsonPath: .status.conditions[?(@.type == 'Reconciled')].status
35 name: Reconciled
36 type: string
37 - jsonPath: .status.conditions[?(@.type == 'Available')].status
38 name: Available
39 type: string
40 - jsonPath: .metadata.creationTimestamp
41 name: Age
42 type: date
43 - description: Whether the resource reconciliation is paused or not
44 jsonPath: .status.paused
45 name: Paused
46 priority: 1
47 type: boolean
48 name: v1
49 schema:
50 openAPIV3Schema:
51 description: Alertmanager describes an Alertmanager cluster.
52 properties:
53 apiVersion:
54 description: |-
55 APIVersion defines the versioned schema of this representation of an object.
56 Servers should convert recognized schemas to the latest internal value, and
57 may reject unrecognized values.
58 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
59 type: string
60 kind:
61 description: |-
62 Kind is a string value representing the REST resource this object represents.
63 Servers may infer this from the endpoint the client submits requests to.
64 Cannot be updated.
65 In CamelCase.
66 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
67 type: string
68 metadata:
69 type: object
70 spec:
71 description: |-
72 Specification of the desired behavior of the Alertmanager cluster. More info:
73 https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
74 properties:
75 additionalPeers:
76 description: AdditionalPeers allows injecting a set of additional
77 Alertmanagers to peer with to form a highly available cluster.
78 items:
79 type: string
80 type: array
81 affinity:
82 description: If specified, the pod's scheduling constraints.
83 properties:
84 nodeAffinity:
85 description: Describes node affinity scheduling rules for the
86 pod.
87 properties:
88 preferredDuringSchedulingIgnoredDuringExecution:
89 description: |-
90 The scheduler will prefer to schedule pods to nodes that satisfy
91 the affinity expressions specified by this field, but it may choose
92 a node that violates one or more of the expressions. The node that is
93 most preferred is the one with the greatest sum of weights, i.e.
94 for each node that meets all of the scheduling requirements (resource
95 request, requiredDuringScheduling affinity expressions, etc.),
96 compute a sum by iterating through the elements of this field and adding
97 "weight" to the sum if the node matches the corresponding matchExpressions; the
98 node(s) with the highest sum are the most preferred.
99 items:
100 description: |-
101 An empty preferred scheduling term matches all objects with implicit weight 0
102 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
103 properties:
104 preference:
105 description: A node selector term, associated with the
106 corresponding weight.
107 properties:
108 matchExpressions:
109 description: A list of node selector requirements
110 by node's labels.
111 items:
112 description: |-
113 A node selector requirement is a selector that contains values, a key, and an operator
114 that relates the key and values.
115 properties:
116 key:
117 description: The label key that the selector
118 applies to.
119 type: string
120 operator:
121 description: |-
122 Represents a key's relationship to a set of values.
123 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
124 type: string
125 values:
126 description: |-
127 An array of string values. If the operator is In or NotIn,
128 the values array must be non-empty. If the operator is Exists or DoesNotExist,
129 the values array must be empty. If the operator is Gt or Lt, the values
130 array must have a single element, which will be interpreted as an integer.
131 This array is replaced during a strategic merge patch.
132 items:
133 type: string
134 type: array
135 x-kubernetes-list-type: atomic
136 required:
137 - key
138 - operator
139 type: object
140 type: array
141 x-kubernetes-list-type: atomic
142 matchFields:
143 description: A list of node selector requirements
144 by node's fields.
145 items:
146 description: |-
147 A node selector requirement is a selector that contains values, a key, and an operator
148 that relates the key and values.
149 properties:
150 key:
151 description: The label key that the selector
152 applies to.
153 type: string
154 operator:
155 description: |-
156 Represents a key's relationship to a set of values.
157 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
158 type: string
159 values:
160 description: |-
161 An array of string values. If the operator is In or NotIn,
162 the values array must be non-empty. If the operator is Exists or DoesNotExist,
163 the values array must be empty. If the operator is Gt or Lt, the values
164 array must have a single element, which will be interpreted as an integer.
165 This array is replaced during a strategic merge patch.
166 items:
167 type: string
168 type: array
169 x-kubernetes-list-type: atomic
170 required:
171 - key
172 - operator
173 type: object
174 type: array
175 x-kubernetes-list-type: atomic
176 type: object
177 x-kubernetes-map-type: atomic
178 weight:
179 description: Weight associated with matching the corresponding
180 nodeSelectorTerm, in the range 1-100.
181 format: int32
182 type: integer
183 required:
184 - preference
185 - weight
186 type: object
187 type: array
188 x-kubernetes-list-type: atomic
189 requiredDuringSchedulingIgnoredDuringExecution:
190 description: |-
191 If the affinity requirements specified by this field are not met at
192 scheduling time, the pod will not be scheduled onto the node.
193 If the affinity requirements specified by this field cease to be met
194 at some point during pod execution (e.g. due to an update), the system
195 may or may not try to eventually evict the pod from its node.
196 properties:
197 nodeSelectorTerms:
198 description: Required. A list of node selector terms.
199 The terms are ORed.
200 items:
201 description: |-
202 A null or empty node selector term matches no objects. The requirements of
203 them are ANDed.
204 The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
205 properties:
206 matchExpressions:
207 description: A list of node selector requirements
208 by node's labels.
209 items:
210 description: |-
211 A node selector requirement is a selector that contains values, a key, and an operator
212 that relates the key and values.
213 properties:
214 key:
215 description: The label key that the selector
216 applies to.
217 type: string
218 operator:
219 description: |-
220 Represents a key's relationship to a set of values.
221 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
222 type: string
223 values:
224 description: |-
225 An array of string values. If the operator is In or NotIn,
226 the values array must be non-empty. If the operator is Exists or DoesNotExist,
227 the values array must be empty. If the operator is Gt or Lt, the values
228 array must have a single element, which will be interpreted as an integer.
229 This array is replaced during a strategic merge patch.
230 items:
231 type: string
232 type: array
233 x-kubernetes-list-type: atomic
234 required:
235 - key
236 - operator
237 type: object
238 type: array
239 x-kubernetes-list-type: atomic
240 matchFields:
241 description: A list of node selector requirements
242 by node's fields.
243 items:
244 description: |-
245 A node selector requirement is a selector that contains values, a key, and an operator
246 that relates the key and values.
247 properties:
248 key:
249 description: The label key that the selector
250 applies to.
251 type: string
252 operator:
253 description: |-
254 Represents a key's relationship to a set of values.
255 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
256 type: string
257 values:
258 description: |-
259 An array of string values. If the operator is In or NotIn,
260 the values array must be non-empty. If the operator is Exists or DoesNotExist,
261 the values array must be empty. If the operator is Gt or Lt, the values
262 array must have a single element, which will be interpreted as an integer.
263 This array is replaced during a strategic merge patch.
264 items:
265 type: string
266 type: array
267 x-kubernetes-list-type: atomic
268 required:
269 - key
270 - operator
271 type: object
272 type: array
273 x-kubernetes-list-type: atomic
274 type: object
275 x-kubernetes-map-type: atomic
276 type: array
277 x-kubernetes-list-type: atomic
278 required:
279 - nodeSelectorTerms
280 type: object
281 x-kubernetes-map-type: atomic
282 type: object
283 podAffinity:
284 description: Describes pod affinity scheduling rules (e.g. co-locate
285 this pod in the same node, zone, etc. as some other pod(s)).
286 properties:
287 preferredDuringSchedulingIgnoredDuringExecution:
288 description: |-
289 The scheduler will prefer to schedule pods to nodes that satisfy
290 the affinity expressions specified by this field, but it may choose
291 a node that violates one or more of the expressions. The node that is
292 most preferred is the one with the greatest sum of weights, i.e.
293 for each node that meets all of the scheduling requirements (resource
294 request, requiredDuringScheduling affinity expressions, etc.),
295 compute a sum by iterating through the elements of this field and adding
296 "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
297 node(s) with the highest sum are the most preferred.
298 items:
299 description: The weights of all of the matched WeightedPodAffinityTerm
300 fields are added per-node to find the most preferred node(s)
301 properties:
302 podAffinityTerm:
303 description: Required. A pod affinity term, associated
304 with the corresponding weight.
305 properties:
306 labelSelector:
307 description: |-
308 A label query over a set of resources, in this case pods.
309 If it's null, this PodAffinityTerm matches with no Pods.
310 properties:
311 matchExpressions:
312 description: matchExpressions is a list of label
313 selector requirements. The requirements are
314 ANDed.
315 items:
316 description: |-
317 A label selector requirement is a selector that contains values, a key, and an operator that
318 relates the key and values.
319 properties:
320 key:
321 description: key is the label key that
322 the selector applies to.
323 type: string
324 operator:
325 description: |-
326 operator represents a key's relationship to a set of values.
327 Valid operators are In, NotIn, Exists and DoesNotExist.
328 type: string
329 values:
330 description: |-
331 values is an array of string values. If the operator is In or NotIn,
332 the values array must be non-empty. If the operator is Exists or DoesNotExist,
333 the values array must be empty. This array is replaced during a strategic
334 merge patch.
335 items:
336 type: string
337 type: array
338 x-kubernetes-list-type: atomic
339 required:
340 - key
341 - operator
342 type: object
343 type: array
344 x-kubernetes-list-type: atomic
345 matchLabels:
346 additionalProperties:
347 type: string
348 description: |-
349 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
350 map is equivalent to an element of matchExpressions, whose key field is "key", the
351 operator is "In", and the values array contains only "value". The requirements are ANDed.
352 type: object
353 type: object
354 x-kubernetes-map-type: atomic
355 matchLabelKeys:
356 description: |-
357 MatchLabelKeys is a set of pod label keys to select which pods will
358 be taken into consideration. The keys are used to lookup values from the
359 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
360 to select the group of existing pods which pods will be taken into consideration
361 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
362 pod labels will be ignored. The default value is empty.
363 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
364 Also, matchLabelKeys cannot be set when labelSelector isn't set.
365 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
366 items:
367 type: string
368 type: array
369 x-kubernetes-list-type: atomic
370 mismatchLabelKeys:
371 description: |-
372 MismatchLabelKeys is a set of pod label keys to select which pods will
373 be taken into consideration. The keys are used to lookup values from the
374 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
375 to select the group of existing pods which pods will be taken into consideration
376 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
377 pod labels will be ignored. The default value is empty.
378 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
379 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
380 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
381 items:
382 type: string
383 type: array
384 x-kubernetes-list-type: atomic
385 namespaceSelector:
386 description: |-
387 A label query over the set of namespaces that the term applies to.
388 The term is applied to the union of the namespaces selected by this field
389 and the ones listed in the namespaces field.
390 null selector and null or empty namespaces list means "this pod's namespace".
391 An empty selector ({}) matches all namespaces.
392 properties:
393 matchExpressions:
394 description: matchExpressions is a list of label
395 selector requirements. The requirements are
396 ANDed.
397 items:
398 description: |-
399 A label selector requirement is a selector that contains values, a key, and an operator that
400 relates the key and values.
401 properties:
402 key:
403 description: key is the label key that
404 the selector applies to.
405 type: string
406 operator:
407 description: |-
408 operator represents a key's relationship to a set of values.
409 Valid operators are In, NotIn, Exists and DoesNotExist.
410 type: string
411 values:
412 description: |-
413 values is an array of string values. If the operator is In or NotIn,
414 the values array must be non-empty. If the operator is Exists or DoesNotExist,
415 the values array must be empty. This array is replaced during a strategic
416 merge patch.
417 items:
418 type: string
419 type: array
420 x-kubernetes-list-type: atomic
421 required:
422 - key
423 - operator
424 type: object
425 type: array
426 x-kubernetes-list-type: atomic
427 matchLabels:
428 additionalProperties:
429 type: string
430 description: |-
431 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
432 map is equivalent to an element of matchExpressions, whose key field is "key", the
433 operator is "In", and the values array contains only "value". The requirements are ANDed.
434 type: object
435 type: object
436 x-kubernetes-map-type: atomic
437 namespaces:
438 description: |-
439 namespaces specifies a static list of namespace names that the term applies to.
440 The term is applied to the union of the namespaces listed in this field
441 and the ones selected by namespaceSelector.
442 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
443 items:
444 type: string
445 type: array
446 x-kubernetes-list-type: atomic
447 topologyKey:
448 description: |-
449 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
450 the labelSelector in the specified namespaces, where co-located is defined as running on a node
451 whose value of the label with key topologyKey matches that of any node on which any of the
452 selected pods is running.
453 Empty topologyKey is not allowed.
454 type: string
455 required:
456 - topologyKey
457 type: object
458 weight:
459 description: |-
460 weight associated with matching the corresponding podAffinityTerm,
461 in the range 1-100.
462 format: int32
463 type: integer
464 required:
465 - podAffinityTerm
466 - weight
467 type: object
468 type: array
469 x-kubernetes-list-type: atomic
470 requiredDuringSchedulingIgnoredDuringExecution:
471 description: |-
472 If the affinity requirements specified by this field are not met at
473 scheduling time, the pod will not be scheduled onto the node.
474 If the affinity requirements specified by this field cease to be met
475 at some point during pod execution (e.g. due to a pod label update), the
476 system may or may not try to eventually evict the pod from its node.
477 When there are multiple elements, the lists of nodes corresponding to each
478 podAffinityTerm are intersected, i.e. all terms must be satisfied.
479 items:
480 description: |-
481 Defines a set of pods (namely those matching the labelSelector
482 relative to the given namespace(s)) that this pod should be
483 co-located (affinity) or not co-located (anti-affinity) with,
484 where co-located is defined as running on a node whose value of
485 the label with key <topologyKey> matches that of any node on which
486 a pod of the set of pods is running
487 properties:
488 labelSelector:
489 description: |-
490 A label query over a set of resources, in this case pods.
491 If it's null, this PodAffinityTerm matches with no Pods.
492 properties:
493 matchExpressions:
494 description: matchExpressions is a list of label
495 selector requirements. The requirements are ANDed.
496 items:
497 description: |-
498 A label selector requirement is a selector that contains values, a key, and an operator that
499 relates the key and values.
500 properties:
501 key:
502 description: key is the label key that the
503 selector applies to.
504 type: string
505 operator:
506 description: |-
507 operator represents a key's relationship to a set of values.
508 Valid operators are In, NotIn, Exists and DoesNotExist.
509 type: string
510 values:
511 description: |-
512 values is an array of string values. If the operator is In or NotIn,
513 the values array must be non-empty. If the operator is Exists or DoesNotExist,
514 the values array must be empty. This array is replaced during a strategic
515 merge patch.
516 items:
517 type: string
518 type: array
519 x-kubernetes-list-type: atomic
520 required:
521 - key
522 - operator
523 type: object
524 type: array
525 x-kubernetes-list-type: atomic
526 matchLabels:
527 additionalProperties:
528 type: string
529 description: |-
530 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
531 map is equivalent to an element of matchExpressions, whose key field is "key", the
532 operator is "In", and the values array contains only "value". The requirements are ANDed.
533 type: object
534 type: object
535 x-kubernetes-map-type: atomic
536 matchLabelKeys:
537 description: |-
538 MatchLabelKeys is a set of pod label keys to select which pods will
539 be taken into consideration. The keys are used to lookup values from the
540 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
541 to select the group of existing pods which pods will be taken into consideration
542 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
543 pod labels will be ignored. The default value is empty.
544 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
545 Also, matchLabelKeys cannot be set when labelSelector isn't set.
546 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
547 items:
548 type: string
549 type: array
550 x-kubernetes-list-type: atomic
551 mismatchLabelKeys:
552 description: |-
553 MismatchLabelKeys is a set of pod label keys to select which pods will
554 be taken into consideration. The keys are used to lookup values from the
555 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
556 to select the group of existing pods which pods will be taken into consideration
557 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
558 pod labels will be ignored. The default value is empty.
559 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
560 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
561 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
562 items:
563 type: string
564 type: array
565 x-kubernetes-list-type: atomic
566 namespaceSelector:
567 description: |-
568 A label query over the set of namespaces that the term applies to.
569 The term is applied to the union of the namespaces selected by this field
570 and the ones listed in the namespaces field.
571 null selector and null or empty namespaces list means "this pod's namespace".
572 An empty selector ({}) matches all namespaces.
573 properties:
574 matchExpressions:
575 description: matchExpressions is a list of label
576 selector requirements. The requirements are ANDed.
577 items:
578 description: |-
579 A label selector requirement is a selector that contains values, a key, and an operator that
580 relates the key and values.
581 properties:
582 key:
583 description: key is the label key that the
584 selector applies to.
585 type: string
586 operator:
587 description: |-
588 operator represents a key's relationship to a set of values.
589 Valid operators are In, NotIn, Exists and DoesNotExist.
590 type: string
591 values:
592 description: |-
593 values is an array of string values. If the operator is In or NotIn,
594 the values array must be non-empty. If the operator is Exists or DoesNotExist,
595 the values array must be empty. This array is replaced during a strategic
596 merge patch.
597 items:
598 type: string
599 type: array
600 x-kubernetes-list-type: atomic
601 required:
602 - key
603 - operator
604 type: object
605 type: array
606 x-kubernetes-list-type: atomic
607 matchLabels:
608 additionalProperties:
609 type: string
610 description: |-
611 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
612 map is equivalent to an element of matchExpressions, whose key field is "key", the
613 operator is "In", and the values array contains only "value". The requirements are ANDed.
614 type: object
615 type: object
616 x-kubernetes-map-type: atomic
617 namespaces:
618 description: |-
619 namespaces specifies a static list of namespace names that the term applies to.
620 The term is applied to the union of the namespaces listed in this field
621 and the ones selected by namespaceSelector.
622 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
623 items:
624 type: string
625 type: array
626 x-kubernetes-list-type: atomic
627 topologyKey:
628 description: |-
629 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
630 the labelSelector in the specified namespaces, where co-located is defined as running on a node
631 whose value of the label with key topologyKey matches that of any node on which any of the
632 selected pods is running.
633 Empty topologyKey is not allowed.
634 type: string
635 required:
636 - topologyKey
637 type: object
638 type: array
639 x-kubernetes-list-type: atomic
640 type: object
641 podAntiAffinity:
642 description: Describes pod anti-affinity scheduling rules (e.g.
643 avoid putting this pod in the same node, zone, etc. as some
644 other pod(s)).
645 properties:
646 preferredDuringSchedulingIgnoredDuringExecution:
647 description: |-
648 The scheduler will prefer to schedule pods to nodes that satisfy
649 the anti-affinity expressions specified by this field, but it may choose
650 a node that violates one or more of the expressions. The node that is
651 most preferred is the one with the greatest sum of weights, i.e.
652 for each node that meets all of the scheduling requirements (resource
653 request, requiredDuringScheduling anti-affinity expressions, etc.),
654 compute a sum by iterating through the elements of this field and adding
655 "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
656 node(s) with the highest sum are the most preferred.
657 items:
658 description: The weights of all of the matched WeightedPodAffinityTerm
659 fields are added per-node to find the most preferred node(s)
660 properties:
661 podAffinityTerm:
662 description: Required. A pod affinity term, associated
663 with the corresponding weight.
664 properties:
665 labelSelector:
666 description: |-
667 A label query over a set of resources, in this case pods.
668 If it's null, this PodAffinityTerm matches with no Pods.
669 properties:
670 matchExpressions:
671 description: matchExpressions is a list of label
672 selector requirements. The requirements are
673 ANDed.
674 items:
675 description: |-
676 A label selector requirement is a selector that contains values, a key, and an operator that
677 relates the key and values.
678 properties:
679 key:
680 description: key is the label key that
681 the selector applies to.
682 type: string
683 operator:
684 description: |-
685 operator represents a key's relationship to a set of values.
686 Valid operators are In, NotIn, Exists and DoesNotExist.
687 type: string
688 values:
689 description: |-
690 values is an array of string values. If the operator is In or NotIn,
691 the values array must be non-empty. If the operator is Exists or DoesNotExist,
692 the values array must be empty. This array is replaced during a strategic
693 merge patch.
694 items:
695 type: string
696 type: array
697 x-kubernetes-list-type: atomic
698 required:
699 - key
700 - operator
701 type: object
702 type: array
703 x-kubernetes-list-type: atomic
704 matchLabels:
705 additionalProperties:
706 type: string
707 description: |-
708 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
709 map is equivalent to an element of matchExpressions, whose key field is "key", the
710 operator is "In", and the values array contains only "value". The requirements are ANDed.
711 type: object
712 type: object
713 x-kubernetes-map-type: atomic
714 matchLabelKeys:
715 description: |-
716 MatchLabelKeys is a set of pod label keys to select which pods will
717 be taken into consideration. The keys are used to lookup values from the
718 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
719 to select the group of existing pods which pods will be taken into consideration
720 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
721 pod labels will be ignored. The default value is empty.
722 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
723 Also, matchLabelKeys cannot be set when labelSelector isn't set.
724 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
725 items:
726 type: string
727 type: array
728 x-kubernetes-list-type: atomic
729 mismatchLabelKeys:
730 description: |-
731 MismatchLabelKeys is a set of pod label keys to select which pods will
732 be taken into consideration. The keys are used to lookup values from the
733 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
734 to select the group of existing pods which pods will be taken into consideration
735 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
736 pod labels will be ignored. The default value is empty.
737 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
738 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
739 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
740 items:
741 type: string
742 type: array
743 x-kubernetes-list-type: atomic
744 namespaceSelector:
745 description: |-
746 A label query over the set of namespaces that the term applies to.
747 The term is applied to the union of the namespaces selected by this field
748 and the ones listed in the namespaces field.
749 null selector and null or empty namespaces list means "this pod's namespace".
750 An empty selector ({}) matches all namespaces.
751 properties:
752 matchExpressions:
753 description: matchExpressions is a list of label
754 selector requirements. The requirements are
755 ANDed.
756 items:
757 description: |-
758 A label selector requirement is a selector that contains values, a key, and an operator that
759 relates the key and values.
760 properties:
761 key:
762 description: key is the label key that
763 the selector applies to.
764 type: string
765 operator:
766 description: |-
767 operator represents a key's relationship to a set of values.
768 Valid operators are In, NotIn, Exists and DoesNotExist.
769 type: string
770 values:
771 description: |-
772 values is an array of string values. If the operator is In or NotIn,
773 the values array must be non-empty. If the operator is Exists or DoesNotExist,
774 the values array must be empty. This array is replaced during a strategic
775 merge patch.
776 items:
777 type: string
778 type: array
779 x-kubernetes-list-type: atomic
780 required:
781 - key
782 - operator
783 type: object
784 type: array
785 x-kubernetes-list-type: atomic
786 matchLabels:
787 additionalProperties:
788 type: string
789 description: |-
790 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
791 map is equivalent to an element of matchExpressions, whose key field is "key", the
792 operator is "In", and the values array contains only "value". The requirements are ANDed.
793 type: object
794 type: object
795 x-kubernetes-map-type: atomic
796 namespaces:
797 description: |-
798 namespaces specifies a static list of namespace names that the term applies to.
799 The term is applied to the union of the namespaces listed in this field
800 and the ones selected by namespaceSelector.
801 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
802 items:
803 type: string
804 type: array
805 x-kubernetes-list-type: atomic
806 topologyKey:
807 description: |-
808 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
809 the labelSelector in the specified namespaces, where co-located is defined as running on a node
810 whose value of the label with key topologyKey matches that of any node on which any of the
811 selected pods is running.
812 Empty topologyKey is not allowed.
813 type: string
814 required:
815 - topologyKey
816 type: object
817 weight:
818 description: |-
819 weight associated with matching the corresponding podAffinityTerm,
820 in the range 1-100.
821 format: int32
822 type: integer
823 required:
824 - podAffinityTerm
825 - weight
826 type: object
827 type: array
828 x-kubernetes-list-type: atomic
829 requiredDuringSchedulingIgnoredDuringExecution:
830 description: |-
831 If the anti-affinity requirements specified by this field are not met at
832 scheduling time, the pod will not be scheduled onto the node.
833 If the anti-affinity requirements specified by this field cease to be met
834 at some point during pod execution (e.g. due to a pod label update), the
835 system may or may not try to eventually evict the pod from its node.
836 When there are multiple elements, the lists of nodes corresponding to each
837 podAffinityTerm are intersected, i.e. all terms must be satisfied.
838 items:
839 description: |-
840 Defines a set of pods (namely those matching the labelSelector
841 relative to the given namespace(s)) that this pod should be
842 co-located (affinity) or not co-located (anti-affinity) with,
843 where co-located is defined as running on a node whose value of
844 the label with key <topologyKey> matches that of any node on which
845 a pod of the set of pods is running
846 properties:
847 labelSelector:
848 description: |-
849 A label query over a set of resources, in this case pods.
850 If it's null, this PodAffinityTerm matches with no Pods.
851 properties:
852 matchExpressions:
853 description: matchExpressions is a list of label
854 selector requirements. The requirements are ANDed.
855 items:
856 description: |-
857 A label selector requirement is a selector that contains values, a key, and an operator that
858 relates the key and values.
859 properties:
860 key:
861 description: key is the label key that the
862 selector applies to.
863 type: string
864 operator:
865 description: |-
866 operator represents a key's relationship to a set of values.
867 Valid operators are In, NotIn, Exists and DoesNotExist.
868 type: string
869 values:
870 description: |-
871 values is an array of string values. If the operator is In or NotIn,
872 the values array must be non-empty. If the operator is Exists or DoesNotExist,
873 the values array must be empty. This array is replaced during a strategic
874 merge patch.
875 items:
876 type: string
877 type: array
878 x-kubernetes-list-type: atomic
879 required:
880 - key
881 - operator
882 type: object
883 type: array
884 x-kubernetes-list-type: atomic
885 matchLabels:
886 additionalProperties:
887 type: string
888 description: |-
889 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
890 map is equivalent to an element of matchExpressions, whose key field is "key", the
891 operator is "In", and the values array contains only "value". The requirements are ANDed.
892 type: object
893 type: object
894 x-kubernetes-map-type: atomic
895 matchLabelKeys:
896 description: |-
897 MatchLabelKeys is a set of pod label keys to select which pods will
898 be taken into consideration. The keys are used to lookup values from the
899 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
900 to select the group of existing pods which pods will be taken into consideration
901 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
902 pod labels will be ignored. The default value is empty.
903 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
904 Also, matchLabelKeys cannot be set when labelSelector isn't set.
905 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
906 items:
907 type: string
908 type: array
909 x-kubernetes-list-type: atomic
910 mismatchLabelKeys:
911 description: |-
912 MismatchLabelKeys is a set of pod label keys to select which pods will
913 be taken into consideration. The keys are used to lookup values from the
914 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
915 to select the group of existing pods which pods will be taken into consideration
916 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
917 pod labels will be ignored. The default value is empty.
918 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
919 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
920 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
921 items:
922 type: string
923 type: array
924 x-kubernetes-list-type: atomic
925 namespaceSelector:
926 description: |-
927 A label query over the set of namespaces that the term applies to.
928 The term is applied to the union of the namespaces selected by this field
929 and the ones listed in the namespaces field.
930 null selector and null or empty namespaces list means "this pod's namespace".
931 An empty selector ({}) matches all namespaces.
932 properties:
933 matchExpressions:
934 description: matchExpressions is a list of label
935 selector requirements. The requirements are ANDed.
936 items:
937 description: |-
938 A label selector requirement is a selector that contains values, a key, and an operator that
939 relates the key and values.
940 properties:
941 key:
942 description: key is the label key that the
943 selector applies to.
944 type: string
945 operator:
946 description: |-
947 operator represents a key's relationship to a set of values.
948 Valid operators are In, NotIn, Exists and DoesNotExist.
949 type: string
950 values:
951 description: |-
952 values is an array of string values. If the operator is In or NotIn,
953 the values array must be non-empty. If the operator is Exists or DoesNotExist,
954 the values array must be empty. This array is replaced during a strategic
955 merge patch.
956 items:
957 type: string
958 type: array
959 x-kubernetes-list-type: atomic
960 required:
961 - key
962 - operator
963 type: object
964 type: array
965 x-kubernetes-list-type: atomic
966 matchLabels:
967 additionalProperties:
968 type: string
969 description: |-
970 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
971 map is equivalent to an element of matchExpressions, whose key field is "key", the
972 operator is "In", and the values array contains only "value". The requirements are ANDed.
973 type: object
974 type: object
975 x-kubernetes-map-type: atomic
976 namespaces:
977 description: |-
978 namespaces specifies a static list of namespace names that the term applies to.
979 The term is applied to the union of the namespaces listed in this field
980 and the ones selected by namespaceSelector.
981 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
982 items:
983 type: string
984 type: array
985 x-kubernetes-list-type: atomic
986 topologyKey:
987 description: |-
988 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
989 the labelSelector in the specified namespaces, where co-located is defined as running on a node
990 whose value of the label with key topologyKey matches that of any node on which any of the
991 selected pods is running.
992 Empty topologyKey is not allowed.
993 type: string
994 required:
995 - topologyKey
996 type: object
997 type: array
998 x-kubernetes-list-type: atomic
999 type: object
1000 type: object
1001 alertmanagerConfigMatcherStrategy:
1002 description: |-
1003 The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects match the alerts.
1004 In the future more options may be added.
1005 properties:
1006 type:
1007 default: OnNamespace
1008 description: |-
1009 If set to `OnNamespace`, the operator injects a label matcher matching the namespace of the AlertmanagerConfig object for all its routes and inhibition rules.
1010 `None` will not add any additional matchers other than the ones specified in the AlertmanagerConfig.
1011 Default is `OnNamespace`.
1012 enum:
1013 - OnNamespace
1014 - None
1015 type: string
1016 type: object
1017 alertmanagerConfigNamespaceSelector:
1018 description: |-
1019 Namespaces to be selected for AlertmanagerConfig discovery. If nil, only
1020 check own namespace.
1021 properties:
1022 matchExpressions:
1023 description: matchExpressions is a list of label selector requirements.
1024 The requirements are ANDed.
1025 items:
1026 description: |-
1027 A label selector requirement is a selector that contains values, a key, and an operator that
1028 relates the key and values.
1029 properties:
1030 key:
1031 description: key is the label key that the selector applies
1032 to.
1033 type: string
1034 operator:
1035 description: |-
1036 operator represents a key's relationship to a set of values.
1037 Valid operators are In, NotIn, Exists and DoesNotExist.
1038 type: string
1039 values:
1040 description: |-
1041 values is an array of string values. If the operator is In or NotIn,
1042 the values array must be non-empty. If the operator is Exists or DoesNotExist,
1043 the values array must be empty. This array is replaced during a strategic
1044 merge patch.
1045 items:
1046 type: string
1047 type: array
1048 x-kubernetes-list-type: atomic
1049 required:
1050 - key
1051 - operator
1052 type: object
1053 type: array
1054 x-kubernetes-list-type: atomic
1055 matchLabels:
1056 additionalProperties:
1057 type: string
1058 description: |-
1059 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
1060 map is equivalent to an element of matchExpressions, whose key field is "key", the
1061 operator is "In", and the values array contains only "value". The requirements are ANDed.
1062 type: object
1063 type: object
1064 x-kubernetes-map-type: atomic
1065 alertmanagerConfigSelector:
1066 description: AlertmanagerConfigs to be selected for to merge and configure
1067 Alertmanager with.
1068 properties:
1069 matchExpressions:
1070 description: matchExpressions is a list of label selector requirements.
