1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 annotations:
6 controller-gen.kubebuilder.io/version: (unknown)
7 name: thanosrulers.monitoring.coreos.com
8spec:
9 group: monitoring.coreos.com
10 names:
11 categories:
12 - prometheus-operator
13 kind: ThanosRuler
14 listKind: ThanosRulerList
15 plural: thanosrulers
16 shortNames:
17 - ruler
18 singular: thanosruler
19 scope: Namespaced
20 versions:
21 - additionalPrinterColumns:
22 - description: The version of Thanos Ruler
23 jsonPath: .spec.version
24 name: Version
25 type: string
26 - description: The number of desired replicas
27 jsonPath: .spec.replicas
28 name: Replicas
29 type: integer
30 - description: The number of ready replicas
31 jsonPath: .status.availableReplicas
32 name: Ready
33 type: integer
34 - jsonPath: .status.conditions[?(@.type == 'Reconciled')].status
35 name: Reconciled
36 type: string
37 - jsonPath: .status.conditions[?(@.type == 'Available')].status
38 name: Available
39 type: string
40 - jsonPath: .metadata.creationTimestamp
41 name: Age
42 type: date
43 - description: Whether the resource reconciliation is paused or not
44 jsonPath: .status.paused
45 name: Paused
46 priority: 1
47 type: boolean
48 name: v1
49 schema:
50 openAPIV3Schema:
51 description: ThanosRuler defines a ThanosRuler deployment.
52 properties:
53 apiVersion:
54 description: |-
55 APIVersion defines the versioned schema of this representation of an object.
56 Servers should convert recognized schemas to the latest internal value, and
57 may reject unrecognized values.
58 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
59 type: string
60 kind:
61 description: |-
62 Kind is a string value representing the REST resource this object represents.
63 Servers may infer this from the endpoint the client submits requests to.
64 Cannot be updated.
65 In CamelCase.
66 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
67 type: string
68 metadata:
69 type: object
70 spec:
71 description: |-
72 Specification of the desired behavior of the ThanosRuler cluster. More info:
73 https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
74 properties:
75 additionalArgs:
76 description: |-
77 AdditionalArgs allows setting additional arguments for the ThanosRuler container.
78 It is intended for e.g. activating hidden flags which are not supported by
79 the dedicated configuration options yet. The arguments are passed as-is to the
80 ThanosRuler container which may cause issues if they are invalid or not supported
81 by the given ThanosRuler version.
82 In case of an argument conflict (e.g. an argument which is already set by the
83 operator itself) or when providing an invalid argument the reconciliation will
84 fail and an error will be logged.
85 items:
86 description: Argument as part of the AdditionalArgs list.
87 properties:
88 name:
89 description: Name of the argument, e.g. "scrape.discovery-reload-interval".
90 minLength: 1
91 type: string
92 value:
93 description: Argument value, e.g. 30s. Can be empty for name-only
94 arguments (e.g. --storage.tsdb.no-lockfile)
95 type: string
96 required:
97 - name
98 type: object
99 type: array
100 affinity:
101 description: If specified, the pod's scheduling constraints.
102 properties:
103 nodeAffinity:
104 description: Describes node affinity scheduling rules for the
105 pod.
106 properties:
107 preferredDuringSchedulingIgnoredDuringExecution:
108 description: |-
109 The scheduler will prefer to schedule pods to nodes that satisfy
110 the affinity expressions specified by this field, but it may choose
111 a node that violates one or more of the expressions. The node that is
112 most preferred is the one with the greatest sum of weights, i.e.
113 for each node that meets all of the scheduling requirements (resource
114 request, requiredDuringScheduling affinity expressions, etc.),
115 compute a sum by iterating through the elements of this field and adding
116 "weight" to the sum if the node matches the corresponding matchExpressions; the
117 node(s) with the highest sum are the most preferred.
118 items:
119 description: |-
120 An empty preferred scheduling term matches all objects with implicit weight 0
121 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
122 properties:
123 preference:
124 description: A node selector term, associated with the
125 corresponding weight.
126 properties:
127 matchExpressions:
128 description: A list of node selector requirements
129 by node's labels.
130 items:
131 description: |-
132 A node selector requirement is a selector that contains values, a key, and an operator
133 that relates the key and values.
134 properties:
135 key:
136 description: The label key that the selector
137 applies to.
138 type: string
139 operator:
140 description: |-
141 Represents a key's relationship to a set of values.
142 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
143 type: string
144 values:
145 description: |-
146 An array of string values. If the operator is In or NotIn,
147 the values array must be non-empty. If the operator is Exists or DoesNotExist,
148 the values array must be empty. If the operator is Gt or Lt, the values
149 array must have a single element, which will be interpreted as an integer.
150 This array is replaced during a strategic merge patch.
151 items:
152 type: string
153 type: array
154 x-kubernetes-list-type: atomic
155 required:
156 - key
157 - operator
158 type: object
159 type: array
160 x-kubernetes-list-type: atomic
161 matchFields:
162 description: A list of node selector requirements
163 by node's fields.
164 items:
165 description: |-
166 A node selector requirement is a selector that contains values, a key, and an operator
167 that relates the key and values.
168 properties:
169 key:
170 description: The label key that the selector
171 applies to.
172 type: string
173 operator:
174 description: |-
175 Represents a key's relationship to a set of values.
176 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
177 type: string
178 values:
179 description: |-
180 An array of string values. If the operator is In or NotIn,
181 the values array must be non-empty. If the operator is Exists or DoesNotExist,
182 the values array must be empty. If the operator is Gt or Lt, the values
183 array must have a single element, which will be interpreted as an integer.
184 This array is replaced during a strategic merge patch.
185 items:
186 type: string
187 type: array
188 x-kubernetes-list-type: atomic
189 required:
190 - key
191 - operator
192 type: object
193 type: array
194 x-kubernetes-list-type: atomic
195 type: object
196 x-kubernetes-map-type: atomic
197 weight:
198 description: Weight associated with matching the corresponding
199 nodeSelectorTerm, in the range 1-100.
200 format: int32
201 type: integer
202 required:
203 - preference
204 - weight
205 type: object
206 type: array
207 x-kubernetes-list-type: atomic
208 requiredDuringSchedulingIgnoredDuringExecution:
209 description: |-
210 If the affinity requirements specified by this field are not met at
211 scheduling time, the pod will not be scheduled onto the node.
212 If the affinity requirements specified by this field cease to be met
213 at some point during pod execution (e.g. due to an update), the system
214 may or may not try to eventually evict the pod from its node.
215 properties:
216 nodeSelectorTerms:
217 description: Required. A list of node selector terms.
218 The terms are ORed.
219 items:
220 description: |-
221 A null or empty node selector term matches no objects. The requirements of
222 them are ANDed.
223 The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
224 properties:
225 matchExpressions:
226 description: A list of node selector requirements
227 by node's labels.
228 items:
229 description: |-
230 A node selector requirement is a selector that contains values, a key, and an operator
231 that relates the key and values.
232 properties:
233 key:
234 description: The label key that the selector
235 applies to.
236 type: string
237 operator:
238 description: |-
239 Represents a key's relationship to a set of values.
240 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
241 type: string
242 values:
243 description: |-
244 An array of string values. If the operator is In or NotIn,
245 the values array must be non-empty. If the operator is Exists or DoesNotExist,
246 the values array must be empty. If the operator is Gt or Lt, the values
247 array must have a single element, which will be interpreted as an integer.
248 This array is replaced during a strategic merge patch.
249 items:
250 type: string
251 type: array
252 x-kubernetes-list-type: atomic
253 required:
254 - key
255 - operator
256 type: object
257 type: array
258 x-kubernetes-list-type: atomic
259 matchFields:
260 description: A list of node selector requirements
261 by node's fields.
262 items:
263 description: |-
264 A node selector requirement is a selector that contains values, a key, and an operator
265 that relates the key and values.
266 properties:
267 key:
268 description: The label key that the selector
269 applies to.
270 type: string
271 operator:
272 description: |-
273 Represents a key's relationship to a set of values.
274 Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
275 type: string
276 values:
277 description: |-
278 An array of string values. If the operator is In or NotIn,
279 the values array must be non-empty. If the operator is Exists or DoesNotExist,
280 the values array must be empty. If the operator is Gt or Lt, the values
281 array must have a single element, which will be interpreted as an integer.
282 This array is replaced during a strategic merge patch.
283 items:
284 type: string
285 type: array
286 x-kubernetes-list-type: atomic
287 required:
288 - key
289 - operator
290 type: object
291 type: array
292 x-kubernetes-list-type: atomic
293 type: object
294 x-kubernetes-map-type: atomic
295 type: array
296 x-kubernetes-list-type: atomic
297 required:
298 - nodeSelectorTerms
299 type: object
300 x-kubernetes-map-type: atomic
301 type: object
302 podAffinity:
303 description: Describes pod affinity scheduling rules (e.g. co-locate
304 this pod in the same node, zone, etc. as some other pod(s)).
305 properties:
306 preferredDuringSchedulingIgnoredDuringExecution:
307 description: |-
308 The scheduler will prefer to schedule pods to nodes that satisfy
309 the affinity expressions specified by this field, but it may choose
310 a node that violates one or more of the expressions. The node that is
311 most preferred is the one with the greatest sum of weights, i.e.
312 for each node that meets all of the scheduling requirements (resource
313 request, requiredDuringScheduling affinity expressions, etc.),
314 compute a sum by iterating through the elements of this field and adding
315 "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
316 node(s) with the highest sum are the most preferred.
317 items:
318 description: The weights of all of the matched WeightedPodAffinityTerm
319 fields are added per-node to find the most preferred node(s)
320 properties:
321 podAffinityTerm:
322 description: Required. A pod affinity term, associated
323 with the corresponding weight.
324 properties:
325 labelSelector:
326 description: |-
327 A label query over a set of resources, in this case pods.
328 If it's null, this PodAffinityTerm matches with no Pods.
329 properties:
330 matchExpressions:
331 description: matchExpressions is a list of label
332 selector requirements. The requirements are
333 ANDed.
334 items:
335 description: |-
336 A label selector requirement is a selector that contains values, a key, and an operator that
337 relates the key and values.
338 properties:
339 key:
340 description: key is the label key that
341 the selector applies to.
342 type: string
343 operator:
344 description: |-
345 operator represents a key's relationship to a set of values.
346 Valid operators are In, NotIn, Exists and DoesNotExist.
347 type: string
348 values:
349 description: |-
350 values is an array of string values. If the operator is In or NotIn,
351 the values array must be non-empty. If the operator is Exists or DoesNotExist,
352 the values array must be empty. This array is replaced during a strategic
353 merge patch.
354 items:
355 type: string
356 type: array
357 x-kubernetes-list-type: atomic
358 required:
359 - key
360 - operator
361 type: object
362 type: array
363 x-kubernetes-list-type: atomic
364 matchLabels:
365 additionalProperties:
366 type: string
367 description: |-
368 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
369 map is equivalent to an element of matchExpressions, whose key field is "key", the
370 operator is "In", and the values array contains only "value". The requirements are ANDed.
371 type: object
372 type: object
373 x-kubernetes-map-type: atomic
374 matchLabelKeys:
375 description: |-
376 MatchLabelKeys is a set of pod label keys to select which pods will
377 be taken into consideration. The keys are used to lookup values from the
378 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
379 to select the group of existing pods which pods will be taken into consideration
380 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
381 pod labels will be ignored. The default value is empty.
382 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
383 Also, matchLabelKeys cannot be set when labelSelector isn't set.
384 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
385 items:
386 type: string
387 type: array
388 x-kubernetes-list-type: atomic
389 mismatchLabelKeys:
390 description: |-
391 MismatchLabelKeys is a set of pod label keys to select which pods will
392 be taken into consideration. The keys are used to lookup values from the
393 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
394 to select the group of existing pods which pods will be taken into consideration
395 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
396 pod labels will be ignored. The default value is empty.
397 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
398 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
399 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
400 items:
401 type: string
402 type: array
403 x-kubernetes-list-type: atomic
404 namespaceSelector:
405 description: |-
406 A label query over the set of namespaces that the term applies to.
407 The term is applied to the union of the namespaces selected by this field
408 and the ones listed in the namespaces field.
409 null selector and null or empty namespaces list means "this pod's namespace".
410 An empty selector ({}) matches all namespaces.
411 properties:
412 matchExpressions:
413 description: matchExpressions is a list of label
414 selector requirements. The requirements are
415 ANDed.
416 items:
417 description: |-
418 A label selector requirement is a selector that contains values, a key, and an operator that
419 relates the key and values.
420 properties:
421 key:
422 description: key is the label key that
423 the selector applies to.
424 type: string
425 operator:
426 description: |-
427 operator represents a key's relationship to a set of values.
428 Valid operators are In, NotIn, Exists and DoesNotExist.
429 type: string
430 values:
431 description: |-
432 values is an array of string values. If the operator is In or NotIn,
433 the values array must be non-empty. If the operator is Exists or DoesNotExist,
434 the values array must be empty. This array is replaced during a strategic
435 merge patch.