1071 The requirements are ANDed.
1072 items:
1073 description: |-
1074 A label selector requirement is a selector that contains values, a key, and an operator that
1075 relates the key and values.
1076 properties:
1077 key:
1078 description: key is the label key that the selector applies
1079 to.
1080 type: string
1081 operator:
1082 description: |-
1083 operator represents a key's relationship to a set of values.
1084 Valid operators are In, NotIn, Exists and DoesNotExist.
1085 type: string
1086 values:
1087 description: |-
1088 values is an array of string values. If the operator is In or NotIn,
1089 the values array must be non-empty. If the operator is Exists or DoesNotExist,
1090 the values array must be empty. This array is replaced during a strategic
1091 merge patch.
1092 items:
1093 type: string
1094 type: array
1095 x-kubernetes-list-type: atomic
1096 required:
1097 - key
1098 - operator
1099 type: object
1100 type: array
1101 x-kubernetes-list-type: atomic
1102 matchLabels:
1103 additionalProperties:
1104 type: string
1105 description: |-
1106 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
1107 map is equivalent to an element of matchExpressions, whose key field is "key", the
1108 operator is "In", and the values array contains only "value". The requirements are ANDed.
1109 type: object
1110 type: object
1111 x-kubernetes-map-type: atomic
1112 alertmanagerConfiguration:
1113 description: |-
1114 EXPERIMENTAL: alertmanagerConfiguration specifies the configuration of Alertmanager.
1115 If defined, it takes precedence over the `configSecret` field.
1116 This field may change in future releases.
1117 properties:
1118 global:
1119 description: Defines the global parameters of the Alertmanager
1120 configuration.
1121 properties:
1122 httpConfig:
1123 description: HTTP client configuration.
1124 properties:
1125 authorization:
1126 description: |-
1127 Authorization header configuration for the client.
1128 This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
1129 properties:
1130 credentials:
1131 description: Selects a key of a Secret in the namespace
1132 that contains the credentials for authentication.
1133 properties:
1134 key:
1135 description: The key of the secret to select from. Must
1136 be a valid secret key.
1137 type: string
1138 name:
1139 default: ""
1140 description: |-
1141 Name of the referent.
1142 This field is effectively required, but due to backwards compatibility is
1143 allowed to be empty. Instances of this type with an empty value here are
1144 almost certainly wrong.
1145 TODO: Add other useful fields. apiVersion, kind, uid?
1146 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1147 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1148 type: string
1149 optional:
1150 description: Specify whether the Secret or its
1151 key must be defined
1152 type: boolean
1153 required:
1154 - key
1155 type: object
1156 x-kubernetes-map-type: atomic
1157 type:
1158 description: |-
1159 Defines the authentication type. The value is case-insensitive.
1160
1161
1162 "Basic" is not a supported value.
1163
1164
1165 Default: "Bearer"
1166 type: string
1167 type: object
1168 basicAuth:
1169 description: |-
1170 BasicAuth for the client.
1171 This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
1172 properties:
1173 password:
1174 description: |-
1175 The secret in the service monitor namespace that contains the password
1176 for authentication.
1177 properties:
1178 key:
1179 description: The key of the secret to select from. Must
1180 be a valid secret key.
1181 type: string
1182 name:
1183 default: ""
1184 description: |-
1185 Name of the referent.
1186 This field is effectively required, but due to backwards compatibility is
1187 allowed to be empty. Instances of this type with an empty value here are
1188 almost certainly wrong.
1189 TODO: Add other useful fields. apiVersion, kind, uid?
1190 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1191 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1192 type: string
1193 optional:
1194 description: Specify whether the Secret or its
1195 key must be defined
1196 type: boolean
1197 required:
1198 - key
1199 type: object
1200 x-kubernetes-map-type: atomic
1201 username:
1202 description: |-
1203 The secret in the service monitor namespace that contains the username
1204 for authentication.
1205 properties:
1206 key:
1207 description: The key of the secret to select from. Must
1208 be a valid secret key.
1209 type: string
1210 name:
1211 default: ""
1212 description: |-
1213 Name of the referent.
1214 This field is effectively required, but due to backwards compatibility is
1215 allowed to be empty. Instances of this type with an empty value here are
1216 almost certainly wrong.
1217 TODO: Add other useful fields. apiVersion, kind, uid?
1218 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1219 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1220 type: string
1221 optional:
1222 description: Specify whether the Secret or its
1223 key must be defined
1224 type: boolean
1225 required:
1226 - key
1227 type: object
1228 x-kubernetes-map-type: atomic
1229 type: object
1230 bearerTokenSecret:
1231 description: |-
1232 The secret's key that contains the bearer token to be used by the client
1233 for authentication.
1234 The secret needs to be in the same namespace as the Alertmanager
1235 object and accessible by the Prometheus Operator.
1236 properties:
1237 key:
1238 description: The key of the secret to select from. Must
1239 be a valid secret key.
1240 type: string
1241 name:
1242 default: ""
1243 description: |-
1244 Name of the referent.
1245 This field is effectively required, but due to backwards compatibility is
1246 allowed to be empty. Instances of this type with an empty value here are
1247 almost certainly wrong.
1248 TODO: Add other useful fields. apiVersion, kind, uid?
1249 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1250 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1251 type: string
1252 optional:
1253 description: Specify whether the Secret or its key
1254 must be defined
1255 type: boolean
1256 required:
1257 - key
1258 type: object
1259 x-kubernetes-map-type: atomic
1260 followRedirects:
1261 description: FollowRedirects specifies whether the client
1262 should follow HTTP 3xx redirects.
1263 type: boolean
1264 oauth2:
1265 description: OAuth2 client credentials used to fetch a
1266 token for the targets.
1267 properties:
1268 clientId:
1269 description: The secret or configmap containing the
1270 OAuth2 client id
1271 properties:
1272 configMap:
1273 description: ConfigMap containing data to use
1274 for the targets.
1275 properties:
1276 key:
1277 description: The key to select.
1278 type: string
1279 name:
1280 default: ""
1281 description: |-
1282 Name of the referent.
1283 This field is effectively required, but due to backwards compatibility is
1284 allowed to be empty. Instances of this type with an empty value here are
1285 almost certainly wrong.
1286 TODO: Add other useful fields. apiVersion, kind, uid?
1287 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1288 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1289 type: string
1290 optional:
1291 description: Specify whether the ConfigMap
1292 or its key must be defined
1293 type: boolean
1294 required:
1295 - key
1296 type: object
1297 x-kubernetes-map-type: atomic
1298 secret:
1299 description: Secret containing data to use for
1300 the targets.
1301 properties:
1302 key:
1303 description: The key of the secret to select
1304 from. Must be a valid secret key.
1305 type: string
1306 name:
1307 default: ""
1308 description: |-
1309 Name of the referent.
1310 This field is effectively required, but due to backwards compatibility is
1311 allowed to be empty. Instances of this type with an empty value here are
1312 almost certainly wrong.
1313 TODO: Add other useful fields. apiVersion, kind, uid?
1314 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1315 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1316 type: string
1317 optional:
1318 description: Specify whether the Secret or
1319 its key must be defined
1320 type: boolean
1321 required:
1322 - key
1323 type: object
1324 x-kubernetes-map-type: atomic
1325 type: object
1326 clientSecret:
1327 description: The secret containing the OAuth2 client
1328 secret
1329 properties:
1330 key:
1331 description: The key of the secret to select from. Must
1332 be a valid secret key.
1333 type: string
1334 name:
1335 default: ""
1336 description: |-
1337 Name of the referent.
1338 This field is effectively required, but due to backwards compatibility is
1339 allowed to be empty. Instances of this type with an empty value here are
1340 almost certainly wrong.
1341 TODO: Add other useful fields. apiVersion, kind, uid?
1342 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1343 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1344 type: string
1345 optional:
1346 description: Specify whether the Secret or its
1347 key must be defined
1348 type: boolean
1349 required:
1350 - key
1351 type: object
1352 x-kubernetes-map-type: atomic
1353 endpointParams:
1354 additionalProperties:
1355 type: string
1356 description: Parameters to append to the token URL
1357 type: object
1358 scopes:
1359 description: OAuth2 scopes used for the token request
1360 items:
1361 type: string
1362 type: array
1363 tokenUrl:
1364 description: The URL to fetch the token from
1365 minLength: 1
1366 type: string
1367 required:
1368 - clientId
1369 - clientSecret
1370 - tokenUrl
1371 type: object
1372 proxyURL:
1373 description: Optional proxy URL.
1374 type: string
1375 tlsConfig:
1376 description: TLS configuration for the client.
1377 properties:
1378 ca:
1379 description: Certificate authority used when verifying
1380 server certificates.
1381 properties:
1382 configMap:
1383 description: ConfigMap containing data to use
1384 for the targets.
1385 properties:
1386 key:
1387 description: The key to select.
1388 type: string
1389 name:
1390 default: ""
1391 description: |-
1392 Name of the referent.
1393 This field is effectively required, but due to backwards compatibility is
1394 allowed to be empty. Instances of this type with an empty value here are
1395 almost certainly wrong.
1396 TODO: Add other useful fields. apiVersion, kind, uid?
1397 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1398 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1399 type: string
1400 optional:
1401 description: Specify whether the ConfigMap
1402 or its key must be defined
1403 type: boolean
1404 required:
1405 - key
1406 type: object
1407 x-kubernetes-map-type: atomic
1408 secret:
1409 description: Secret containing data to use for
1410 the targets.
1411 properties:
1412 key:
1413 description: The key of the secret to select
1414 from. Must be a valid secret key.
1415 type: string
1416 name:
1417 default: ""
1418 description: |-
1419 Name of the referent.
1420 This field is effectively required, but due to backwards compatibility is
1421 allowed to be empty. Instances of this type with an empty value here are
1422 almost certainly wrong.
1423 TODO: Add other useful fields. apiVersion, kind, uid?
1424 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1425 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1426 type: string
1427 optional:
1428 description: Specify whether the Secret or
1429 its key must be defined
1430 type: boolean
1431 required:
1432 - key
1433 type: object
1434 x-kubernetes-map-type: atomic
1435 type: object
1436 cert:
1437 description: Client certificate to present when doing
1438 client-authentication.
1439 properties:
1440 configMap:
1441 description: ConfigMap containing data to use
1442 for the targets.
1443 properties:
1444 key:
1445 description: The key to select.
1446 type: string
1447 name:
1448 default: ""
1449 description: |-
1450 Name of the referent.
1451 This field is effectively required, but due to backwards compatibility is
1452 allowed to be empty. Instances of this type with an empty value here are
1453 almost certainly wrong.
1454 TODO: Add other useful fields. apiVersion, kind, uid?
1455 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1456 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1457 type: string
1458 optional:
1459 description: Specify whether the ConfigMap
1460 or its key must be defined
1461 type: boolean
1462 required:
1463 - key
1464 type: object
1465 x-kubernetes-map-type: atomic
1466 secret:
1467 description: Secret containing data to use for
1468 the targets.
1469 properties:
1470 key:
1471 description: The key of the secret to select
1472 from. Must be a valid secret key.
1473 type: string
1474 name:
1475 default: ""
1476 description: |-
1477 Name of the referent.
1478 This field is effectively required, but due to backwards compatibility is
1479 allowed to be empty. Instances of this type with an empty value here are
1480 almost certainly wrong.
1481 TODO: Add other useful fields. apiVersion, kind, uid?
1482 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1483 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1484 type: string
1485 optional:
1486 description: Specify whether the Secret or
1487 its key must be defined
1488 type: boolean
1489 required:
1490 - key
1491 type: object
1492 x-kubernetes-map-type: atomic
1493 type: object
1494 insecureSkipVerify:
1495 description: Disable target certificate validation.
1496 type: boolean
1497 keySecret:
1498 description: Secret containing the client key file
1499 for the targets.
1500 properties:
1501 key:
1502 description: The key of the secret to select from. Must
1503 be a valid secret key.
1504 type: string
1505 name:
1506 default: ""
1507 description: |-
1508 Name of the referent.
1509 This field is effectively required, but due to backwards compatibility is
1510 allowed to be empty. Instances of this type with an empty value here are
1511 almost certainly wrong.
1512 TODO: Add other useful fields. apiVersion, kind, uid?
1513 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1514 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1515 type: string
1516 optional:
1517 description: Specify whether the Secret or its
1518 key must be defined
1519 type: boolean
1520 required:
1521 - key
1522 type: object
1523 x-kubernetes-map-type: atomic
1524 serverName:
1525 description: Used to verify the hostname for the targets.
1526 type: string
1527 type: object
1528 type: object
1529 opsGenieApiKey:
1530 description: The default OpsGenie API Key.
1531 properties:
1532 key:
1533 description: The key of the secret to select from. Must
1534 be a valid secret key.
1535 type: string
1536 name:
1537 default: ""
1538 description: |-
1539 Name of the referent.
1540 This field is effectively required, but due to backwards compatibility is
1541 allowed to be empty. Instances of this type with an empty value here are
1542 almost certainly wrong.
1543 TODO: Add other useful fields. apiVersion, kind, uid?
1544 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1545 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1546 type: string
1547 optional:
1548 description: Specify whether the Secret or its key must
1549 be defined
1550 type: boolean
1551 required:
1552 - key
1553 type: object
1554 x-kubernetes-map-type: atomic
1555 opsGenieApiUrl:
1556 description: The default OpsGenie API URL.
1557 properties:
1558 key:
1559 description: The key of the secret to select from. Must
1560 be a valid secret key.
1561 type: string
1562 name:
1563 default: ""
1564 description: |-
1565 Name of the referent.
1566 This field is effectively required, but due to backwards compatibility is
1567 allowed to be empty. Instances of this type with an empty value here are
1568 almost certainly wrong.
1569 TODO: Add other useful fields. apiVersion, kind, uid?
1570 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1571 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1572 type: string
1573 optional:
1574 description: Specify whether the Secret or its key must
1575 be defined
1576 type: boolean
1577 required:
1578 - key
1579 type: object
1580 x-kubernetes-map-type: atomic
1581 pagerdutyUrl:
1582 description: The default Pagerduty URL.
1583 type: string
1584 resolveTimeout:
1585 description: |-
1586 ResolveTimeout is the default value used by alertmanager if the alert does
1587 not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated.
1588 This has no impact on alerts from Prometheus, as they always include EndsAt.
1589 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
1590 type: string
1591 slackApiUrl:
1592 description: The default Slack API URL.
1593 properties:
1594 key:
1595 description: The key of the secret to select from. Must
1596 be a valid secret key.
1597 type: string
1598 name:
1599 default: ""
1600 description: |-
1601 Name of the referent.
1602 This field is effectively required, but due to backwards compatibility is
1603 allowed to be empty. Instances of this type with an empty value here are
1604 almost certainly wrong.
1605 TODO: Add other useful fields. apiVersion, kind, uid?
1606 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1607 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1608 type: string
1609 optional:
1610 description: Specify whether the Secret or its key must
1611 be defined
1612 type: boolean
1613 required:
1614 - key
1615 type: object
1616 x-kubernetes-map-type: atomic
1617 smtp:
1618 description: Configures global SMTP parameters.
1619 properties:
1620 authIdentity:
1621 description: SMTP Auth using PLAIN
1622 type: string
1623 authPassword:
1624 description: SMTP Auth using LOGIN and PLAIN.
1625 properties:
1626 key:
1627 description: The key of the secret to select from. Must
1628 be a valid secret key.
1629 type: string
1630 name:
1631 default: ""
1632 description: |-
1633 Name of the referent.
1634 This field is effectively required, but due to backwards compatibility is
1635 allowed to be empty. Instances of this type with an empty value here are
1636 almost certainly wrong.
1637 TODO: Add other useful fields. apiVersion, kind, uid?
1638 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1639 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1640 type: string
1641 optional:
1642 description: Specify whether the Secret or its key
1643 must be defined
1644 type: boolean
1645 required:
1646 - key
1647 type: object
1648 x-kubernetes-map-type: atomic
1649 authSecret:
1650 description: SMTP Auth using CRAM-MD5.
1651 properties:
1652 key:
1653 description: The key of the secret to select from. Must
1654 be a valid secret key.
1655 type: string
1656 name:
1657 default: ""
1658 description: |-
1659 Name of the referent.
1660 This field is effectively required, but due to backwards compatibility is
1661 allowed to be empty. Instances of this type with an empty value here are
1662 almost certainly wrong.
1663 TODO: Add other useful fields. apiVersion, kind, uid?
1664 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1665 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1666 type: string
1667 optional:
1668 description: Specify whether the Secret or its key
1669 must be defined
1670 type: boolean
1671 required:
1672 - key
1673 type: object
1674 x-kubernetes-map-type: atomic
1675 authUsername:
1676 description: SMTP Auth using CRAM-MD5, LOGIN and PLAIN.
1677 If empty, Alertmanager doesn't authenticate to the SMTP
1678 server.
1679 type: string
1680 from:
1681 description: The default SMTP From header field.
1682 type: string
1683 hello:
1684 description: The default hostname to identify to the SMTP
1685 server.
1686 type: string
1687 requireTLS:
1688 description: |-
1689 The default SMTP TLS requirement.
1690 Note that Go does not support unencrypted connections to remote SMTP endpoints.
1691 type: boolean
1692 smartHost:
1693 description: The default SMTP smarthost used for sending
1694 emails.
1695 properties:
1696 host:
1697 description: Defines the host's address, it can be
1698 a DNS name or a literal IP address.
1699 minLength: 1
1700 type: string
1701 port:
1702 description: Defines the host's port, it can be a
1703 literal port number or a port name.
1704 minLength: 1
1705 type: string
1706 required:
1707 - host
1708 - port
1709 type: object
1710 type: object
1711 type: object
1712 name:
1713 description: |-
1714 The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration.
1715 It must be defined in the same namespace as the Alertmanager object.
1716 The operator will not enforce a `namespace` label for routes and inhibition rules.
1717 minLength: 1
1718 type: string
1719 templates:
1720 description: Custom notification templates.
1721 items:
1722 description: SecretOrConfigMap allows to specify data as a Secret
1723 or ConfigMap. Fields are mutually exclusive.
1724 properties:
1725 configMap:
1726 description: ConfigMap containing data to use for the targets.
1727 properties:
1728 key:
1729 description: The key to select.
1730 type: string
1731 name:
1732 default: ""
1733 description: |-
1734 Name of the referent.
1735 This field is effectively required, but due to backwards compatibility is
1736 allowed to be empty. Instances of this type with an empty value here are
1737 almost certainly wrong.
1738 TODO: Add other useful fields. apiVersion, kind, uid?
1739 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1740 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1741 type: string
1742 optional:
1743 description: Specify whether the ConfigMap or its key
1744 must be defined
1745 type: boolean
1746 required:
1747 - key
1748 type: object
1749 x-kubernetes-map-type: atomic
1750 secret:
1751 description: Secret containing data to use for the targets.
1752 properties:
1753 key:
1754 description: The key of the secret to select from. Must
1755 be a valid secret key.
1756 type: string
1757 name:
1758 default: ""
1759 description: |-
1760 Name of the referent.
1761 This field is effectively required, but due to backwards compatibility is
1762 allowed to be empty. Instances of this type with an empty value here are
1763 almost certainly wrong.
1764 TODO: Add other useful fields. apiVersion, kind, uid?
1765 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1766 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1767 type: string
1768 optional:
1769 description: Specify whether the Secret or its key must
1770 be defined
1771 type: boolean
1772 required:
1773 - key
1774 type: object
1775 x-kubernetes-map-type: atomic
1776 type: object
1777 type: array
1778 type: object
1779 automountServiceAccountToken:
1780 description: |-
1781 AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod.
1782 If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials.
1783 type: boolean
1784 baseImage:
1785 description: |-
1786 Base image that is used to deploy pods, without tag.
1787 Deprecated: use 'image' instead
1788 type: string
1789 clusterAdvertiseAddress:
1790 description: |-
1791 ClusterAdvertiseAddress is the explicit address to advertise in cluster.
1792 Needs to be provided for non RFC1918 [1] (public) addresses.
1793 [1] RFC1918: https://tools.ietf.org/html/rfc1918
1794 type: string
1795 clusterGossipInterval:
1796 description: Interval between gossip attempts.
1797 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
1798 type: string
1799 clusterPeerTimeout:
1800 description: Timeout for cluster peering.
1801 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
1802 type: string
1803 clusterPushpullInterval:
1804 description: Interval between pushpull attempts.
1805 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
1806 type: string
1807 configMaps:
1808 description: |-
1809 ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager
1810 object, which shall be mounted into the Alertmanager Pods.
1811 Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`.
1812 The ConfigMaps are mounted into `/etc/alertmanager/configmaps/<configmap-name>` in the 'alertmanager' container.
1813 items:
1814 type: string
1815 type: array
1816 configSecret:
1817 description: |-
1818 ConfigSecret is the name of a Kubernetes Secret in the same namespace as the
1819 Alertmanager object, which contains the configuration for this Alertmanager
1820 instance. If empty, it defaults to `alertmanager-<alertmanager-name>`.
1821
1822
1823 The Alertmanager configuration should be available under the
1824 `alertmanager.yaml` key. Additional keys from the original secret are
1825 copied to the generated secret and mounted into the
1826 `/etc/alertmanager/config` directory in the `alertmanager` container.
1827
1828
1829 If either the secret or the `alertmanager.yaml` key is missing, the
1830 operator provisions a minimal Alertmanager configuration with one empty
1831 receiver (effectively dropping alert notifications).
1832 type: string
1833 containers:
1834 description: |-
1835 Containers allows injecting additional containers. This is meant to
1836 allow adding an authentication proxy to an Alertmanager pod.
1837 Containers described here modify an operator generated container if they
1838 share the same name and modifications are done via a strategic merge
1839 patch. The current container names are: `alertmanager` and
1840 `config-reloader`. Overriding containers is entirely outside the scope
1841 of what the maintainers will support and by doing so, you accept that
1842 this behaviour may break at any time without notice.
1843 items:
1844 description: A single application container that you want to run
1845 within a pod.
1846 properties:
1847 args:
1848 description: |-
1849 Arguments to the entrypoint.
1850 The container image's CMD is used if this is not provided.
1851 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
1852 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
1853 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
1854 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
1855 of whether the variable exists or not. Cannot be updated.
1856 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
1857 items:
1858 type: string
1859 type: array
1860 x-kubernetes-list-type: atomic
1861 command:
1862 description: |-
1863 Entrypoint array. Not executed within a shell.
1864 The container image's ENTRYPOINT is used if this is not provided.
1865 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
1866 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
1867 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
1868 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
1869 of whether the variable exists or not. Cannot be updated.
1870 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
1871 items:
1872 type: string
1873 type: array
1874 x-kubernetes-list-type: atomic
1875 env:
1876 description: |-
1877 List of environment variables to set in the container.
1878 Cannot be updated.
1879 items:
1880 description: EnvVar represents an environment variable present
1881 in a Container.
1882 properties:
1883 name:
1884 description: Name of the environment variable. Must be
1885 a C_IDENTIFIER.
1886 type: string
1887 value:
1888 description: |-
1889 Variable references $(VAR_NAME) are expanded
1890 using the previously defined environment variables in the container and
1891 any service environment variables. If a variable cannot be resolved,
1892 the reference in the input string will be unchanged. Double $$ are reduced
1893 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
1894 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
1895 Escaped references will never be expanded, regardless of whether the variable
1896 exists or not.
1897 Defaults to "".
1898 type: string
1899 valueFrom:
1900 description: Source for the environment variable's value.
1901 Cannot be used if value is not empty.
1902 properties:
1903 configMapKeyRef:
1904 description: Selects a key of a ConfigMap.
1905 properties:
1906 key:
1907 description: The key to select.
1908 type: string
1909 name:
1910 default: ""
1911 description: |-
1912 Name of the referent.
1913 This field is effectively required, but due to backwards compatibility is
1914 allowed to be empty. Instances of this type with an empty value here are
1915 almost certainly wrong.
1916 TODO: Add other useful fields. apiVersion, kind, uid?
1917 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1918 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1919 type: string
1920 optional:
1921 description: Specify whether the ConfigMap or
1922 its key must be defined
1923 type: boolean
1924 required:
1925 - key
1926 type: object
1927 x-kubernetes-map-type: atomic
1928 fieldRef:
1929 description: |-
1930 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
1931 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
1932 properties:
1933 apiVersion:
1934 description: Version of the schema the FieldPath
1935 is written in terms of, defaults to "v1".
1936 type: string
1937 fieldPath:
1938 description: Path of the field to select in the
1939 specified API version.
1940 type: string
1941 required:
1942 - fieldPath
1943 type: object
1944 x-kubernetes-map-type: atomic
1945 resourceFieldRef:
1946 description: |-
1947 Selects a resource of the container: only resources limits and requests
1948 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
1949 properties:
1950 containerName:
1951 description: 'Container name: required for volumes,
1952 optional for env vars'
1953 type: string
1954 divisor:
1955 anyOf:
1956 - type: integer
1957 - type: string
1958 description: Specifies the output format of the
1959 exposed resources, defaults to "1"
1960 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1961 x-kubernetes-int-or-string: true
1962 resource:
1963 description: 'Required: resource to select'
1964 type: string
1965 required:
1966 - resource
1967 type: object
1968 x-kubernetes-map-type: atomic
1969 secretKeyRef:
1970 description: Selects a key of a secret in the pod's
1971 namespace
1972 properties:
1973 key:
1974 description: The key of the secret to select from. Must
1975 be a valid secret key.
1976 type: string
1977 name:
1978 default: ""
1979 description: |-
1980 Name of the referent.
1981 This field is effectively required, but due to backwards compatibility is
1982 allowed to be empty. Instances of this type with an empty value here are
1983 almost certainly wrong.
1984 TODO: Add other useful fields. apiVersion, kind, uid?
1985 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1986 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1987 type: string
1988 optional:
1989 description: Specify whether the Secret or its
1990 key must be defined
1991 type: boolean
1992 required:
1993 - key
1994 type: object
1995 x-kubernetes-map-type: atomic
1996 type: object
1997 required:
1998 - name
1999 type: object
2000 type: array
2001 x-kubernetes-list-map-keys:
2002 - name
2003 x-kubernetes-list-type: map
2004 envFrom:
2005 description: |-
2006 List of sources to populate environment variables in the container.
2007 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
2008 will be reported as an event when the container is starting. When a key exists in multiple
2009 sources, the value associated with the last source will take precedence.
2010 Values defined by an Env with a duplicate key will take precedence.
2011 Cannot be updated.
2012 items:
2013 description: EnvFromSource represents the source of a set
2014 of ConfigMaps
2015 properties:
2016 configMapRef:
2017 description: The ConfigMap to select from
2018 properties:
2019 name:
2020 default: ""
2021 description: |-
2022 Name of the referent.
2023 This field is effectively required, but due to backwards compatibility is
2024 allowed to be empty. Instances of this type with an empty value here are
2025 almost certainly wrong.
2026 TODO: Add other useful fields. apiVersion, kind, uid?
2027 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2028 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2029 type: string
2030 optional:
2031 description: Specify whether the ConfigMap must be
2032 defined
2033 type: boolean
2034 type: object
2035 x-kubernetes-map-type: atomic
2036 prefix:
2037 description: An optional identifier to prepend to each
2038 key in the ConfigMap. Must be a C_IDENTIFIER.
2039 type: string
2040 secretRef:
2041 description: The Secret to select from
2042 properties:
2043 name:
2044 default: ""
2045 description: |-
2046 Name of the referent.
2047 This field is effectively required, but due to backwards compatibility is
2048 allowed to be empty. Instances of this type with an empty value here are
2049 almost certainly wrong.
2050 TODO: Add other useful fields. apiVersion, kind, uid?
2051 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2052 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2053 type: string
2054 optional:
2055 description: Specify whether the Secret must be defined
2056 type: boolean
2057 type: object
2058 x-kubernetes-map-type: atomic
2059 type: object
2060 type: array
2061 x-kubernetes-list-type: atomic
2062 image:
2063 description: |-
2064 Container image name.
2065 More info: https://kubernetes.io/docs/concepts/containers/images
2066 This field is optional to allow higher level config management to default or override
2067 container images in workload controllers like Deployments and StatefulSets.
2068 type: string
2069 imagePullPolicy:
2070 description: |-
2071 Image pull policy.
2072 One of Always, Never, IfNotPresent.
2073 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
2074 Cannot be updated.
2075 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
2076 type: string
2077 lifecycle:
2078 description: |-
2079 Actions that the management system should take in response to container lifecycle events.
2080 Cannot be updated.
2081 properties:
2082 postStart:
2083 description: |-
2084 PostStart is called immediately after a container is created. If the handler fails,
2085 the container is terminated and restarted according to its restart policy.
2086 Other management of the container blocks until the hook completes.
2087 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
2088 properties:
2089 exec:
2090 description: Exec specifies the action to take.
2091 properties:
2092 command:
2093 description: |-
2094 Command is the command line to execute inside the container, the working directory for the
2095 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2096 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2097 a shell, you need to explicitly call out to that shell.
2098 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2099 items:
2100 type: string
2101 type: array
2102 x-kubernetes-list-type: atomic
2103 type: object
2104 httpGet:
2105 description: HTTPGet specifies the http request to perform.
2106 properties:
2107 host:
2108 description: |-
2109 Host name to connect to, defaults to the pod IP. You probably want to set
2110 "Host" in httpHeaders instead.
2111 type: string
2112 httpHeaders:
2113 description: Custom headers to set in the request.
2114 HTTP allows repeated headers.
2115 items:
2116 description: HTTPHeader describes a custom header
2117 to be used in HTTP probes
2118 properties:
2119 name:
2120 description: |-
2121 The header field name.
2122 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2123 type: string
2124 value:
2125 description: The header field value
2126 type: string
2127 required:
2128 - name
2129 - value
2130 type: object
2131 type: array
2132 x-kubernetes-list-type: atomic
2133 path:
2134 description: Path to access on the HTTP server.
2135 type: string
2136 port:
2137 anyOf:
2138 - type: integer
2139 - type: string
2140 description: |-
2141 Name or number of the port to access on the container.
2142 Number must be in the range 1 to 65535.
2143 Name must be an IANA_SVC_NAME.
2144 x-kubernetes-int-or-string: true
2145 scheme:
2146 description: |-
2147 Scheme to use for connecting to the host.
2148 Defaults to HTTP.
2149 type: string
2150 required:
2151 - port
2152 type: object
2153 sleep:
2154 description: Sleep represents the duration that the
2155 container should sleep before being terminated.
2156 properties:
2157 seconds:
2158 description: Seconds is the number of seconds to
2159 sleep.
2160 format: int64
2161 type: integer
2162 required:
2163 - seconds
2164 type: object
2165 tcpSocket:
2166 description: |-
2167 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
2168 for the backward compatibility. There are no validation of this field and
2169 lifecycle hooks will fail in runtime when tcp handler is specified.
2170 properties:
2171 host:
2172 description: 'Optional: Host name to connect to,
2173 defaults to the pod IP.'