436 items:
437 type: string
438 type: array
439 x-kubernetes-list-type: atomic
440 required:
441 - key
442 - operator
443 type: object
444 type: array
445 x-kubernetes-list-type: atomic
446 matchLabels:
447 additionalProperties:
448 type: string
449 description: |-
450 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
451 map is equivalent to an element of matchExpressions, whose key field is "key", the
452 operator is "In", and the values array contains only "value". The requirements are ANDed.
453 type: object
454 type: object
455 x-kubernetes-map-type: atomic
456 namespaces:
457 description: |-
458 namespaces specifies a static list of namespace names that the term applies to.
459 The term is applied to the union of the namespaces listed in this field
460 and the ones selected by namespaceSelector.
461 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
462 items:
463 type: string
464 type: array
465 x-kubernetes-list-type: atomic
466 topologyKey:
467 description: |-
468 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
469 the labelSelector in the specified namespaces, where co-located is defined as running on a node
470 whose value of the label with key topologyKey matches that of any node on which any of the
471 selected pods is running.
472 Empty topologyKey is not allowed.
473 type: string
474 required:
475 - topologyKey
476 type: object
477 weight:
478 description: |-
479 weight associated with matching the corresponding podAffinityTerm,
480 in the range 1-100.
481 format: int32
482 type: integer
483 required:
484 - podAffinityTerm
485 - weight
486 type: object
487 type: array
488 x-kubernetes-list-type: atomic
489 requiredDuringSchedulingIgnoredDuringExecution:
490 description: |-
491 If the affinity requirements specified by this field are not met at
492 scheduling time, the pod will not be scheduled onto the node.
493 If the affinity requirements specified by this field cease to be met
494 at some point during pod execution (e.g. due to a pod label update), the
495 system may or may not try to eventually evict the pod from its node.
496 When there are multiple elements, the lists of nodes corresponding to each
497 podAffinityTerm are intersected, i.e. all terms must be satisfied.
498 items:
499 description: |-
500 Defines a set of pods (namely those matching the labelSelector
501 relative to the given namespace(s)) that this pod should be
502 co-located (affinity) or not co-located (anti-affinity) with,
503 where co-located is defined as running on a node whose value of
504 the label with key <topologyKey> matches that of any node on which
505 a pod of the set of pods is running
506 properties:
507 labelSelector:
508 description: |-
509 A label query over a set of resources, in this case pods.
510 If it's null, this PodAffinityTerm matches with no Pods.
511 properties:
512 matchExpressions:
513 description: matchExpressions is a list of label
514 selector requirements. The requirements are ANDed.
515 items:
516 description: |-
517 A label selector requirement is a selector that contains values, a key, and an operator that
518 relates the key and values.
519 properties:
520 key:
521 description: key is the label key that the
522 selector applies to.
523 type: string
524 operator:
525 description: |-
526 operator represents a key's relationship to a set of values.
527 Valid operators are In, NotIn, Exists and DoesNotExist.
528 type: string
529 values:
530 description: |-
531 values is an array of string values. If the operator is In or NotIn,
532 the values array must be non-empty. If the operator is Exists or DoesNotExist,
533 the values array must be empty. This array is replaced during a strategic
534 merge patch.
535 items:
536 type: string
537 type: array
538 x-kubernetes-list-type: atomic
539 required:
540 - key
541 - operator
542 type: object
543 type: array
544 x-kubernetes-list-type: atomic
545 matchLabels:
546 additionalProperties:
547 type: string
548 description: |-
549 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
550 map is equivalent to an element of matchExpressions, whose key field is "key", the
551 operator is "In", and the values array contains only "value". The requirements are ANDed.
552 type: object
553 type: object
554 x-kubernetes-map-type: atomic
555 matchLabelKeys:
556 description: |-
557 MatchLabelKeys is a set of pod label keys to select which pods will
558 be taken into consideration. The keys are used to lookup values from the
559 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
560 to select the group of existing pods which pods will be taken into consideration
561 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
562 pod labels will be ignored. The default value is empty.
563 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
564 Also, matchLabelKeys cannot be set when labelSelector isn't set.
565 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
566 items:
567 type: string
568 type: array
569 x-kubernetes-list-type: atomic
570 mismatchLabelKeys:
571 description: |-
572 MismatchLabelKeys is a set of pod label keys to select which pods will
573 be taken into consideration. The keys are used to lookup values from the
574 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
575 to select the group of existing pods which pods will be taken into consideration
576 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
577 pod labels will be ignored. The default value is empty.
578 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
579 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
580 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
581 items:
582 type: string
583 type: array
584 x-kubernetes-list-type: atomic
585 namespaceSelector:
586 description: |-
587 A label query over the set of namespaces that the term applies to.
588 The term is applied to the union of the namespaces selected by this field
589 and the ones listed in the namespaces field.
590 null selector and null or empty namespaces list means "this pod's namespace".
591 An empty selector ({}) matches all namespaces.
592 properties:
593 matchExpressions:
594 description: matchExpressions is a list of label
595 selector requirements. The requirements are ANDed.
596 items:
597 description: |-
598 A label selector requirement is a selector that contains values, a key, and an operator that
599 relates the key and values.
600 properties:
601 key:
602 description: key is the label key that the
603 selector applies to.
604 type: string
605 operator:
606 description: |-
607 operator represents a key's relationship to a set of values.
608 Valid operators are In, NotIn, Exists and DoesNotExist.
609 type: string
610 values:
611 description: |-
612 values is an array of string values. If the operator is In or NotIn,
613 the values array must be non-empty. If the operator is Exists or DoesNotExist,
614 the values array must be empty. This array is replaced during a strategic
615 merge patch.
616 items:
617 type: string
618 type: array
619 x-kubernetes-list-type: atomic
620 required:
621 - key
622 - operator
623 type: object
624 type: array
625 x-kubernetes-list-type: atomic
626 matchLabels:
627 additionalProperties:
628 type: string
629 description: |-
630 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
631 map is equivalent to an element of matchExpressions, whose key field is "key", the
632 operator is "In", and the values array contains only "value". The requirements are ANDed.
633 type: object
634 type: object
635 x-kubernetes-map-type: atomic
636 namespaces:
637 description: |-
638 namespaces specifies a static list of namespace names that the term applies to.
639 The term is applied to the union of the namespaces listed in this field
640 and the ones selected by namespaceSelector.
641 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
642 items:
643 type: string
644 type: array
645 x-kubernetes-list-type: atomic
646 topologyKey:
647 description: |-
648 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
649 the labelSelector in the specified namespaces, where co-located is defined as running on a node
650 whose value of the label with key topologyKey matches that of any node on which any of the
651 selected pods is running.
652 Empty topologyKey is not allowed.
653 type: string
654 required:
655 - topologyKey
656 type: object
657 type: array
658 x-kubernetes-list-type: atomic
659 type: object
660 podAntiAffinity:
661 description: Describes pod anti-affinity scheduling rules (e.g.
662 avoid putting this pod in the same node, zone, etc. as some
663 other pod(s)).
664 properties:
665 preferredDuringSchedulingIgnoredDuringExecution:
666 description: |-
667 The scheduler will prefer to schedule pods to nodes that satisfy
668 the anti-affinity expressions specified by this field, but it may choose
669 a node that violates one or more of the expressions. The node that is
670 most preferred is the one with the greatest sum of weights, i.e.
671 for each node that meets all of the scheduling requirements (resource
672 request, requiredDuringScheduling anti-affinity expressions, etc.),
673 compute a sum by iterating through the elements of this field and adding
674 "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
675 node(s) with the highest sum are the most preferred.
676 items:
677 description: The weights of all of the matched WeightedPodAffinityTerm
678 fields are added per-node to find the most preferred node(s)
679 properties:
680 podAffinityTerm:
681 description: Required. A pod affinity term, associated
682 with the corresponding weight.
683 properties:
684 labelSelector:
685 description: |-
686 A label query over a set of resources, in this case pods.
687 If it's null, this PodAffinityTerm matches with no Pods.
688 properties:
689 matchExpressions:
690 description: matchExpressions is a list of label
691 selector requirements. The requirements are
692 ANDed.
693 items:
694 description: |-
695 A label selector requirement is a selector that contains values, a key, and an operator that
696 relates the key and values.
697 properties:
698 key:
699 description: key is the label key that
700 the selector applies to.
701 type: string
702 operator:
703 description: |-
704 operator represents a key's relationship to a set of values.
705 Valid operators are In, NotIn, Exists and DoesNotExist.
706 type: string
707 values:
708 description: |-
709 values is an array of string values. If the operator is In or NotIn,
710 the values array must be non-empty. If the operator is Exists or DoesNotExist,
711 the values array must be empty. This array is replaced during a strategic
712 merge patch.
713 items:
714 type: string
715 type: array
716 x-kubernetes-list-type: atomic
717 required:
718 - key
719 - operator
720 type: object
721 type: array
722 x-kubernetes-list-type: atomic
723 matchLabels:
724 additionalProperties:
725 type: string
726 description: |-
727 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
728 map is equivalent to an element of matchExpressions, whose key field is "key", the
729 operator is "In", and the values array contains only "value". The requirements are ANDed.
730 type: object
731 type: object
732 x-kubernetes-map-type: atomic
733 matchLabelKeys:
734 description: |-
735 MatchLabelKeys is a set of pod label keys to select which pods will
736 be taken into consideration. The keys are used to lookup values from the
737 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
738 to select the group of existing pods which pods will be taken into consideration
739 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
740 pod labels will be ignored. The default value is empty.
741 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
742 Also, matchLabelKeys cannot be set when labelSelector isn't set.
743 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
744 items:
745 type: string
746 type: array
747 x-kubernetes-list-type: atomic
748 mismatchLabelKeys:
749 description: |-
750 MismatchLabelKeys is a set of pod label keys to select which pods will
751 be taken into consideration. The keys are used to lookup values from the
752 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
753 to select the group of existing pods which pods will be taken into consideration
754 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
755 pod labels will be ignored. The default value is empty.
756 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
757 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
758 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
759 items:
760 type: string
761 type: array
762 x-kubernetes-list-type: atomic
763 namespaceSelector:
764 description: |-
765 A label query over the set of namespaces that the term applies to.
766 The term is applied to the union of the namespaces selected by this field
767 and the ones listed in the namespaces field.
768 null selector and null or empty namespaces list means "this pod's namespace".
769 An empty selector ({}) matches all namespaces.
770 properties:
771 matchExpressions:
772 description: matchExpressions is a list of label
773 selector requirements. The requirements are
774 ANDed.
775 items:
776 description: |-
777 A label selector requirement is a selector that contains values, a key, and an operator that
778 relates the key and values.
779 properties:
780 key:
781 description: key is the label key that
782 the selector applies to.
783 type: string
784 operator:
785 description: |-
786 operator represents a key's relationship to a set of values.
787 Valid operators are In, NotIn, Exists and DoesNotExist.
788 type: string
789 values:
790 description: |-
791 values is an array of string values. If the operator is In or NotIn,
792 the values array must be non-empty. If the operator is Exists or DoesNotExist,
793 the values array must be empty. This array is replaced during a strategic
794 merge patch.
795 items:
796 type: string
797 type: array
798 x-kubernetes-list-type: atomic
799 required:
800 - key
801 - operator
802 type: object
803 type: array
804 x-kubernetes-list-type: atomic
805 matchLabels:
806 additionalProperties:
807 type: string
808 description: |-
809 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
810 map is equivalent to an element of matchExpressions, whose key field is "key", the
811 operator is "In", and the values array contains only "value". The requirements are ANDed.
812 type: object
813 type: object
814 x-kubernetes-map-type: atomic
815 namespaces:
816 description: |-
817 namespaces specifies a static list of namespace names that the term applies to.
818 The term is applied to the union of the namespaces listed in this field
819 and the ones selected by namespaceSelector.
820 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
821 items:
822 type: string
823 type: array
824 x-kubernetes-list-type: atomic
825 topologyKey:
826 description: |-
827 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
828 the labelSelector in the specified namespaces, where co-located is defined as running on a node
829 whose value of the label with key topologyKey matches that of any node on which any of the
830 selected pods is running.
831 Empty topologyKey is not allowed.
832 type: string
833 required:
834 - topologyKey
835 type: object
836 weight:
837 description: |-
838 weight associated with matching the corresponding podAffinityTerm,
839 in the range 1-100.
840 format: int32
841 type: integer
842 required:
843 - podAffinityTerm
844 - weight
845 type: object
846 type: array
847 x-kubernetes-list-type: atomic
848 requiredDuringSchedulingIgnoredDuringExecution:
849 description: |-
850 If the anti-affinity requirements specified by this field are not met at
851 scheduling time, the pod will not be scheduled onto the node.
852 If the anti-affinity requirements specified by this field cease to be met
853 at some point during pod execution (e.g. due to a pod label update), the
854 system may or may not try to eventually evict the pod from its node.
855 When there are multiple elements, the lists of nodes corresponding to each
856 podAffinityTerm are intersected, i.e. all terms must be satisfied.
857 items:
858 description: |-
859 Defines a set of pods (namely those matching the labelSelector
860 relative to the given namespace(s)) that this pod should be
861 co-located (affinity) or not co-located (anti-affinity) with,
862 where co-located is defined as running on a node whose value of
863 the label with key <topologyKey> matches that of any node on which
864 a pod of the set of pods is running
865 properties:
866 labelSelector:
867 description: |-
868 A label query over a set of resources, in this case pods.
869 If it's null, this PodAffinityTerm matches with no Pods.
870 properties:
871 matchExpressions:
872 description: matchExpressions is a list of label
873 selector requirements. The requirements are ANDed.
874 items:
875 description: |-
876 A label selector requirement is a selector that contains values, a key, and an operator that
877 relates the key and values.
878 properties:
879 key:
880 description: key is the label key that the
881 selector applies to.
882 type: string
883 operator:
884 description: |-
885 operator represents a key's relationship to a set of values.
886 Valid operators are In, NotIn, Exists and DoesNotExist.
887 type: string
888 values:
889 description: |-
890 values is an array of string values. If the operator is In or NotIn,
891 the values array must be non-empty. If the operator is Exists or DoesNotExist,
892 the values array must be empty. This array is replaced during a strategic
893 merge patch.
894 items:
895 type: string
896 type: array
897 x-kubernetes-list-type: atomic
898 required:
899 - key
900 - operator
901 type: object
902 type: array
903 x-kubernetes-list-type: atomic
904 matchLabels:
905 additionalProperties:
906 type: string
907 description: |-
908 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
909 map is equivalent to an element of matchExpressions, whose key field is "key", the
910 operator is "In", and the values array contains only "value". The requirements are ANDed.
911 type: object
912 type: object
913 x-kubernetes-map-type: atomic
914 matchLabelKeys:
915 description: |-
916 MatchLabelKeys is a set of pod label keys to select which pods will
917 be taken into consideration. The keys are used to lookup values from the
918 incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
919 to select the group of existing pods which pods will be taken into consideration
920 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
921 pod labels will be ignored. The default value is empty.
922 The same key is forbidden to exist in both matchLabelKeys and labelSelector.
923 Also, matchLabelKeys cannot be set when labelSelector isn't set.
924 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
925 items:
926 type: string
927 type: array
928 x-kubernetes-list-type: atomic
929 mismatchLabelKeys:
930 description: |-
931 MismatchLabelKeys is a set of pod label keys to select which pods will
932 be taken into consideration. The keys are used to lookup values from the
933 incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
934 to select the group of existing pods which pods will be taken into consideration
935 for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
936 pod labels will be ignored. The default value is empty.
937 The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
938 Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
939 This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
940 items:
941 type: string
942 type: array
943 x-kubernetes-list-type: atomic
944 namespaceSelector:
945 description: |-
946 A label query over the set of namespaces that the term applies to.
947 The term is applied to the union of the namespaces selected by this field
948 and the ones listed in the namespaces field.
949 null selector and null or empty namespaces list means "this pod's namespace".
950 An empty selector ({}) matches all namespaces.
951 properties:
952 matchExpressions:
953 description: matchExpressions is a list of label
954 selector requirements. The requirements are ANDed.
955 items:
956 description: |-
957 A label selector requirement is a selector that contains values, a key, and an operator that
958 relates the key and values.
959 properties:
960 key:
961 description: key is the label key that the
962 selector applies to.
963 type: string
964 operator:
965 description: |-
966 operator represents a key's relationship to a set of values.
967 Valid operators are In, NotIn, Exists and DoesNotExist.
968 type: string
969 values:
970 description: |-
971 values is an array of string values. If the operator is In or NotIn,
972 the values array must be non-empty. If the operator is Exists or DoesNotExist,
973 the values array must be empty. This array is replaced during a strategic
974 merge patch.
975 items:
976 type: string
977 type: array
978 x-kubernetes-list-type: atomic
979 required:
980 - key
981 - operator
982 type: object
983 type: array
984 x-kubernetes-list-type: atomic
985 matchLabels:
986 additionalProperties:
987 type: string
988 description: |-
989 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
990 map is equivalent to an element of matchExpressions, whose key field is "key", the
991 operator is "In", and the values array contains only "value". The requirements are ANDed.
992 type: object
993 type: object
994 x-kubernetes-map-type: atomic
995 namespaces:
996 description: |-
997 namespaces specifies a static list of namespace names that the term applies to.
998 The term is applied to the union of the namespaces listed in this field
999 and the ones selected by namespaceSelector.
1000 null or empty namespaces list and null namespaceSelector means "this pod's namespace".
1001 items:
1002 type: string
1003 type: array
1004 x-kubernetes-list-type: atomic
1005 topologyKey:
1006 description: |-
1007 This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
1008 the labelSelector in the specified namespaces, where co-located is defined as running on a node
1009 whose value of the label with key topologyKey matches that of any node on which any of the
1010 selected pods is running.
1011 Empty topologyKey is not allowed.
1012 type: string
1013 required:
1014 - topologyKey
1015 type: object
1016 type: array
1017 x-kubernetes-list-type: atomic
1018 type: object
1019 type: object
1020 alertDropLabels:
1021 description: |-
1022 AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts.
1023 The replica label `thanos_ruler_replica` will always be dropped in alerts.
1024 items:
1025 type: string
1026 type: array
1027 alertQueryUrl:
1028 description: |-
1029 The external Query URL the Thanos Ruler will set in the 'Source' field
1030 of all alerts.
1031 Maps to the '--alert.query-url' CLI arg.
1032 type: string
1033 alertRelabelConfigFile:
1034 description: |-
1035 AlertRelabelConfigFile specifies the path of the alert relabeling configuration file.
1036 When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence.
1037 type: string
1038 alertRelabelConfigs:
1039 description: |-
1040 AlertRelabelConfigs configures alert relabeling in ThanosRuler.
1041 Alert relabel configurations must have the form as specified in the official Prometheus documentation:
1042 https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs
1043 Alternative to AlertRelabelConfigFile, and lower order priority.
1044 properties:
1045 key:
1046 description: The key of the secret to select from. Must be a
1047 valid secret key.
1048 type: string
1049 name:
1050 default: ""
1051 description: |-
1052 Name of the referent.
1053 This field is effectively required, but due to backwards compatibility is
1054 allowed to be empty. Instances of this type with an empty value here are
1055 almost certainly wrong.
1056 TODO: Add other useful fields. apiVersion, kind, uid?
1057 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1058 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1059 type: string
1060 optional:
1061 description: Specify whether the Secret or its key must be defined
1062 type: boolean
1063 required:
1064 - key
1065 type: object
1066 x-kubernetes-map-type: atomic
1067 alertmanagersConfig:
1068 description: |-
1069 Define configuration for connecting to alertmanager. Only available with thanos v0.10.0
1070 and higher. Maps to the `alertmanagers.config` arg.
1071 properties:
1072 key:
1073 description: The key of the secret to select from. Must be a
1074 valid secret key.
1075 type: string
1076 name:
1077 default: ""
1078 description: |-
1079 Name of the referent.
1080 This field is effectively required, but due to backwards compatibility is
1081 allowed to be empty. Instances of this type with an empty value here are
1082 almost certainly wrong.
1083 TODO: Add other useful fields. apiVersion, kind, uid?
1084 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1085 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1086 type: string
1087 optional:
1088 description: Specify whether the Secret or its key must be defined
1089 type: boolean
1090 required:
1091 - key
1092 type: object
1093 x-kubernetes-map-type: atomic
1094 alertmanagersUrl:
1095 description: |-
1096 Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher,
1097 AlertManagersConfig should be used instead. Note: this field will be ignored
1098 if AlertManagersConfig is specified.
1099 Maps to the `alertmanagers.url` arg.
1100 items:
1101 type: string
1102 type: array
1103 containers:
1104 description: |-
1105 Containers allows injecting additional containers or modifying operator generated
1106 containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or
1107 to change the behavior of an operator generated container. Containers described here modify
1108 an operator generated container if they share the same name and modifications are done via a
1109 strategic merge patch. The current container names are: `thanos-ruler` and `config-reloader`.
1110 Overriding containers is entirely outside the scope of what the maintainers will support and by doing
1111 so, you accept that this behaviour may break at any time without notice.
1112 items:
1113 description: A single application container that you want to run
1114 within a pod.
1115 properties:
1116 args:
1117 description: |-
1118 Arguments to the entrypoint.
1119 The container image's CMD is used if this is not provided.
1120 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
1121 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
1122 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
1123 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
1124 of whether the variable exists or not. Cannot be updated.
1125 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
1126 items:
1127 type: string
1128 type: array
1129 x-kubernetes-list-type: atomic
1130 command:
1131 description: |-
1132 Entrypoint array. Not executed within a shell.
1133 The container image's ENTRYPOINT is used if this is not provided.
1134 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
1135 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
1136 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
1137 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
1138 of whether the variable exists or not. Cannot be updated.
1139 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
1140 items:
1141 type: string
1142 type: array
1143 x-kubernetes-list-type: atomic
1144 env:
1145 description: |-
1146 List of environment variables to set in the container.
1147 Cannot be updated.
1148 items:
1149 description: EnvVar represents an environment variable present
1150 in a Container.
1151 properties:
1152 name:
1153 description: Name of the environment variable. Must be
1154 a C_IDENTIFIER.
1155 type: string
1156 value:
1157 description: |-
1158 Variable references $(VAR_NAME) are expanded
1159 using the previously defined environment variables in the container and
1160 any service environment variables. If a variable cannot be resolved,
1161 the reference in the input string will be unchanged. Double $$ are reduced
1162 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
1163 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
1164 Escaped references will never be expanded, regardless of whether the variable
1165 exists or not.
1166 Defaults to "".
1167 type: string
1168 valueFrom:
1169 description: Source for the environment variable's value.
1170 Cannot be used if value is not empty.
1171 properties:
1172 configMapKeyRef:
1173 description: Selects a key of a ConfigMap.
1174 properties:
1175 key:
1176 description: The key to select.
1177 type: string
1178 name:
1179 default: ""
1180 description: |-
1181 Name of the referent.
1182 This field is effectively required, but due to backwards compatibility is
1183 allowed to be empty. Instances of this type with an empty value here are
1184 almost certainly wrong.
1185 TODO: Add other useful fields. apiVersion, kind, uid?
1186 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1187 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1188 type: string
1189 optional:
1190 description: Specify whether the ConfigMap or
1191 its key must be defined
1192 type: boolean
1193 required:
1194 - key
1195 type: object
1196 x-kubernetes-map-type: atomic
1197 fieldRef:
1198 description: |-
1199 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
1200 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
1201 properties:
1202 apiVersion:
1203 description: Version of the schema the FieldPath
1204 is written in terms of, defaults to "v1".
1205 type: string
1206 fieldPath:
1207 description: Path of the field to select in the
1208 specified API version.
1209 type: string
1210 required:
1211 - fieldPath
1212 type: object
1213 x-kubernetes-map-type: atomic
1214 resourceFieldRef:
1215 description: |-
1216 Selects a resource of the container: only resources limits and requests
1217 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
1218 properties:
1219 containerName:
1220 description: 'Container name: required for volumes,
1221 optional for env vars'
1222 type: string
1223 divisor:
1224 anyOf:
1225 - type: integer
1226 - type: string
1227 description: Specifies the output format of the
1228 exposed resources, defaults to "1"
1229 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1230 x-kubernetes-int-or-string: true
1231 resource:
1232 description: 'Required: resource to select'
1233 type: string
1234 required:
1235 - resource
1236 type: object
1237 x-kubernetes-map-type: atomic
1238 secretKeyRef:
1239 description: Selects a key of a secret in the pod's
1240 namespace
1241 properties:
1242 key:
1243 description: The key of the secret to select from. Must
1244 be a valid secret key.
1245 type: string
1246 name:
1247 default: ""
1248 description: |-
1249 Name of the referent.
1250 This field is effectively required, but due to backwards compatibility is
1251 allowed to be empty. Instances of this type with an empty value here are
1252 almost certainly wrong.
1253 TODO: Add other useful fields. apiVersion, kind, uid?
1254 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1255 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1256 type: string
1257 optional:
1258 description: Specify whether the Secret or its
1259 key must be defined
1260 type: boolean
1261 required:
1262 - key
1263 type: object
1264 x-kubernetes-map-type: atomic
1265 type: object
1266 required:
1267 - name
1268 type: object
1269 type: array
1270 x-kubernetes-list-map-keys:
1271 - name
1272 x-kubernetes-list-type: map
1273 envFrom:
1274 description: |-
1275 List of sources to populate environment variables in the container.
1276 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
1277 will be reported as an event when the container is starting. When a key exists in multiple
1278 sources, the value associated with the last source will take precedence.
1279 Values defined by an Env with a duplicate key will take precedence.
1280 Cannot be updated.
1281 items:
1282 description: EnvFromSource represents the source of a set
1283 of ConfigMaps
1284 properties:
1285 configMapRef:
1286 description: The ConfigMap to select from
1287 properties:
1288 name:
1289 default: ""
1290 description: |-
1291 Name of the referent.
1292 This field is effectively required, but due to backwards compatibility is
1293 allowed to be empty. Instances of this type with an empty value here are
1294 almost certainly wrong.
1295 TODO: Add other useful fields. apiVersion, kind, uid?
1296 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1297 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1298 type: string
1299 optional:
1300 description: Specify whether the ConfigMap must be
1301 defined
1302 type: boolean
1303 type: object
1304 x-kubernetes-map-type: atomic
1305 prefix:
1306 description: An optional identifier to prepend to each
1307 key in the ConfigMap. Must be a C_IDENTIFIER.