2174 type: string
2175 port:
2176 anyOf:
2177 - type: integer
2178 - type: string
2179 description: |-
2180 Number or name of the port to access on the container.
2181 Number must be in the range 1 to 65535.
2182 Name must be an IANA_SVC_NAME.
2183 x-kubernetes-int-or-string: true
2184 required:
2185 - port
2186 type: object
2187 type: object
2188 preStop:
2189 description: |-
2190 PreStop is called immediately before a container is terminated due to an
2191 API request or management event such as liveness/startup probe failure,
2192 preemption, resource contention, etc. The handler is not called if the
2193 container crashes or exits. The Pod's termination grace period countdown begins before the
2194 PreStop hook is executed. Regardless of the outcome of the handler, the
2195 container will eventually terminate within the Pod's termination grace
2196 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
2197 or until the termination grace period is reached.
2198 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
2199 properties:
2200 exec:
2201 description: Exec specifies the action to take.
2202 properties:
2203 command:
2204 description: |-
2205 Command is the command line to execute inside the container, the working directory for the
2206 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2207 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2208 a shell, you need to explicitly call out to that shell.
2209 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2210 items:
2211 type: string
2212 type: array
2213 x-kubernetes-list-type: atomic
2214 type: object
2215 httpGet:
2216 description: HTTPGet specifies the http request to perform.
2217 properties:
2218 host:
2219 description: |-
2220 Host name to connect to, defaults to the pod IP. You probably want to set
2221 "Host" in httpHeaders instead.
2222 type: string
2223 httpHeaders:
2224 description: Custom headers to set in the request.
2225 HTTP allows repeated headers.
2226 items:
2227 description: HTTPHeader describes a custom header
2228 to be used in HTTP probes
2229 properties:
2230 name:
2231 description: |-
2232 The header field name.
2233 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2234 type: string
2235 value:
2236 description: The header field value
2237 type: string
2238 required:
2239 - name
2240 - value
2241 type: object
2242 type: array
2243 x-kubernetes-list-type: atomic
2244 path:
2245 description: Path to access on the HTTP server.
2246 type: string
2247 port:
2248 anyOf:
2249 - type: integer
2250 - type: string
2251 description: |-
2252 Name or number of the port to access on the container.
2253 Number must be in the range 1 to 65535.
2254 Name must be an IANA_SVC_NAME.
2255 x-kubernetes-int-or-string: true
2256 scheme:
2257 description: |-
2258 Scheme to use for connecting to the host.
2259 Defaults to HTTP.
2260 type: string
2261 required:
2262 - port
2263 type: object
2264 sleep:
2265 description: Sleep represents the duration that the
2266 container should sleep before being terminated.
2267 properties:
2268 seconds:
2269 description: Seconds is the number of seconds to
2270 sleep.
2271 format: int64
2272 type: integer
2273 required:
2274 - seconds
2275 type: object
2276 tcpSocket:
2277 description: |-
2278 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
2279 for the backward compatibility. There are no validation of this field and
2280 lifecycle hooks will fail in runtime when tcp handler is specified.
2281 properties:
2282 host:
2283 description: 'Optional: Host name to connect to,
2284 defaults to the pod IP.'
2285 type: string
2286 port:
2287 anyOf:
2288 - type: integer
2289 - type: string
2290 description: |-
2291 Number or name of the port to access on the container.
2292 Number must be in the range 1 to 65535.
2293 Name must be an IANA_SVC_NAME.
2294 x-kubernetes-int-or-string: true
2295 required:
2296 - port
2297 type: object
2298 type: object
2299 type: object
2300 livenessProbe:
2301 description: |-
2302 Periodic probe of container liveness.
2303 Container will be restarted if the probe fails.
2304 Cannot be updated.
2305 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2306 properties:
2307 exec:
2308 description: Exec specifies the action to take.
2309 properties:
2310 command:
2311 description: |-
2312 Command is the command line to execute inside the container, the working directory for the
2313 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2314 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2315 a shell, you need to explicitly call out to that shell.
2316 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2317 items:
2318 type: string
2319 type: array
2320 x-kubernetes-list-type: atomic
2321 type: object
2322 failureThreshold:
2323 description: |-
2324 Minimum consecutive failures for the probe to be considered failed after having succeeded.
2325 Defaults to 3. Minimum value is 1.
2326 format: int32
2327 type: integer
2328 grpc:
2329 description: GRPC specifies an action involving a GRPC port.
2330 properties:
2331 port:
2332 description: Port number of the gRPC service. Number
2333 must be in the range 1 to 65535.
2334 format: int32
2335 type: integer
2336 service:
2337 description: |-
2338 Service is the name of the service to place in the gRPC HealthCheckRequest
2339 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
2340
2341
2342 If this is not specified, the default behavior is defined by gRPC.
2343 type: string
2344 required:
2345 - port
2346 type: object
2347 httpGet:
2348 description: HTTPGet specifies the http request to perform.
2349 properties:
2350 host:
2351 description: |-
2352 Host name to connect to, defaults to the pod IP. You probably want to set
2353 "Host" in httpHeaders instead.
2354 type: string
2355 httpHeaders:
2356 description: Custom headers to set in the request. HTTP
2357 allows repeated headers.
2358 items:
2359 description: HTTPHeader describes a custom header
2360 to be used in HTTP probes
2361 properties:
2362 name:
2363 description: |-
2364 The header field name.
2365 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2366 type: string
2367 value:
2368 description: The header field value
2369 type: string
2370 required:
2371 - name
2372 - value
2373 type: object
2374 type: array
2375 x-kubernetes-list-type: atomic
2376 path:
2377 description: Path to access on the HTTP server.
2378 type: string
2379 port:
2380 anyOf:
2381 - type: integer
2382 - type: string
2383 description: |-
2384 Name or number of the port to access on the container.
2385 Number must be in the range 1 to 65535.
2386 Name must be an IANA_SVC_NAME.
2387 x-kubernetes-int-or-string: true
2388 scheme:
2389 description: |-
2390 Scheme to use for connecting to the host.
2391 Defaults to HTTP.
2392 type: string
2393 required:
2394 - port
2395 type: object
2396 initialDelaySeconds:
2397 description: |-
2398 Number of seconds after the container has started before liveness probes are initiated.
2399 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2400 format: int32
2401 type: integer
2402 periodSeconds:
2403 description: |-
2404 How often (in seconds) to perform the probe.
2405 Default to 10 seconds. Minimum value is 1.
2406 format: int32
2407 type: integer
2408 successThreshold:
2409 description: |-
2410 Minimum consecutive successes for the probe to be considered successful after having failed.
2411 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
2412 format: int32
2413 type: integer
2414 tcpSocket:
2415 description: TCPSocket specifies an action involving a TCP
2416 port.
2417 properties:
2418 host:
2419 description: 'Optional: Host name to connect to, defaults
2420 to the pod IP.'
2421 type: string
2422 port:
2423 anyOf:
2424 - type: integer
2425 - type: string
2426 description: |-
2427 Number or name of the port to access on the container.
2428 Number must be in the range 1 to 65535.
2429 Name must be an IANA_SVC_NAME.
2430 x-kubernetes-int-or-string: true
2431 required:
2432 - port
2433 type: object
2434 terminationGracePeriodSeconds:
2435 description: |-
2436 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
2437 The grace period is the duration in seconds after the processes running in the pod are sent
2438 a termination signal and the time when the processes are forcibly halted with a kill signal.
2439 Set this value longer than the expected cleanup time for your process.
2440 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
2441 value overrides the value provided by the pod spec.
2442 Value must be non-negative integer. The value zero indicates stop immediately via
2443 the kill signal (no opportunity to shut down).
2444 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
2445 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
2446 format: int64
2447 type: integer
2448 timeoutSeconds:
2449 description: |-
2450 Number of seconds after which the probe times out.
2451 Defaults to 1 second. Minimum value is 1.
2452 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2453 format: int32
2454 type: integer
2455 type: object
2456 name:
2457 description: |-
2458 Name of the container specified as a DNS_LABEL.
2459 Each container in a pod must have a unique name (DNS_LABEL).
2460 Cannot be updated.
2461 type: string
2462 ports:
2463 description: |-
2464 List of ports to expose from the container. Not specifying a port here
2465 DOES NOT prevent that port from being exposed. Any port which is
2466 listening on the default "0.0.0.0" address inside a container will be
2467 accessible from the network.
2468 Modifying this array with strategic merge patch may corrupt the data.
2469 For more information See https://github.com/kubernetes/kubernetes/issues/108255.
2470 Cannot be updated.
2471 items:
2472 description: ContainerPort represents a network port in a
2473 single container.
2474 properties:
2475 containerPort:
2476 description: |-
2477 Number of port to expose on the pod's IP address.
2478 This must be a valid port number, 0 < x < 65536.
2479 format: int32
2480 type: integer
2481 hostIP:
2482 description: What host IP to bind the external port to.
2483 type: string
2484 hostPort:
2485 description: |-
2486 Number of port to expose on the host.
2487 If specified, this must be a valid port number, 0 < x < 65536.
2488 If HostNetwork is specified, this must match ContainerPort.
2489 Most containers do not need this.
2490 format: int32
2491 type: integer
2492 name:
2493 description: |-
2494 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
2495 named port in a pod must have a unique name. Name for the port that can be
2496 referred to by services.
2497 type: string
2498 protocol:
2499 default: TCP
2500 description: |-
2501 Protocol for port. Must be UDP, TCP, or SCTP.
2502 Defaults to "TCP".
2503 type: string
2504 required:
2505 - containerPort
2506 type: object
2507 type: array
2508 x-kubernetes-list-map-keys:
2509 - containerPort
2510 - protocol
2511 x-kubernetes-list-type: map
2512 readinessProbe:
2513 description: |-
2514 Periodic probe of container service readiness.
2515 Container will be removed from service endpoints if the probe fails.
2516 Cannot be updated.
2517 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2518 properties:
2519 exec:
2520 description: Exec specifies the action to take.
2521 properties:
2522 command:
2523 description: |-
2524 Command is the command line to execute inside the container, the working directory for the
2525 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2526 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2527 a shell, you need to explicitly call out to that shell.
2528 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2529 items:
2530 type: string
2531 type: array
2532 x-kubernetes-list-type: atomic
2533 type: object
2534 failureThreshold:
2535 description: |-
2536 Minimum consecutive failures for the probe to be considered failed after having succeeded.
2537 Defaults to 3. Minimum value is 1.
2538 format: int32
2539 type: integer
2540 grpc:
2541 description: GRPC specifies an action involving a GRPC port.
2542 properties:
2543 port:
2544 description: Port number of the gRPC service. Number
2545 must be in the range 1 to 65535.
2546 format: int32
2547 type: integer
2548 service:
2549 description: |-
2550 Service is the name of the service to place in the gRPC HealthCheckRequest
2551 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
2552
2553
2554 If this is not specified, the default behavior is defined by gRPC.
2555 type: string
2556 required:
2557 - port
2558 type: object
2559 httpGet:
2560 description: HTTPGet specifies the http request to perform.
2561 properties:
2562 host:
2563 description: |-
2564 Host name to connect to, defaults to the pod IP. You probably want to set
2565 "Host" in httpHeaders instead.
2566 type: string
2567 httpHeaders:
2568 description: Custom headers to set in the request. HTTP
2569 allows repeated headers.
2570 items:
2571 description: HTTPHeader describes a custom header
2572 to be used in HTTP probes
2573 properties:
2574 name:
2575 description: |-
2576 The header field name.
2577 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2578 type: string
2579 value:
2580 description: The header field value
2581 type: string
2582 required:
2583 - name
2584 - value
2585 type: object
2586 type: array
2587 x-kubernetes-list-type: atomic
2588 path:
2589 description: Path to access on the HTTP server.
2590 type: string
2591 port:
2592 anyOf:
2593 - type: integer
2594 - type: string
2595 description: |-
2596 Name or number of the port to access on the container.
2597 Number must be in the range 1 to 65535.
2598 Name must be an IANA_SVC_NAME.
2599 x-kubernetes-int-or-string: true
2600 scheme:
2601 description: |-
2602 Scheme to use for connecting to the host.
2603 Defaults to HTTP.
2604 type: string
2605 required:
2606 - port
2607 type: object
2608 initialDelaySeconds:
2609 description: |-
2610 Number of seconds after the container has started before liveness probes are initiated.
2611 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2612 format: int32
2613 type: integer
2614 periodSeconds:
2615 description: |-
2616 How often (in seconds) to perform the probe.
2617 Default to 10 seconds. Minimum value is 1.
2618 format: int32
2619 type: integer
2620 successThreshold:
2621 description: |-
2622 Minimum consecutive successes for the probe to be considered successful after having failed.
2623 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
2624 format: int32
2625 type: integer
2626 tcpSocket:
2627 description: TCPSocket specifies an action involving a TCP
2628 port.
2629 properties:
2630 host:
2631 description: 'Optional: Host name to connect to, defaults
2632 to the pod IP.'
2633 type: string
2634 port:
2635 anyOf:
2636 - type: integer
2637 - type: string
2638 description: |-
2639 Number or name of the port to access on the container.
2640 Number must be in the range 1 to 65535.
2641 Name must be an IANA_SVC_NAME.
2642 x-kubernetes-int-or-string: true
2643 required:
2644 - port
2645 type: object
2646 terminationGracePeriodSeconds:
2647 description: |-
2648 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
2649 The grace period is the duration in seconds after the processes running in the pod are sent
2650 a termination signal and the time when the processes are forcibly halted with a kill signal.
2651 Set this value longer than the expected cleanup time for your process.
2652 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
2653 value overrides the value provided by the pod spec.
2654 Value must be non-negative integer. The value zero indicates stop immediately via
2655 the kill signal (no opportunity to shut down).
2656 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
2657 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
2658 format: int64
2659 type: integer
2660 timeoutSeconds:
2661 description: |-
2662 Number of seconds after which the probe times out.
2663 Defaults to 1 second. Minimum value is 1.
2664 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2665 format: int32
2666 type: integer
2667 type: object
2668 resizePolicy:
2669 description: Resources resize policy for the container.
2670 items:
2671 description: ContainerResizePolicy represents resource resize
2672 policy for the container.
2673 properties:
2674 resourceName:
2675 description: |-
2676 Name of the resource to which this resource resize policy applies.
2677 Supported values: cpu, memory.
2678 type: string
2679 restartPolicy:
2680 description: |-
2681 Restart policy to apply when specified resource is resized.
2682 If not specified, it defaults to NotRequired.
2683 type: string
2684 required:
2685 - resourceName
2686 - restartPolicy
2687 type: object
2688 type: array
2689 x-kubernetes-list-type: atomic
2690 resources:
2691 description: |-
2692 Compute Resources required by this container.
2693 Cannot be updated.
2694 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2695 properties:
2696 claims:
2697 description: |-
2698 Claims lists the names of resources, defined in spec.resourceClaims,
2699 that are used by this container.
2700
2701
2702 This is an alpha field and requires enabling the
2703 DynamicResourceAllocation feature gate.
2704
2705
2706 This field is immutable. It can only be set for containers.
2707 items:
2708 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
2709 properties:
2710 name:
2711 description: |-
2712 Name must match the name of one entry in pod.spec.resourceClaims of
2713 the Pod where this field is used. It makes that resource available
2714 inside a container.
2715 type: string
2716 required:
2717 - name
2718 type: object
2719 type: array
2720 x-kubernetes-list-map-keys:
2721 - name
2722 x-kubernetes-list-type: map
2723 limits:
2724 additionalProperties:
2725 anyOf:
2726 - type: integer
2727 - type: string
2728 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2729 x-kubernetes-int-or-string: true
2730 description: |-
2731 Limits describes the maximum amount of compute resources allowed.
2732 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2733 type: object
2734 requests:
2735 additionalProperties:
2736 anyOf:
2737 - type: integer
2738 - type: string
2739 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2740 x-kubernetes-int-or-string: true
2741 description: |-
2742 Requests describes the minimum amount of compute resources required.
2743 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
2744 otherwise to an implementation-defined value. Requests cannot exceed Limits.
2745 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2746 type: object
2747 type: object
2748 restartPolicy:
2749 description: |-
2750 RestartPolicy defines the restart behavior of individual containers in a pod.
2751 This field may only be set for init containers, and the only allowed value is "Always".
2752 For non-init containers or when this field is not specified,
2753 the restart behavior is defined by the Pod's restart policy and the container type.
2754 Setting the RestartPolicy as "Always" for the init container will have the following effect:
2755 this init container will be continually restarted on
2756 exit until all regular containers have terminated. Once all regular
2757 containers have completed, all init containers with restartPolicy "Always"
2758 will be shut down. This lifecycle differs from normal init containers and
2759 is often referred to as a "sidecar" container. Although this init
2760 container still starts in the init container sequence, it does not wait
2761 for the container to complete before proceeding to the next init
2762 container. Instead, the next init container starts immediately after this
2763 init container is started, or after any startupProbe has successfully
2764 completed.
2765 type: string
2766 securityContext:
2767 description: |-
2768 SecurityContext defines the security options the container should be run with.
2769 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
2770 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
2771 properties:
2772 allowPrivilegeEscalation:
2773 description: |-
2774 AllowPrivilegeEscalation controls whether a process can gain more
2775 privileges than its parent process. This bool directly controls if
2776 the no_new_privs flag will be set on the container process.
2777 AllowPrivilegeEscalation is true always when the container is:
2778 1) run as Privileged
2779 2) has CAP_SYS_ADMIN
2780 Note that this field cannot be set when spec.os.name is windows.
2781 type: boolean
2782 appArmorProfile:
2783 description: |-
2784 appArmorProfile is the AppArmor options to use by this container. If set, this profile
2785 overrides the pod's appArmorProfile.
2786 Note that this field cannot be set when spec.os.name is windows.
2787 properties:
2788 localhostProfile:
2789 description: |-
2790 localhostProfile indicates a profile loaded on the node that should be used.
2791 The profile must be preconfigured on the node to work.
2792 Must match the loaded name of the profile.
2793 Must be set if and only if type is "Localhost".
2794 type: string
2795 type:
2796 description: |-
2797 type indicates which kind of AppArmor profile will be applied.
2798 Valid options are:
2799 Localhost - a profile pre-loaded on the node.
2800 RuntimeDefault - the container runtime's default profile.
2801 Unconfined - no AppArmor enforcement.
2802 type: string
2803 required:
2804 - type
2805 type: object
2806 capabilities:
2807 description: |-
2808 The capabilities to add/drop when running containers.
2809 Defaults to the default set of capabilities granted by the container runtime.
2810 Note that this field cannot be set when spec.os.name is windows.
2811 properties:
2812 add:
2813 description: Added capabilities
2814 items:
2815 description: Capability represent POSIX capabilities
2816 type
2817 type: string
2818 type: array
2819 x-kubernetes-list-type: atomic
2820 drop:
2821 description: Removed capabilities
2822 items:
2823 description: Capability represent POSIX capabilities
2824 type
2825 type: string
2826 type: array
2827 x-kubernetes-list-type: atomic
2828 type: object
2829 privileged:
2830 description: |-
2831 Run container in privileged mode.
2832 Processes in privileged containers are essentially equivalent to root on the host.
2833 Defaults to false.
2834 Note that this field cannot be set when spec.os.name is windows.
2835 type: boolean
2836 procMount:
2837 description: |-
2838 procMount denotes the type of proc mount to use for the containers.
2839 The default is DefaultProcMount which uses the container runtime defaults for
2840 readonly paths and masked paths.
2841 This requires the ProcMountType feature flag to be enabled.
2842 Note that this field cannot be set when spec.os.name is windows.
2843 type: string
2844 readOnlyRootFilesystem:
2845 description: |-
2846 Whether this container has a read-only root filesystem.
2847 Default is false.
2848 Note that this field cannot be set when spec.os.name is windows.
2849 type: boolean
2850 runAsGroup:
2851 description: |-
2852 The GID to run the entrypoint of the container process.
2853 Uses runtime default if unset.
2854 May also be set in PodSecurityContext. If set in both SecurityContext and
2855 PodSecurityContext, the value specified in SecurityContext takes precedence.
2856 Note that this field cannot be set when spec.os.name is windows.
2857 format: int64
2858 type: integer
2859 runAsNonRoot:
2860 description: |-
2861 Indicates that the container must run as a non-root user.
2862 If true, the Kubelet will validate the image at runtime to ensure that it
2863 does not run as UID 0 (root) and fail to start the container if it does.
2864 If unset or false, no such validation will be performed.
2865 May also be set in PodSecurityContext. If set in both SecurityContext and
2866 PodSecurityContext, the value specified in SecurityContext takes precedence.
2867 type: boolean
2868 runAsUser:
2869 description: |-
2870 The UID to run the entrypoint of the container process.
2871 Defaults to user specified in image metadata if unspecified.
2872 May also be set in PodSecurityContext. If set in both SecurityContext and
2873 PodSecurityContext, the value specified in SecurityContext takes precedence.
2874 Note that this field cannot be set when spec.os.name is windows.
2875 format: int64
2876 type: integer
2877 seLinuxOptions:
2878 description: |-
2879 The SELinux context to be applied to the container.
2880 If unspecified, the container runtime will allocate a random SELinux context for each
2881 container. May also be set in PodSecurityContext. If set in both SecurityContext and
2882 PodSecurityContext, the value specified in SecurityContext takes precedence.
2883 Note that this field cannot be set when spec.os.name is windows.
2884 properties:
2885 level:
2886 description: Level is SELinux level label that applies
2887 to the container.
2888 type: string
2889 role:
2890 description: Role is a SELinux role label that applies
2891 to the container.
2892 type: string
2893 type:
2894 description: Type is a SELinux type label that applies
2895 to the container.
2896 type: string
2897 user:
2898 description: User is a SELinux user label that applies
2899 to the container.
2900 type: string
2901 type: object
2902 seccompProfile:
2903 description: |-
2904 The seccomp options to use by this container. If seccomp options are
2905 provided at both the pod & container level, the container options
2906 override the pod options.
2907 Note that this field cannot be set when spec.os.name is windows.
2908 properties:
2909 localhostProfile:
2910 description: |-
2911 localhostProfile indicates a profile defined in a file on the node should be used.
2912 The profile must be preconfigured on the node to work.
2913 Must be a descending path, relative to the kubelet's configured seccomp profile location.
2914 Must be set if type is "Localhost". Must NOT be set for any other type.
2915 type: string
2916 type:
2917 description: |-
2918 type indicates which kind of seccomp profile will be applied.
2919 Valid options are:
2920
2921
2922 Localhost - a profile defined in a file on the node should be used.
2923 RuntimeDefault - the container runtime default profile should be used.
2924 Unconfined - no profile should be applied.
2925 type: string
2926 required:
2927 - type
2928 type: object
2929 windowsOptions:
2930 description: |-
2931 The Windows specific settings applied to all containers.
2932 If unspecified, the options from the PodSecurityContext will be used.
2933 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
2934 Note that this field cannot be set when spec.os.name is linux.
2935 properties:
2936 gmsaCredentialSpec:
2937 description: |-
2938 GMSACredentialSpec is where the GMSA admission webhook
2939 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
2940 GMSA credential spec named by the GMSACredentialSpecName field.
2941 type: string
2942 gmsaCredentialSpecName:
2943 description: GMSACredentialSpecName is the name of the
2944 GMSA credential spec to use.
2945 type: string
2946 hostProcess:
2947 description: |-
2948 HostProcess determines if a container should be run as a 'Host Process' container.
2949 All of a Pod's containers must have the same effective HostProcess value
2950 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
2951 In addition, if HostProcess is true then HostNetwork must also be set to true.
2952 type: boolean
2953 runAsUserName:
2954 description: |-
2955 The UserName in Windows to run the entrypoint of the container process.
2956 Defaults to the user specified in image metadata if unspecified.
2957 May also be set in PodSecurityContext. If set in both SecurityContext and
2958 PodSecurityContext, the value specified in SecurityContext takes precedence.
2959 type: string
2960 type: object
2961 type: object
2962 startupProbe:
2963 description: |-
2964 StartupProbe indicates that the Pod has successfully initialized.
2965 If specified, no other probes are executed until this completes successfully.
2966 If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
2967 This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
2968 when it might take a long time to load data or warm a cache, than during steady-state operation.
2969 This cannot be updated.
2970 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2971 properties:
2972 exec:
2973 description: Exec specifies the action to take.
2974 properties:
2975 command:
2976 description: |-
2977 Command is the command line to execute inside the container, the working directory for the
2978 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2979 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2980 a shell, you need to explicitly call out to that shell.
2981 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2982 items:
2983 type: string
2984 type: array
2985 x-kubernetes-list-type: atomic
2986 type: object
2987 failureThreshold:
2988 description: |-
2989 Minimum consecutive failures for the probe to be considered failed after having succeeded.
2990 Defaults to 3. Minimum value is 1.
2991 format: int32
2992 type: integer
2993 grpc:
2994 description: GRPC specifies an action involving a GRPC port.
2995 properties:
2996 port:
2997 description: Port number of the gRPC service. Number
2998 must be in the range 1 to 65535.
2999 format: int32
3000 type: integer
3001 service:
3002 description: |-
3003 Service is the name of the service to place in the gRPC HealthCheckRequest
3004 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3005
3006
3007 If this is not specified, the default behavior is defined by gRPC.
3008 type: string
3009 required:
3010 - port
3011 type: object
3012 httpGet:
3013 description: HTTPGet specifies the http request to perform.
3014 properties:
3015 host:
3016 description: |-
3017 Host name to connect to, defaults to the pod IP. You probably want to set
3018 "Host" in httpHeaders instead.
3019 type: string
3020 httpHeaders:
3021 description: Custom headers to set in the request. HTTP
3022 allows repeated headers.
3023 items:
3024 description: HTTPHeader describes a custom header
3025 to be used in HTTP probes
3026 properties:
3027 name:
3028 description: |-
3029 The header field name.
3030 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3031 type: string
3032 value:
3033 description: The header field value
3034 type: string
3035 required:
3036 - name
3037 - value
3038 type: object
3039 type: array
3040 x-kubernetes-list-type: atomic
3041 path:
3042 description: Path to access on the HTTP server.
3043 type: string
3044 port:
3045 anyOf:
3046 - type: integer
3047 - type: string
3048 description: |-
3049 Name or number of the port to access on the container.
3050 Number must be in the range 1 to 65535.
3051 Name must be an IANA_SVC_NAME.
3052 x-kubernetes-int-or-string: true
3053 scheme:
3054 description: |-
3055 Scheme to use for connecting to the host.
3056 Defaults to HTTP.
3057 type: string
3058 required:
3059 - port
3060 type: object
3061 initialDelaySeconds:
3062 description: |-
3063 Number of seconds after the container has started before liveness probes are initiated.
3064 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3065 format: int32
3066 type: integer
3067 periodSeconds:
3068 description: |-
3069 How often (in seconds) to perform the probe.
3070 Default to 10 seconds. Minimum value is 1.
3071 format: int32
3072 type: integer
3073 successThreshold:
3074 description: |-
3075 Minimum consecutive successes for the probe to be considered successful after having failed.
3076 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3077 format: int32
3078 type: integer
3079 tcpSocket:
3080 description: TCPSocket specifies an action involving a TCP
3081 port.
3082 properties:
3083 host:
3084 description: 'Optional: Host name to connect to, defaults
3085 to the pod IP.'
3086 type: string
3087 port:
3088 anyOf:
3089 - type: integer
3090 - type: string
3091 description: |-
3092 Number or name of the port to access on the container.
3093 Number must be in the range 1 to 65535.
3094 Name must be an IANA_SVC_NAME.
3095 x-kubernetes-int-or-string: true
3096 required:
3097 - port
3098 type: object
3099 terminationGracePeriodSeconds:
3100 description: |-
3101 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
3102 The grace period is the duration in seconds after the processes running in the pod are sent
3103 a termination signal and the time when the processes are forcibly halted with a kill signal.
3104 Set this value longer than the expected cleanup time for your process.
3105 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
3106 value overrides the value provided by the pod spec.
3107 Value must be non-negative integer. The value zero indicates stop immediately via
3108 the kill signal (no opportunity to shut down).
3109 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
3110 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3111 format: int64
3112 type: integer
3113 timeoutSeconds:
3114 description: |-
3115 Number of seconds after which the probe times out.
3116 Defaults to 1 second. Minimum value is 1.
3117 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3118 format: int32
3119 type: integer
3120 type: object
3121 stdin:
3122 description: |-
3123 Whether this container should allocate a buffer for stdin in the container runtime. If this
3124 is not set, reads from stdin in the container will always result in EOF.
3125 Default is false.
3126 type: boolean
3127 stdinOnce:
3128 description: |-
3129 Whether the container runtime should close the stdin channel after it has been opened by
3130 a single attach. When stdin is true the stdin stream will remain open across multiple attach
3131 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
3132 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
3133 at which time stdin is closed and remains closed until the container is restarted. If this
3134 flag is false, a container processes that reads from stdin will never receive an EOF.
3135 Default is false
3136 type: boolean
3137 terminationMessagePath:
3138 description: |-
3139 Optional: Path at which the file to which the container's termination message
3140 will be written is mounted into the container's filesystem.
3141 Message written is intended to be brief final status, such as an assertion failure message.
3142 Will be truncated by the node if greater than 4096 bytes. The total message length across
3143 all containers will be limited to 12kb.
3144 Defaults to /dev/termination-log.
3145 Cannot be updated.
3146 type: string
3147 terminationMessagePolicy:
3148 description: |-
3149 Indicate how the termination message should be populated. File will use the contents of
3150 terminationMessagePath to populate the container status message on both success and failure.
3151 FallbackToLogsOnError will use the last chunk of container log output if the termination
3152 message file is empty and the container exited with an error.
3153 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
3154 Defaults to File.
3155 Cannot be updated.
3156 type: string
3157 tty:
3158 description: |-
3159 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
3160 Default is false.
3161 type: boolean
3162 volumeDevices:
3163 description: volumeDevices is the list of block devices to be
3164 used by the container.
3165 items:
3166 description: volumeDevice describes a mapping of a raw block
3167 device within a container.
3168 properties:
3169 devicePath:
3170 description: devicePath is the path inside of the container
3171 that the device will be mapped to.
3172 type: string
3173 name:
3174 description: name must match the name of a persistentVolumeClaim
3175 in the pod
3176 type: string
3177 required:
3178 - devicePath
3179 - name
3180 type: object
3181 type: array
3182 x-kubernetes-list-map-keys:
3183 - devicePath
3184 x-kubernetes-list-type: map
3185 volumeMounts:
3186 description: |-
3187 Pod volumes to mount into the container's filesystem.
3188 Cannot be updated.
3189 items:
3190 description: VolumeMount describes a mounting of a Volume
3191 within a container.
3192 properties:
3193 mountPath:
3194 description: |-
3195 Path within the container at which the volume should be mounted. Must
3196 not contain ':'.
3197 type: string
3198 mountPropagation:
3199 description: |-
3200 mountPropagation determines how mounts are propagated from the host
3201 to container and the other way around.
3202 When not set, MountPropagationNone is used.
3203 This field is beta in 1.10.
3204 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
3205 (which defaults to None).
3206 type: string
3207 name:
3208 description: This must match the Name of a Volume.