1308 type: string
1309 secretRef:
1310 description: The Secret to select from
1311 properties:
1312 name:
1313 default: ""
1314 description: |-
1315 Name of the referent.
1316 This field is effectively required, but due to backwards compatibility is
1317 allowed to be empty. Instances of this type with an empty value here are
1318 almost certainly wrong.
1319 TODO: Add other useful fields. apiVersion, kind, uid?
1320 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
1321 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
1322 type: string
1323 optional:
1324 description: Specify whether the Secret must be defined
1325 type: boolean
1326 type: object
1327 x-kubernetes-map-type: atomic
1328 type: object
1329 type: array
1330 x-kubernetes-list-type: atomic
1331 image:
1332 description: |-
1333 Container image name.
1334 More info: https://kubernetes.io/docs/concepts/containers/images
1335 This field is optional to allow higher level config management to default or override
1336 container images in workload controllers like Deployments and StatefulSets.
1337 type: string
1338 imagePullPolicy:
1339 description: |-
1340 Image pull policy.
1341 One of Always, Never, IfNotPresent.
1342 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
1343 Cannot be updated.
1344 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
1345 type: string
1346 lifecycle:
1347 description: |-
1348 Actions that the management system should take in response to container lifecycle events.
1349 Cannot be updated.
1350 properties:
1351 postStart:
1352 description: |-
1353 PostStart is called immediately after a container is created. If the handler fails,
1354 the container is terminated and restarted according to its restart policy.
1355 Other management of the container blocks until the hook completes.
1356 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
1357 properties:
1358 exec:
1359 description: Exec specifies the action to take.
1360 properties:
1361 command:
1362 description: |-
1363 Command is the command line to execute inside the container, the working directory for the
1364 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1365 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1366 a shell, you need to explicitly call out to that shell.
1367 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1368 items:
1369 type: string
1370 type: array
1371 x-kubernetes-list-type: atomic
1372 type: object
1373 httpGet:
1374 description: HTTPGet specifies the http request to perform.
1375 properties:
1376 host:
1377 description: |-
1378 Host name to connect to, defaults to the pod IP. You probably want to set
1379 "Host" in httpHeaders instead.
1380 type: string
1381 httpHeaders:
1382 description: Custom headers to set in the request.
1383 HTTP allows repeated headers.
1384 items:
1385 description: HTTPHeader describes a custom header
1386 to be used in HTTP probes
1387 properties:
1388 name:
1389 description: |-
1390 The header field name.
1391 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1392 type: string
1393 value:
1394 description: The header field value
1395 type: string
1396 required:
1397 - name
1398 - value
1399 type: object
1400 type: array
1401 x-kubernetes-list-type: atomic
1402 path:
1403 description: Path to access on the HTTP server.
1404 type: string
1405 port:
1406 anyOf:
1407 - type: integer
1408 - type: string
1409 description: |-
1410 Name or number of the port to access on the container.
1411 Number must be in the range 1 to 65535.
1412 Name must be an IANA_SVC_NAME.
1413 x-kubernetes-int-or-string: true
1414 scheme:
1415 description: |-
1416 Scheme to use for connecting to the host.
1417 Defaults to HTTP.
1418 type: string
1419 required:
1420 - port
1421 type: object
1422 sleep:
1423 description: Sleep represents the duration that the
1424 container should sleep before being terminated.
1425 properties:
1426 seconds:
1427 description: Seconds is the number of seconds to
1428 sleep.
1429 format: int64
1430 type: integer
1431 required:
1432 - seconds
1433 type: object
1434 tcpSocket:
1435 description: |-
1436 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
1437 for the backward compatibility. There are no validation of this field and
1438 lifecycle hooks will fail in runtime when tcp handler is specified.
1439 properties:
1440 host:
1441 description: 'Optional: Host name to connect to,
1442 defaults to the pod IP.'
1443 type: string
1444 port:
1445 anyOf:
1446 - type: integer
1447 - type: string
1448 description: |-
1449 Number or name of the port to access on the container.
1450 Number must be in the range 1 to 65535.
1451 Name must be an IANA_SVC_NAME.
1452 x-kubernetes-int-or-string: true
1453 required:
1454 - port
1455 type: object
1456 type: object
1457 preStop:
1458 description: |-
1459 PreStop is called immediately before a container is terminated due to an
1460 API request or management event such as liveness/startup probe failure,
1461 preemption, resource contention, etc. The handler is not called if the
1462 container crashes or exits. The Pod's termination grace period countdown begins before the
1463 PreStop hook is executed. Regardless of the outcome of the handler, the
1464 container will eventually terminate within the Pod's termination grace
1465 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
1466 or until the termination grace period is reached.
1467 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
1468 properties:
1469 exec:
1470 description: Exec specifies the action to take.
1471 properties:
1472 command:
1473 description: |-
1474 Command is the command line to execute inside the container, the working directory for the
1475 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1476 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1477 a shell, you need to explicitly call out to that shell.
1478 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1479 items:
1480 type: string
1481 type: array
1482 x-kubernetes-list-type: atomic
1483 type: object
1484 httpGet:
1485 description: HTTPGet specifies the http request to perform.
1486 properties:
1487 host:
1488 description: |-
1489 Host name to connect to, defaults to the pod IP. You probably want to set
1490 "Host" in httpHeaders instead.
1491 type: string
1492 httpHeaders:
1493 description: Custom headers to set in the request.
1494 HTTP allows repeated headers.
1495 items:
1496 description: HTTPHeader describes a custom header
1497 to be used in HTTP probes
1498 properties:
1499 name:
1500 description: |-
1501 The header field name.
1502 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1503 type: string
1504 value:
1505 description: The header field value
1506 type: string
1507 required:
1508 - name
1509 - value
1510 type: object
1511 type: array
1512 x-kubernetes-list-type: atomic
1513 path:
1514 description: Path to access on the HTTP server.
1515 type: string
1516 port:
1517 anyOf:
1518 - type: integer
1519 - type: string
1520 description: |-
1521 Name or number of the port to access on the container.
1522 Number must be in the range 1 to 65535.
1523 Name must be an IANA_SVC_NAME.
1524 x-kubernetes-int-or-string: true
1525 scheme:
1526 description: |-
1527 Scheme to use for connecting to the host.
1528 Defaults to HTTP.
1529 type: string
1530 required:
1531 - port
1532 type: object
1533 sleep:
1534 description: Sleep represents the duration that the
1535 container should sleep before being terminated.
1536 properties:
1537 seconds:
1538 description: Seconds is the number of seconds to
1539 sleep.
1540 format: int64
1541 type: integer
1542 required:
1543 - seconds
1544 type: object
1545 tcpSocket:
1546 description: |-
1547 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
1548 for the backward compatibility. There are no validation of this field and
1549 lifecycle hooks will fail in runtime when tcp handler is specified.
1550 properties:
1551 host:
1552 description: 'Optional: Host name to connect to,
1553 defaults to the pod IP.'
1554 type: string
1555 port:
1556 anyOf:
1557 - type: integer
1558 - type: string
1559 description: |-
1560 Number or name of the port to access on the container.
1561 Number must be in the range 1 to 65535.
1562 Name must be an IANA_SVC_NAME.
1563 x-kubernetes-int-or-string: true
1564 required:
1565 - port
1566 type: object
1567 type: object
1568 type: object
1569 livenessProbe:
1570 description: |-
1571 Periodic probe of container liveness.
1572 Container will be restarted if the probe fails.
1573 Cannot be updated.
1574 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1575 properties:
1576 exec:
1577 description: Exec specifies the action to take.
1578 properties:
1579 command:
1580 description: |-
1581 Command is the command line to execute inside the container, the working directory for the
1582 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1583 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1584 a shell, you need to explicitly call out to that shell.
1585 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1586 items:
1587 type: string
1588 type: array
1589 x-kubernetes-list-type: atomic
1590 type: object
1591 failureThreshold:
1592 description: |-
1593 Minimum consecutive failures for the probe to be considered failed after having succeeded.
1594 Defaults to 3. Minimum value is 1.
1595 format: int32
1596 type: integer
1597 grpc:
1598 description: GRPC specifies an action involving a GRPC port.
1599 properties:
1600 port:
1601 description: Port number of the gRPC service. Number
1602 must be in the range 1 to 65535.
1603 format: int32
1604 type: integer
1605 service:
1606 description: |-
1607 Service is the name of the service to place in the gRPC HealthCheckRequest
1608 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
1609
1610
1611 If this is not specified, the default behavior is defined by gRPC.
1612 type: string
1613 required:
1614 - port
1615 type: object
1616 httpGet:
1617 description: HTTPGet specifies the http request to perform.
1618 properties:
1619 host:
1620 description: |-
1621 Host name to connect to, defaults to the pod IP. You probably want to set
1622 "Host" in httpHeaders instead.
1623 type: string
1624 httpHeaders:
1625 description: Custom headers to set in the request. HTTP
1626 allows repeated headers.
1627 items:
1628 description: HTTPHeader describes a custom header
1629 to be used in HTTP probes
1630 properties:
1631 name:
1632 description: |-
1633 The header field name.
1634 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1635 type: string
1636 value:
1637 description: The header field value
1638 type: string
1639 required:
1640 - name
1641 - value
1642 type: object
1643 type: array
1644 x-kubernetes-list-type: atomic
1645 path:
1646 description: Path to access on the HTTP server.
1647 type: string
1648 port:
1649 anyOf:
1650 - type: integer
1651 - type: string
1652 description: |-
1653 Name or number of the port to access on the container.
1654 Number must be in the range 1 to 65535.
1655 Name must be an IANA_SVC_NAME.
1656 x-kubernetes-int-or-string: true
1657 scheme:
1658 description: |-
1659 Scheme to use for connecting to the host.
1660 Defaults to HTTP.
1661 type: string
1662 required:
1663 - port
1664 type: object
1665 initialDelaySeconds:
1666 description: |-
1667 Number of seconds after the container has started before liveness probes are initiated.
1668 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1669 format: int32
1670 type: integer
1671 periodSeconds:
1672 description: |-
1673 How often (in seconds) to perform the probe.
1674 Default to 10 seconds. Minimum value is 1.
1675 format: int32
1676 type: integer
1677 successThreshold:
1678 description: |-
1679 Minimum consecutive successes for the probe to be considered successful after having failed.
1680 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
1681 format: int32
1682 type: integer
1683 tcpSocket:
1684 description: TCPSocket specifies an action involving a TCP
1685 port.
1686 properties:
1687 host:
1688 description: 'Optional: Host name to connect to, defaults
1689 to the pod IP.'
1690 type: string
1691 port:
1692 anyOf:
1693 - type: integer
1694 - type: string
1695 description: |-
1696 Number or name of the port to access on the container.
1697 Number must be in the range 1 to 65535.
1698 Name must be an IANA_SVC_NAME.
1699 x-kubernetes-int-or-string: true
1700 required:
1701 - port
1702 type: object
1703 terminationGracePeriodSeconds:
1704 description: |-
1705 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
1706 The grace period is the duration in seconds after the processes running in the pod are sent
1707 a termination signal and the time when the processes are forcibly halted with a kill signal.
1708 Set this value longer than the expected cleanup time for your process.
1709 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
1710 value overrides the value provided by the pod spec.
1711 Value must be non-negative integer. The value zero indicates stop immediately via
1712 the kill signal (no opportunity to shut down).
1713 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
1714 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
1715 format: int64
1716 type: integer
1717 timeoutSeconds:
1718 description: |-
1719 Number of seconds after which the probe times out.
1720 Defaults to 1 second. Minimum value is 1.
1721 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1722 format: int32
1723 type: integer
1724 type: object
1725 name:
1726 description: |-
1727 Name of the container specified as a DNS_LABEL.
1728 Each container in a pod must have a unique name (DNS_LABEL).
1729 Cannot be updated.
1730 type: string
1731 ports:
1732 description: |-
1733 List of ports to expose from the container. Not specifying a port here
1734 DOES NOT prevent that port from being exposed. Any port which is
1735 listening on the default "0.0.0.0" address inside a container will be
1736 accessible from the network.
1737 Modifying this array with strategic merge patch may corrupt the data.
1738 For more information See https://github.com/kubernetes/kubernetes/issues/108255.
1739 Cannot be updated.
1740 items:
1741 description: ContainerPort represents a network port in a
1742 single container.
1743 properties:
1744 containerPort:
1745 description: |-
1746 Number of port to expose on the pod's IP address.
1747 This must be a valid port number, 0 < x < 65536.
1748 format: int32
1749 type: integer
1750 hostIP:
1751 description: What host IP to bind the external port to.
1752 type: string
1753 hostPort:
1754 description: |-
1755 Number of port to expose on the host.
1756 If specified, this must be a valid port number, 0 < x < 65536.
1757 If HostNetwork is specified, this must match ContainerPort.
1758 Most containers do not need this.
1759 format: int32
1760 type: integer
1761 name:
1762 description: |-
1763 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
1764 named port in a pod must have a unique name. Name for the port that can be
1765 referred to by services.