3209 type: string
3210 readOnly:
3211 description: |-
3212 Mounted read-only if true, read-write otherwise (false or unspecified).
3213 Defaults to false.
3214 type: boolean
3215 recursiveReadOnly:
3216 description: |-
3217 RecursiveReadOnly specifies whether read-only mounts should be handled
3218 recursively.
3219
3220
3221 If ReadOnly is false, this field has no meaning and must be unspecified.
3222
3223
3224 If ReadOnly is true, and this field is set to Disabled, the mount is not made
3225 recursively read-only. If this field is set to IfPossible, the mount is made
3226 recursively read-only, if it is supported by the container runtime. If this
3227 field is set to Enabled, the mount is made recursively read-only if it is
3228 supported by the container runtime, otherwise the pod will not be started and
3229 an error will be generated to indicate the reason.
3230
3231
3232 If this field is set to IfPossible or Enabled, MountPropagation must be set to
3233 None (or be unspecified, which defaults to None).
3234
3235
3236 If this field is not specified, it is treated as an equivalent of Disabled.
3237 type: string
3238 subPath:
3239 description: |-
3240 Path within the volume from which the container's volume should be mounted.
3241 Defaults to "" (volume's root).
3242 type: string
3243 subPathExpr:
3244 description: |-
3245 Expanded path within the volume from which the container's volume should be mounted.
3246 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
3247 Defaults to "" (volume's root).
3248 SubPathExpr and SubPath are mutually exclusive.
3249 type: string
3250 required:
3251 - mountPath
3252 - name
3253 type: object
3254 type: array
3255 x-kubernetes-list-map-keys:
3256 - mountPath
3257 x-kubernetes-list-type: map
3258 workingDir:
3259 description: |-
3260 Container's working directory.
3261 If not specified, the container runtime's default will be used, which
3262 might be configured in the container image.
3263 Cannot be updated.
3264 type: string
3265 required:
3266 - name
3267 type: object
3268 type: array
3269 externalUrl:
3270 description: |-
3271 The external URL the Alertmanager instances will be available under. This is
3272 necessary to generate correct URLs. This is necessary if Alertmanager is not
3273 served from root of a DNS name.
3274 type: string
3275 forceEnableClusterMode:
3276 description: |-
3277 ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica.
3278 Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
3279 type: boolean
3280 hostAliases:
3281 description: Pods' hostAliases configuration
3282 items:
3283 description: |-
3284 HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the
3285 pod's hosts file.
3286 properties:
3287 hostnames:
3288 description: Hostnames for the above IP address.
3289 items:
3290 type: string
3291 type: array
3292 ip:
3293 description: IP address of the host file entry.
3294 type: string
3295 required:
3296 - hostnames
3297 - ip
3298 type: object
3299 type: array
3300 x-kubernetes-list-map-keys:
3301 - ip
3302 x-kubernetes-list-type: map
3303 image:
3304 description: |-
3305 Image if specified has precedence over baseImage, tag and sha
3306 combinations. Specifying the version is still necessary to ensure the
3307 Prometheus Operator knows what version of Alertmanager is being
3308 configured.
3309 type: string
3310 imagePullPolicy:
3311 description: |-
3312 Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers.
3313 See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
3314 enum:
3315 - ""
3316 - Always
3317 - Never
3318 - IfNotPresent
3319 type: string
3320 imagePullSecrets:
3321 description: |-
3322 An optional list of references to secrets in the same namespace
3323 to use for pulling prometheus and alertmanager images from registries
3324 see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
3325 items:
3326 description: |-
3327 LocalObjectReference contains enough information to let you locate the
3328 referenced object inside the same namespace.
3329 properties:
3330 name:
3331 default: ""
3332 description: |-
3333 Name of the referent.
3334 This field is effectively required, but due to backwards compatibility is
3335 allowed to be empty. Instances of this type with an empty value here are
3336 almost certainly wrong.
3337 TODO: Add other useful fields. apiVersion, kind, uid?
3338 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3339 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3340 type: string
3341 type: object
3342 x-kubernetes-map-type: atomic
3343 type: array
3344 initContainers:
3345 description: |-
3346 InitContainers allows adding initContainers to the pod definition. Those can be used to e.g.
3347 fetch secrets for injection into the Alertmanager configuration from external sources. Any
3348 errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
3349 InitContainers described here modify an operator
3350 generated init containers if they share the same name and modifications are
3351 done via a strategic merge patch. The current init container name is:
3352 `init-config-reloader`. Overriding init containers is entirely outside the
3353 scope of what the maintainers will support and by doing so, you accept that
3354 this behaviour may break at any time without notice.
3355 items:
3356 description: A single application container that you want to run
3357 within a pod.
3358 properties:
3359 args:
3360 description: |-
3361 Arguments to the entrypoint.
3362 The container image's CMD is used if this is not provided.
3363 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
3364 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
3365 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
3366 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
3367 of whether the variable exists or not. Cannot be updated.
3368 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
3369 items:
3370 type: string
3371 type: array
3372 x-kubernetes-list-type: atomic
3373 command:
3374 description: |-
3375 Entrypoint array. Not executed within a shell.
3376 The container image's ENTRYPOINT is used if this is not provided.
3377 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
3378 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
3379 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
3380 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
3381 of whether the variable exists or not. Cannot be updated.
3382 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
3383 items:
3384 type: string
3385 type: array
3386 x-kubernetes-list-type: atomic
3387 env:
3388 description: |-
3389 List of environment variables to set in the container.
3390 Cannot be updated.
3391 items:
3392 description: EnvVar represents an environment variable present
3393 in a Container.
3394 properties:
3395 name:
3396 description: Name of the environment variable. Must be
3397 a C_IDENTIFIER.
3398 type: string
3399 value:
3400 description: |-
3401 Variable references $(VAR_NAME) are expanded
3402 using the previously defined environment variables in the container and
3403 any service environment variables. If a variable cannot be resolved,
3404 the reference in the input string will be unchanged. Double $$ are reduced
3405 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
3406 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
3407 Escaped references will never be expanded, regardless of whether the variable
3408 exists or not.
3409 Defaults to "".
3410 type: string
3411 valueFrom:
3412 description: Source for the environment variable's value.
3413 Cannot be used if value is not empty.
3414 properties:
3415 configMapKeyRef:
3416 description: Selects a key of a ConfigMap.
3417 properties:
3418 key:
3419 description: The key to select.
3420 type: string
3421 name:
3422 default: ""
3423 description: |-
3424 Name of the referent.
3425 This field is effectively required, but due to backwards compatibility is
3426 allowed to be empty. Instances of this type with an empty value here are
3427 almost certainly wrong.
3428 TODO: Add other useful fields. apiVersion, kind, uid?
3429 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3430 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3431 type: string
3432 optional:
3433 description: Specify whether the ConfigMap or
3434 its key must be defined
3435 type: boolean
3436 required:
3437 - key
3438 type: object
3439 x-kubernetes-map-type: atomic
3440 fieldRef:
3441 description: |-
3442 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
3443 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
3444 properties:
3445 apiVersion:
3446 description: Version of the schema the FieldPath
3447 is written in terms of, defaults to "v1".
3448 type: string
3449 fieldPath:
3450 description: Path of the field to select in the
3451 specified API version.
3452 type: string
3453 required:
3454 - fieldPath
3455 type: object
3456 x-kubernetes-map-type: atomic
3457 resourceFieldRef:
3458 description: |-
3459 Selects a resource of the container: only resources limits and requests
3460 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
3461 properties:
3462 containerName:
3463 description: 'Container name: required for volumes,
3464 optional for env vars'
3465 type: string
3466 divisor:
3467 anyOf:
3468 - type: integer
3469 - type: string
3470 description: Specifies the output format of the
3471 exposed resources, defaults to "1"
3472 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3473 x-kubernetes-int-or-string: true
3474 resource:
3475 description: 'Required: resource to select'
3476 type: string
3477 required:
3478 - resource
3479 type: object
3480 x-kubernetes-map-type: atomic
3481 secretKeyRef:
3482 description: Selects a key of a secret in the pod's
3483 namespace
3484 properties:
3485 key:
3486 description: The key of the secret to select from. Must
3487 be a valid secret key.
3488 type: string
3489 name:
3490 default: ""
3491 description: |-
3492 Name of the referent.
3493 This field is effectively required, but due to backwards compatibility is
3494 allowed to be empty. Instances of this type with an empty value here are
3495 almost certainly wrong.
3496 TODO: Add other useful fields. apiVersion, kind, uid?
3497 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3498 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3499 type: string
3500 optional:
3501 description: Specify whether the Secret or its
3502 key must be defined
3503 type: boolean
3504 required:
3505 - key
3506 type: object
3507 x-kubernetes-map-type: atomic
3508 type: object
3509 required:
3510 - name
3511 type: object
3512 type: array
3513 x-kubernetes-list-map-keys:
3514 - name
3515 x-kubernetes-list-type: map
3516 envFrom:
3517 description: |-
3518 List of sources to populate environment variables in the container.
3519 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
3520 will be reported as an event when the container is starting. When a key exists in multiple
3521 sources, the value associated with the last source will take precedence.
3522 Values defined by an Env with a duplicate key will take precedence.
3523 Cannot be updated.
3524 items:
3525 description: EnvFromSource represents the source of a set
3526 of ConfigMaps
3527 properties:
3528 configMapRef:
3529 description: The ConfigMap to select from
3530 properties:
3531 name:
3532 default: ""
3533 description: |-
3534 Name of the referent.
3535 This field is effectively required, but due to backwards compatibility is
3536 allowed to be empty. Instances of this type with an empty value here are
3537 almost certainly wrong.
3538 TODO: Add other useful fields. apiVersion, kind, uid?
3539 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3540 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3541 type: string
3542 optional:
3543 description: Specify whether the ConfigMap must be
3544 defined
3545 type: boolean
3546 type: object
3547 x-kubernetes-map-type: atomic
3548 prefix:
3549 description: An optional identifier to prepend to each
3550 key in the ConfigMap. Must be a C_IDENTIFIER.
3551 type: string
3552 secretRef:
3553 description: The Secret to select from
3554 properties:
3555 name:
3556 default: ""
3557 description: |-
3558 Name of the referent.
3559 This field is effectively required, but due to backwards compatibility is
3560 allowed to be empty. Instances of this type with an empty value here are
3561 almost certainly wrong.
3562 TODO: Add other useful fields. apiVersion, kind, uid?
3563 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3564 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3565 type: string
3566 optional:
3567 description: Specify whether the Secret must be defined
3568 type: boolean
3569 type: object
3570 x-kubernetes-map-type: atomic
3571 type: object
3572 type: array
3573 x-kubernetes-list-type: atomic
3574 image:
3575 description: |-
3576 Container image name.
3577 More info: https://kubernetes.io/docs/concepts/containers/images
3578 This field is optional to allow higher level config management to default or override
3579 container images in workload controllers like Deployments and StatefulSets.
3580 type: string
3581 imagePullPolicy:
3582 description: |-
3583 Image pull policy.
3584 One of Always, Never, IfNotPresent.
3585 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
3586 Cannot be updated.
3587 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
3588 type: string
3589 lifecycle:
3590 description: |-
3591 Actions that the management system should take in response to container lifecycle events.
3592 Cannot be updated.
3593 properties:
3594 postStart:
3595 description: |-
3596 PostStart is called immediately after a container is created. If the handler fails,
3597 the container is terminated and restarted according to its restart policy.
3598 Other management of the container blocks until the hook completes.
3599 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
3600 properties:
3601 exec:
3602 description: Exec specifies the action to take.
3603 properties:
3604 command:
3605 description: |-
3606 Command is the command line to execute inside the container, the working directory for the
3607 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3608 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3609 a shell, you need to explicitly call out to that shell.
3610 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3611 items:
3612 type: string
3613 type: array
3614 x-kubernetes-list-type: atomic
3615 type: object
3616 httpGet:
3617 description: HTTPGet specifies the http request to perform.
3618 properties:
3619 host:
3620 description: |-
3621 Host name to connect to, defaults to the pod IP. You probably want to set
3622 "Host" in httpHeaders instead.
3623 type: string
3624 httpHeaders:
3625 description: Custom headers to set in the request.
3626 HTTP allows repeated headers.
3627 items:
3628 description: HTTPHeader describes a custom header
3629 to be used in HTTP probes
3630 properties:
3631 name:
3632 description: |-
3633 The header field name.
3634 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3635 type: string
3636 value:
3637 description: The header field value
3638 type: string
3639 required:
3640 - name
3641 - value
3642 type: object
3643 type: array
3644 x-kubernetes-list-type: atomic
3645 path:
3646 description: Path to access on the HTTP server.
3647 type: string
3648 port:
3649 anyOf:
3650 - type: integer
3651 - type: string
3652 description: |-
3653 Name or number of the port to access on the container.
3654 Number must be in the range 1 to 65535.
3655 Name must be an IANA_SVC_NAME.
3656 x-kubernetes-int-or-string: true
3657 scheme:
3658 description: |-
3659 Scheme to use for connecting to the host.
3660 Defaults to HTTP.
3661 type: string
3662 required:
3663 - port
3664 type: object
3665 sleep:
3666 description: Sleep represents the duration that the
3667 container should sleep before being terminated.
3668 properties:
3669 seconds:
3670 description: Seconds is the number of seconds to
3671 sleep.
3672 format: int64
3673 type: integer
3674 required:
3675 - seconds
3676 type: object
3677 tcpSocket:
3678 description: |-
3679 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
3680 for the backward compatibility. There are no validation of this field and
3681 lifecycle hooks will fail in runtime when tcp handler is specified.
3682 properties:
3683 host:
3684 description: 'Optional: Host name to connect to,
3685 defaults to the pod IP.'
3686 type: string
3687 port:
3688 anyOf:
3689 - type: integer
3690 - type: string
3691 description: |-
3692 Number or name of the port to access on the container.
3693 Number must be in the range 1 to 65535.
3694 Name must be an IANA_SVC_NAME.
3695 x-kubernetes-int-or-string: true
3696 required:
3697 - port
3698 type: object
3699 type: object
3700 preStop:
3701 description: |-
3702 PreStop is called immediately before a container is terminated due to an
3703 API request or management event such as liveness/startup probe failure,
3704 preemption, resource contention, etc. The handler is not called if the
3705 container crashes or exits. The Pod's termination grace period countdown begins before the
3706 PreStop hook is executed. Regardless of the outcome of the handler, the
3707 container will eventually terminate within the Pod's termination grace
3708 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
3709 or until the termination grace period is reached.
3710 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
3711 properties:
3712 exec:
3713 description: Exec specifies the action to take.
3714 properties:
3715 command:
3716 description: |-
3717 Command is the command line to execute inside the container, the working directory for the
3718 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3719 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3720 a shell, you need to explicitly call out to that shell.
3721 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3722 items:
3723 type: string
3724 type: array
3725 x-kubernetes-list-type: atomic
3726 type: object
3727 httpGet:
3728 description: HTTPGet specifies the http request to perform.
3729 properties:
3730 host:
3731 description: |-
3732 Host name to connect to, defaults to the pod IP. You probably want to set
3733 "Host" in httpHeaders instead.
3734 type: string
3735 httpHeaders:
3736 description: Custom headers to set in the request.
3737 HTTP allows repeated headers.
3738 items:
3739 description: HTTPHeader describes a custom header
3740 to be used in HTTP probes
3741 properties:
3742 name:
3743 description: |-
3744 The header field name.
3745 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3746 type: string
3747 value:
3748 description: The header field value
3749 type: string
3750 required:
3751 - name
3752 - value
3753 type: object
3754 type: array
3755 x-kubernetes-list-type: atomic
3756 path:
3757 description: Path to access on the HTTP server.
3758 type: string
3759 port:
3760 anyOf:
3761 - type: integer
3762 - type: string
3763 description: |-
3764 Name or number of the port to access on the container.
3765 Number must be in the range 1 to 65535.
3766 Name must be an IANA_SVC_NAME.
3767 x-kubernetes-int-or-string: true
3768 scheme:
3769 description: |-
3770 Scheme to use for connecting to the host.
3771 Defaults to HTTP.
3772 type: string
3773 required:
3774 - port
3775 type: object
3776 sleep:
3777 description: Sleep represents the duration that the
3778 container should sleep before being terminated.
3779 properties:
3780 seconds:
3781 description: Seconds is the number of seconds to
3782 sleep.
3783 format: int64
3784 type: integer
3785 required:
3786 - seconds
3787 type: object
3788 tcpSocket:
3789 description: |-
3790 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
3791 for the backward compatibility. There are no validation of this field and
3792 lifecycle hooks will fail in runtime when tcp handler is specified.
3793 properties:
3794 host:
3795 description: 'Optional: Host name to connect to,
3796 defaults to the pod IP.'
3797 type: string
3798 port:
3799 anyOf:
3800 - type: integer
3801 - type: string
3802 description: |-
3803 Number or name of the port to access on the container.
3804 Number must be in the range 1 to 65535.
3805 Name must be an IANA_SVC_NAME.
3806 x-kubernetes-int-or-string: true
3807 required:
3808 - port
3809 type: object
3810 type: object
3811 type: object
3812 livenessProbe:
3813 description: |-
3814 Periodic probe of container liveness.
3815 Container will be restarted if the probe fails.
3816 Cannot be updated.
3817 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3818 properties:
3819 exec:
3820 description: Exec specifies the action to take.
3821 properties:
3822 command:
3823 description: |-
3824 Command is the command line to execute inside the container, the working directory for the
3825 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3826 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3827 a shell, you need to explicitly call out to that shell.
3828 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3829 items:
3830 type: string
3831 type: array
3832 x-kubernetes-list-type: atomic
3833 type: object
3834 failureThreshold:
3835 description: |-
3836 Minimum consecutive failures for the probe to be considered failed after having succeeded.
3837 Defaults to 3. Minimum value is 1.
3838 format: int32
3839 type: integer
3840 grpc:
3841 description: GRPC specifies an action involving a GRPC port.
3842 properties:
3843 port:
3844 description: Port number of the gRPC service. Number
3845 must be in the range 1 to 65535.
3846 format: int32
3847 type: integer
3848 service:
3849 description: |-
3850 Service is the name of the service to place in the gRPC HealthCheckRequest
3851 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3852
3853
3854 If this is not specified, the default behavior is defined by gRPC.
3855 type: string
3856 required:
3857 - port
3858 type: object
3859 httpGet:
3860 description: HTTPGet specifies the http request to perform.
3861 properties:
3862 host:
3863 description: |-
3864 Host name to connect to, defaults to the pod IP. You probably want to set
3865 "Host" in httpHeaders instead.
3866 type: string
3867 httpHeaders:
3868 description: Custom headers to set in the request. HTTP
3869 allows repeated headers.
3870 items:
3871 description: HTTPHeader describes a custom header
3872 to be used in HTTP probes
3873 properties:
3874 name:
3875 description: |-
3876 The header field name.
3877 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3878 type: string
3879 value:
3880 description: The header field value
3881 type: string
3882 required:
3883 - name
3884 - value
3885 type: object
3886 type: array
3887 x-kubernetes-list-type: atomic
3888 path:
3889 description: Path to access on the HTTP server.
3890 type: string
3891 port:
3892 anyOf:
3893 - type: integer
3894 - type: string
3895 description: |-
3896 Name or number of the port to access on the container.
3897 Number must be in the range 1 to 65535.
3898 Name must be an IANA_SVC_NAME.
3899 x-kubernetes-int-or-string: true
3900 scheme:
3901 description: |-
3902 Scheme to use for connecting to the host.
3903 Defaults to HTTP.
3904 type: string
3905 required:
3906 - port
3907 type: object
3908 initialDelaySeconds:
3909 description: |-
3910 Number of seconds after the container has started before liveness probes are initiated.
3911 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3912 format: int32
3913 type: integer
3914 periodSeconds:
3915 description: |-
3916 How often (in seconds) to perform the probe.
3917 Default to 10 seconds. Minimum value is 1.
3918 format: int32
3919 type: integer
3920 successThreshold:
3921 description: |-
3922 Minimum consecutive successes for the probe to be considered successful after having failed.
3923 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3924 format: int32
3925 type: integer
3926 tcpSocket:
3927 description: TCPSocket specifies an action involving a TCP
3928 port.
3929 properties:
3930 host:
3931 description: 'Optional: Host name to connect to, defaults
3932 to the pod IP.'
3933 type: string
3934 port:
3935 anyOf:
3936 - type: integer
3937 - type: string
3938 description: |-
3939 Number or name of the port to access on the container.
3940 Number must be in the range 1 to 65535.
3941 Name must be an IANA_SVC_NAME.
3942 x-kubernetes-int-or-string: true
3943 required:
3944 - port
3945 type: object
3946 terminationGracePeriodSeconds:
3947 description: |-
3948 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
3949 The grace period is the duration in seconds after the processes running in the pod are sent
3950 a termination signal and the time when the processes are forcibly halted with a kill signal.
3951 Set this value longer than the expected cleanup time for your process.
3952 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
3953 value overrides the value provided by the pod spec.
3954 Value must be non-negative integer. The value zero indicates stop immediately via
3955 the kill signal (no opportunity to shut down).
3956 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
3957 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3958 format: int64
3959 type: integer
3960 timeoutSeconds:
3961 description: |-
3962 Number of seconds after which the probe times out.
3963 Defaults to 1 second. Minimum value is 1.
3964 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3965 format: int32
3966 type: integer
3967 type: object
3968 name:
3969 description: |-
3970 Name of the container specified as a DNS_LABEL.
3971 Each container in a pod must have a unique name (DNS_LABEL).
3972 Cannot be updated.
3973 type: string
3974 ports:
3975 description: |-
3976 List of ports to expose from the container. Not specifying a port here
3977 DOES NOT prevent that port from being exposed. Any port which is
3978 listening on the default "0.0.0.0" address inside a container will be
3979 accessible from the network.
3980 Modifying this array with strategic merge patch may corrupt the data.
3981 For more information See https://github.com/kubernetes/kubernetes/issues/108255.
3982 Cannot be updated.
3983 items:
3984 description: ContainerPort represents a network port in a
3985 single container.
3986 properties:
3987 containerPort:
3988 description: |-
3989 Number of port to expose on the pod's IP address.
3990 This must be a valid port number, 0 < x < 65536.
3991 format: int32
3992 type: integer
3993 hostIP:
3994 description: What host IP to bind the external port to.
3995 type: string
3996 hostPort:
3997 description: |-
3998 Number of port to expose on the host.
3999 If specified, this must be a valid port number, 0 < x < 65536.
4000 If HostNetwork is specified, this must match ContainerPort.
4001 Most containers do not need this.
4002 format: int32
4003 type: integer
4004 name:
4005 description: |-
4006 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
4007 named port in a pod must have a unique name. Name for the port that can be
4008 referred to by services.
4009 type: string
4010 protocol:
4011 default: TCP
4012 description: |-
4013 Protocol for port. Must be UDP, TCP, or SCTP.
4014 Defaults to "TCP".
4015 type: string
4016 required:
4017 - containerPort
4018 type: object
4019 type: array
4020 x-kubernetes-list-map-keys:
4021 - containerPort
4022 - protocol
4023 x-kubernetes-list-type: map
4024 readinessProbe:
4025 description: |-
4026 Periodic probe of container service readiness.
4027 Container will be removed from service endpoints if the probe fails.
4028 Cannot be updated.
4029 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4030 properties:
4031 exec:
4032 description: Exec specifies the action to take.
4033 properties:
4034 command:
4035 description: |-
4036 Command is the command line to execute inside the container, the working directory for the
4037 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
4038 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
4039 a shell, you need to explicitly call out to that shell.
4040 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4041 items:
4042 type: string
4043 type: array
4044 x-kubernetes-list-type: atomic
4045 type: object
4046 failureThreshold:
4047 description: |-
4048 Minimum consecutive failures for the probe to be considered failed after having succeeded.
4049 Defaults to 3. Minimum value is 1.
4050 format: int32
4051 type: integer
4052 grpc:
4053 description: GRPC specifies an action involving a GRPC port.
4054 properties:
4055 port:
4056 description: Port number of the gRPC service. Number
4057 must be in the range 1 to 65535.
4058 format: int32
4059 type: integer
4060 service:
4061 description: |-
4062 Service is the name of the service to place in the gRPC HealthCheckRequest
4063 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
4064
4065
4066 If this is not specified, the default behavior is defined by gRPC.
4067 type: string
4068 required:
4069 - port
4070 type: object
4071 httpGet:
4072 description: HTTPGet specifies the http request to perform.
4073 properties:
4074 host:
4075 description: |-
4076 Host name to connect to, defaults to the pod IP. You probably want to set
4077 "Host" in httpHeaders instead.
4078 type: string
4079 httpHeaders:
4080 description: Custom headers to set in the request. HTTP
4081 allows repeated headers.
4082 items:
4083 description: HTTPHeader describes a custom header
4084 to be used in HTTP probes
4085 properties:
4086 name:
4087 description: |-
4088 The header field name.
4089 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4090 type: string
4091 value:
4092 description: The header field value
4093 type: string
4094 required:
4095 - name
4096 - value
4097 type: object
4098 type: array
4099 x-kubernetes-list-type: atomic
4100 path:
4101 description: Path to access on the HTTP server.
4102 type: string
4103 port:
4104 anyOf:
4105 - type: integer
4106 - type: string
4107 description: |-
4108 Name or number of the port to access on the container.
4109 Number must be in the range 1 to 65535.
4110 Name must be an IANA_SVC_NAME.
4111 x-kubernetes-int-or-string: true
4112 scheme:
4113 description: |-
4114 Scheme to use for connecting to the host.
4115 Defaults to HTTP.
4116 type: string
4117 required:
4118 - port
4119 type: object
4120 initialDelaySeconds:
4121 description: |-
4122 Number of seconds after the container has started before liveness probes are initiated.
4123 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4124 format: int32
4125 type: integer
4126 periodSeconds:
4127 description: |-
4128 How often (in seconds) to perform the probe.
4129 Default to 10 seconds. Minimum value is 1.
4130 format: int32
4131 type: integer
4132 successThreshold:
4133 description: |-
4134 Minimum consecutive successes for the probe to be considered successful after having failed.
4135 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4136 format: int32
4137 type: integer
4138 tcpSocket:
4139 description: TCPSocket specifies an action involving a TCP
4140 port.
4141 properties:
4142 host:
4143 description: 'Optional: Host name to connect to, defaults
4144 to the pod IP.'
4145 type: string
4146 port:
4147 anyOf:
4148 - type: integer
4149 - type: string
4150 description: |-
4151 Number or name of the port to access on the container.
4152 Number must be in the range 1 to 65535.
4153 Name must be an IANA_SVC_NAME.
4154 x-kubernetes-int-or-string: true
4155 required:
4156 - port
4157 type: object
4158 terminationGracePeriodSeconds:
4159 description: |-
4160 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
4161 The grace period is the duration in seconds after the processes running in the pod are sent
4162 a termination signal and the time when the processes are forcibly halted with a kill signal.
4163 Set this value longer than the expected cleanup time for your process.
4164 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
4165 value overrides the value provided by the pod spec.
4166 Value must be non-negative integer. The value zero indicates stop immediately via
4167 the kill signal (no opportunity to shut down).
4168 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
4169 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4170 format: int64
4171 type: integer
4172 timeoutSeconds:
4173 description: |-
4174 Number of seconds after which the probe times out.
4175 Defaults to 1 second. Minimum value is 1.
4176 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4177 format: int32
4178 type: integer
4179 type: object
4180 resizePolicy:
4181 description: Resources resize policy for the container.
4182 items:
4183 description: ContainerResizePolicy represents resource resize
4184 policy for the container.
4185 properties:
4186 resourceName:
4187 description: |-
4188 Name of the resource to which this resource resize policy applies.
4189 Supported values: cpu, memory.
4190 type: string
4191 restartPolicy:
4192 description: |-
4193 Restart policy to apply when specified resource is resized.
4194 If not specified, it defaults to NotRequired.
4195 type: string
4196 required:
4197 - resourceName
4198 - restartPolicy
4199 type: object
4200 type: array
4201 x-kubernetes-list-type: atomic
4202 resources:
4203 description: |-
4204 Compute Resources required by this container.
4205 Cannot be updated.
4206 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4207 properties:
4208 claims:
4209 description: |-
4210 Claims lists the names of resources, defined in spec.resourceClaims,
4211 that are used by this container.
4212
4213
4214 This is an alpha field and requires enabling the
4215 DynamicResourceAllocation feature gate.
4216
4217
4218 This field is immutable. It can only be set for containers.
4219 items:
4220 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
4221 properties:
4222 name:
4223 description: |-
4224 Name must match the name of one entry in pod.spec.resourceClaims of
4225 the Pod where this field is used. It makes that resource available
4226 inside a container.
4227 type: string
4228 required:
4229 - name
4230 type: object
4231 type: array
4232 x-kubernetes-list-map-keys:
4233 - name
4234 x-kubernetes-list-type: map
4235 limits:
4236 additionalProperties:
4237 anyOf:
4238 - type: integer
4239 - type: string
4240 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4241 x-kubernetes-int-or-string: true
4242 description: |-
4243 Limits describes the maximum amount of compute resources allowed.
4244 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4245 type: object
4246 requests:
4247 additionalProperties:
4248 anyOf:
4249 - type: integer
4250 - type: string
4251 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4252 x-kubernetes-int-or-string: true
4253 description: |-
4254 Requests describes the minimum amount of compute resources required.
4255 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
4256 otherwise to an implementation-defined value. Requests cannot exceed Limits.
4257 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4258 type: object
4259 type: object
4260 restartPolicy:
4261 description: |-
4262 RestartPolicy defines the restart behavior of individual containers in a pod.
4263 This field may only be set for init containers, and the only allowed value is "Always".
4264 For non-init containers or when this field is not specified,
4265 the restart behavior is defined by the Pod's restart policy and the container type.
4266 Setting the RestartPolicy as "Always" for the init container will have the following effect:
4267 this init container will be continually restarted on
4268 exit until all regular containers have terminated. Once all regular
4269 containers have completed, all init containers with restartPolicy "Always"
4270 will be shut down. This lifecycle differs from normal init containers and
4271 is often referred to as a "sidecar" container. Although this init
4272 container still starts in the init container sequence, it does not wait
4273 for the container to complete before proceeding to the next init
4274 container. Instead, the next init container starts immediately after this
4275 init container is started, or after any startupProbe has successfully
4276 completed.
4277 type: string
4278 securityContext:
4279 description: |-
4280 SecurityContext defines the security options the container should be run with.
4281 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
4282 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
4283 properties:
4284 allowPrivilegeEscalation:
4285 description: |-
4286 AllowPrivilegeEscalation controls whether a process can gain more
4287 privileges than its parent process. This bool directly controls if
4288 the no_new_privs flag will be set on the container process.
4289 AllowPrivilegeEscalation is true always when the container is:
4290 1) run as Privileged
4291 2) has CAP_SYS_ADMIN
4292 Note that this field cannot be set when spec.os.name is windows.
4293 type: boolean
4294 appArmorProfile:
4295 description: |-
4296 appArmorProfile is the AppArmor options to use by this container. If set, this profile
4297 overrides the pod's appArmorProfile.
4298 Note that this field cannot be set when spec.os.name is windows.
4299 properties:
4300 localhostProfile:
4301 description: |-
4302 localhostProfile indicates a profile loaded on the node that should be used.