1766 type: string
1767 protocol:
1768 default: TCP
1769 description: |-
1770 Protocol for port. Must be UDP, TCP, or SCTP.
1771 Defaults to "TCP".
1772 type: string
1773 required:
1774 - containerPort
1775 type: object
1776 type: array
1777 x-kubernetes-list-map-keys:
1778 - containerPort
1779 - protocol
1780 x-kubernetes-list-type: map
1781 readinessProbe:
1782 description: |-
1783 Periodic probe of container service readiness.
1784 Container will be removed from service endpoints if the probe fails.
1785 Cannot be updated.
1786 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1787 properties:
1788 exec:
1789 description: Exec specifies the action to take.
1790 properties:
1791 command:
1792 description: |-
1793 Command is the command line to execute inside the container, the working directory for the
1794 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
1795 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
1796 a shell, you need to explicitly call out to that shell.
1797 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
1798 items:
1799 type: string
1800 type: array
1801 x-kubernetes-list-type: atomic
1802 type: object
1803 failureThreshold:
1804 description: |-
1805 Minimum consecutive failures for the probe to be considered failed after having succeeded.
1806 Defaults to 3. Minimum value is 1.
1807 format: int32
1808 type: integer
1809 grpc:
1810 description: GRPC specifies an action involving a GRPC port.
1811 properties:
1812 port:
1813 description: Port number of the gRPC service. Number
1814 must be in the range 1 to 65535.
1815 format: int32
1816 type: integer
1817 service:
1818 description: |-
1819 Service is the name of the service to place in the gRPC HealthCheckRequest
1820 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
1821
1822
1823 If this is not specified, the default behavior is defined by gRPC.
1824 type: string
1825 required:
1826 - port
1827 type: object
1828 httpGet:
1829 description: HTTPGet specifies the http request to perform.
1830 properties:
1831 host:
1832 description: |-
1833 Host name to connect to, defaults to the pod IP. You probably want to set
1834 "Host" in httpHeaders instead.
1835 type: string
1836 httpHeaders:
1837 description: Custom headers to set in the request. HTTP
1838 allows repeated headers.
1839 items:
1840 description: HTTPHeader describes a custom header
1841 to be used in HTTP probes
1842 properties:
1843 name:
1844 description: |-
1845 The header field name.
1846 This will be canonicalized upon output, so case-variant names will be understood as the same header.
1847 type: string
1848 value:
1849 description: The header field value
1850 type: string
1851 required:
1852 - name
1853 - value
1854 type: object
1855 type: array
1856 x-kubernetes-list-type: atomic
1857 path:
1858 description: Path to access on the HTTP server.
1859 type: string
1860 port:
1861 anyOf:
1862 - type: integer
1863 - type: string
1864 description: |-
1865 Name or number of the port to access on the container.
1866 Number must be in the range 1 to 65535.
1867 Name must be an IANA_SVC_NAME.
1868 x-kubernetes-int-or-string: true
1869 scheme:
1870 description: |-
1871 Scheme to use for connecting to the host.
1872 Defaults to HTTP.
1873 type: string
1874 required:
1875 - port
1876 type: object
1877 initialDelaySeconds:
1878 description: |-
1879 Number of seconds after the container has started before liveness probes are initiated.
1880 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1881 format: int32
1882 type: integer
1883 periodSeconds:
1884 description: |-
1885 How often (in seconds) to perform the probe.
1886 Default to 10 seconds. Minimum value is 1.
1887 format: int32
1888 type: integer
1889 successThreshold:
1890 description: |-
1891 Minimum consecutive successes for the probe to be considered successful after having failed.
1892 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
1893 format: int32
1894 type: integer
1895 tcpSocket:
1896 description: TCPSocket specifies an action involving a TCP
1897 port.
1898 properties:
1899 host:
1900 description: 'Optional: Host name to connect to, defaults
1901 to the pod IP.'
1902 type: string
1903 port:
1904 anyOf:
1905 - type: integer
1906 - type: string
1907 description: |-
1908 Number or name of the port to access on the container.
1909 Number must be in the range 1 to 65535.
1910 Name must be an IANA_SVC_NAME.
1911 x-kubernetes-int-or-string: true
1912 required:
1913 - port
1914 type: object
1915 terminationGracePeriodSeconds:
1916 description: |-
1917 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
1918 The grace period is the duration in seconds after the processes running in the pod are sent
1919 a termination signal and the time when the processes are forcibly halted with a kill signal.
1920 Set this value longer than the expected cleanup time for your process.
1921 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
1922 value overrides the value provided by the pod spec.
1923 Value must be non-negative integer. The value zero indicates stop immediately via
1924 the kill signal (no opportunity to shut down).
1925 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
1926 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
1927 format: int64
1928 type: integer
1929 timeoutSeconds:
1930 description: |-
1931 Number of seconds after which the probe times out.
1932 Defaults to 1 second. Minimum value is 1.
1933 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
1934 format: int32
1935 type: integer
1936 type: object
1937 resizePolicy:
1938 description: Resources resize policy for the container.
1939 items:
1940 description: ContainerResizePolicy represents resource resize
1941 policy for the container.
1942 properties:
1943 resourceName:
1944 description: |-
1945 Name of the resource to which this resource resize policy applies.
1946 Supported values: cpu, memory.
1947 type: string
1948 restartPolicy:
1949 description: |-
1950 Restart policy to apply when specified resource is resized.
1951 If not specified, it defaults to NotRequired.
1952 type: string
1953 required:
1954 - resourceName
1955 - restartPolicy
1956 type: object
1957 type: array
1958 x-kubernetes-list-type: atomic
1959 resources:
1960 description: |-
1961 Compute Resources required by this container.
1962 Cannot be updated.
1963 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
1964 properties:
1965 claims:
1966 description: |-
1967 Claims lists the names of resources, defined in spec.resourceClaims,
1968 that are used by this container.
1969
1970
1971 This is an alpha field and requires enabling the
1972 DynamicResourceAllocation feature gate.
1973
1974
1975 This field is immutable. It can only be set for containers.
1976 items:
1977 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
1978 properties:
1979 name:
1980 description: |-
1981 Name must match the name of one entry in pod.spec.resourceClaims of
1982 the Pod where this field is used. It makes that resource available
1983 inside a container.
1984 type: string
1985 required:
1986 - name
1987 type: object
1988 type: array
1989 x-kubernetes-list-map-keys:
1990 - name
1991 x-kubernetes-list-type: map
1992 limits:
1993 additionalProperties:
1994 anyOf:
1995 - type: integer
1996 - type: string
1997 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
1998 x-kubernetes-int-or-string: true
1999 description: |-
2000 Limits describes the maximum amount of compute resources allowed.
2001 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2002 type: object
2003 requests:
2004 additionalProperties:
2005 anyOf:
2006 - type: integer
2007 - type: string
2008 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2009 x-kubernetes-int-or-string: true
2010 description: |-
2011 Requests describes the minimum amount of compute resources required.
2012 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
2013 otherwise to an implementation-defined value. Requests cannot exceed Limits.
2014 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
2015 type: object
2016 type: object
2017 restartPolicy:
2018 description: |-
2019 RestartPolicy defines the restart behavior of individual containers in a pod.
2020 This field may only be set for init containers, and the only allowed value is "Always".
2021 For non-init containers or when this field is not specified,
2022 the restart behavior is defined by the Pod's restart policy and the container type.
2023 Setting the RestartPolicy as "Always" for the init container will have the following effect:
2024 this init container will be continually restarted on
2025 exit until all regular containers have terminated. Once all regular
2026 containers have completed, all init containers with restartPolicy "Always"
2027 will be shut down. This lifecycle differs from normal init containers and
2028 is often referred to as a "sidecar" container. Although this init
2029 container still starts in the init container sequence, it does not wait
2030 for the container to complete before proceeding to the next init
2031 container. Instead, the next init container starts immediately after this
2032 init container is started, or after any startupProbe has successfully
2033 completed.
2034 type: string
2035 securityContext:
2036 description: |-
2037 SecurityContext defines the security options the container should be run with.
2038 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
2039 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
2040 properties:
2041 allowPrivilegeEscalation:
2042 description: |-
2043 AllowPrivilegeEscalation controls whether a process can gain more
2044 privileges than its parent process. This bool directly controls if
2045 the no_new_privs flag will be set on the container process.
2046 AllowPrivilegeEscalation is true always when the container is:
2047 1) run as Privileged
2048 2) has CAP_SYS_ADMIN
2049 Note that this field cannot be set when spec.os.name is windows.
2050 type: boolean
2051 appArmorProfile:
2052 description: |-
2053 appArmorProfile is the AppArmor options to use by this container. If set, this profile
2054 overrides the pod's appArmorProfile.
2055 Note that this field cannot be set when spec.os.name is windows.
2056 properties:
2057 localhostProfile:
2058 description: |-
2059 localhostProfile indicates a profile loaded on the node that should be used.
2060 The profile must be preconfigured on the node to work.
2061 Must match the loaded name of the profile.
2062 Must be set if and only if type is "Localhost".
2063 type: string
2064 type:
2065 description: |-
2066 type indicates which kind of AppArmor profile will be applied.
2067 Valid options are:
2068 Localhost - a profile pre-loaded on the node.
2069 RuntimeDefault - the container runtime's default profile.
2070 Unconfined - no AppArmor enforcement.
2071 type: string
2072 required:
2073 - type
2074 type: object
2075 capabilities:
2076 description: |-
2077 The capabilities to add/drop when running containers.
2078 Defaults to the default set of capabilities granted by the container runtime.
2079 Note that this field cannot be set when spec.os.name is windows.
2080 properties:
2081 add:
2082 description: Added capabilities
2083 items:
2084 description: Capability represent POSIX capabilities
2085 type
2086 type: string
2087 type: array
2088 x-kubernetes-list-type: atomic
2089 drop:
2090 description: Removed capabilities
2091 items:
2092 description: Capability represent POSIX capabilities
2093 type
2094 type: string
2095 type: array
2096 x-kubernetes-list-type: atomic
2097 type: object
2098 privileged:
2099 description: |-
2100 Run container in privileged mode.
2101 Processes in privileged containers are essentially equivalent to root on the host.
2102 Defaults to false.
2103 Note that this field cannot be set when spec.os.name is windows.
2104 type: boolean
2105 procMount:
2106 description: |-
2107 procMount denotes the type of proc mount to use for the containers.
2108 The default is DefaultProcMount which uses the container runtime defaults for
2109 readonly paths and masked paths.
2110 This requires the ProcMountType feature flag to be enabled.
2111 Note that this field cannot be set when spec.os.name is windows.
2112 type: string
2113 readOnlyRootFilesystem:
2114 description: |-
2115 Whether this container has a read-only root filesystem.
2116 Default is false.
2117 Note that this field cannot be set when spec.os.name is windows.
2118 type: boolean
2119 runAsGroup:
2120 description: |-
2121 The GID to run the entrypoint of the container process.
2122 Uses runtime default if unset.
2123 May also be set in PodSecurityContext. If set in both SecurityContext and
2124 PodSecurityContext, the value specified in SecurityContext takes precedence.
2125 Note that this field cannot be set when spec.os.name is windows.
2126 format: int64
2127 type: integer
2128 runAsNonRoot:
2129 description: |-
2130 Indicates that the container must run as a non-root user.
2131 If true, the Kubelet will validate the image at runtime to ensure that it
2132 does not run as UID 0 (root) and fail to start the container if it does.
2133 If unset or false, no such validation will be performed.
2134 May also be set in PodSecurityContext. If set in both SecurityContext and
2135 PodSecurityContext, the value specified in SecurityContext takes precedence.
2136 type: boolean
2137 runAsUser:
2138 description: |-
2139 The UID to run the entrypoint of the container process.
2140 Defaults to user specified in image metadata if unspecified.
2141 May also be set in PodSecurityContext. If set in both SecurityContext and
2142 PodSecurityContext, the value specified in SecurityContext takes precedence.
2143 Note that this field cannot be set when spec.os.name is windows.
2144 format: int64
2145 type: integer
2146 seLinuxOptions:
2147 description: |-
2148 The SELinux context to be applied to the container.
2149 If unspecified, the container runtime will allocate a random SELinux context for each
2150 container. May also be set in PodSecurityContext. If set in both SecurityContext and
2151 PodSecurityContext, the value specified in SecurityContext takes precedence.
2152 Note that this field cannot be set when spec.os.name is windows.
2153 properties:
2154 level:
2155 description: Level is SELinux level label that applies
2156 to the container.
2157 type: string
2158 role:
2159 description: Role is a SELinux role label that applies
2160 to the container.
2161 type: string
2162 type:
2163 description: Type is a SELinux type label that applies
2164 to the container.
2165 type: string
2166 user:
2167 description: User is a SELinux user label that applies
2168 to the container.
2169 type: string
2170 type: object
2171 seccompProfile:
2172 description: |-
2173 The seccomp options to use by this container. If seccomp options are
2174 provided at both the pod & container level, the container options
2175 override the pod options.
2176 Note that this field cannot be set when spec.os.name is windows.
2177 properties:
2178 localhostProfile:
2179 description: |-
2180 localhostProfile indicates a profile defined in a file on the node should be used.