4303 The profile must be preconfigured on the node to work.
4304 Must match the loaded name of the profile.
4305 Must be set if and only if type is "Localhost".
4306 type: string
4307 type:
4308 description: |-
4309 type indicates which kind of AppArmor profile will be applied.
4310 Valid options are:
4311 Localhost - a profile pre-loaded on the node.
4312 RuntimeDefault - the container runtime's default profile.
4313 Unconfined - no AppArmor enforcement.
4314 type: string
4315 required:
4316 - type
4317 type: object
4318 capabilities:
4319 description: |-
4320 The capabilities to add/drop when running containers.
4321 Defaults to the default set of capabilities granted by the container runtime.
4322 Note that this field cannot be set when spec.os.name is windows.
4323 properties:
4324 add:
4325 description: Added capabilities
4326 items:
4327 description: Capability represent POSIX capabilities
4328 type
4329 type: string
4330 type: array
4331 x-kubernetes-list-type: atomic
4332 drop:
4333 description: Removed capabilities
4334 items:
4335 description: Capability represent POSIX capabilities
4336 type
4337 type: string
4338 type: array
4339 x-kubernetes-list-type: atomic
4340 type: object
4341 privileged:
4342 description: |-
4343 Run container in privileged mode.
4344 Processes in privileged containers are essentially equivalent to root on the host.
4345 Defaults to false.
4346 Note that this field cannot be set when spec.os.name is windows.
4347 type: boolean
4348 procMount:
4349 description: |-
4350 procMount denotes the type of proc mount to use for the containers.
4351 The default is DefaultProcMount which uses the container runtime defaults for
4352 readonly paths and masked paths.
4353 This requires the ProcMountType feature flag to be enabled.
4354 Note that this field cannot be set when spec.os.name is windows.
4355 type: string
4356 readOnlyRootFilesystem:
4357 description: |-
4358 Whether this container has a read-only root filesystem.
4359 Default is false.
4360 Note that this field cannot be set when spec.os.name is windows.
4361 type: boolean
4362 runAsGroup:
4363 description: |-
4364 The GID to run the entrypoint of the container process.
4365 Uses runtime default if unset.
4366 May also be set in PodSecurityContext. If set in both SecurityContext and
4367 PodSecurityContext, the value specified in SecurityContext takes precedence.
4368 Note that this field cannot be set when spec.os.name is windows.
4369 format: int64
4370 type: integer
4371 runAsNonRoot:
4372 description: |-
4373 Indicates that the container must run as a non-root user.
4374 If true, the Kubelet will validate the image at runtime to ensure that it
4375 does not run as UID 0 (root) and fail to start the container if it does.
4376 If unset or false, no such validation will be performed.
4377 May also be set in PodSecurityContext. If set in both SecurityContext and
4378 PodSecurityContext, the value specified in SecurityContext takes precedence.
4379 type: boolean
4380 runAsUser:
4381 description: |-
4382 The UID to run the entrypoint of the container process.
4383 Defaults to user specified in image metadata if unspecified.
4384 May also be set in PodSecurityContext. If set in both SecurityContext and
4385 PodSecurityContext, the value specified in SecurityContext takes precedence.
4386 Note that this field cannot be set when spec.os.name is windows.
4387 format: int64
4388 type: integer
4389 seLinuxOptions:
4390 description: |-
4391 The SELinux context to be applied to the container.
4392 If unspecified, the container runtime will allocate a random SELinux context for each
4393 container. May also be set in PodSecurityContext. If set in both SecurityContext and
4394 PodSecurityContext, the value specified in SecurityContext takes precedence.
4395 Note that this field cannot be set when spec.os.name is windows.
4396 properties:
4397 level:
4398 description: Level is SELinux level label that applies
4399 to the container.
4400 type: string
4401 role:
4402 description: Role is a SELinux role label that applies
4403 to the container.
4404 type: string
4405 type:
4406 description: Type is a SELinux type label that applies
4407 to the container.
4408 type: string
4409 user:
4410 description: User is a SELinux user label that applies
4411 to the container.
4412 type: string
4413 type: object
4414 seccompProfile:
4415 description: |-
4416 The seccomp options to use by this container. If seccomp options are
4417 provided at both the pod & container level, the container options
4418 override the pod options.
4419 Note that this field cannot be set when spec.os.name is windows.
4420 properties:
4421 localhostProfile:
4422 description: |-
4423 localhostProfile indicates a profile defined in a file on the node should be used.
4424 The profile must be preconfigured on the node to work.
4425 Must be a descending path, relative to the kubelet's configured seccomp profile location.
4426 Must be set if type is "Localhost". Must NOT be set for any other type.
4427 type: string
4428 type:
4429 description: |-
4430 type indicates which kind of seccomp profile will be applied.
4431 Valid options are:
4432
4433
4434 Localhost - a profile defined in a file on the node should be used.
4435 RuntimeDefault - the container runtime default profile should be used.
4436 Unconfined - no profile should be applied.
4437 type: string
4438 required:
4439 - type
4440 type: object
4441 windowsOptions:
4442 description: |-
4443 The Windows specific settings applied to all containers.
4444 If unspecified, the options from the PodSecurityContext will be used.
4445 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
4446 Note that this field cannot be set when spec.os.name is linux.
4447 properties:
4448 gmsaCredentialSpec:
4449 description: |-
4450 GMSACredentialSpec is where the GMSA admission webhook
4451 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
4452 GMSA credential spec named by the GMSACredentialSpecName field.
4453 type: string
4454 gmsaCredentialSpecName:
4455 description: GMSACredentialSpecName is the name of the
4456 GMSA credential spec to use.
4457 type: string
4458 hostProcess:
4459 description: |-
4460 HostProcess determines if a container should be run as a 'Host Process' container.
4461 All of a Pod's containers must have the same effective HostProcess value
4462 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
4463 In addition, if HostProcess is true then HostNetwork must also be set to true.
4464 type: boolean
4465 runAsUserName:
4466 description: |-
4467 The UserName in Windows to run the entrypoint of the container process.
4468 Defaults to the user specified in image metadata if unspecified.
4469 May also be set in PodSecurityContext. If set in both SecurityContext and
4470 PodSecurityContext, the value specified in SecurityContext takes precedence.
4471 type: string
4472 type: object
4473 type: object
4474 startupProbe:
4475 description: |-
4476 StartupProbe indicates that the Pod has successfully initialized.
4477 If specified, no other probes are executed until this completes successfully.
4478 If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
4479 This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
4480 when it might take a long time to load data or warm a cache, than during steady-state operation.
4481 This cannot be updated.
4482 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4483 properties:
4484 exec:
4485 description: Exec specifies the action to take.
4486 properties:
4487 command:
4488 description: |-
4489 Command is the command line to execute inside the container, the working directory for the
4490 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
4491 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
4492 a shell, you need to explicitly call out to that shell.
4493 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4494 items:
4495 type: string
4496 type: array
4497 x-kubernetes-list-type: atomic
4498 type: object
4499 failureThreshold:
4500 description: |-
4501 Minimum consecutive failures for the probe to be considered failed after having succeeded.
4502 Defaults to 3. Minimum value is 1.
4503 format: int32
4504 type: integer
4505 grpc:
4506 description: GRPC specifies an action involving a GRPC port.
4507 properties:
4508 port:
4509 description: Port number of the gRPC service. Number
4510 must be in the range 1 to 65535.
4511 format: int32
4512 type: integer
4513 service:
4514 description: |-
4515 Service is the name of the service to place in the gRPC HealthCheckRequest
4516 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
4517
4518
4519 If this is not specified, the default behavior is defined by gRPC.
4520 type: string
4521 required:
4522 - port
4523 type: object
4524 httpGet:
4525 description: HTTPGet specifies the http request to perform.
4526 properties:
4527 host:
4528 description: |-
4529 Host name to connect to, defaults to the pod IP. You probably want to set
4530 "Host" in httpHeaders instead.
4531 type: string
4532 httpHeaders:
4533 description: Custom headers to set in the request. HTTP
4534 allows repeated headers.
4535 items:
4536 description: HTTPHeader describes a custom header
4537 to be used in HTTP probes
4538 properties:
4539 name:
4540 description: |-
4541 The header field name.
4542 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4543 type: string
4544 value:
4545 description: The header field value
4546 type: string
4547 required:
4548 - name
4549 - value
4550 type: object
4551 type: array
4552 x-kubernetes-list-type: atomic
4553 path:
4554 description: Path to access on the HTTP server.
4555 type: string
4556 port:
4557 anyOf:
4558 - type: integer
4559 - type: string
4560 description: |-
4561 Name or number of the port to access on the container.
4562 Number must be in the range 1 to 65535.
4563 Name must be an IANA_SVC_NAME.
4564 x-kubernetes-int-or-string: true
4565 scheme:
4566 description: |-
4567 Scheme to use for connecting to the host.
4568 Defaults to HTTP.
4569 type: string
4570 required:
4571 - port
4572 type: object
4573 initialDelaySeconds:
4574 description: |-
4575 Number of seconds after the container has started before liveness probes are initiated.
4576 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4577 format: int32
4578 type: integer
4579 periodSeconds:
4580 description: |-
4581 How often (in seconds) to perform the probe.
4582 Default to 10 seconds. Minimum value is 1.
4583 format: int32
4584 type: integer
4585 successThreshold:
4586 description: |-
4587 Minimum consecutive successes for the probe to be considered successful after having failed.
4588 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4589 format: int32
4590 type: integer
4591 tcpSocket:
4592 description: TCPSocket specifies an action involving a TCP
4593 port.
4594 properties:
4595 host:
4596 description: 'Optional: Host name to connect to, defaults
4597 to the pod IP.'
4598 type: string
4599 port:
4600 anyOf:
4601 - type: integer
4602 - type: string
4603 description: |-
4604 Number or name of the port to access on the container.
4605 Number must be in the range 1 to 65535.
4606 Name must be an IANA_SVC_NAME.
4607 x-kubernetes-int-or-string: true
4608 required:
4609 - port
4610 type: object
4611 terminationGracePeriodSeconds:
4612 description: |-
4613 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
4614 The grace period is the duration in seconds after the processes running in the pod are sent
4615 a termination signal and the time when the processes are forcibly halted with a kill signal.
4616 Set this value longer than the expected cleanup time for your process.
4617 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
4618 value overrides the value provided by the pod spec.
4619 Value must be non-negative integer. The value zero indicates stop immediately via
4620 the kill signal (no opportunity to shut down).
4621 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
4622 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4623 format: int64
4624 type: integer
4625 timeoutSeconds:
4626 description: |-
4627 Number of seconds after which the probe times out.
4628 Defaults to 1 second. Minimum value is 1.
4629 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4630 format: int32
4631 type: integer
4632 type: object
4633 stdin:
4634 description: |-
4635 Whether this container should allocate a buffer for stdin in the container runtime. If this
4636 is not set, reads from stdin in the container will always result in EOF.
4637 Default is false.
4638 type: boolean
4639 stdinOnce:
4640 description: |-
4641 Whether the container runtime should close the stdin channel after it has been opened by
4642 a single attach. When stdin is true the stdin stream will remain open across multiple attach
4643 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
4644 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
4645 at which time stdin is closed and remains closed until the container is restarted. If this
4646 flag is false, a container processes that reads from stdin will never receive an EOF.
4647 Default is false
4648 type: boolean
4649 terminationMessagePath:
4650 description: |-
4651 Optional: Path at which the file to which the container's termination message
4652 will be written is mounted into the container's filesystem.
4653 Message written is intended to be brief final status, such as an assertion failure message.
4654 Will be truncated by the node if greater than 4096 bytes. The total message length across
4655 all containers will be limited to 12kb.
4656 Defaults to /dev/termination-log.
4657 Cannot be updated.
4658 type: string
4659 terminationMessagePolicy:
4660 description: |-
4661 Indicate how the termination message should be populated. File will use the contents of
4662 terminationMessagePath to populate the container status message on both success and failure.
4663 FallbackToLogsOnError will use the last chunk of container log output if the termination
4664 message file is empty and the container exited with an error.
4665 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
4666 Defaults to File.
4667 Cannot be updated.
4668 type: string
4669 tty:
4670 description: |-
4671 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
4672 Default is false.
4673 type: boolean
4674 volumeDevices:
4675 description: volumeDevices is the list of block devices to be
4676 used by the container.
4677 items:
4678 description: volumeDevice describes a mapping of a raw block
4679 device within a container.
4680 properties:
4681 devicePath:
4682 description: devicePath is the path inside of the container
4683 that the device will be mapped to.
4684 type: string
4685 name:
4686 description: name must match the name of a persistentVolumeClaim
4687 in the pod
4688 type: string
4689 required:
4690 - devicePath
4691 - name
4692 type: object
4693 type: array
4694 x-kubernetes-list-map-keys:
4695 - devicePath
4696 x-kubernetes-list-type: map
4697 volumeMounts:
4698 description: |-
4699 Pod volumes to mount into the container's filesystem.
4700 Cannot be updated.
4701 items:
4702 description: VolumeMount describes a mounting of a Volume
4703 within a container.
4704 properties:
4705 mountPath:
4706 description: |-
4707 Path within the container at which the volume should be mounted. Must
4708 not contain ':'.
4709 type: string
4710 mountPropagation:
4711 description: |-
4712 mountPropagation determines how mounts are propagated from the host
4713 to container and the other way around.
4714 When not set, MountPropagationNone is used.
4715 This field is beta in 1.10.
4716 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
4717 (which defaults to None).
4718 type: string
4719 name:
4720 description: This must match the Name of a Volume.
4721 type: string
4722 readOnly:
4723 description: |-
4724 Mounted read-only if true, read-write otherwise (false or unspecified).
4725 Defaults to false.
4726 type: boolean
4727 recursiveReadOnly:
4728 description: |-
4729 RecursiveReadOnly specifies whether read-only mounts should be handled
4730 recursively.
4731
4732
4733 If ReadOnly is false, this field has no meaning and must be unspecified.
4734
4735
4736 If ReadOnly is true, and this field is set to Disabled, the mount is not made
4737 recursively read-only. If this field is set to IfPossible, the mount is made
4738 recursively read-only, if it is supported by the container runtime. If this
4739 field is set to Enabled, the mount is made recursively read-only if it is
4740 supported by the container runtime, otherwise the pod will not be started and
4741 an error will be generated to indicate the reason.
4742
4743
4744 If this field is set to IfPossible or Enabled, MountPropagation must be set to
4745 None (or be unspecified, which defaults to None).
4746
4747
4748 If this field is not specified, it is treated as an equivalent of Disabled.
4749 type: string
4750 subPath:
4751 description: |-
4752 Path within the volume from which the container's volume should be mounted.
4753 Defaults to "" (volume's root).
4754 type: string
4755 subPathExpr:
4756 description: |-
4757 Expanded path within the volume from which the container's volume should be mounted.
4758 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
4759 Defaults to "" (volume's root).
4760 SubPathExpr and SubPath are mutually exclusive.
4761 type: string
4762 required:
4763 - mountPath
4764 - name
4765 type: object
4766 type: array
4767 x-kubernetes-list-map-keys:
4768 - mountPath
4769 x-kubernetes-list-type: map
4770 workingDir:
4771 description: |-
4772 Container's working directory.
4773 If not specified, the container runtime's default will be used, which
4774 might be configured in the container image.
4775 Cannot be updated.
4776 type: string
4777 required:
4778 - name
4779 type: object
4780 type: array
4781 listenLocal:
4782 description: |-
4783 ListenLocal makes the Alertmanager server listen on loopback, so that it
4784 does not bind against the Pod IP. Note this is only for the Alertmanager
4785 UI, not the gossip communication.
4786 type: boolean
4787 logFormat:
4788 description: Log format for Alertmanager to be configured with.
4789 enum:
4790 - ""
4791 - logfmt
4792 - json
4793 type: string
4794 logLevel:
4795 description: Log level for Alertmanager to be configured with.
4796 enum:
4797 - ""
4798 - debug
4799 - info
4800 - warn
4801 - error
4802 type: string
4803 minReadySeconds:
4804 description: |-
4805 Minimum number of seconds for which a newly created pod should be ready
4806 without any of its container crashing for it to be considered available.
4807 Defaults to 0 (pod will be considered available as soon as it is ready)
4808 This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
4809 format: int32
4810 type: integer
4811 nodeSelector:
4812 additionalProperties:
4813 type: string
4814 description: Define which Nodes the Pods are scheduled on.
4815 type: object
4816 paused:
4817 description: |-
4818 If set to true all actions on the underlying managed objects are not
4819 goint to be performed, except for delete actions.
4820 type: boolean
4821 podMetadata:
4822 description: PodMetadata configures Labels and Annotations which are
4823 propagated to the alertmanager pods.
4824 properties:
4825 annotations:
4826 additionalProperties:
4827 type: string
4828 description: |-
4829 Annotations is an unstructured key value map stored with a resource that may be
4830 set by external tools to store and retrieve arbitrary metadata. They are not
4831 queryable and should be preserved when modifying objects.
4832 More info: http://kubernetes.io/docs/user-guide/annotations
4833 type: object
4834 labels:
4835 additionalProperties:
4836 type: string
4837 description: |-
4838 Map of string keys and values that can be used to organize and categorize
4839 (scope and select) objects. May match selectors of replication controllers
4840 and services.
4841 More info: http://kubernetes.io/docs/user-guide/labels
4842 type: object
4843 name:
4844 description: |-
4845 Name must be unique within a namespace. Is required when creating resources, although
4846 some resources may allow a client to request the generation of an appropriate name
4847 automatically. Name is primarily intended for creation idempotence and configuration
4848 definition.
4849 Cannot be updated.
4850 More info: http://kubernetes.io/docs/user-guide/identifiers#names
4851 type: string
4852 type: object
4853 portName:
4854 default: web
4855 description: |-
4856 Port name used for the pods and governing service.
4857 Defaults to `web`.
4858 type: string
4859 priorityClassName:
4860 description: Priority class assigned to the Pods
4861 type: string
4862 replicas:
4863 description: |-
4864 Size is the expected size of the alertmanager cluster. The controller will
4865 eventually make the size of the running cluster equal to the expected
4866 size.
4867 format: int32
4868 type: integer
4869 resources:
4870 description: Define resources requests and limits for single Pods.
4871 properties:
4872 claims:
4873 description: |-
4874 Claims lists the names of resources, defined in spec.resourceClaims,
4875 that are used by this container.
4876
4877
4878 This is an alpha field and requires enabling the
4879 DynamicResourceAllocation feature gate.
4880
4881
4882 This field is immutable. It can only be set for containers.
4883 items:
4884 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
4885 properties:
4886 name:
4887 description: |-
4888 Name must match the name of one entry in pod.spec.resourceClaims of
4889 the Pod where this field is used. It makes that resource available
4890 inside a container.
4891 type: string
4892 required:
4893 - name
4894 type: object
4895 type: array
4896 x-kubernetes-list-map-keys:
4897 - name
4898 x-kubernetes-list-type: map
4899 limits:
4900 additionalProperties:
4901 anyOf:
4902 - type: integer
4903 - type: string
4904 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4905 x-kubernetes-int-or-string: true
4906 description: |-
4907 Limits describes the maximum amount of compute resources allowed.
4908 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4909 type: object
4910 requests:
4911 additionalProperties:
4912 anyOf:
4913 - type: integer
4914 - type: string
4915 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4916 x-kubernetes-int-or-string: true
4917 description: |-
4918 Requests describes the minimum amount of compute resources required.
4919 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
4920 otherwise to an implementation-defined value. Requests cannot exceed Limits.
4921 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4922 type: object
4923 type: object
4924 retention:
4925 default: 120h
4926 description: |-
4927 Time duration Alertmanager shall retain data for. Default is '120h',
4928 and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours).
4929 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
4930 type: string
4931 routePrefix:
4932 description: |-
4933 The route prefix Alertmanager registers HTTP handlers for. This is useful,
4934 if using ExternalURL and a proxy is rewriting HTTP routes of a request,
4935 and the actual ExternalURL is still true, but the server serves requests
4936 under a different route prefix. For example for use with `kubectl proxy`.
4937 type: string
4938 secrets:
4939 description: |-
4940 Secrets is a list of Secrets in the same namespace as the Alertmanager
4941 object, which shall be mounted into the Alertmanager Pods.
4942 Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`.
4943 The Secrets are mounted into `/etc/alertmanager/secrets/<secret-name>` in the 'alertmanager' container.
4944 items:
4945 type: string
4946 type: array
4947 securityContext:
4948 description: |-
4949 SecurityContext holds pod-level security attributes and common container settings.
4950 This defaults to the default PodSecurityContext.
4951 properties:
4952 appArmorProfile:
4953 description: |-
4954 appArmorProfile is the AppArmor options to use by the containers in this pod.
4955 Note that this field cannot be set when spec.os.name is windows.
4956 properties:
4957 localhostProfile:
4958 description: |-
4959 localhostProfile indicates a profile loaded on the node that should be used.
4960 The profile must be preconfigured on the node to work.
4961 Must match the loaded name of the profile.
4962 Must be set if and only if type is "Localhost".
4963 type: string
4964 type:
4965 description: |-
4966 type indicates which kind of AppArmor profile will be applied.
4967 Valid options are:
4968 Localhost - a profile pre-loaded on the node.
4969 RuntimeDefault - the container runtime's default profile.
4970 Unconfined - no AppArmor enforcement.
4971 type: string
4972 required:
4973 - type
4974 type: object
4975 fsGroup:
4976 description: |-
4977 A special supplemental group that applies to all containers in a pod.
4978 Some volume types allow the Kubelet to change the ownership of that volume
4979 to be owned by the pod:
4980
4981
4982 1. The owning GID will be the FSGroup
4983 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
4984 3. The permission bits are OR'd with rw-rw----
4985
4986
4987 If unset, the Kubelet will not modify the ownership and permissions of any volume.
4988 Note that this field cannot be set when spec.os.name is windows.
4989 format: int64
4990 type: integer
4991 fsGroupChangePolicy:
4992 description: |-
4993 fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
4994 before being exposed inside Pod. This field will only apply to
4995 volume types which support fsGroup based ownership(and permissions).
4996 It will have no effect on ephemeral volume types such as: secret, configmaps
4997 and emptydir.
4998 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
4999 Note that this field cannot be set when spec.os.name is windows.
5000 type: string
5001 runAsGroup:
5002 description: |-
5003 The GID to run the entrypoint of the container process.
5004 Uses runtime default if unset.
5005 May also be set in SecurityContext. If set in both SecurityContext and
5006 PodSecurityContext, the value specified in SecurityContext takes precedence
5007 for that container.
5008 Note that this field cannot be set when spec.os.name is windows.
5009 format: int64
5010 type: integer
5011 runAsNonRoot:
5012 description: |-
5013 Indicates that the container must run as a non-root user.
5014 If true, the Kubelet will validate the image at runtime to ensure that it
5015 does not run as UID 0 (root) and fail to start the container if it does.
5016 If unset or false, no such validation will be performed.
5017 May also be set in SecurityContext. If set in both SecurityContext and
5018 PodSecurityContext, the value specified in SecurityContext takes precedence.
5019 type: boolean
5020 runAsUser:
5021 description: |-
5022 The UID to run the entrypoint of the container process.
5023 Defaults to user specified in image metadata if unspecified.
5024 May also be set in SecurityContext. If set in both SecurityContext and
5025 PodSecurityContext, the value specified in SecurityContext takes precedence
5026 for that container.
5027 Note that this field cannot be set when spec.os.name is windows.
5028 format: int64
5029 type: integer
5030 seLinuxOptions:
5031 description: |-
5032 The SELinux context to be applied to all containers.
5033 If unspecified, the container runtime will allocate a random SELinux context for each
5034 container. May also be set in SecurityContext. If set in
5035 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
5036 takes precedence for that container.
5037 Note that this field cannot be set when spec.os.name is windows.
5038 properties:
5039 level:
5040 description: Level is SELinux level label that applies to
5041 the container.
5042 type: string
5043 role:
5044 description: Role is a SELinux role label that applies to
5045 the container.
5046 type: string
5047 type:
5048 description: Type is a SELinux type label that applies to
5049 the container.
5050 type: string
5051 user:
5052 description: User is a SELinux user label that applies to
5053 the container.
5054 type: string
5055 type: object
5056 seccompProfile:
5057 description: |-
5058 The seccomp options to use by the containers in this pod.
5059 Note that this field cannot be set when spec.os.name is windows.
5060 properties:
5061 localhostProfile:
5062 description: |-
5063 localhostProfile indicates a profile defined in a file on the node should be used.
5064 The profile must be preconfigured on the node to work.
5065 Must be a descending path, relative to the kubelet's configured seccomp profile location.
5066 Must be set if type is "Localhost". Must NOT be set for any other type.
5067 type: string
5068 type:
5069 description: |-
5070 type indicates which kind of seccomp profile will be applied.
5071 Valid options are:
5072
5073
5074 Localhost - a profile defined in a file on the node should be used.
5075 RuntimeDefault - the container runtime default profile should be used.
5076 Unconfined - no profile should be applied.
5077 type: string
5078 required:
5079 - type
5080 type: object
5081 supplementalGroups:
5082 description: |-
5083 A list of groups applied to the first process run in each container, in addition
5084 to the container's primary GID, the fsGroup (if specified), and group memberships
5085 defined in the container image for the uid of the container process. If unspecified,
5086 no additional groups are added to any container. Note that group memberships
5087 defined in the container image for the uid of the container process are still effective,
5088 even if they are not included in this list.
5089 Note that this field cannot be set when spec.os.name is windows.
5090 items:
5091 format: int64
5092 type: integer
5093 type: array
5094 x-kubernetes-list-type: atomic
5095 sysctls:
5096 description: |-
5097 Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
5098 sysctls (by the container runtime) might fail to launch.
5099 Note that this field cannot be set when spec.os.name is windows.
5100 items:
5101 description: Sysctl defines a kernel parameter to be set
5102 properties:
5103 name:
5104 description: Name of a property to set
5105 type: string
5106 value:
5107 description: Value of a property to set
5108 type: string
5109 required:
5110 - name
5111 - value
5112 type: object
5113 type: array
5114 x-kubernetes-list-type: atomic
5115 windowsOptions:
5116 description: |-
5117 The Windows specific settings applied to all containers.
5118 If unspecified, the options within a container's SecurityContext will be used.
5119 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
5120 Note that this field cannot be set when spec.os.name is linux.
5121 properties:
5122 gmsaCredentialSpec:
5123 description: |-
5124 GMSACredentialSpec is where the GMSA admission webhook
5125 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
5126 GMSA credential spec named by the GMSACredentialSpecName field.
5127 type: string
5128 gmsaCredentialSpecName:
5129 description: GMSACredentialSpecName is the name of the GMSA
5130 credential spec to use.
5131 type: string
5132 hostProcess:
5133 description: |-
5134 HostProcess determines if a container should be run as a 'Host Process' container.
5135 All of a Pod's containers must have the same effective HostProcess value
5136 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
5137 In addition, if HostProcess is true then HostNetwork must also be set to true.
5138 type: boolean
5139 runAsUserName:
5140 description: |-
5141 The UserName in Windows to run the entrypoint of the container process.
5142 Defaults to the user specified in image metadata if unspecified.
5143 May also be set in PodSecurityContext. If set in both SecurityContext and
5144 PodSecurityContext, the value specified in SecurityContext takes precedence.
5145 type: string
5146 type: object
5147 type: object
5148 serviceAccountName:
5149 description: |-
5150 ServiceAccountName is the name of the ServiceAccount to use to run the
5151 Prometheus Pods.
5152 type: string
5153 sha:
5154 description: |-
5155 SHA of Alertmanager container image to be deployed. Defaults to the value of `version`.
5156 Similar to a tag, but the SHA explicitly deploys an immutable container image.
5157 Version and Tag are ignored if SHA is set.
5158 Deprecated: use 'image' instead. The image digest can be specified
5159 as part of the image URL.
5160 type: string
5161 storage:
5162 description: |-
5163 Storage is the definition of how storage will be used by the Alertmanager
5164 instances.
5165 properties:
5166 disableMountSubPath:
5167 description: '*Deprecated: subPath usage will be removed in a
5168 future release.*'
5169 type: boolean
5170 emptyDir:
5171 description: |-
5172 EmptyDirVolumeSource to be used by the StatefulSet.
5173 If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`.
5174 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir
5175 properties:
5176 medium:
5177 description: |-
5178 medium represents what type of storage medium should back this directory.
5179 The default is "" which means to use the node's default medium.
5180 Must be an empty string (default) or Memory.
5181 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
5182 type: string
5183 sizeLimit:
5184 anyOf:
5185 - type: integer
5186 - type: string
5187 description: |-
5188 sizeLimit is the total amount of local storage required for this EmptyDir volume.
5189 The size limit is also applicable for memory medium.
5190 The maximum usage on memory medium EmptyDir would be the minimum value between
5191 the SizeLimit specified here and the sum of memory limits of all containers in a pod.
5192 The default is nil which means that the limit is undefined.
5193 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
5194 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5195 x-kubernetes-int-or-string: true
5196 type: object
5197 ephemeral:
5198 description: |-
5199 EphemeralVolumeSource to be used by the StatefulSet.
5200 This is a beta field in k8s 1.21 and GA in 1.15.
5201 For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate.
5202 More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes
5203 properties:
5204 volumeClaimTemplate:
5205 description: |-
5206 Will be used to create a stand-alone PVC to provision the volume.
5207 The pod in which this EphemeralVolumeSource is embedded will be the
5208 owner of the PVC, i.e. the PVC will be deleted together with the
5209 pod. The name of the PVC will be `<pod name>-<volume name>` where
5210 `<volume name>` is the name from the `PodSpec.Volumes` array
5211 entry. Pod validation will reject the pod if the concatenated name
5212 is not valid for a PVC (for example, too long).
5213
5214
5215 An existing PVC with that name that is not owned by the pod
5216 will *not* be used for the pod to avoid using an unrelated
5217 volume by mistake. Starting the pod is then blocked until
5218 the unrelated PVC is removed. If such a pre-created PVC is
5219 meant to be used by the pod, the PVC has to updated with an
5220 owner reference to the pod once the pod exists. Normally
5221 this should not be necessary, but it may be useful when
5222 manually reconstructing a broken cluster.
5223
5224
5225 This field is read-only and no changes will be made by Kubernetes
5226 to the PVC after it has been created.
5227
5228
5229 Required, must not be nil.
5230 properties:
5231 metadata:
5232 description: |-
5233 May contain labels and annotations that will be copied into the PVC
5234 when creating it. No other fields are allowed and will be rejected during
5235 validation.
5236 properties:
5237 annotations:
5238 additionalProperties:
5239 type: string
5240 type: object
5241 finalizers:
5242 items:
5243 type: string
5244 type: array
5245 labels:
5246 additionalProperties:
5247 type: string
5248 type: object
5249 name:
5250 type: string
5251 namespace:
5252 type: string
5253 type: object
5254 spec:
5255 description: |-
5256 The specification for the PersistentVolumeClaim. The entire content is
5257 copied unchanged into the PVC that gets created from this
5258 template. The same fields as in a PersistentVolumeClaim
5259 are also valid here.
5260 properties:
5261 accessModes:
5262 description: |-
5263 accessModes contains the desired access modes the volume should have.
5264 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
5265 items:
5266 type: string
5267 type: array
5268 x-kubernetes-list-type: atomic
5269 dataSource:
5270 description: |-
5271 dataSource field can be used to specify either:
5272 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
5273 * An existing PVC (PersistentVolumeClaim)
5274 If the provisioner or an external controller can support the specified data source,
5275 it will create a new volume based on the contents of the specified data source.
5276 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
5277 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
5278 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
5279 properties:
5280 apiGroup:
5281 description: |-
5282 APIGroup is the group for the resource being referenced.
5283 If APIGroup is not specified, the specified Kind must be in the core API group.
5284 For any other third-party types, APIGroup is required.
5285 type: string
5286 kind:
5287 description: Kind is the type of resource being
5288 referenced
5289 type: string
5290 name:
5291 description: Name is the name of resource being
5292 referenced
5293 type: string
5294 required:
5295 - kind
5296 - name
5297 type: object
5298 x-kubernetes-map-type: atomic
5299 dataSourceRef:
5300 description: |-
5301 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
5302 volume is desired. This may be any object from a non-empty API group (non
5303 core object) or a PersistentVolumeClaim object.
5304 When this field is specified, volume binding will only succeed if the type of
5305 the specified object matches some installed volume populator or dynamic
5306 provisioner.
5307 This field will replace the functionality of the dataSource field and as such
5308 if both fields are non-empty, they must have the same value. For backwards
5309 compatibility, when namespace isn't specified in dataSourceRef,
5310 both fields (dataSource and dataSourceRef) will be set to the same
5311 value automatically if one of them is empty and the other is non-empty.
5312 When namespace is specified in dataSourceRef,
5313 dataSource isn't set to the same value and must be empty.
5314 There are three important differences between dataSource and dataSourceRef:
5315 * While dataSource only allows two specific types of objects, dataSourceRef
5316 allows any non-core object, as well as PersistentVolumeClaim objects.
5317 * While dataSource ignores disallowed values (dropping them), dataSourceRef
5318 preserves all values, and generates an error if a disallowed value is
5319 specified.
5320 * While dataSource only allows local objects, dataSourceRef allows objects
5321 in any namespaces.
5322 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
5323 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
5324 properties:
5325 apiGroup:
5326 description: |-
5327 APIGroup is the group for the resource being referenced.
5328 If APIGroup is not specified, the specified Kind must be in the core API group.
5329 For any other third-party types, APIGroup is required.
5330 type: string
5331 kind:
5332 description: Kind is the type of resource being
5333 referenced
5334 type: string
5335 name:
5336 description: Name is the name of resource being
5337 referenced
5338 type: string
5339 namespace:
5340 description: |-
5341 Namespace is the namespace of resource being referenced
5342 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
5343 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
5344 type: string
5345 required:
5346 - kind
5347 - name
5348 type: object
5349 resources:
5350 description: |-
5351 resources represents the minimum resources the volume should have.
5352 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
5353 that are lower than previous value but must still be higher than capacity recorded in the
5354 status field of the claim.
5355 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
5356 properties:
5357 limits:
5358 additionalProperties:
5359 anyOf:
5360 - type: integer
5361 - type: string
5362 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5363 x-kubernetes-int-or-string: true
5364 description: |-
5365 Limits describes the maximum amount of compute resources allowed.
5366 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5367 type: object
5368 requests:
5369 additionalProperties:
5370 anyOf:
5371 - type: integer
5372 - type: string
5373 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5374 x-kubernetes-int-or-string: true
5375 description: |-
5376 Requests describes the minimum amount of compute resources required.
5377 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
5378 otherwise to an implementation-defined value. Requests cannot exceed Limits.
5379 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5380 type: object
5381 type: object
5382 selector:
5383 description: selector is a label query over volumes
5384 to consider for binding.
5385 properties:
5386 matchExpressions:
5387 description: matchExpressions is a list of label
5388 selector requirements. The requirements are
5389 ANDed.
5390 items:
5391 description: |-
5392 A label selector requirement is a selector that contains values, a key, and an operator that
5393 relates the key and values.
5394 properties:
5395 key:
5396 description: key is the label key that the
5397 selector applies to.
5398 type: string
5399 operator:
5400 description: |-
5401 operator represents a key's relationship to a set of values.
5402 Valid operators are In, NotIn, Exists and DoesNotExist.
5403 type: string
5404 values:
5405 description: |-
5406 values is an array of string values. If the operator is In or NotIn,
5407 the values array must be non-empty. If the operator is Exists or DoesNotExist,
5408 the values array must be empty. This array is replaced during a strategic
5409 merge patch.
5410 items:
5411 type: string
5412 type: array
5413 x-kubernetes-list-type: atomic
5414 required:
5415 - key
5416 - operator
5417 type: object
5418 type: array
5419 x-kubernetes-list-type: atomic
5420 matchLabels:
5421 additionalProperties:
5422 type: string
5423 description: |-
5424 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
5425 map is equivalent to an element of matchExpressions, whose key field is "key", the
5426 operator is "In", and the values array contains only "value". The requirements are ANDed.
5427 type: object
5428 type: object
5429 x-kubernetes-map-type: atomic
5430 storageClassName:
5431 description: |-
5432 storageClassName is the name of the StorageClass required by the claim.
5433 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
5434 type: string
5435 volumeAttributesClassName:
5436 description: |-
5437 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
5438 If specified, the CSI driver will create or update the volume with the attributes defined
5439 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
5440 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
5441 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
5442 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
5443 will be set by the persistentvolume controller if it exists.
5444 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
5445 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
5446 exists.
5447 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
5448 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
5449 type: string
5450 volumeMode:
5451 description: |-
5452 volumeMode defines what type of volume is required by the claim.
5453 Value of Filesystem is implied when not included in claim spec.
5454 type: string
5455 volumeName:
5456 description: volumeName is the binding reference to
5457 the PersistentVolume backing this claim.
5458 type: string
5459 type: object
5460 required:
5461 - spec
5462 type: object
5463 type: object
5464 volumeClaimTemplate:
5465 description: |-
5466 Defines the PVC spec to be used by the Prometheus StatefulSets.
5467 The easiest way to use a volume that cannot be automatically provisioned
5468 is to use a label selector alongside manually created PersistentVolumes.
5469 properties:
5470 apiVersion:
5471 description: |-
5472 APIVersion defines the versioned schema of this representation of an object.
5473 Servers should convert recognized schemas to the latest internal value, and
5474 may reject unrecognized values.
5475 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
5476 type: string
5477 kind:
5478 description: |-
5479 Kind is a string value representing the REST resource this object represents.
5480 Servers may infer this from the endpoint the client submits requests to.
5481 Cannot be updated.
5482 In CamelCase.
5483 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
5484 type: string
5485 metadata:
5486 description: EmbeddedMetadata contains metadata relevant to
5487 an EmbeddedResource.
5488 properties:
5489 annotations:
5490 additionalProperties:
5491 type: string
5492 description: |-
5493 Annotations is an unstructured key value map stored with a resource that may be
5494 set by external tools to store and retrieve arbitrary metadata. They are not
5495 queryable and should be preserved when modifying objects.
5496 More info: http://kubernetes.io/docs/user-guide/annotations
5497 type: object
5498 labels:
5499 additionalProperties:
5500 type: string
5501 description: |-
5502 Map of string keys and values that can be used to organize and categorize
5503 (scope and select) objects. May match selectors of replication controllers
5504 and services.
5505 More info: http://kubernetes.io/docs/user-guide/labels
5506 type: object
5507 name:
5508 description: |-
5509 Name must be unique within a namespace. Is required when creating resources, although
5510 some resources may allow a client to request the generation of an appropriate name
5511 automatically. Name is primarily intended for creation idempotence and configuration
5512 definition.
5513 Cannot be updated.
5514 More info: http://kubernetes.io/docs/user-guide/identifiers#names
5515 type: string
5516 type: object
5517 spec:
5518 description: |-
5519 Defines the desired characteristics of a volume requested by a pod author.
5520 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
5521 properties:
5522 accessModes:
5523 description: |-
5524 accessModes contains the desired access modes the volume should have.
5525 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
5526 items:
5527 type: string
5528 type: array
5529 x-kubernetes-list-type: atomic
5530 dataSource:
5531 description: |-
5532 dataSource field can be used to specify either:
5533 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
5534 * An existing PVC (PersistentVolumeClaim)
5535 If the provisioner or an external controller can support the specified data source,
5536 it will create a new volume based on the contents of the specified data source.
5537 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
5538 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
5539 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
5540 properties:
5541 apiGroup:
5542 description: |-
5543 APIGroup is the group for the resource being referenced.
5544 If APIGroup is not specified, the specified Kind must be in the core API group.
5545 For any other third-party types, APIGroup is required.
5546 type: string
5547 kind:
5548 description: Kind is the type of resource being referenced
5549 type: string
5550 name:
5551 description: Name is the name of resource being referenced
5552 type: string
5553 required:
5554 - kind
5555 - name
5556 type: object
5557 x-kubernetes-map-type: atomic
5558 dataSourceRef:
5559 description: |-
5560 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
5561 volume is desired. This may be any object from a non-empty API group (non
5562 core object) or a PersistentVolumeClaim object.
5563 When this field is specified, volume binding will only succeed if the type of
5564 the specified object matches some installed volume populator or dynamic
5565 provisioner.
5566 This field will replace the functionality of the dataSource field and as such
5567 if both fields are non-empty, they must have the same value. For backwards
5568 compatibility, when namespace isn't specified in dataSourceRef,
5569 both fields (dataSource and dataSourceRef) will be set to the same
5570 value automatically if one of them is empty and the other is non-empty.
5571 When namespace is specified in dataSourceRef,
5572 dataSource isn't set to the same value and must be empty.
5573 There are three important differences between dataSource and dataSourceRef:
5574 * While dataSource only allows two specific types of objects, dataSourceRef
5575 allows any non-core object, as well as PersistentVolumeClaim objects.
5576 * While dataSource ignores disallowed values (dropping them), dataSourceRef
5577 preserves all values, and generates an error if a disallowed value is
5578 specified.
5579 * While dataSource only allows local objects, dataSourceRef allows objects
5580 in any namespaces.
5581 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
5582 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
5583 properties:
5584 apiGroup:
5585 description: |-
5586 APIGroup is the group for the resource being referenced.
5587 If APIGroup is not specified, the specified Kind must be in the core API group.
5588 For any other third-party types, APIGroup is required.
5589 type: string
5590 kind:
5591 description: Kind is the type of resource being referenced
5592 type: string
5593 name:
5594 description: Name is the name of resource being referenced
5595 type: string
5596 namespace:
5597 description: |-
5598 Namespace is the namespace of resource being referenced
5599 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
5600 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
5601 type: string
5602 required:
5603 - kind
5604 - name
5605 type: object
5606 resources:
5607 description: |-
5608 resources represents the minimum resources the volume should have.
5609 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
5610 that are lower than previous value but must still be higher than capacity recorded in the
5611 status field of the claim.
5612 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
5613 properties:
5614 limits:
5615 additionalProperties:
5616 anyOf:
5617 - type: integer
5618 - type: string
5619 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5620 x-kubernetes-int-or-string: true
5621 description: |-
5622 Limits describes the maximum amount of compute resources allowed.
5623 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5624 type: object
5625 requests:
5626 additionalProperties:
5627 anyOf:
5628 - type: integer
5629 - type: string
5630 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5631 x-kubernetes-int-or-string: true
5632 description: |-
5633 Requests describes the minimum amount of compute resources required.
5634 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
5635 otherwise to an implementation-defined value. Requests cannot exceed Limits.
5636 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5637 type: object
5638 type: object
5639 selector:
5640 description: selector is a label query over volumes to
5641 consider for binding.
5642 properties:
5643 matchExpressions:
5644 description: matchExpressions is a list of label selector
5645 requirements. The requirements are ANDed.
5646 items:
5647 description: |-
5648 A label selector requirement is a selector that contains values, a key, and an operator that
5649 relates the key and values.
5650 properties:
5651 key:
5652 description: key is the label key that the selector
5653 applies to.
5654 type: string
5655 operator:
5656 description: |-
5657 operator represents a key's relationship to a set of values.
5658 Valid operators are In, NotIn, Exists and DoesNotExist.
5659 type: string
5660 values:
5661 description: |-
5662 values is an array of string values. If the operator is In or NotIn,
5663 the values array must be non-empty. If the operator is Exists or DoesNotExist,
5664 the values array must be empty. This array is replaced during a strategic
5665 merge patch.
5666 items:
5667 type: string
5668 type: array
5669 x-kubernetes-list-type: atomic
5670 required:
5671 - key
5672 - operator
5673 type: object
5674 type: array
5675 x-kubernetes-list-type: atomic
5676 matchLabels:
5677 additionalProperties:
5678 type: string
5679 description: |-
5680 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
5681 map is equivalent to an element of matchExpressions, whose key field is "key", the
5682 operator is "In", and the values array contains only "value". The requirements are ANDed.
5683 type: object
5684 type: object
5685 x-kubernetes-map-type: atomic
5686 storageClassName:
5687 description: |-
5688 storageClassName is the name of the StorageClass required by the claim.
5689 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
5690 type: string
5691 volumeAttributesClassName:
5692 description: |-
5693 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
5694 If specified, the CSI driver will create or update the volume with the attributes defined
5695 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
5696 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
5697 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
5698 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
5699 will be set by the persistentvolume controller if it exists.
5700 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
5701 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
5702 exists.
5703 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
5704 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
5705 type: string
5706 volumeMode:
5707 description: |-
5708 volumeMode defines what type of volume is required by the claim.
5709 Value of Filesystem is implied when not included in claim spec.
5710 type: string
5711 volumeName:
5712 description: volumeName is the binding reference to the
5713 PersistentVolume backing this claim.
5714 type: string
5715 type: object
5716 status:
5717 description: '*Deprecated: this field is never set.*'
5718 properties:
5719 accessModes:
5720 description: |-
5721 accessModes contains the actual access modes the volume backing the PVC has.
5722 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
5723 items:
5724 type: string
5725 type: array
5726 x-kubernetes-list-type: atomic
5727 allocatedResourceStatuses:
5728 additionalProperties:
5729 description: |-
5730 When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource
5731 that it does not recognizes, then it should ignore that update and let other controllers
5732 handle it.
5733 type: string
5734 description: "allocatedResourceStatuses stores status
5735 of resource being resized for the given PVC.\nKey names
5736 follow standard Kubernetes label syntax. Valid values
5737 are either:\n\t* Un-prefixed keys:\n\t\t- storage -
5738 the capacity of the volume.\n\t* Custom resources must
5739 use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart
5740 from above values - keys that are unprefixed or have
5741 kubernetes.io prefix are considered\nreserved and hence
5742 may not be used.\n\n\nClaimResourceStatus can be in
5743 any of following states:\n\t- ControllerResizeInProgress:\n\t\tState
5744 set when resize controller starts resizing the volume
5745 in control-plane.\n\t- ControllerResizeFailed:\n\t\tState
5746 set when resize has failed in resize controller with
5747 a terminal error.\n\t- NodeResizePending:\n\t\tState
5748 set when resize controller has finished resizing the
5749 volume but further resizing of\n\t\tvolume is needed
5750 on the node.\n\t- NodeResizeInProgress:\n\t\tState set
5751 when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState
5752 set when resizing has failed in kubelet with a terminal
5753 error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor
5754 example: if expanding a PVC for more capacity - this
5755 field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage']
5756 = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage']
5757 = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage']
5758 = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage']
5759 = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage']
5760 = \"NodeResizeFailed\"\nWhen this field is not set,
5761 it means that no resize operation is in progress for
5762 the given PVC.\n\n\nA controller that receives PVC update
5763 with previously unknown resourceName or ClaimResourceStatus\nshould
5764 ignore the update for the purpose it was designed. For
5765 example - a controller that\nonly is responsible for
5766 resizing capacity of the volume, should ignore PVC updates
5767 that change other valid\nresources associated with PVC.\n\n\nThis
5768 is an alpha field and requires enabling RecoverVolumeExpansionFailure
5769 feature."
5770 type: object
5771 x-kubernetes-map-type: granular
5772 allocatedResources:
5773 additionalProperties:
5774 anyOf:
5775 - type: integer
5776 - type: string
5777 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5778 x-kubernetes-int-or-string: true
5779 description: "allocatedResources tracks the resources
5780 allocated to a PVC including its capacity.\nKey names
5781 follow standard Kubernetes label syntax. Valid values
5782 are either:\n\t* Un-prefixed keys:\n\t\t- storage -
5783 the capacity of the volume.\n\t* Custom resources must
5784 use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart
5785 from above values - keys that are unprefixed or have
5786 kubernetes.io prefix are considered\nreserved and hence
5787 may not be used.\n\n\nCapacity reported here may be
5788 larger than the actual capacity when a volume expansion
5789 operation\nis requested.\nFor storage quota, the larger
5790 value from allocatedResources and PVC.spec.resources
5791 is used.\nIf allocatedResources is not set, PVC.spec.resources
5792 alone is used for quota calculation.\nIf a volume expansion
5793 capacity request is lowered, allocatedResources is only\nlowered
5794 if there are no expansion operations in progress and
5795 if the actual volume capacity\nis equal or lower than
5796 the requested capacity.\n\n\nA controller that receives
5797 PVC update with previously unknown resourceName\nshould
5798 ignore the update for the purpose it was designed. For
5799 example - a controller that\nonly is responsible for
5800 resizing capacity of the volume, should ignore PVC updates
5801 that change other valid\nresources associated with PVC.\n\n\nThis
5802 is an alpha field and requires enabling RecoverVolumeExpansionFailure
5803 feature."
5804 type: object
5805 capacity:
5806 additionalProperties:
5807 anyOf:
5808 - type: integer
5809 - type: string
5810 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5811 x-kubernetes-int-or-string: true
5812 description: capacity represents the actual resources
5813 of the underlying volume.
5814 type: object
5815 conditions:
5816 description: |-
5817 conditions is the current Condition of persistent volume claim. If underlying persistent volume is being
5818 resized then the Condition will be set to 'Resizing'.
5819 items:
5820 description: PersistentVolumeClaimCondition contains
5821 details about state of pvc
5822 properties:
5823 lastProbeTime:
5824 description: lastProbeTime is the time we probed
5825 the condition.
5826 format: date-time
5827 type: string
5828 lastTransitionTime:
5829 description: lastTransitionTime is the time the
5830 condition transitioned from one status to another.
5831 format: date-time
5832 type: string
5833 message:
5834 description: message is the human-readable message
5835 indicating details about last transition.
5836 type: string
5837 reason:
5838 description: |-
5839 reason is a unique, this should be a short, machine understandable string that gives the reason
5840 for condition's last transition. If it reports "Resizing" that means the underlying
5841 persistent volume is being resized.
5842 type: string
5843 status:
5844 type: string
5845 type:
5846 description: PersistentVolumeClaimConditionType
5847 is a valid value of PersistentVolumeClaimCondition.Type
5848 type: string
5849 required:
5850 - status
5851 - type
5852 type: object
5853 type: array
5854 x-kubernetes-list-map-keys:
5855 - type
5856 x-kubernetes-list-type: map
5857 currentVolumeAttributesClassName:
5858 description: |-
5859 currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.
5860 When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim
5861 This is an alpha field and requires enabling VolumeAttributesClass feature.
5862 type: string
5863 modifyVolumeStatus:
5864 description: |-
5865 ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.
5866 When this is unset, there is no ModifyVolume operation being attempted.
5867 This is an alpha field and requires enabling VolumeAttributesClass feature.
5868 properties:
5869 status:
5870 description: "status is the status of the ControllerModifyVolume
5871 operation. It can be in any of following states:\n
5872 - Pending\n Pending indicates that the PersistentVolumeClaim
5873 cannot be modified due to unmet requirements, such
5874 as\n the specified VolumeAttributesClass not existing.\n
5875 - InProgress\n InProgress indicates that the volume
5876 is being modified.\n - Infeasible\n Infeasible
5877 indicates that the request has been rejected as
5878 invalid by the CSI driver. To\n\t resolve the error,
5879 a valid VolumeAttributesClass needs to be specified.\nNote:
5880 New statuses can be added in the future. Consumers
5881 should check for unknown statuses and fail appropriately."
5882 type: string
5883 targetVolumeAttributesClassName:
5884 description: targetVolumeAttributesClassName is the
5885 name of the VolumeAttributesClass the PVC currently
5886 being reconciled
5887 type: string
5888 required:
5889 - status
5890 type: object
5891 phase:
5892 description: phase represents the current phase of PersistentVolumeClaim.
5893 type: string
5894 type: object
5895 type: object
5896 type: object
5897 tag:
5898 description: |-
5899 Tag of Alertmanager container image to be deployed. Defaults to the value of `version`.
5900 Version is ignored if Tag is set.
5901 Deprecated: use 'image' instead. The image tag can be specified
5902 as part of the image URL.
5903 type: string
5904 tolerations:
5905 description: If specified, the pod's tolerations.
5906 items:
5907 description: |-
5908 The pod this Toleration is attached to tolerates any taint that matches
5909 the triple <key,value,effect> using the matching operator <operator>.
5910 properties:
5911 effect:
5912 description: |-
5913 Effect indicates the taint effect to match. Empty means match all taint effects.
5914 When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
5915 type: string
5916 key:
5917 description: |-
5918 Key is the taint key that the toleration applies to. Empty means match all taint keys.
5919 If the key is empty, operator must be Exists; this combination means to match all values and all keys.
5920 type: string
5921 operator:
5922 description: |-
5923 Operator represents a key's relationship to the value.
5924 Valid operators are Exists and Equal. Defaults to Equal.
5925 Exists is equivalent to wildcard for value, so that a pod can
5926 tolerate all taints of a particular category.
5927 type: string
5928 tolerationSeconds:
5929 description: |-
5930 TolerationSeconds represents the period of time the toleration (which must be
5931 of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
5932 it is not set, which means tolerate the taint forever (do not evict). Zero and
5933 negative values will be treated as 0 (evict immediately) by the system.
5934 format: int64
5935 type: integer
5936 value:
5937 description: |-
5938 Value is the taint value the toleration matches to.
5939 If the operator is Exists, the value should be empty, otherwise just a regular string.
5940 type: string
5941 type: object
5942 type: array
5943 topologySpreadConstraints:
5944 description: If specified, the pod's topology spread constraints.
5945 items:
5946 description: TopologySpreadConstraint specifies how to spread matching
5947 pods among the given topology.
5948 properties:
5949 labelSelector:
5950 description: |-
5951 LabelSelector is used to find matching pods.
5952 Pods that match this label selector are counted to determine the number of pods
5953 in their corresponding topology domain.
5954 properties:
5955 matchExpressions:
5956 description: matchExpressions is a list of label selector
5957 requirements. The requirements are ANDed.
5958 items:
5959 description: |-
5960 A label selector requirement is a selector that contains values, a key, and an operator that
5961 relates the key and values.
5962 properties:
5963 key:
5964 description: key is the label key that the selector
5965 applies to.
5966 type: string
5967 operator:
5968 description: |-
5969 operator represents a key's relationship to a set of values.
5970 Valid operators are In, NotIn, Exists and DoesNotExist.
5971 type: string
5972 values:
5973 description: |-
5974 values is an array of string values. If the operator is In or NotIn,
5975 the values array must be non-empty. If the operator is Exists or DoesNotExist,
5976 the values array must be empty. This array is replaced during a strategic
5977 merge patch.
5978 items:
5979 type: string
5980 type: array
5981 x-kubernetes-list-type: atomic
5982 required:
5983 - key
5984 - operator
5985 type: object
5986 type: array
5987 x-kubernetes-list-type: atomic
5988 matchLabels:
5989 additionalProperties:
5990 type: string
5991 description: |-
5992 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
5993 map is equivalent to an element of matchExpressions, whose key field is "key", the
5994 operator is "In", and the values array contains only "value". The requirements are ANDed.
5995 type: object
5996 type: object
5997 x-kubernetes-map-type: atomic
5998 matchLabelKeys:
5999 description: |-
6000 MatchLabelKeys is a set of pod label keys to select the pods over which
6001 spreading will be calculated. The keys are used to lookup values from the
6002 incoming pod labels, those key-value labels are ANDed with labelSelector
6003 to select the group of existing pods over which spreading will be calculated
6004 for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
6005 MatchLabelKeys cannot be set when LabelSelector isn't set.
6006 Keys that don't exist in the incoming pod labels will
6007 be ignored. A null or empty list means only match against labelSelector.
6008
6009
6010 This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
6011 items:
6012 type: string
6013 type: array
6014 x-kubernetes-list-type: atomic
6015 maxSkew:
6016 description: |-
6017 MaxSkew describes the degree to which pods may be unevenly distributed.
6018 When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
6019 between the number of matching pods in the target topology and the global minimum.
6020 The global minimum is the minimum number of matching pods in an eligible domain
6021 or zero if the number of eligible domains is less than MinDomains.
6022 For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
6023 labelSelector spread as 2/2/1:
6024 In this case, the global minimum is 1.
6025 | zone1 | zone2 | zone3 |
6026 | P P | P P | P |
6027 - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
6028 scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
6029 violate MaxSkew(1).
6030 - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
6031 When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
6032 to topologies that satisfy it.
6033 It's a required field. Default value is 1 and 0 is not allowed.
6034 format: int32
6035 type: integer
6036 minDomains:
6037 description: |-
6038 MinDomains indicates a minimum number of eligible domains.
6039 When the number of eligible domains with matching topology keys is less than minDomains,
6040 Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
6041 And when the number of eligible domains with matching topology keys equals or greater than minDomains,
6042 this value has no effect on scheduling.
6043 As a result, when the number of eligible domains is less than minDomains,
6044 scheduler won't schedule more than maxSkew Pods to those domains.
6045 If value is nil, the constraint behaves as if MinDomains is equal to 1.
6046 Valid values are integers greater than 0.
6047 When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
6048
6049
6050 For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
6051 labelSelector spread as 2/2/2:
6052 | zone1 | zone2 | zone3 |
6053 | P P | P P | P P |
6054 The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
6055 In this situation, new pod with the same labelSelector cannot be scheduled,
6056 because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
6057 it will violate MaxSkew.
6058 format: int32
6059 type: integer
6060 nodeAffinityPolicy:
6061 description: |-
6062 NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
6063 when calculating pod topology spread skew. Options are:
6064 - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
6065 - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
6066
6067
6068 If this value is nil, the behavior is equivalent to the Honor policy.
6069 This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
6070 type: string
6071 nodeTaintsPolicy:
6072 description: |-
6073 NodeTaintsPolicy indicates how we will treat node taints when calculating
6074 pod topology spread skew. Options are:
6075 - Honor: nodes without taints, along with tainted nodes for which the incoming pod
6076 has a toleration, are included.
6077 - Ignore: node taints are ignored. All nodes are included.
6078
6079
6080 If this value is nil, the behavior is equivalent to the Ignore policy.
6081 This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
6082 type: string
6083 topologyKey:
6084 description: |-
6085 TopologyKey is the key of node labels. Nodes that have a label with this key
6086 and identical values are considered to be in the same topology.
6087 We consider each <key, value> as a "bucket", and try to put balanced number
6088 of pods into each bucket.
6089 We define a domain as a particular instance of a topology.
6090 Also, we define an eligible domain as a domain whose nodes meet the requirements of
6091 nodeAffinityPolicy and nodeTaintsPolicy.
6092 e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
6093 And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
6094 It's a required field.
6095 type: string
6096 whenUnsatisfiable:
6097 description: |-
6098 WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
6099 the spread constraint.
6100 - DoNotSchedule (default) tells the scheduler not to schedule it.
6101 - ScheduleAnyway tells the scheduler to schedule the pod in any location,
6102 but giving higher precedence to topologies that would help reduce the
6103 skew.
6104 A constraint is considered "Unsatisfiable" for an incoming pod
6105 if and only if every possible node assignment for that pod would violate
6106 "MaxSkew" on some topology.
6107 For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
6108 labelSelector spread as 3/1/1:
6109 | zone1 | zone2 | zone3 |
6110 | P P P | P | P |
6111 If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
6112 to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
6113 MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
6114 won't make it *more* imbalanced.
6115 It's a required field.
6116 type: string
6117 required:
6118 - maxSkew
6119 - topologyKey
6120 - whenUnsatisfiable
6121 type: object
6122 type: array
6123 version:
6124 description: Version the cluster should be on.
6125 type: string
6126 volumeMounts:
6127 description: |-
6128 VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition.
6129 VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container,
6130 that are generated as a result of StorageSpec objects.
6131 items:
6132 description: VolumeMount describes a mounting of a Volume within
6133 a container.
6134 properties:
6135 mountPath:
6136 description: |-
6137 Path within the container at which the volume should be mounted. Must
6138 not contain ':'.
6139 type: string
6140 mountPropagation:
6141 description: |-
6142 mountPropagation determines how mounts are propagated from the host
6143 to container and the other way around.
6144 When not set, MountPropagationNone is used.
6145 This field is beta in 1.10.
6146 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
6147 (which defaults to None).
6148 type: string
6149 name:
6150 description: This must match the Name of a Volume.
6151 type: string
6152 readOnly:
6153 description: |-
6154 Mounted read-only if true, read-write otherwise (false or unspecified).
6155 Defaults to false.
6156 type: boolean
6157 recursiveReadOnly:
6158 description: |-
6159 RecursiveReadOnly specifies whether read-only mounts should be handled
6160 recursively.
6161
6162
6163 If ReadOnly is false, this field has no meaning and must be unspecified.
6164
6165
6166 If ReadOnly is true, and this field is set to Disabled, the mount is not made
6167 recursively read-only. If this field is set to IfPossible, the mount is made
6168 recursively read-only, if it is supported by the container runtime. If this
6169 field is set to Enabled, the mount is made recursively read-only if it is
6170 supported by the container runtime, otherwise the pod will not be started and
6171 an error will be generated to indicate the reason.
6172
6173
6174 If this field is set to IfPossible or Enabled, MountPropagation must be set to
6175 None (or be unspecified, which defaults to None).
6176
6177
6178 If this field is not specified, it is treated as an equivalent of Disabled.
6179 type: string
6180 subPath:
6181 description: |-
6182 Path within the volume from which the container's volume should be mounted.
6183 Defaults to "" (volume's root).
6184 type: string
6185 subPathExpr:
6186 description: |-
6187 Expanded path within the volume from which the container's volume should be mounted.
6188 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
6189 Defaults to "" (volume's root).
6190 SubPathExpr and SubPath are mutually exclusive.
6191 type: string
6192 required:
6193 - mountPath
6194 - name
6195 type: object
6196 type: array
6197 volumes:
6198 description: |-
6199 Volumes allows configuration of additional volumes on the output StatefulSet definition.
6200 Volumes specified will be appended to other volumes that are generated as a result of
6201 StorageSpec objects.
6202 items:
6203 description: Volume represents a named volume in a pod that may
6204 be accessed by any container in the pod.
6205 properties:
6206 awsElasticBlockStore:
6207 description: |-
6208 awsElasticBlockStore represents an AWS Disk resource that is attached to a
6209 kubelet's host machine and then exposed to the pod.