2181 The profile must be preconfigured on the node to work.
2182 Must be a descending path, relative to the kubelet's configured seccomp profile location.
2183 Must be set if type is "Localhost". Must NOT be set for any other type.
2184 type: string
2185 type:
2186 description: |-
2187 type indicates which kind of seccomp profile will be applied.
2188 Valid options are:
2189
2190
2191 Localhost - a profile defined in a file on the node should be used.
2192 RuntimeDefault - the container runtime default profile should be used.
2193 Unconfined - no profile should be applied.
2194 type: string
2195 required:
2196 - type
2197 type: object
2198 windowsOptions:
2199 description: |-
2200 The Windows specific settings applied to all containers.
2201 If unspecified, the options from the PodSecurityContext will be used.
2202 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
2203 Note that this field cannot be set when spec.os.name is linux.
2204 properties:
2205 gmsaCredentialSpec:
2206 description: |-
2207 GMSACredentialSpec is where the GMSA admission webhook
2208 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
2209 GMSA credential spec named by the GMSACredentialSpecName field.
2210 type: string
2211 gmsaCredentialSpecName:
2212 description: GMSACredentialSpecName is the name of the
2213 GMSA credential spec to use.
2214 type: string
2215 hostProcess:
2216 description: |-
2217 HostProcess determines if a container should be run as a 'Host Process' container.
2218 All of a Pod's containers must have the same effective HostProcess value
2219 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
2220 In addition, if HostProcess is true then HostNetwork must also be set to true.
2221 type: boolean
2222 runAsUserName:
2223 description: |-
2224 The UserName in Windows to run the entrypoint of the container process.
2225 Defaults to the user specified in image metadata if unspecified.
2226 May also be set in PodSecurityContext. If set in both SecurityContext and
2227 PodSecurityContext, the value specified in SecurityContext takes precedence.
2228 type: string
2229 type: object
2230 type: object
2231 startupProbe:
2232 description: |-
2233 StartupProbe indicates that the Pod has successfully initialized.
2234 If specified, no other probes are executed until this completes successfully.
2235 If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
2236 This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
2237 when it might take a long time to load data or warm a cache, than during steady-state operation.
2238 This cannot be updated.
2239 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2240 properties:
2241 exec:
2242 description: Exec specifies the action to take.
2243 properties:
2244 command:
2245 description: |-
2246 Command is the command line to execute inside the container, the working directory for the
2247 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
2248 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
2249 a shell, you need to explicitly call out to that shell.
2250 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
2251 items:
2252 type: string
2253 type: array
2254 x-kubernetes-list-type: atomic
2255 type: object
2256 failureThreshold:
2257 description: |-
2258 Minimum consecutive failures for the probe to be considered failed after having succeeded.
2259 Defaults to 3. Minimum value is 1.
2260 format: int32
2261 type: integer
2262 grpc:
2263 description: GRPC specifies an action involving a GRPC port.
2264 properties:
2265 port:
2266 description: Port number of the gRPC service. Number
2267 must be in the range 1 to 65535.
2268 format: int32
2269 type: integer
2270 service:
2271 description: |-
2272 Service is the name of the service to place in the gRPC HealthCheckRequest
2273 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
2274
2275
2276 If this is not specified, the default behavior is defined by gRPC.
2277 type: string
2278 required:
2279 - port
2280 type: object
2281 httpGet:
2282 description: HTTPGet specifies the http request to perform.
2283 properties:
2284 host:
2285 description: |-
2286 Host name to connect to, defaults to the pod IP. You probably want to set
2287 "Host" in httpHeaders instead.
2288 type: string
2289 httpHeaders:
2290 description: Custom headers to set in the request. HTTP
2291 allows repeated headers.
2292 items:
2293 description: HTTPHeader describes a custom header
2294 to be used in HTTP probes
2295 properties:
2296 name:
2297 description: |-
2298 The header field name.
2299 This will be canonicalized upon output, so case-variant names will be understood as the same header.
2300 type: string
2301 value:
2302 description: The header field value
2303 type: string
2304 required:
2305 - name
2306 - value
2307 type: object
2308 type: array
2309 x-kubernetes-list-type: atomic
2310 path:
2311 description: Path to access on the HTTP server.
2312 type: string
2313 port:
2314 anyOf:
2315 - type: integer
2316 - type: string
2317 description: |-
2318 Name or number of the port to access on the container.
2319 Number must be in the range 1 to 65535.
2320 Name must be an IANA_SVC_NAME.
2321 x-kubernetes-int-or-string: true
2322 scheme:
2323 description: |-
2324 Scheme to use for connecting to the host.
2325 Defaults to HTTP.
2326 type: string
2327 required:
2328 - port
2329 type: object
2330 initialDelaySeconds:
2331 description: |-
2332 Number of seconds after the container has started before liveness probes are initiated.
2333 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2334 format: int32
2335 type: integer
2336 periodSeconds:
2337 description: |-
2338 How often (in seconds) to perform the probe.
2339 Default to 10 seconds. Minimum value is 1.
2340 format: int32
2341 type: integer
2342 successThreshold:
2343 description: |-
2344 Minimum consecutive successes for the probe to be considered successful after having failed.
2345 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
2346 format: int32
2347 type: integer
2348 tcpSocket:
2349 description: TCPSocket specifies an action involving a TCP
2350 port.
2351 properties:
2352 host:
2353 description: 'Optional: Host name to connect to, defaults
2354 to the pod IP.'
2355 type: string
2356 port:
2357 anyOf:
2358 - type: integer
2359 - type: string
2360 description: |-
2361 Number or name of the port to access on the container.
2362 Number must be in the range 1 to 65535.
2363 Name must be an IANA_SVC_NAME.
2364 x-kubernetes-int-or-string: true
2365 required:
2366 - port
2367 type: object
2368 terminationGracePeriodSeconds:
2369 description: |-
2370 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
2371 The grace period is the duration in seconds after the processes running in the pod are sent
2372 a termination signal and the time when the processes are forcibly halted with a kill signal.
2373 Set this value longer than the expected cleanup time for your process.
2374 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
2375 value overrides the value provided by the pod spec.
2376 Value must be non-negative integer. The value zero indicates stop immediately via
2377 the kill signal (no opportunity to shut down).
2378 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
2379 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
2380 format: int64
2381 type: integer
2382 timeoutSeconds:
2383 description: |-
2384 Number of seconds after which the probe times out.
2385 Defaults to 1 second. Minimum value is 1.
2386 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
2387 format: int32
2388 type: integer
2389 type: object
2390 stdin:
2391 description: |-
2392 Whether this container should allocate a buffer for stdin in the container runtime. If this
2393 is not set, reads from stdin in the container will always result in EOF.
2394 Default is false.
2395 type: boolean
2396 stdinOnce:
2397 description: |-
2398 Whether the container runtime should close the stdin channel after it has been opened by
2399 a single attach. When stdin is true the stdin stream will remain open across multiple attach
2400 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
2401 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
2402 at which time stdin is closed and remains closed until the container is restarted. If this
2403 flag is false, a container processes that reads from stdin will never receive an EOF.
2404 Default is false
2405 type: boolean
2406 terminationMessagePath:
2407 description: |-
2408 Optional: Path at which the file to which the container's termination message
2409 will be written is mounted into the container's filesystem.
2410 Message written is intended to be brief final status, such as an assertion failure message.
2411 Will be truncated by the node if greater than 4096 bytes. The total message length across
2412 all containers will be limited to 12kb.
2413 Defaults to /dev/termination-log.
2414 Cannot be updated.
2415 type: string
2416 terminationMessagePolicy:
2417 description: |-
2418 Indicate how the termination message should be populated. File will use the contents of
2419 terminationMessagePath to populate the container status message on both success and failure.
2420 FallbackToLogsOnError will use the last chunk of container log output if the termination
2421 message file is empty and the container exited with an error.
2422 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
2423 Defaults to File.
2424 Cannot be updated.
2425 type: string
2426 tty:
2427 description: |-
2428 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
2429 Default is false.
2430 type: boolean
2431 volumeDevices:
2432 description: volumeDevices is the list of block devices to be
2433 used by the container.
2434 items:
2435 description: volumeDevice describes a mapping of a raw block
2436 device within a container.
2437 properties:
2438 devicePath:
2439 description: devicePath is the path inside of the container
2440 that the device will be mapped to.
2441 type: string
2442 name:
2443 description: name must match the name of a persistentVolumeClaim
2444 in the pod
2445 type: string
2446 required:
2447 - devicePath
2448 - name
2449 type: object
2450 type: array
2451 x-kubernetes-list-map-keys:
2452 - devicePath
2453 x-kubernetes-list-type: map
2454 volumeMounts:
2455 description: |-
2456 Pod volumes to mount into the container's filesystem.
2457 Cannot be updated.
2458 items:
2459 description: VolumeMount describes a mounting of a Volume
2460 within a container.
2461 properties:
2462 mountPath:
2463 description: |-
2464 Path within the container at which the volume should be mounted. Must
2465 not contain ':'.
2466 type: string
2467 mountPropagation:
2468 description: |-
2469 mountPropagation determines how mounts are propagated from the host
2470 to container and the other way around.
2471 When not set, MountPropagationNone is used.
2472 This field is beta in 1.10.
2473 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
2474 (which defaults to None).
2475 type: string
2476 name:
2477 description: This must match the Name of a Volume.
2478 type: string
2479 readOnly:
2480 description: |-
2481 Mounted read-only if true, read-write otherwise (false or unspecified).
2482 Defaults to false.
2483 type: boolean
2484 recursiveReadOnly:
2485 description: |-
2486 RecursiveReadOnly specifies whether read-only mounts should be handled
2487 recursively.
2488
2489
2490 If ReadOnly is false, this field has no meaning and must be unspecified.
2491
2492
2493 If ReadOnly is true, and this field is set to Disabled, the mount is not made
2494 recursively read-only. If this field is set to IfPossible, the mount is made
2495 recursively read-only, if it is supported by the container runtime. If this
2496 field is set to Enabled, the mount is made recursively read-only if it is
2497 supported by the container runtime, otherwise the pod will not be started and
2498 an error will be generated to indicate the reason.
2499
2500
2501 If this field is set to IfPossible or Enabled, MountPropagation must be set to
2502 None (or be unspecified, which defaults to None).
2503
2504
2505 If this field is not specified, it is treated as an equivalent of Disabled.
2506 type: string
2507 subPath:
2508 description: |-
2509 Path within the volume from which the container's volume should be mounted.
2510 Defaults to "" (volume's root).
2511 type: string
2512 subPathExpr:
2513 description: |-
2514 Expanded path within the volume from which the container's volume should be mounted.
2515 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
2516 Defaults to "" (volume's root).
2517 SubPathExpr and SubPath are mutually exclusive.
2518 type: string
2519 required:
2520 - mountPath
2521 - name
2522 type: object
2523 type: array
2524 x-kubernetes-list-map-keys:
2525 - mountPath
2526 x-kubernetes-list-type: map
2527 workingDir:
2528 description: |-
2529 Container's working directory.
2530 If not specified, the container runtime's default will be used, which
2531 might be configured in the container image.
2532 Cannot be updated.
2533 type: string
2534 required:
2535 - name
2536 type: object
2537 type: array
2538 enforcedNamespaceLabel:
2539 description: |-
2540 EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert
2541 and metric that is user created. The label value will always be the namespace of the object that is
2542 being created.
2543 type: string
2544 evaluationInterval:
2545 default: 15s
2546 description: Interval between consecutive evaluations.
2547 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
2548 type: string
2549 excludedFromEnforcement:
2550 description: |-
2551 List of references to PrometheusRule objects
2552 to be excluded from enforcing a namespace label of origin.
2553 Applies only if enforcedNamespaceLabel set to true.
2554 items:
2555 description: ObjectReference references a PodMonitor, ServiceMonitor,
2556 Probe or PrometheusRule object.
2557 properties:
2558 group:
2559 default: monitoring.coreos.com
2560 description: Group of the referent. When not specified, it defaults
2561 to `monitoring.coreos.com`
2562 enum:
2563 - monitoring.coreos.com
2564 type: string
2565 name:
2566 description: Name of the referent. When not set, all resources
2567 in the namespace are matched.
2568 type: string
2569 namespace:
2570 description: |-
2571 Namespace of the referent.
2572 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
2573 minLength: 1
2574 type: string
2575 resource:
2576 description: Resource of the referent.
2577 enum:
2578 - prometheusrules
2579 - servicemonitors
2580 - podmonitors
2581 - probes
2582 - scrapeconfigs
2583 type: string
2584 required:
2585 - namespace
2586 - resource
2587 type: object
2588 type: array
2589 externalPrefix:
2590 description: |-
2591 The external URL the Thanos Ruler instances will be available under. This is
2592 necessary to generate correct URLs. This is necessary if Thanos Ruler is not
2593 served from root of a DNS name.
2594 type: string
2595 grpcServerTlsConfig:
2596 description: |-
2597 GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads
2598 recorded rule data.
2599 Note: Currently only the CAFile, CertFile, and KeyFile fields are supported.
2600 Maps to the '--grpc-server-tls-*' CLI args.
2601 properties:
2602 ca:
2603 description: Certificate authority used when verifying server
2604 certificates.
2605 properties:
2606 configMap:
2607 description: ConfigMap containing data to use for the targets.