6210 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6211 properties:
6212 fsType:
6213 description: |-
6214 fsType is the filesystem type of the volume that you want to mount.
6215 Tip: Ensure that the filesystem type is supported by the host operating system.
6216 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6217 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6218 TODO: how do we prevent errors in the filesystem from compromising the machine
6219 type: string
6220 partition:
6221 description: |-
6222 partition is the partition in the volume that you want to mount.
6223 If omitted, the default is to mount by volume name.
6224 Examples: For volume /dev/sda1, you specify the partition as "1".
6225 Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
6226 format: int32
6227 type: integer
6228 readOnly:
6229 description: |-
6230 readOnly value true will force the readOnly setting in VolumeMounts.
6231 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6232 type: boolean
6233 volumeID:
6234 description: |-
6235 volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
6236 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
6237 type: string
6238 required:
6239 - volumeID
6240 type: object
6241 azureDisk:
6242 description: azureDisk represents an Azure Data Disk mount on
6243 the host and bind mount to the pod.
6244 properties:
6245 cachingMode:
6246 description: 'cachingMode is the Host Caching mode: None,
6247 Read Only, Read Write.'
6248 type: string
6249 diskName:
6250 description: diskName is the Name of the data disk in the
6251 blob storage
6252 type: string
6253 diskURI:
6254 description: diskURI is the URI of data disk in the blob
6255 storage
6256 type: string
6257 fsType:
6258 description: |-
6259 fsType is Filesystem type to mount.
6260 Must be a filesystem type supported by the host operating system.
6261 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6262 type: string
6263 kind:
6264 description: 'kind expected values are Shared: multiple
6265 blob disks per storage account Dedicated: single blob
6266 disk per storage account Managed: azure managed data
6267 disk (only in managed availability set). defaults to shared'
6268 type: string
6269 readOnly:
6270 description: |-
6271 readOnly Defaults to false (read/write). ReadOnly here will force
6272 the ReadOnly setting in VolumeMounts.
6273 type: boolean
6274 required:
6275 - diskName
6276 - diskURI
6277 type: object
6278 azureFile:
6279 description: azureFile represents an Azure File Service mount
6280 on the host and bind mount to the pod.
6281 properties:
6282 readOnly:
6283 description: |-
6284 readOnly defaults to false (read/write). ReadOnly here will force
6285 the ReadOnly setting in VolumeMounts.
6286 type: boolean
6287 secretName:
6288 description: secretName is the name of secret that contains
6289 Azure Storage Account Name and Key
6290 type: string
6291 shareName:
6292 description: shareName is the azure share Name
6293 type: string
6294 required:
6295 - secretName
6296 - shareName
6297 type: object
6298 cephfs:
6299 description: cephFS represents a Ceph FS mount on the host that
6300 shares a pod's lifetime
6301 properties:
6302 monitors:
6303 description: |-
6304 monitors is Required: Monitors is a collection of Ceph monitors
6305 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6306 items:
6307 type: string
6308 type: array
6309 x-kubernetes-list-type: atomic
6310 path:
6311 description: 'path is Optional: Used as the mounted root,
6312 rather than the full Ceph tree, default is /'
6313 type: string
6314 readOnly:
6315 description: |-
6316 readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
6317 the ReadOnly setting in VolumeMounts.
6318 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6319 type: boolean
6320 secretFile:
6321 description: |-
6322 secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
6323 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6324 type: string
6325 secretRef:
6326 description: |-
6327 secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
6328 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6329 properties:
6330 name:
6331 default: ""
6332 description: |-
6333 Name of the referent.
6334 This field is effectively required, but due to backwards compatibility is
6335 allowed to be empty. Instances of this type with an empty value here are
6336 almost certainly wrong.
6337 TODO: Add other useful fields. apiVersion, kind, uid?
6338 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6339 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6340 type: string
6341 type: object
6342 x-kubernetes-map-type: atomic
6343 user:
6344 description: |-
6345 user is optional: User is the rados user name, default is admin
6346 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6347 type: string
6348 required:
6349 - monitors
6350 type: object
6351 cinder:
6352 description: |-
6353 cinder represents a cinder volume attached and mounted on kubelets host machine.
6354 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6355 properties:
6356 fsType:
6357 description: |-
6358 fsType is the filesystem type to mount.
6359 Must be a filesystem type supported by the host operating system.
6360 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6361 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6362 type: string
6363 readOnly:
6364 description: |-
6365 readOnly defaults to false (read/write). ReadOnly here will force
6366 the ReadOnly setting in VolumeMounts.
6367 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6368 type: boolean
6369 secretRef:
6370 description: |-
6371 secretRef is optional: points to a secret object containing parameters used to connect
6372 to OpenStack.
6373 properties:
6374 name:
6375 default: ""
6376 description: |-
6377 Name of the referent.
6378 This field is effectively required, but due to backwards compatibility is
6379 allowed to be empty. Instances of this type with an empty value here are
6380 almost certainly wrong.
6381 TODO: Add other useful fields. apiVersion, kind, uid?
6382 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6383 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6384 type: string
6385 type: object
6386 x-kubernetes-map-type: atomic
6387 volumeID:
6388 description: |-
6389 volumeID used to identify the volume in cinder.
6390 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6391 type: string
6392 required:
6393 - volumeID
6394 type: object
6395 configMap:
6396 description: configMap represents a configMap that should populate
6397 this volume
6398 properties:
6399 defaultMode:
6400 description: |-
6401 defaultMode is optional: mode bits used to set permissions on created files by default.
6402 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6403 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6404 Defaults to 0644.
6405 Directories within the path are not affected by this setting.
6406 This might be in conflict with other options that affect the file
6407 mode, like fsGroup, and the result can be other mode bits set.
6408 format: int32
6409 type: integer
6410 items:
6411 description: |-
6412 items if unspecified, each key-value pair in the Data field of the referenced
6413 ConfigMap will be projected into the volume as a file whose name is the
6414 key and content is the value. If specified, the listed keys will be
6415 projected into the specified paths, and unlisted keys will not be
6416 present. If a key is specified which is not present in the ConfigMap,
6417 the volume setup will error unless it is marked optional. Paths must be
6418 relative and may not contain the '..' path or start with '..'.
6419 items:
6420 description: Maps a string key to a path within a volume.
6421 properties:
6422 key:
6423 description: key is the key to project.
6424 type: string
6425 mode:
6426 description: |-
6427 mode is Optional: mode bits used to set permissions on this file.
6428 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6429 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6430 If not specified, the volume defaultMode will be used.
6431 This might be in conflict with other options that affect the file
6432 mode, like fsGroup, and the result can be other mode bits set.
6433 format: int32
6434 type: integer
6435 path:
6436 description: |-
6437 path is the relative path of the file to map the key to.
6438 May not be an absolute path.
6439 May not contain the path element '..'.
6440 May not start with the string '..'.
6441 type: string
6442 required:
6443 - key
6444 - path
6445 type: object
6446 type: array
6447 x-kubernetes-list-type: atomic
6448 name:
6449 default: ""
6450 description: |-
6451 Name of the referent.
6452 This field is effectively required, but due to backwards compatibility is
6453 allowed to be empty. Instances of this type with an empty value here are
6454 almost certainly wrong.
6455 TODO: Add other useful fields. apiVersion, kind, uid?
6456 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6457 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6458 type: string
6459 optional:
6460 description: optional specify whether the ConfigMap or its
6461 keys must be defined
6462 type: boolean
6463 type: object
6464 x-kubernetes-map-type: atomic
6465 csi:
6466 description: csi (Container Storage Interface) represents ephemeral
6467 storage that is handled by certain external CSI drivers (Beta
6468 feature).
6469 properties:
6470 driver:
6471 description: |-
6472 driver is the name of the CSI driver that handles this volume.
6473 Consult with your admin for the correct name as registered in the cluster.
6474 type: string
6475 fsType:
6476 description: |-
6477 fsType to mount. Ex. "ext4", "xfs", "ntfs".
6478 If not provided, the empty value is passed to the associated CSI driver
6479 which will determine the default filesystem to apply.
6480 type: string
6481 nodePublishSecretRef:
6482 description: |-
6483 nodePublishSecretRef is a reference to the secret object containing
6484 sensitive information to pass to the CSI driver to complete the CSI
6485 NodePublishVolume and NodeUnpublishVolume calls.
6486 This field is optional, and may be empty if no secret is required. If the
6487 secret object contains more than one secret, all secret references are passed.
6488 properties:
6489 name:
6490 default: ""
6491 description: |-
6492 Name of the referent.
6493 This field is effectively required, but due to backwards compatibility is
6494 allowed to be empty. Instances of this type with an empty value here are
6495 almost certainly wrong.
6496 TODO: Add other useful fields. apiVersion, kind, uid?
6497 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6498 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6499 type: string
6500 type: object
6501 x-kubernetes-map-type: atomic
6502 readOnly:
6503 description: |-
6504 readOnly specifies a read-only configuration for the volume.
6505 Defaults to false (read/write).
6506 type: boolean
6507 volumeAttributes:
6508 additionalProperties:
6509 type: string
6510 description: |-
6511 volumeAttributes stores driver-specific properties that are passed to the CSI
6512 driver. Consult your driver's documentation for supported values.
6513 type: object
6514 required:
6515 - driver
6516 type: object
6517 downwardAPI:
6518 description: downwardAPI represents downward API about the pod
6519 that should populate this volume
6520 properties:
6521 defaultMode:
6522 description: |-
6523 Optional: mode bits to use on created files by default. Must be a
6524 Optional: mode bits used to set permissions on created files by default.
6525 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6526 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6527 Defaults to 0644.
6528 Directories within the path are not affected by this setting.
6529 This might be in conflict with other options that affect the file
6530 mode, like fsGroup, and the result can be other mode bits set.
6531 format: int32
6532 type: integer
6533 items:
6534 description: Items is a list of downward API volume file
6535 items:
6536 description: DownwardAPIVolumeFile represents information
6537 to create the file containing the pod field
6538 properties:
6539 fieldRef:
6540 description: 'Required: Selects a field of the pod:
6541 only annotations, labels, name, namespace and uid
6542 are supported.'
6543 properties:
6544 apiVersion:
6545 description: Version of the schema the FieldPath
6546 is written in terms of, defaults to "v1".
6547 type: string
6548 fieldPath:
6549 description: Path of the field to select in the
6550 specified API version.
6551 type: string
6552 required:
6553 - fieldPath
6554 type: object
6555 x-kubernetes-map-type: atomic
6556 mode:
6557 description: |-
6558 Optional: mode bits used to set permissions on this file, must be an octal value
6559 between 0000 and 0777 or a decimal value between 0 and 511.
6560 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6561 If not specified, the volume defaultMode will be used.
6562 This might be in conflict with other options that affect the file
6563 mode, like fsGroup, and the result can be other mode bits set.
6564 format: int32
6565 type: integer
6566 path:
6567 description: 'Required: Path is the relative path
6568 name of the file to be created. Must not be absolute
6569 or contain the ''..'' path. Must be utf-8 encoded.
6570 The first item of the relative path must not start
6571 with ''..'''
6572 type: string
6573 resourceFieldRef:
6574 description: |-
6575 Selects a resource of the container: only resources limits and requests
6576 (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
6577 properties:
6578 containerName:
6579 description: 'Container name: required for volumes,
6580 optional for env vars'
6581 type: string
6582 divisor:
6583 anyOf:
6584 - type: integer
6585 - type: string
6586 description: Specifies the output format of the
6587 exposed resources, defaults to "1"
6588 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6589 x-kubernetes-int-or-string: true
6590 resource:
6591 description: 'Required: resource to select'
6592 type: string
6593 required:
6594 - resource
6595 type: object
6596 x-kubernetes-map-type: atomic
6597 required:
6598 - path
6599 type: object
6600 type: array
6601 x-kubernetes-list-type: atomic
6602 type: object
6603 emptyDir:
6604 description: |-
6605 emptyDir represents a temporary directory that shares a pod's lifetime.
6606 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
6607 properties:
6608 medium:
6609 description: |-
6610 medium represents what type of storage medium should back this directory.
6611 The default is "" which means to use the node's default medium.
6612 Must be an empty string (default) or Memory.
6613 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
6614 type: string
6615 sizeLimit:
6616 anyOf:
6617 - type: integer
6618 - type: string
6619 description: |-
6620 sizeLimit is the total amount of local storage required for this EmptyDir volume.
6621 The size limit is also applicable for memory medium.
6622 The maximum usage on memory medium EmptyDir would be the minimum value between
6623 the SizeLimit specified here and the sum of memory limits of all containers in a pod.
6624 The default is nil which means that the limit is undefined.
6625 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
6626 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6627 x-kubernetes-int-or-string: true
6628 type: object
6629 ephemeral:
6630 description: |-
6631 ephemeral represents a volume that is handled by a cluster storage driver.
6632 The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
6633 and deleted when the pod is removed.
6634
6635
6636 Use this if:
6637 a) the volume is only needed while the pod runs,
6638 b) features of normal volumes like restoring from snapshot or capacity
6639 tracking are needed,
6640 c) the storage driver is specified through a storage class, and
6641 d) the storage driver supports dynamic volume provisioning through
6642 a PersistentVolumeClaim (see EphemeralVolumeSource for more
6643 information on the connection between this volume type
6644 and PersistentVolumeClaim).
6645
6646
6647 Use PersistentVolumeClaim or one of the vendor-specific
6648 APIs for volumes that persist for longer than the lifecycle
6649 of an individual pod.
6650
6651
6652 Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
6653 be used that way - see the documentation of the driver for
6654 more information.
6655
6656
6657 A pod can use both types of ephemeral volumes and
6658 persistent volumes at the same time.
6659 properties:
6660 volumeClaimTemplate:
6661 description: |-
6662 Will be used to create a stand-alone PVC to provision the volume.
6663 The pod in which this EphemeralVolumeSource is embedded will be the
6664 owner of the PVC, i.e. the PVC will be deleted together with the
6665 pod. The name of the PVC will be `<pod name>-<volume name>` where
6666 `<volume name>` is the name from the `PodSpec.Volumes` array
6667 entry. Pod validation will reject the pod if the concatenated name
6668 is not valid for a PVC (for example, too long).
6669
6670
6671 An existing PVC with that name that is not owned by the pod
6672 will *not* be used for the pod to avoid using an unrelated
6673 volume by mistake. Starting the pod is then blocked until
6674 the unrelated PVC is removed. If such a pre-created PVC is
6675 meant to be used by the pod, the PVC has to updated with an
6676 owner reference to the pod once the pod exists. Normally
6677 this should not be necessary, but it may be useful when
6678 manually reconstructing a broken cluster.
6679
6680
6681 This field is read-only and no changes will be made by Kubernetes
6682 to the PVC after it has been created.
6683
6684
6685 Required, must not be nil.
6686 properties:
6687 metadata:
6688 description: |-
6689 May contain labels and annotations that will be copied into the PVC
6690 when creating it. No other fields are allowed and will be rejected during
6691 validation.
6692 properties:
6693 annotations:
6694 additionalProperties:
6695 type: string
6696 type: object
6697 finalizers:
6698 items:
6699 type: string
6700 type: array
6701 labels:
6702 additionalProperties:
6703 type: string
6704 type: object
6705 name:
6706 type: string
6707 namespace:
6708 type: string
6709 type: object
6710 spec:
6711 description: |-
6712 The specification for the PersistentVolumeClaim. The entire content is
6713 copied unchanged into the PVC that gets created from this
6714 template. The same fields as in a PersistentVolumeClaim
6715 are also valid here.
6716 properties:
6717 accessModes:
6718 description: |-
6719 accessModes contains the desired access modes the volume should have.
6720 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
6721 items:
6722 type: string
6723 type: array
6724 x-kubernetes-list-type: atomic
6725 dataSource:
6726 description: |-
6727 dataSource field can be used to specify either:
6728 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
6729 * An existing PVC (PersistentVolumeClaim)
6730 If the provisioner or an external controller can support the specified data source,
6731 it will create a new volume based on the contents of the specified data source.
6732 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
6733 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
6734 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
6735 properties:
6736 apiGroup:
6737 description: |-
6738 APIGroup is the group for the resource being referenced.
6739 If APIGroup is not specified, the specified Kind must be in the core API group.
6740 For any other third-party types, APIGroup is required.
6741 type: string
6742 kind:
6743 description: Kind is the type of resource being
6744 referenced
6745 type: string
6746 name:
6747 description: Name is the name of resource being
6748 referenced
6749 type: string
6750 required:
6751 - kind
6752 - name
6753 type: object
6754 x-kubernetes-map-type: atomic
6755 dataSourceRef:
6756 description: |-
6757 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
6758 volume is desired. This may be any object from a non-empty API group (non
6759 core object) or a PersistentVolumeClaim object.
6760 When this field is specified, volume binding will only succeed if the type of
6761 the specified object matches some installed volume populator or dynamic
6762 provisioner.
6763 This field will replace the functionality of the dataSource field and as such
6764 if both fields are non-empty, they must have the same value. For backwards
6765 compatibility, when namespace isn't specified in dataSourceRef,
6766 both fields (dataSource and dataSourceRef) will be set to the same
6767 value automatically if one of them is empty and the other is non-empty.
6768 When namespace is specified in dataSourceRef,
6769 dataSource isn't set to the same value and must be empty.
6770 There are three important differences between dataSource and dataSourceRef:
6771 * While dataSource only allows two specific types of objects, dataSourceRef
6772 allows any non-core object, as well as PersistentVolumeClaim objects.
6773 * While dataSource ignores disallowed values (dropping them), dataSourceRef
6774 preserves all values, and generates an error if a disallowed value is
6775 specified.
6776 * While dataSource only allows local objects, dataSourceRef allows objects
6777 in any namespaces.
6778 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
6779 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
6780 properties:
6781 apiGroup:
6782 description: |-
6783 APIGroup is the group for the resource being referenced.
6784 If APIGroup is not specified, the specified Kind must be in the core API group.
6785 For any other third-party types, APIGroup is required.
6786 type: string
6787 kind:
6788 description: Kind is the type of resource being
6789 referenced
6790 type: string
6791 name:
6792 description: Name is the name of resource being
6793 referenced
6794 type: string
6795 namespace:
6796 description: |-
6797 Namespace is the namespace of resource being referenced
6798 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
6799 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
6800 type: string
6801 required:
6802 - kind
6803 - name
6804 type: object
6805 resources:
6806 description: |-
6807 resources represents the minimum resources the volume should have.
6808 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
6809 that are lower than previous value but must still be higher than capacity recorded in the
6810 status field of the claim.
6811 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
6812 properties:
6813 limits:
6814 additionalProperties:
6815 anyOf:
6816 - type: integer
6817 - type: string
6818 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6819 x-kubernetes-int-or-string: true
6820 description: |-
6821 Limits describes the maximum amount of compute resources allowed.
6822 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
6823 type: object
6824 requests:
6825 additionalProperties:
6826 anyOf:
6827 - type: integer
6828 - type: string
6829 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6830 x-kubernetes-int-or-string: true
6831 description: |-
6832 Requests describes the minimum amount of compute resources required.
6833 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
6834 otherwise to an implementation-defined value. Requests cannot exceed Limits.
6835 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
6836 type: object
6837 type: object
6838 selector:
6839 description: selector is a label query over volumes
6840 to consider for binding.
6841 properties:
6842 matchExpressions:
6843 description: matchExpressions is a list of label
6844 selector requirements. The requirements are
6845 ANDed.
6846 items:
6847 description: |-
6848 A label selector requirement is a selector that contains values, a key, and an operator that
6849 relates the key and values.
6850 properties:
6851 key:
6852 description: key is the label key that
6853 the selector applies to.
6854 type: string
6855 operator:
6856 description: |-
6857 operator represents a key's relationship to a set of values.
6858 Valid operators are In, NotIn, Exists and DoesNotExist.
6859 type: string
6860 values:
6861 description: |-
6862 values is an array of string values. If the operator is In or NotIn,
6863 the values array must be non-empty. If the operator is Exists or DoesNotExist,
6864 the values array must be empty. This array is replaced during a strategic
6865 merge patch.
6866 items:
6867 type: string
6868 type: array
6869 x-kubernetes-list-type: atomic
6870 required:
6871 - key
6872 - operator
6873 type: object
6874 type: array
6875 x-kubernetes-list-type: atomic
6876 matchLabels:
6877 additionalProperties:
6878 type: string
6879 description: |-
6880 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
6881 map is equivalent to an element of matchExpressions, whose key field is "key", the
6882 operator is "In", and the values array contains only "value". The requirements are ANDed.
6883 type: object
6884 type: object
6885 x-kubernetes-map-type: atomic
6886 storageClassName:
6887 description: |-
6888 storageClassName is the name of the StorageClass required by the claim.
6889 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
6890 type: string
6891 volumeAttributesClassName:
6892 description: |-
6893 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
6894 If specified, the CSI driver will create or update the volume with the attributes defined
6895 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
6896 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
6897 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
6898 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
6899 will be set by the persistentvolume controller if it exists.
6900 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
6901 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
6902 exists.
6903 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
6904 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
6905 type: string
6906 volumeMode:
6907 description: |-
6908 volumeMode defines what type of volume is required by the claim.
6909 Value of Filesystem is implied when not included in claim spec.
6910 type: string
6911 volumeName:
6912 description: volumeName is the binding reference
6913 to the PersistentVolume backing this claim.
6914 type: string
6915 type: object
6916 required:
6917 - spec
6918 type: object
6919 type: object
6920 fc:
6921 description: fc represents a Fibre Channel resource that is
6922 attached to a kubelet's host machine and then exposed to the
6923 pod.
6924 properties:
6925 fsType:
6926 description: |-
6927 fsType is the filesystem type to mount.
6928 Must be a filesystem type supported by the host operating system.
6929 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6930 TODO: how do we prevent errors in the filesystem from compromising the machine
6931 type: string
6932 lun:
6933 description: 'lun is Optional: FC target lun number'
6934 format: int32
6935 type: integer
6936 readOnly:
6937 description: |-
6938 readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
6939 the ReadOnly setting in VolumeMounts.
6940 type: boolean
6941 targetWWNs:
6942 description: 'targetWWNs is Optional: FC target worldwide
6943 names (WWNs)'
6944 items:
6945 type: string
6946 type: array
6947 x-kubernetes-list-type: atomic
6948 wwids:
6949 description: |-
6950 wwids Optional: FC volume world wide identifiers (wwids)
6951 Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
6952 items:
6953 type: string
6954 type: array
6955 x-kubernetes-list-type: atomic
6956 type: object
6957 flexVolume:
6958 description: |-
6959 flexVolume represents a generic volume resource that is
6960 provisioned/attached using an exec based plugin.
6961 properties:
6962 driver:
6963 description: driver is the name of the driver to use for
6964 this volume.
6965 type: string
6966 fsType:
6967 description: |-
6968 fsType is the filesystem type to mount.
6969 Must be a filesystem type supported by the host operating system.
6970 Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
6971 type: string
6972 options:
6973 additionalProperties:
6974 type: string
6975 description: 'options is Optional: this field holds extra
6976 command options if any.'
6977 type: object
6978 readOnly:
6979 description: |-
6980 readOnly is Optional: defaults to false (read/write). ReadOnly here will force
6981 the ReadOnly setting in VolumeMounts.
6982 type: boolean
6983 secretRef:
6984 description: |-
6985 secretRef is Optional: secretRef is reference to the secret object containing
6986 sensitive information to pass to the plugin scripts. This may be
6987 empty if no secret object is specified. If the secret object
6988 contains more than one secret, all secrets are passed to the plugin
6989 scripts.
6990 properties:
6991 name:
6992 default: ""
6993 description: |-
6994 Name of the referent.
6995 This field is effectively required, but due to backwards compatibility is
6996 allowed to be empty. Instances of this type with an empty value here are
6997 almost certainly wrong.
6998 TODO: Add other useful fields. apiVersion, kind, uid?
6999 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7000 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7001 type: string
7002 type: object
7003 x-kubernetes-map-type: atomic
7004 required:
7005 - driver
7006 type: object
7007 flocker:
7008 description: flocker represents a Flocker volume attached to
7009 a kubelet's host machine. This depends on the Flocker control
7010 service being running
7011 properties:
7012 datasetName:
7013 description: |-
7014 datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
7015 should be considered as deprecated
7016 type: string
7017 datasetUUID:
7018 description: datasetUUID is the UUID of the dataset. This
7019 is unique identifier of a Flocker dataset
7020 type: string
7021 type: object
7022 gcePersistentDisk:
7023 description: |-
7024 gcePersistentDisk represents a GCE Disk resource that is attached to a
7025 kubelet's host machine and then exposed to the pod.
7026 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7027 properties:
7028 fsType:
7029 description: |-
7030 fsType is filesystem type of the volume that you want to mount.
7031 Tip: Ensure that the filesystem type is supported by the host operating system.
7032 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7033 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7034 TODO: how do we prevent errors in the filesystem from compromising the machine
7035 type: string
7036 partition:
7037 description: |-
7038 partition is the partition in the volume that you want to mount.
7039 If omitted, the default is to mount by volume name.
7040 Examples: For volume /dev/sda1, you specify the partition as "1".
7041 Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
7042 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7043 format: int32
7044 type: integer
7045 pdName:
7046 description: |-
7047 pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
7048 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7049 type: string
7050 readOnly:
7051 description: |-
7052 readOnly here will force the ReadOnly setting in VolumeMounts.
7053 Defaults to false.
7054 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
7055 type: boolean
7056 required:
7057 - pdName
7058 type: object
7059 gitRepo:
7060 description: |-
7061 gitRepo represents a git repository at a particular revision.
7062 DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
7063 EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
7064 into the Pod's container.
7065 properties:
7066 directory:
7067 description: |-
7068 directory is the target directory name.
7069 Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
7070 git repository. Otherwise, if specified, the volume will contain the git repository in
7071 the subdirectory with the given name.
7072 type: string
7073 repository:
7074 description: repository is the URL
7075 type: string
7076 revision:
7077 description: revision is the commit hash for the specified
7078 revision.
7079 type: string
7080 required:
7081 - repository
7082 type: object
7083 glusterfs:
7084 description: |-
7085 glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
7086 More info: https://examples.k8s.io/volumes/glusterfs/README.md
7087 properties:
7088 endpoints:
7089 description: |-
7090 endpoints is the endpoint name that details Glusterfs topology.
7091 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
7092 type: string
7093 path:
7094 description: |-
7095 path is the Glusterfs volume path.
7096 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
7097 type: string
7098 readOnly:
7099 description: |-
7100 readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
7101 Defaults to false.
7102 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
7103 type: boolean
7104 required:
7105 - endpoints
7106 - path
7107 type: object
7108 hostPath:
7109 description: |-
7110 hostPath represents a pre-existing file or directory on the host
7111 machine that is directly exposed to the container. This is generally
7112 used for system agents or other privileged things that are allowed
7113 to see the host machine. Most containers will NOT need this.
7114 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
7115 ---
7116 TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
7117 mount host directories as read/write.
7118 properties:
7119 path:
7120 description: |-
7121 path of the directory on the host.
7122 If the path is a symlink, it will follow the link to the real path.
7123 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
7124 type: string
7125 type:
7126 description: |-
7127 type for HostPath Volume
7128 Defaults to ""
7129 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
7130 type: string
7131 required:
7132 - path
7133 type: object
7134 iscsi:
7135 description: |-
7136 iscsi represents an ISCSI Disk resource that is attached to a
7137 kubelet's host machine and then exposed to the pod.
7138 More info: https://examples.k8s.io/volumes/iscsi/README.md
7139 properties:
7140 chapAuthDiscovery:
7141 description: chapAuthDiscovery defines whether support iSCSI
7142 Discovery CHAP authentication
7143 type: boolean
7144 chapAuthSession:
7145 description: chapAuthSession defines whether support iSCSI
7146 Session CHAP authentication
7147 type: boolean
7148 fsType:
7149 description: |-
7150 fsType is the filesystem type of the volume that you want to mount.
7151 Tip: Ensure that the filesystem type is supported by the host operating system.
7152 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7153 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
7154 TODO: how do we prevent errors in the filesystem from compromising the machine
7155 type: string
7156 initiatorName:
7157 description: |-
7158 initiatorName is the custom iSCSI Initiator Name.
7159 If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
7160 <target portal>:<volume name> will be created for the connection.
7161 type: string
7162 iqn:
7163 description: iqn is the target iSCSI Qualified Name.
7164 type: string
7165 iscsiInterface:
7166 description: |-
7167 iscsiInterface is the interface Name that uses an iSCSI transport.
7168 Defaults to 'default' (tcp).
7169 type: string
7170 lun:
7171 description: lun represents iSCSI Target Lun number.
7172 format: int32
7173 type: integer
7174 portals:
7175 description: |-
7176 portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
7177 is other than default (typically TCP ports 860 and 3260).
7178 items:
7179 type: string
7180 type: array
7181 x-kubernetes-list-type: atomic
7182 readOnly:
7183 description: |-
7184 readOnly here will force the ReadOnly setting in VolumeMounts.
7185 Defaults to false.
7186 type: boolean
7187 secretRef:
7188 description: secretRef is the CHAP Secret for iSCSI target
7189 and initiator authentication
7190 properties:
7191 name:
7192 default: ""
7193 description: |-
7194 Name of the referent.
7195 This field is effectively required, but due to backwards compatibility is
7196 allowed to be empty. Instances of this type with an empty value here are
7197 almost certainly wrong.
7198 TODO: Add other useful fields. apiVersion, kind, uid?
7199 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7200 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7201 type: string
7202 type: object
7203 x-kubernetes-map-type: atomic
7204 targetPortal:
7205 description: |-
7206 targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
7207 is other than default (typically TCP ports 860 and 3260).
7208 type: string
7209 required:
7210 - iqn
7211 - lun
7212 - targetPortal
7213 type: object
7214 name:
7215 description: |-
7216 name of the volume.
7217 Must be a DNS_LABEL and unique within the pod.
7218 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7219 type: string
7220 nfs:
7221 description: |-
7222 nfs represents an NFS mount on the host that shares a pod's lifetime
7223 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7224 properties:
7225 path:
7226 description: |-
7227 path that is exported by the NFS server.
7228 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7229 type: string
7230 readOnly:
7231 description: |-
7232 readOnly here will force the NFS export to be mounted with read-only permissions.
7233 Defaults to false.
7234 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7235 type: boolean
7236 server:
7237 description: |-
7238 server is the hostname or IP address of the NFS server.
7239 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
7240 type: string
7241 required:
7242 - path
7243 - server
7244 type: object
7245 persistentVolumeClaim:
7246 description: |-
7247 persistentVolumeClaimVolumeSource represents a reference to a
7248 PersistentVolumeClaim in the same namespace.
7249 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
7250 properties:
7251 claimName:
7252 description: |-
7253 claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
7254 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
7255 type: string
7256 readOnly:
7257 description: |-
7258 readOnly Will force the ReadOnly setting in VolumeMounts.
7259 Default false.
7260 type: boolean
7261 required:
7262 - claimName
7263 type: object
7264 photonPersistentDisk:
7265 description: photonPersistentDisk represents a PhotonController
7266 persistent disk attached and mounted on kubelets host machine
7267 properties:
7268 fsType:
7269 description: |-
7270 fsType is the filesystem type to mount.