2608 properties:
2609 key:
2610 description: The key to select.
2611 type: string
2612 name:
2613 default: ""
2614 description: |-
2615 Name of the referent.
2616 This field is effectively required, but due to backwards compatibility is
2617 allowed to be empty. Instances of this type with an empty value here are
2618 almost certainly wrong.
2619 TODO: Add other useful fields. apiVersion, kind, uid?
2620 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2621 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2622 type: string
2623 optional:
2624 description: Specify whether the ConfigMap or its key
2625 must be defined
2626 type: boolean
2627 required:
2628 - key
2629 type: object
2630 x-kubernetes-map-type: atomic
2631 secret:
2632 description: Secret containing data to use for the targets.
2633 properties:
2634 key:
2635 description: The key of the secret to select from. Must
2636 be a valid secret key.
2637 type: string
2638 name:
2639 default: ""
2640 description: |-
2641 Name of the referent.
2642 This field is effectively required, but due to backwards compatibility is
2643 allowed to be empty. Instances of this type with an empty value here are
2644 almost certainly wrong.
2645 TODO: Add other useful fields. apiVersion, kind, uid?
2646 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2647 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2648 type: string
2649 optional:
2650 description: Specify whether the Secret or its key must
2651 be defined
2652 type: boolean
2653 required:
2654 - key
2655 type: object
2656 x-kubernetes-map-type: atomic
2657 type: object
2658 caFile:
2659 description: Path to the CA cert in the Prometheus container to
2660 use for the targets.
2661 type: string
2662 cert:
2663 description: Client certificate to present when doing client-authentication.
2664 properties:
2665 configMap:
2666 description: ConfigMap containing data to use for the targets.
2667 properties:
2668 key:
2669 description: The key to select.
2670 type: string
2671 name:
2672 default: ""
2673 description: |-
2674 Name of the referent.
2675 This field is effectively required, but due to backwards compatibility is
2676 allowed to be empty. Instances of this type with an empty value here are
2677 almost certainly wrong.
2678 TODO: Add other useful fields. apiVersion, kind, uid?
2679 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2680 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2681 type: string
2682 optional:
2683 description: Specify whether the ConfigMap or its key
2684 must be defined
2685 type: boolean
2686 required:
2687 - key
2688 type: object
2689 x-kubernetes-map-type: atomic
2690 secret:
2691 description: Secret containing data to use for the targets.
2692 properties:
2693 key:
2694 description: The key of the secret to select from. Must
2695 be a valid secret key.
2696 type: string
2697 name:
2698 default: ""
2699 description: |-
2700 Name of the referent.
2701 This field is effectively required, but due to backwards compatibility is
2702 allowed to be empty. Instances of this type with an empty value here are
2703 almost certainly wrong.
2704 TODO: Add other useful fields. apiVersion, kind, uid?
2705 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2706 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2707 type: string
2708 optional:
2709 description: Specify whether the Secret or its key must
2710 be defined
2711 type: boolean
2712 required:
2713 - key
2714 type: object
2715 x-kubernetes-map-type: atomic
2716 type: object
2717 certFile:
2718 description: Path to the client cert file in the Prometheus container
2719 for the targets.
2720 type: string
2721 insecureSkipVerify:
2722 description: Disable target certificate validation.
2723 type: boolean
2724 keyFile:
2725 description: Path to the client key file in the Prometheus container
2726 for the targets.
2727 type: string
2728 keySecret:
2729 description: Secret containing the client key file for the targets.
2730 properties:
2731 key:
2732 description: The key of the secret to select from. Must be
2733 a valid secret key.
2734 type: string
2735 name:
2736 default: ""
2737 description: |-
2738 Name of the referent.
2739 This field is effectively required, but due to backwards compatibility is
2740 allowed to be empty. Instances of this type with an empty value here are
2741 almost certainly wrong.
2742 TODO: Add other useful fields. apiVersion, kind, uid?
2743 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2744 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2745 type: string
2746 optional:
2747 description: Specify whether the Secret or its key must be
2748 defined
2749 type: boolean
2750 required:
2751 - key
2752 type: object
2753 x-kubernetes-map-type: atomic
2754 serverName:
2755 description: Used to verify the hostname for the targets.
2756 type: string
2757 type: object
2758 hostAliases:
2759 description: Pods' hostAliases configuration
2760 items:
2761 description: |-
2762 HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the
2763 pod's hosts file.
2764 properties:
2765 hostnames:
2766 description: Hostnames for the above IP address.
2767 items:
2768 type: string
2769 type: array
2770 ip:
2771 description: IP address of the host file entry.
2772 type: string
2773 required:
2774 - hostnames
2775 - ip
2776 type: object
2777 type: array
2778 x-kubernetes-list-map-keys:
2779 - ip
2780 x-kubernetes-list-type: map
2781 image:
2782 description: Thanos container image URL.
2783 type: string
2784 imagePullPolicy:
2785 description: |-
2786 Image pull policy for the 'thanos', 'init-config-reloader' and 'config-reloader' containers.
2787 See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
2788 enum:
2789 - ""
2790 - Always
2791 - Never
2792 - IfNotPresent
2793 type: string
2794 imagePullSecrets:
2795 description: |-
2796 An optional list of references to secrets in the same namespace
2797 to use for pulling thanos images from registries
2798 see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
2799 items:
2800 description: |-
2801 LocalObjectReference contains enough information to let you locate the
2802 referenced object inside the same namespace.
2803 properties:
2804 name:
2805 default: ""
2806 description: |-
2807 Name of the referent.
2808 This field is effectively required, but due to backwards compatibility is
2809 allowed to be empty. Instances of this type with an empty value here are
2810 almost certainly wrong.
2811 TODO: Add other useful fields. apiVersion, kind, uid?
2812 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2813 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2814 type: string
2815 type: object
2816 x-kubernetes-map-type: atomic
2817 type: array
2818 initContainers:
2819 description: |-
2820 InitContainers allows adding initContainers to the pod definition. Those can be used to e.g.
2821 fetch secrets for injection into the ThanosRuler configuration from external sources. Any
2822 errors during the execution of an initContainer will lead to a restart of the Pod.
2823 More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
2824 Using initContainers for any use case other then secret fetching is entirely outside the scope
2825 of what the maintainers will support and by doing so, you accept that this behaviour may break
2826 at any time without notice.
2827 items:
2828 description: A single application container that you want to run
2829 within a pod.
2830 properties:
2831 args:
2832 description: |-
2833 Arguments to the entrypoint.
2834 The container image's CMD is used if this is not provided.
2835 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
2836 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
2837 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
2838 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
2839 of whether the variable exists or not. Cannot be updated.
2840 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
2841 items:
2842 type: string
2843 type: array
2844 x-kubernetes-list-type: atomic
2845 command:
2846 description: |-
2847 Entrypoint array. Not executed within a shell.
2848 The container image's ENTRYPOINT is used if this is not provided.
2849 Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
2850 cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
2851 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
2852 produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
2853 of whether the variable exists or not. Cannot be updated.
2854 More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
2855 items:
2856 type: string
2857 type: array
2858 x-kubernetes-list-type: atomic
2859 env:
2860 description: |-
2861 List of environment variables to set in the container.
2862 Cannot be updated.
2863 items:
2864 description: EnvVar represents an environment variable present
2865 in a Container.
2866 properties:
2867 name:
2868 description: Name of the environment variable. Must be
2869 a C_IDENTIFIER.
2870 type: string
2871 value:
2872 description: |-
2873 Variable references $(VAR_NAME) are expanded
2874 using the previously defined environment variables in the container and
2875 any service environment variables. If a variable cannot be resolved,
2876 the reference in the input string will be unchanged. Double $$ are reduced
2877 to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
2878 "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
2879 Escaped references will never be expanded, regardless of whether the variable
2880 exists or not.
2881 Defaults to "".
2882 type: string
2883 valueFrom:
2884 description: Source for the environment variable's value.
2885 Cannot be used if value is not empty.
2886 properties:
2887 configMapKeyRef:
2888 description: Selects a key of a ConfigMap.
2889 properties:
2890 key:
2891 description: The key to select.
2892 type: string
2893 name:
2894 default: ""
2895 description: |-
2896 Name of the referent.
2897 This field is effectively required, but due to backwards compatibility is
2898 allowed to be empty. Instances of this type with an empty value here are
2899 almost certainly wrong.
2900 TODO: Add other useful fields. apiVersion, kind, uid?
2901 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2902 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2903 type: string
2904 optional:
2905 description: Specify whether the ConfigMap or
2906 its key must be defined
2907 type: boolean
2908 required:
2909 - key
2910 type: object
2911 x-kubernetes-map-type: atomic
2912 fieldRef:
2913 description: |-
2914 Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
2915 spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
2916 properties:
2917 apiVersion:
2918 description: Version of the schema the FieldPath
2919 is written in terms of, defaults to "v1".
2920 type: string
2921 fieldPath:
2922 description: Path of the field to select in the
2923 specified API version.
2924 type: string
2925 required:
2926 - fieldPath
2927 type: object
2928 x-kubernetes-map-type: atomic
2929 resourceFieldRef:
2930 description: |-
2931 Selects a resource of the container: only resources limits and requests
2932 (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
2933 properties:
2934 containerName:
2935 description: 'Container name: required for volumes,
2936 optional for env vars'
2937 type: string
2938 divisor:
2939 anyOf:
2940 - type: integer
2941 - type: string
2942 description: Specifies the output format of the
2943 exposed resources, defaults to "1"
2944 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
2945 x-kubernetes-int-or-string: true
2946 resource:
2947 description: 'Required: resource to select'
2948 type: string
2949 required:
2950 - resource
2951 type: object
2952 x-kubernetes-map-type: atomic
2953 secretKeyRef:
2954 description: Selects a key of a secret in the pod's
2955 namespace
2956 properties:
2957 key:
2958 description: The key of the secret to select from. Must
2959 be a valid secret key.
2960 type: string
2961 name:
2962 default: ""
2963 description: |-
2964 Name of the referent.
2965 This field is effectively required, but due to backwards compatibility is
2966 allowed to be empty. Instances of this type with an empty value here are
2967 almost certainly wrong.
2968 TODO: Add other useful fields. apiVersion, kind, uid?
2969 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
2970 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
2971 type: string
2972 optional:
2973 description: Specify whether the Secret or its
2974 key must be defined
2975 type: boolean
2976 required:
2977 - key
2978 type: object
2979 x-kubernetes-map-type: atomic
2980 type: object
2981 required:
2982 - name
2983 type: object
2984 type: array
2985 x-kubernetes-list-map-keys:
2986 - name
2987 x-kubernetes-list-type: map
2988 envFrom:
2989 description: |-
2990 List of sources to populate environment variables in the container.
2991 The keys defined within a source must be a C_IDENTIFIER. All invalid keys
2992 will be reported as an event when the container is starting. When a key exists in multiple
2993 sources, the value associated with the last source will take precedence.
2994 Values defined by an Env with a duplicate key will take precedence.
2995 Cannot be updated.
2996 items:
2997 description: EnvFromSource represents the source of a set
2998 of ConfigMaps
2999 properties:
3000 configMapRef:
3001 description: The ConfigMap to select from
3002 properties:
3003 name:
3004 default: ""
3005 description: |-
3006 Name of the referent.
3007 This field is effectively required, but due to backwards compatibility is
3008 allowed to be empty. Instances of this type with an empty value here are
3009 almost certainly wrong.
3010 TODO: Add other useful fields. apiVersion, kind, uid?
3011 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3012 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3013 type: string
3014 optional:
3015 description: Specify whether the ConfigMap must be
3016 defined
3017 type: boolean
3018 type: object
3019 x-kubernetes-map-type: atomic
3020 prefix:
3021 description: An optional identifier to prepend to each
3022 key in the ConfigMap. Must be a C_IDENTIFIER.
3023 type: string
3024 secretRef:
3025 description: The Secret to select from
3026 properties:
3027 name:
3028 default: ""
3029 description: |-
3030 Name of the referent.
3031 This field is effectively required, but due to backwards compatibility is
3032 allowed to be empty. Instances of this type with an empty value here are
3033 almost certainly wrong.
3034 TODO: Add other useful fields. apiVersion, kind, uid?
3035 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
3036 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
3037 type: string
3038 optional:
3039 description: Specify whether the Secret must be defined
3040 type: boolean
3041 type: object
3042 x-kubernetes-map-type: atomic
3043 type: object
3044 type: array
3045 x-kubernetes-list-type: atomic
3046 image:
3047 description: |-
3048 Container image name.
3049 More info: https://kubernetes.io/docs/concepts/containers/images
3050 This field is optional to allow higher level config management to default or override
3051 container images in workload controllers like Deployments and StatefulSets.
3052 type: string
3053 imagePullPolicy:
3054 description: |-
3055 Image pull policy.
3056 One of Always, Never, IfNotPresent.
3057 Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
3058 Cannot be updated.
3059 More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
3060 type: string
3061 lifecycle:
3062 description: |-
3063 Actions that the management system should take in response to container lifecycle events.
3064 Cannot be updated.
3065 properties:
3066 postStart:
3067 description: |-
3068 PostStart is called immediately after a container is created. If the handler fails,
3069 the container is terminated and restarted according to its restart policy.