7271 Must be a filesystem type supported by the host operating system.
7272 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7273 type: string
7274 pdID:
7275 description: pdID is the ID that identifies Photon Controller
7276 persistent disk
7277 type: string
7278 required:
7279 - pdID
7280 type: object
7281 portworxVolume:
7282 description: portworxVolume represents a portworx volume attached
7283 and mounted on kubelets host machine
7284 properties:
7285 fsType:
7286 description: |-
7287 fSType represents the filesystem type to mount
7288 Must be a filesystem type supported by the host operating system.
7289 Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
7290 type: string
7291 readOnly:
7292 description: |-
7293 readOnly defaults to false (read/write). ReadOnly here will force
7294 the ReadOnly setting in VolumeMounts.
7295 type: boolean
7296 volumeID:
7297 description: volumeID uniquely identifies a Portworx volume
7298 type: string
7299 required:
7300 - volumeID
7301 type: object
7302 projected:
7303 description: projected items for all in one resources secrets,
7304 configmaps, and downward API
7305 properties:
7306 defaultMode:
7307 description: |-
7308 defaultMode are the mode bits used to set permissions on created files by default.
7309 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7310 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7311 Directories within the path are not affected by this setting.
7312 This might be in conflict with other options that affect the file
7313 mode, like fsGroup, and the result can be other mode bits set.
7314 format: int32
7315 type: integer
7316 sources:
7317 description: sources is the list of volume projections
7318 items:
7319 description: Projection that may be projected along with
7320 other supported volume types
7321 properties:
7322 clusterTrustBundle:
7323 description: |-
7324 ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
7325 of ClusterTrustBundle objects in an auto-updating file.
7326
7327
7328 Alpha, gated by the ClusterTrustBundleProjection feature gate.
7329
7330
7331 ClusterTrustBundle objects can either be selected by name, or by the
7332 combination of signer name and a label selector.
7333
7334
7335 Kubelet performs aggressive normalization of the PEM contents written
7336 into the pod filesystem. Esoteric PEM features such as inter-block
7337 comments and block headers are stripped. Certificates are deduplicated.
7338 The ordering of certificates within the file is arbitrary, and Kubelet
7339 may change the order over time.
7340 properties:
7341 labelSelector:
7342 description: |-
7343 Select all ClusterTrustBundles that match this label selector. Only has
7344 effect if signerName is set. Mutually-exclusive with name. If unset,
7345 interpreted as "match nothing". If set but empty, interpreted as "match
7346 everything".
7347 properties:
7348 matchExpressions:
7349 description: matchExpressions is a list of
7350 label selector requirements. The requirements
7351 are ANDed.
7352 items:
7353 description: |-
7354 A label selector requirement is a selector that contains values, a key, and an operator that
7355 relates the key and values.
7356 properties:
7357 key:
7358 description: key is the label key that
7359 the selector applies to.
7360 type: string
7361 operator:
7362 description: |-
7363 operator represents a key's relationship to a set of values.
7364 Valid operators are In, NotIn, Exists and DoesNotExist.
7365 type: string
7366 values:
7367 description: |-
7368 values is an array of string values. If the operator is In or NotIn,
7369 the values array must be non-empty. If the operator is Exists or DoesNotExist,
7370 the values array must be empty. This array is replaced during a strategic
7371 merge patch.
7372 items:
7373 type: string
7374 type: array
7375 x-kubernetes-list-type: atomic
7376 required:
7377 - key
7378 - operator
7379 type: object
7380 type: array
7381 x-kubernetes-list-type: atomic
7382 matchLabels:
7383 additionalProperties:
7384 type: string
7385 description: |-
7386 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
7387 map is equivalent to an element of matchExpressions, whose key field is "key", the
7388 operator is "In", and the values array contains only "value". The requirements are ANDed.
7389 type: object
7390 type: object
7391 x-kubernetes-map-type: atomic
7392 name:
7393 description: |-
7394 Select a single ClusterTrustBundle by object name. Mutually-exclusive
7395 with signerName and labelSelector.
7396 type: string
7397 optional:
7398 description: |-
7399 If true, don't block pod startup if the referenced ClusterTrustBundle(s)
7400 aren't available. If using name, then the named ClusterTrustBundle is
7401 allowed not to exist. If using signerName, then the combination of
7402 signerName and labelSelector is allowed to match zero
7403 ClusterTrustBundles.
7404 type: boolean
7405 path:
7406 description: Relative path from the volume root
7407 to write the bundle.
7408 type: string
7409 signerName:
7410 description: |-
7411 Select all ClusterTrustBundles that match this signer name.
7412 Mutually-exclusive with name. The contents of all selected
7413 ClusterTrustBundles will be unified and deduplicated.
7414 type: string
7415 required:
7416 - path
7417 type: object
7418 configMap:
7419 description: configMap information about the configMap
7420 data to project
7421 properties:
7422 items:
7423 description: |-
7424 items if unspecified, each key-value pair in the Data field of the referenced
7425 ConfigMap will be projected into the volume as a file whose name is the
7426 key and content is the value. If specified, the listed keys will be
7427 projected into the specified paths, and unlisted keys will not be
7428 present. If a key is specified which is not present in the ConfigMap,
7429 the volume setup will error unless it is marked optional. Paths must be
7430 relative and may not contain the '..' path or start with '..'.
7431 items:
7432 description: Maps a string key to a path within
7433 a volume.
7434 properties:
7435 key:
7436 description: key is the key to project.
7437 type: string
7438 mode:
7439 description: |-
7440 mode is Optional: mode bits used to set permissions on this file.
7441 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7442 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7443 If not specified, the volume defaultMode will be used.
7444 This might be in conflict with other options that affect the file
7445 mode, like fsGroup, and the result can be other mode bits set.
7446 format: int32
7447 type: integer
7448 path:
7449 description: |-
7450 path is the relative path of the file to map the key to.
7451 May not be an absolute path.
7452 May not contain the path element '..'.
7453 May not start with the string '..'.
7454 type: string
7455 required:
7456 - key
7457 - path
7458 type: object
7459 type: array
7460 x-kubernetes-list-type: atomic
7461 name:
7462 default: ""
7463 description: |-
7464 Name of the referent.
7465 This field is effectively required, but due to backwards compatibility is
7466 allowed to be empty. Instances of this type with an empty value here are
7467 almost certainly wrong.
7468 TODO: Add other useful fields. apiVersion, kind, uid?
7469 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7470 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7471 type: string
7472 optional:
7473 description: optional specify whether the ConfigMap
7474 or its keys must be defined
7475 type: boolean
7476 type: object
7477 x-kubernetes-map-type: atomic
7478 downwardAPI:
7479 description: downwardAPI information about the downwardAPI
7480 data to project
7481 properties:
7482 items:
7483 description: Items is a list of DownwardAPIVolume
7484 file
7485 items:
7486 description: DownwardAPIVolumeFile represents
7487 information to create the file containing
7488 the pod field
7489 properties:
7490 fieldRef:
7491 description: 'Required: Selects a field
7492 of the pod: only annotations, labels,
7493 name, namespace and uid are supported.'
7494 properties:
7495 apiVersion:
7496 description: Version of the schema the
7497 FieldPath is written in terms of,
7498 defaults to "v1".
7499 type: string
7500 fieldPath:
7501 description: Path of the field to select
7502 in the specified API version.
7503 type: string
7504 required:
7505 - fieldPath
7506 type: object
7507 x-kubernetes-map-type: atomic
7508 mode:
7509 description: |-
7510 Optional: mode bits used to set permissions on this file, must be an octal value
7511 between 0000 and 0777 or a decimal value between 0 and 511.
7512 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7513 If not specified, the volume defaultMode will be used.
7514 This might be in conflict with other options that affect the file
7515 mode, like fsGroup, and the result can be other mode bits set.
7516 format: int32
7517 type: integer
7518 path:
7519 description: 'Required: Path is the relative
7520 path name of the file to be created. Must
7521 not be absolute or contain the ''..''
7522 path. Must be utf-8 encoded. The first
7523 item of the relative path must not start
7524 with ''..'''
7525 type: string
7526 resourceFieldRef:
7527 description: |-
7528 Selects a resource of the container: only resources limits and requests
7529 (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
7530 properties:
7531 containerName:
7532 description: 'Container name: required
7533 for volumes, optional for env vars'
7534 type: string
7535 divisor:
7536 anyOf:
7537 - type: integer
7538 - type: string
7539 description: Specifies the output format
7540 of the exposed resources, defaults
7541 to "1"
7542 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7543 x-kubernetes-int-or-string: true
7544 resource:
7545 description: 'Required: resource to
7546 select'
7547 type: string
7548 required:
7549 - resource
7550 type: object
7551 x-kubernetes-map-type: atomic
7552 required:
7553 - path
7554 type: object
7555 type: array
7556 x-kubernetes-list-type: atomic
7557 type: object
7558 secret:
7559 description: secret information about the secret data
7560 to project
7561 properties:
7562 items:
7563 description: |-
7564 items if unspecified, each key-value pair in the Data field of the referenced
7565 Secret will be projected into the volume as a file whose name is the
7566 key and content is the value. If specified, the listed keys will be
7567 projected into the specified paths, and unlisted keys will not be
7568 present. If a key is specified which is not present in the Secret,
7569 the volume setup will error unless it is marked optional. Paths must be
7570 relative and may not contain the '..' path or start with '..'.
7571 items:
7572 description: Maps a string key to a path within
7573 a volume.
7574 properties:
7575 key:
7576 description: key is the key to project.
7577 type: string
7578 mode:
7579 description: |-
7580 mode is Optional: mode bits used to set permissions on this file.
7581 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7582 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7583 If not specified, the volume defaultMode will be used.
7584 This might be in conflict with other options that affect the file
7585 mode, like fsGroup, and the result can be other mode bits set.
7586 format: int32
7587 type: integer
7588 path:
7589 description: |-
7590 path is the relative path of the file to map the key to.
7591 May not be an absolute path.
7592 May not contain the path element '..'.
7593 May not start with the string '..'.
7594 type: string
7595 required:
7596 - key
7597 - path
7598 type: object
7599 type: array
7600 x-kubernetes-list-type: atomic
7601 name:
7602 default: ""
7603 description: |-
7604 Name of the referent.
7605 This field is effectively required, but due to backwards compatibility is
7606 allowed to be empty. Instances of this type with an empty value here are
7607 almost certainly wrong.
7608 TODO: Add other useful fields. apiVersion, kind, uid?
7609 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7610 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7611 type: string
7612 optional:
7613 description: optional field specify whether the
7614 Secret or its key must be defined
7615 type: boolean
7616 type: object
7617 x-kubernetes-map-type: atomic
7618 serviceAccountToken:
7619 description: serviceAccountToken is information about
7620 the serviceAccountToken data to project
7621 properties:
7622 audience:
7623 description: |-
7624 audience is the intended audience of the token. A recipient of a token
7625 must identify itself with an identifier specified in the audience of the
7626 token, and otherwise should reject the token. The audience defaults to the
7627 identifier of the apiserver.
7628 type: string
7629 expirationSeconds:
7630 description: |-
7631 expirationSeconds is the requested duration of validity of the service
7632 account token. As the token approaches expiration, the kubelet volume
7633 plugin will proactively rotate the service account token. The kubelet will
7634 start trying to rotate the token if the token is older than 80 percent of
7635 its time to live or if the token is older than 24 hours.Defaults to 1 hour
7636 and must be at least 10 minutes.
7637 format: int64
7638 type: integer
7639 path:
7640 description: |-
7641 path is the path relative to the mount point of the file to project the
7642 token into.
7643 type: string
7644 required:
7645 - path
7646 type: object
7647 type: object
7648 type: array
7649 x-kubernetes-list-type: atomic
7650 type: object
7651 quobyte:
7652 description: quobyte represents a Quobyte mount on the host
7653 that shares a pod's lifetime
7654 properties:
7655 group:
7656 description: |-
7657 group to map volume access to
7658 Default is no group
7659 type: string
7660 readOnly:
7661 description: |-
7662 readOnly here will force the Quobyte volume to be mounted with read-only permissions.
7663 Defaults to false.
7664 type: boolean
7665 registry:
7666 description: |-
7667 registry represents a single or multiple Quobyte Registry services
7668 specified as a string as host:port pair (multiple entries are separated with commas)
7669 which acts as the central registry for volumes
7670 type: string
7671 tenant:
7672 description: |-
7673 tenant owning the given Quobyte volume in the Backend
7674 Used with dynamically provisioned Quobyte volumes, value is set by the plugin
7675 type: string
7676 user:
7677 description: |-
7678 user to map volume access to
7679 Defaults to serivceaccount user
7680 type: string
7681 volume:
7682 description: volume is a string that references an already
7683 created Quobyte volume by name.
7684 type: string
7685 required:
7686 - registry
7687 - volume
7688 type: object
7689 rbd:
7690 description: |-
7691 rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
7692 More info: https://examples.k8s.io/volumes/rbd/README.md
7693 properties:
7694 fsType:
7695 description: |-
7696 fsType is the filesystem type of the volume that you want to mount.
7697 Tip: Ensure that the filesystem type is supported by the host operating system.
7698 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7699 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
7700 TODO: how do we prevent errors in the filesystem from compromising the machine
7701 type: string
7702 image:
7703 description: |-
7704 image is the rados image name.
7705 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7706 type: string
7707 keyring:
7708 description: |-
7709 keyring is the path to key ring for RBDUser.
7710 Default is /etc/ceph/keyring.
7711 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7712 type: string
7713 monitors:
7714 description: |-
7715 monitors is a collection of Ceph monitors.
7716 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7717 items:
7718 type: string
7719 type: array
7720 x-kubernetes-list-type: atomic
7721 pool:
7722 description: |-
7723 pool is the rados pool name.
7724 Default is rbd.
7725 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7726 type: string
7727 readOnly:
7728 description: |-
7729 readOnly here will force the ReadOnly setting in VolumeMounts.
7730 Defaults to false.
7731 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7732 type: boolean
7733 secretRef:
7734 description: |-
7735 secretRef is name of the authentication secret for RBDUser. If provided
7736 overrides keyring.
7737 Default is nil.
7738 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7739 properties:
7740 name:
7741 default: ""
7742 description: |-
7743 Name of the referent.
7744 This field is effectively required, but due to backwards compatibility is
7745 allowed to be empty. Instances of this type with an empty value here are
7746 almost certainly wrong.
7747 TODO: Add other useful fields. apiVersion, kind, uid?
7748 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7749 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7750 type: string
7751 type: object
7752 x-kubernetes-map-type: atomic
7753 user:
7754 description: |-
7755 user is the rados user name.
7756 Default is admin.
7757 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7758 type: string
7759 required:
7760 - image
7761 - monitors
7762 type: object
7763 scaleIO:
7764 description: scaleIO represents a ScaleIO persistent volume
7765 attached and mounted on Kubernetes nodes.
7766 properties:
7767 fsType:
7768 description: |-
7769 fsType is the filesystem type to mount.
7770 Must be a filesystem type supported by the host operating system.
7771 Ex. "ext4", "xfs", "ntfs".
7772 Default is "xfs".
7773 type: string
7774 gateway:
7775 description: gateway is the host address of the ScaleIO
7776 API Gateway.
7777 type: string
7778 protectionDomain:
7779 description: protectionDomain is the name of the ScaleIO
7780 Protection Domain for the configured storage.
7781 type: string
7782 readOnly:
7783 description: |-
7784 readOnly Defaults to false (read/write). ReadOnly here will force
7785 the ReadOnly setting in VolumeMounts.
7786 type: boolean
7787 secretRef:
7788 description: |-
7789 secretRef references to the secret for ScaleIO user and other
7790 sensitive information. If this is not provided, Login operation will fail.
7791 properties:
7792 name:
7793 default: ""
7794 description: |-
7795 Name of the referent.
7796 This field is effectively required, but due to backwards compatibility is
7797 allowed to be empty. Instances of this type with an empty value here are
7798 almost certainly wrong.
7799 TODO: Add other useful fields. apiVersion, kind, uid?
7800 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7801 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7802 type: string
7803 type: object
7804 x-kubernetes-map-type: atomic
7805 sslEnabled:
7806 description: sslEnabled Flag enable/disable SSL communication
7807 with Gateway, default false
7808 type: boolean
7809 storageMode:
7810 description: |-
7811 storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
7812 Default is ThinProvisioned.
7813 type: string
7814 storagePool:
7815 description: storagePool is the ScaleIO Storage Pool associated
7816 with the protection domain.
7817 type: string
7818 system:
7819 description: system is the name of the storage system as
7820 configured in ScaleIO.
7821 type: string
7822 volumeName:
7823 description: |-
7824 volumeName is the name of a volume already created in the ScaleIO system
7825 that is associated with this volume source.
7826 type: string
7827 required:
7828 - gateway
7829 - secretRef
7830 - system
7831 type: object
7832 secret:
7833 description: |-
7834 secret represents a secret that should populate this volume.
7835 More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
7836 properties:
7837 defaultMode:
7838 description: |-
7839 defaultMode is Optional: mode bits used to set permissions on created files by default.
7840 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7841 YAML accepts both octal and decimal values, JSON requires decimal values
7842 for mode bits. Defaults to 0644.
7843 Directories within the path are not affected by this setting.
7844 This might be in conflict with other options that affect the file
7845 mode, like fsGroup, and the result can be other mode bits set.
7846 format: int32
7847 type: integer
7848 items:
7849 description: |-
7850 items If unspecified, each key-value pair in the Data field of the referenced
7851 Secret will be projected into the volume as a file whose name is the
7852 key and content is the value. If specified, the listed keys will be
7853 projected into the specified paths, and unlisted keys will not be
7854 present. If a key is specified which is not present in the Secret,
7855 the volume setup will error unless it is marked optional. Paths must be
7856 relative and may not contain the '..' path or start with '..'.
7857 items:
7858 description: Maps a string key to a path within a volume.
7859 properties:
7860 key:
7861 description: key is the key to project.
7862 type: string
7863 mode:
7864 description: |-
7865 mode is Optional: mode bits used to set permissions on this file.
7866 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7867 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7868 If not specified, the volume defaultMode will be used.
7869 This might be in conflict with other options that affect the file
7870 mode, like fsGroup, and the result can be other mode bits set.
7871 format: int32
7872 type: integer
7873 path:
7874 description: |-
7875 path is the relative path of the file to map the key to.
7876 May not be an absolute path.
7877 May not contain the path element '..'.
7878 May not start with the string '..'.
7879 type: string
7880 required:
7881 - key
7882 - path
7883 type: object
7884 type: array
7885 x-kubernetes-list-type: atomic
7886 optional:
7887 description: optional field specify whether the Secret or
7888 its keys must be defined
7889 type: boolean
7890 secretName:
7891 description: |-
7892 secretName is the name of the secret in the pod's namespace to use.
7893 More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
7894 type: string
7895 type: object
7896 storageos:
7897 description: storageOS represents a StorageOS volume attached
7898 and mounted on Kubernetes nodes.
7899 properties:
7900 fsType:
7901 description: |-
7902 fsType is the filesystem type to mount.
7903 Must be a filesystem type supported by the host operating system.
7904 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7905 type: string
7906 readOnly:
7907 description: |-
7908 readOnly defaults to false (read/write). ReadOnly here will force
7909 the ReadOnly setting in VolumeMounts.
7910 type: boolean
7911 secretRef:
7912 description: |-
7913 secretRef specifies the secret to use for obtaining the StorageOS API
7914 credentials. If not specified, default values will be attempted.
7915 properties:
7916 name:
7917 default: ""
7918 description: |-
7919 Name of the referent.
7920 This field is effectively required, but due to backwards compatibility is
7921 allowed to be empty. Instances of this type with an empty value here are
7922 almost certainly wrong.
7923 TODO: Add other useful fields. apiVersion, kind, uid?
7924 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7925 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7926 type: string
7927 type: object
7928 x-kubernetes-map-type: atomic
7929 volumeName:
7930 description: |-
7931 volumeName is the human-readable name of the StorageOS volume. Volume
7932 names are only unique within a namespace.
7933 type: string
7934 volumeNamespace:
7935 description: |-
7936 volumeNamespace specifies the scope of the volume within StorageOS. If no
7937 namespace is specified then the Pod's namespace will be used. This allows the
7938 Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
7939 Set VolumeName to any name to override the default behaviour.
7940 Set to "default" if you are not using namespaces within StorageOS.
7941 Namespaces that do not pre-exist within StorageOS will be created.
7942 type: string
7943 type: object
7944 vsphereVolume:
7945 description: vsphereVolume represents a vSphere volume attached
7946 and mounted on kubelets host machine
7947 properties:
7948 fsType:
7949 description: |-
7950 fsType is filesystem type to mount.
7951 Must be a filesystem type supported by the host operating system.
7952 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7953 type: string
7954 storagePolicyID:
7955 description: storagePolicyID is the storage Policy Based
7956 Management (SPBM) profile ID associated with the StoragePolicyName.
7957 type: string
7958 storagePolicyName:
7959 description: storagePolicyName is the storage Policy Based
7960 Management (SPBM) profile name.
7961 type: string
7962 volumePath:
7963 description: volumePath is the path that identifies vSphere
7964 volume vmdk
7965 type: string
7966 required:
7967 - volumePath
7968 type: object
7969 required:
7970 - name
7971 type: object
7972 type: array
7973 web:
7974 description: Defines the web command line flags when starting Alertmanager.
7975 properties:
7976 getConcurrency:
7977 description: |-
7978 Maximum number of GET requests processed concurrently. This corresponds to the
7979 Alertmanager's `--web.get-concurrency` flag.
7980 format: int32
7981 type: integer
7982 httpConfig:
7983 description: Defines HTTP parameters for web server.
7984 properties:
7985 headers:
7986 description: List of headers that can be added to HTTP responses.
7987 properties:
7988 contentSecurityPolicy:
7989 description: |-
7990 Set the Content-Security-Policy header to HTTP responses.
7991 Unset if blank.
7992 type: string
7993 strictTransportSecurity:
7994 description: |-
7995 Set the Strict-Transport-Security header to HTTP responses.
7996 Unset if blank.
7997 Please make sure that you use this with care as this header might force
7998 browsers to load Prometheus and the other applications hosted on the same
7999 domain and subdomains over HTTPS.
8000 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
8001 type: string
8002 xContentTypeOptions:
8003 description: |-
8004 Set the X-Content-Type-Options header to HTTP responses.
8005 Unset if blank. Accepted value is nosniff.
8006 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
8007 enum:
8008 - ""
8009 - NoSniff
8010 type: string
8011 xFrameOptions:
8012 description: |-
8013 Set the X-Frame-Options header to HTTP responses.
8014 Unset if blank. Accepted values are deny and sameorigin.
8015 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
8016 enum:
8017 - ""
8018 - Deny
8019 - SameOrigin
8020 type: string
8021 xXSSProtection:
8022 description: |-
8023 Set the X-XSS-Protection header to all responses.
8024 Unset if blank.
8025 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
8026 type: string
8027 type: object
8028 http2:
8029 description: |-
8030 Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS.
8031 When TLSConfig is not configured, HTTP/2 will be disabled.
8032 Whenever the value of the field changes, a rolling update will be triggered.
8033 type: boolean
8034 type: object
8035 timeout:
8036 description: |-
8037 Timeout for HTTP requests. This corresponds to the Alertmanager's
8038 `--web.timeout` flag.
8039 format: int32
8040 type: integer
8041 tlsConfig:
8042 description: Defines the TLS parameters for HTTPS.
8043 properties:
8044 cert:
8045 description: Contains the TLS certificate for the server.
8046 properties:
8047 configMap:
8048 description: ConfigMap containing data to use for the
8049 targets.
8050 properties:
8051 key:
8052 description: The key to select.
8053 type: string
8054 name:
8055 default: ""
8056 description: |-
8057 Name of the referent.
8058 This field is effectively required, but due to backwards compatibility is
8059 allowed to be empty. Instances of this type with an empty value here are
8060 almost certainly wrong.
8061 TODO: Add other useful fields. apiVersion, kind, uid?
8062 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8063 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8064 type: string
8065 optional:
8066 description: Specify whether the ConfigMap or its
8067 key must be defined
8068 type: boolean
8069 required:
8070 - key
8071 type: object
8072 x-kubernetes-map-type: atomic
8073 secret:
8074 description: Secret containing data to use for the targets.
8075 properties:
8076 key:
8077 description: The key of the secret to select from. Must
8078 be a valid secret key.
8079 type: string
8080 name:
8081 default: ""
8082 description: |-
8083 Name of the referent.
8084 This field is effectively required, but due to backwards compatibility is
8085 allowed to be empty. Instances of this type with an empty value here are
8086 almost certainly wrong.
8087 TODO: Add other useful fields. apiVersion, kind, uid?
8088 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8089 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8090 type: string
8091 optional:
8092 description: Specify whether the Secret or its key
8093 must be defined
8094 type: boolean
8095 required:
8096 - key
8097 type: object
8098 x-kubernetes-map-type: atomic
8099 type: object
8100 cipherSuites:
8101 description: |-
8102 List of supported cipher suites for TLS versions up to TLS 1.2. If empty,
8103 Go default cipher suites are used. Available cipher suites are documented
8104 in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants
8105 items:
8106 type: string
8107 type: array
8108 client_ca:
8109 description: Contains the CA certificate for client certificate
8110 authentication to the server.
8111 properties:
8112 configMap:
8113 description: ConfigMap containing data to use for the
8114 targets.
8115 properties:
8116 key:
8117 description: The key to select.
8118 type: string
8119 name:
8120 default: ""
8121 description: |-
8122 Name of the referent.
8123 This field is effectively required, but due to backwards compatibility is
8124 allowed to be empty. Instances of this type with an empty value here are
8125 almost certainly wrong.
8126 TODO: Add other useful fields. apiVersion, kind, uid?
8127 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8128 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8129 type: string
8130 optional:
8131 description: Specify whether the ConfigMap or its
8132 key must be defined
8133 type: boolean
8134 required:
8135 - key
8136 type: object
8137 x-kubernetes-map-type: atomic
8138 secret:
8139 description: Secret containing data to use for the targets.
8140 properties:
8141 key:
8142 description: The key of the secret to select from. Must
8143 be a valid secret key.
8144 type: string
8145 name:
8146 default: ""
8147 description: |-
8148 Name of the referent.
8149 This field is effectively required, but due to backwards compatibility is
8150 allowed to be empty. Instances of this type with an empty value here are
8151 almost certainly wrong.
8152 TODO: Add other useful fields. apiVersion, kind, uid?
8153 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8154 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8155 type: string
8156 optional:
8157 description: Specify whether the Secret or its key
8158 must be defined
8159 type: boolean
8160 required:
8161 - key
8162 type: object
8163 x-kubernetes-map-type: atomic
8164 type: object
8165 clientAuthType:
8166 description: |-
8167 Server policy for client authentication. Maps to ClientAuth Policies.
8168 For more detail on clientAuth options:
8169 https://golang.org/pkg/crypto/tls/#ClientAuthType
8170 type: string
8171 curvePreferences:
8172 description: |-
8173 Elliptic curves that will be used in an ECDHE handshake, in preference
8174 order. Available curves are documented in the go documentation:
8175 https://golang.org/pkg/crypto/tls/#CurveID
8176 items:
8177 type: string
8178 type: array
8179 keySecret:
8180 description: Secret containing the TLS key for the server.
8181 properties:
8182 key:
8183 description: The key of the secret to select from. Must
8184 be a valid secret key.
8185 type: string
8186 name:
8187 default: ""
8188 description: |-
8189 Name of the referent.
8190 This field is effectively required, but due to backwards compatibility is
8191 allowed to be empty. Instances of this type with an empty value here are
8192 almost certainly wrong.
8193 TODO: Add other useful fields. apiVersion, kind, uid?
8194 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
8195 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
8196 type: string
8197 optional:
8198 description: Specify whether the Secret or its key must
8199 be defined
8200 type: boolean
8201 required:
8202 - key
8203 type: object
8204 x-kubernetes-map-type: atomic
8205 maxVersion:
8206 description: Maximum TLS version that is acceptable. Defaults
8207 to TLS13.
8208 type: string
8209 minVersion:
8210 description: Minimum TLS version that is acceptable. Defaults
8211 to TLS12.
8212 type: string
8213 preferServerCipherSuites:
8214 description: |-
8215 Controls whether the server selects the
8216 client's most preferred cipher suite, or the server's most preferred
8217 cipher suite. If true then the server's preference, as expressed in
8218 the order of elements in cipherSuites, is used.
8219 type: boolean
8220 required:
8221 - cert
8222 - keySecret
8223 type: object
8224 type: object
8225 type: object
8226 status:
8227 description: |-
8228 Most recent observed status of the Alertmanager cluster. Read-only.
8229 More info:
8230 https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
8231 properties:
8232 availableReplicas:
8233 description: |-
8234 Total number of available pods (ready for at least minReadySeconds)
8235 targeted by this Alertmanager cluster.
8236 format: int32
8237 type: integer
8238 conditions:
8239 description: The current state of the Alertmanager object.
8240 items:
8241 description: |-
8242 Condition represents the state of the resources associated with the
8243 Prometheus, Alertmanager or ThanosRuler resource.
8244 properties:
8245 lastTransitionTime:
8246 description: lastTransitionTime is the time of the last update
8247 to the current status property.
8248 format: date-time
8249 type: string
8250 message:
8251 description: Human-readable message indicating details for the
8252 condition's last transition.
8253 type: string
8254 observedGeneration:
8255 description: |-
8256 ObservedGeneration represents the .metadata.generation that the
8257 condition was set based upon. For instance, if `.metadata.generation` is
8258 currently 12, but the `.status.conditions[].observedGeneration` is 9, the
8259 condition is out of date with respect to the current state of the
8260 instance.
8261 format: int64
8262 type: integer
8263 reason:
8264 description: Reason for the condition's last transition.
8265 type: string
8266 status:
8267 description: Status of the condition.
8268 type: string
8269 type:
8270 description: Type of the condition being reported.
8271 type: string
8272 required:
8273 - lastTransitionTime
8274 - status
8275 - type
8276 type: object
8277 type: array
8278 x-kubernetes-list-map-keys:
8279 - type
8280 x-kubernetes-list-type: map
8281 paused:
8282 description: |-
8283 Represents whether any actions on the underlying managed objects are
8284 being performed. Only delete actions will be performed.
8285 type: boolean
8286 replicas:
8287 description: |-
8288 Total number of non-terminated pods targeted by this Alertmanager
8289 object (their labels match the selector).
8290 format: int32
8291 type: integer
8292 unavailableReplicas:
8293 description: Total number of unavailable pods targeted by this Alertmanager
8294 object.
8295 format: int32
8296 type: integer
8297 updatedReplicas:
8298 description: |-
8299 Total number of non-terminated pods targeted by this Alertmanager
8300 object that have the desired version spec.
8301 format: int32
8302 type: integer
8303 required:
8304 - availableReplicas
8305 - paused
8306 - replicas
8307 - unavailableReplicas
8308 - updatedReplicas
8309 type: object
8310 required:
8311 - spec
8312 type: object
8313 served: true
8314 storage: true
8315 subresources:
8316 status: {}
View as plain text