3070 Other management of the container blocks until the hook completes.
3071 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
3072 properties:
3073 exec:
3074 description: Exec specifies the action to take.
3075 properties:
3076 command:
3077 description: |-
3078 Command is the command line to execute inside the container, the working directory for the
3079 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3080 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3081 a shell, you need to explicitly call out to that shell.
3082 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3083 items:
3084 type: string
3085 type: array
3086 x-kubernetes-list-type: atomic
3087 type: object
3088 httpGet:
3089 description: HTTPGet specifies the http request to perform.
3090 properties:
3091 host:
3092 description: |-
3093 Host name to connect to, defaults to the pod IP. You probably want to set
3094 "Host" in httpHeaders instead.
3095 type: string
3096 httpHeaders:
3097 description: Custom headers to set in the request.
3098 HTTP allows repeated headers.
3099 items:
3100 description: HTTPHeader describes a custom header
3101 to be used in HTTP probes
3102 properties:
3103 name:
3104 description: |-
3105 The header field name.
3106 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3107 type: string
3108 value:
3109 description: The header field value
3110 type: string
3111 required:
3112 - name
3113 - value
3114 type: object
3115 type: array
3116 x-kubernetes-list-type: atomic
3117 path:
3118 description: Path to access on the HTTP server.
3119 type: string
3120 port:
3121 anyOf:
3122 - type: integer
3123 - type: string
3124 description: |-
3125 Name or number of the port to access on the container.
3126 Number must be in the range 1 to 65535.
3127 Name must be an IANA_SVC_NAME.
3128 x-kubernetes-int-or-string: true
3129 scheme:
3130 description: |-
3131 Scheme to use for connecting to the host.
3132 Defaults to HTTP.
3133 type: string
3134 required:
3135 - port
3136 type: object
3137 sleep:
3138 description: Sleep represents the duration that the
3139 container should sleep before being terminated.
3140 properties:
3141 seconds:
3142 description: Seconds is the number of seconds to
3143 sleep.
3144 format: int64
3145 type: integer
3146 required:
3147 - seconds
3148 type: object
3149 tcpSocket:
3150 description: |-
3151 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
3152 for the backward compatibility. There are no validation of this field and
3153 lifecycle hooks will fail in runtime when tcp handler is specified.
3154 properties:
3155 host:
3156 description: 'Optional: Host name to connect to,
3157 defaults to the pod IP.'
3158 type: string
3159 port:
3160 anyOf:
3161 - type: integer
3162 - type: string
3163 description: |-
3164 Number or name of the port to access on the container.
3165 Number must be in the range 1 to 65535.
3166 Name must be an IANA_SVC_NAME.
3167 x-kubernetes-int-or-string: true
3168 required:
3169 - port
3170 type: object
3171 type: object
3172 preStop:
3173 description: |-
3174 PreStop is called immediately before a container is terminated due to an
3175 API request or management event such as liveness/startup probe failure,
3176 preemption, resource contention, etc. The handler is not called if the
3177 container crashes or exits. The Pod's termination grace period countdown begins before the
3178 PreStop hook is executed. Regardless of the outcome of the handler, the
3179 container will eventually terminate within the Pod's termination grace
3180 period (unless delayed by finalizers). Other management of the container blocks until the hook completes
3181 or until the termination grace period is reached.
3182 More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
3183 properties:
3184 exec:
3185 description: Exec specifies the action to take.
3186 properties:
3187 command:
3188 description: |-
3189 Command is the command line to execute inside the container, the working directory for the
3190 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3191 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3192 a shell, you need to explicitly call out to that shell.
3193 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3194 items:
3195 type: string
3196 type: array
3197 x-kubernetes-list-type: atomic
3198 type: object
3199 httpGet:
3200 description: HTTPGet specifies the http request to perform.
3201 properties:
3202 host:
3203 description: |-
3204 Host name to connect to, defaults to the pod IP. You probably want to set
3205 "Host" in httpHeaders instead.
3206 type: string
3207 httpHeaders:
3208 description: Custom headers to set in the request.
3209 HTTP allows repeated headers.
3210 items:
3211 description: HTTPHeader describes a custom header
3212 to be used in HTTP probes
3213 properties:
3214 name:
3215 description: |-
3216 The header field name.
3217 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3218 type: string
3219 value:
3220 description: The header field value
3221 type: string
3222 required:
3223 - name
3224 - value
3225 type: object
3226 type: array
3227 x-kubernetes-list-type: atomic
3228 path:
3229 description: Path to access on the HTTP server.
3230 type: string
3231 port:
3232 anyOf:
3233 - type: integer
3234 - type: string
3235 description: |-
3236 Name or number of the port to access on the container.
3237 Number must be in the range 1 to 65535.
3238 Name must be an IANA_SVC_NAME.
3239 x-kubernetes-int-or-string: true
3240 scheme:
3241 description: |-
3242 Scheme to use for connecting to the host.
3243 Defaults to HTTP.
3244 type: string
3245 required:
3246 - port
3247 type: object
3248 sleep:
3249 description: Sleep represents the duration that the
3250 container should sleep before being terminated.
3251 properties:
3252 seconds:
3253 description: Seconds is the number of seconds to
3254 sleep.
3255 format: int64
3256 type: integer
3257 required:
3258 - seconds
3259 type: object
3260 tcpSocket:
3261 description: |-
3262 Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
3263 for the backward compatibility. There are no validation of this field and
3264 lifecycle hooks will fail in runtime when tcp handler is specified.
3265 properties:
3266 host:
3267 description: 'Optional: Host name to connect to,
3268 defaults to the pod IP.'
3269 type: string
3270 port:
3271 anyOf:
3272 - type: integer
3273 - type: string
3274 description: |-
3275 Number or name of the port to access on the container.
3276 Number must be in the range 1 to 65535.
3277 Name must be an IANA_SVC_NAME.
3278 x-kubernetes-int-or-string: true
3279 required:
3280 - port
3281 type: object
3282 type: object
3283 type: object
3284 livenessProbe:
3285 description: |-
3286 Periodic probe of container liveness.
3287 Container will be restarted if the probe fails.
3288 Cannot be updated.
3289 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3290 properties:
3291 exec:
3292 description: Exec specifies the action to take.
3293 properties:
3294 command:
3295 description: |-
3296 Command is the command line to execute inside the container, the working directory for the
3297 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3298 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3299 a shell, you need to explicitly call out to that shell.
3300 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3301 items:
3302 type: string
3303 type: array
3304 x-kubernetes-list-type: atomic
3305 type: object
3306 failureThreshold:
3307 description: |-
3308 Minimum consecutive failures for the probe to be considered failed after having succeeded.
3309 Defaults to 3. Minimum value is 1.
3310 format: int32
3311 type: integer
3312 grpc:
3313 description: GRPC specifies an action involving a GRPC port.
3314 properties:
3315 port:
3316 description: Port number of the gRPC service. Number
3317 must be in the range 1 to 65535.
3318 format: int32
3319 type: integer
3320 service:
3321 description: |-
3322 Service is the name of the service to place in the gRPC HealthCheckRequest
3323 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3324
3325
3326 If this is not specified, the default behavior is defined by gRPC.
3327 type: string
3328 required:
3329 - port
3330 type: object
3331 httpGet:
3332 description: HTTPGet specifies the http request to perform.
3333 properties:
3334 host:
3335 description: |-
3336 Host name to connect to, defaults to the pod IP. You probably want to set
3337 "Host" in httpHeaders instead.
3338 type: string
3339 httpHeaders:
3340 description: Custom headers to set in the request. HTTP
3341 allows repeated headers.
3342 items:
3343 description: HTTPHeader describes a custom header
3344 to be used in HTTP probes
3345 properties:
3346 name:
3347 description: |-
3348 The header field name.
3349 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3350 type: string
3351 value:
3352 description: The header field value
3353 type: string
3354 required:
3355 - name
3356 - value
3357 type: object
3358 type: array
3359 x-kubernetes-list-type: atomic
3360 path:
3361 description: Path to access on the HTTP server.
3362 type: string
3363 port:
3364 anyOf:
3365 - type: integer
3366 - type: string
3367 description: |-
3368 Name or number of the port to access on the container.
3369 Number must be in the range 1 to 65535.
3370 Name must be an IANA_SVC_NAME.
3371 x-kubernetes-int-or-string: true
3372 scheme:
3373 description: |-
3374 Scheme to use for connecting to the host.
3375 Defaults to HTTP.
3376 type: string
3377 required:
3378 - port
3379 type: object
3380 initialDelaySeconds:
3381 description: |-
3382 Number of seconds after the container has started before liveness probes are initiated.
3383 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3384 format: int32
3385 type: integer
3386 periodSeconds:
3387 description: |-
3388 How often (in seconds) to perform the probe.
3389 Default to 10 seconds. Minimum value is 1.
3390 format: int32
3391 type: integer
3392 successThreshold:
3393 description: |-
3394 Minimum consecutive successes for the probe to be considered successful after having failed.
3395 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3396 format: int32
3397 type: integer
3398 tcpSocket:
3399 description: TCPSocket specifies an action involving a TCP
3400 port.
3401 properties:
3402 host:
3403 description: 'Optional: Host name to connect to, defaults
3404 to the pod IP.'
3405 type: string
3406 port:
3407 anyOf:
3408 - type: integer
3409 - type: string
3410 description: |-
3411 Number or name of the port to access on the container.
3412 Number must be in the range 1 to 65535.
3413 Name must be an IANA_SVC_NAME.
3414 x-kubernetes-int-or-string: true
3415 required:
3416 - port
3417 type: object
3418 terminationGracePeriodSeconds:
3419 description: |-
3420 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
3421 The grace period is the duration in seconds after the processes running in the pod are sent
3422 a termination signal and the time when the processes are forcibly halted with a kill signal.
3423 Set this value longer than the expected cleanup time for your process.
3424 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
3425 value overrides the value provided by the pod spec.
3426 Value must be non-negative integer. The value zero indicates stop immediately via
3427 the kill signal (no opportunity to shut down).
3428 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
3429 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3430 format: int64
3431 type: integer
3432 timeoutSeconds:
3433 description: |-
3434 Number of seconds after which the probe times out.
3435 Defaults to 1 second. Minimum value is 1.
3436 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3437 format: int32
3438 type: integer
3439 type: object
3440 name:
3441 description: |-
3442 Name of the container specified as a DNS_LABEL.
3443 Each container in a pod must have a unique name (DNS_LABEL).
3444 Cannot be updated.
3445 type: string
3446 ports:
3447 description: |-
3448 List of ports to expose from the container. Not specifying a port here
3449 DOES NOT prevent that port from being exposed. Any port which is
3450 listening on the default "0.0.0.0" address inside a container will be
3451 accessible from the network.
3452 Modifying this array with strategic merge patch may corrupt the data.
3453 For more information See https://github.com/kubernetes/kubernetes/issues/108255.
3454 Cannot be updated.
3455 items:
3456 description: ContainerPort represents a network port in a
3457 single container.
3458 properties:
3459 containerPort:
3460 description: |-
3461 Number of port to expose on the pod's IP address.
3462 This must be a valid port number, 0 < x < 65536.
3463 format: int32
3464 type: integer
3465 hostIP:
3466 description: What host IP to bind the external port to.
3467 type: string
3468 hostPort:
3469 description: |-
3470 Number of port to expose on the host.
3471 If specified, this must be a valid port number, 0 < x < 65536.
3472 If HostNetwork is specified, this must match ContainerPort.
3473 Most containers do not need this.
3474 format: int32
3475 type: integer
3476 name:
3477 description: |-
3478 If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
3479 named port in a pod must have a unique name. Name for the port that can be
3480 referred to by services.
3481 type: string
3482 protocol:
3483 default: TCP
3484 description: |-
3485 Protocol for port. Must be UDP, TCP, or SCTP.
3486 Defaults to "TCP".
3487 type: string
3488 required:
3489 - containerPort
3490 type: object
3491 type: array
3492 x-kubernetes-list-map-keys:
3493 - containerPort
3494 - protocol
3495 x-kubernetes-list-type: map
3496 readinessProbe:
3497 description: |-
3498 Periodic probe of container service readiness.
3499 Container will be removed from service endpoints if the probe fails.
3500 Cannot be updated.
3501 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3502 properties:
3503 exec:
3504 description: Exec specifies the action to take.
3505 properties:
3506 command:
3507 description: |-
3508 Command is the command line to execute inside the container, the working directory for the
3509 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3510 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3511 a shell, you need to explicitly call out to that shell.
3512 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3513 items:
3514 type: string
3515 type: array
3516 x-kubernetes-list-type: atomic
3517 type: object
3518 failureThreshold:
3519 description: |-
3520 Minimum consecutive failures for the probe to be considered failed after having succeeded.
3521 Defaults to 3. Minimum value is 1.
3522 format: int32
3523 type: integer
3524 grpc:
3525 description: GRPC specifies an action involving a GRPC port.
3526 properties:
3527 port:
3528 description: Port number of the gRPC service. Number
3529 must be in the range 1 to 65535.
3530 format: int32
3531 type: integer
3532 service:
3533 description: |-
3534 Service is the name of the service to place in the gRPC HealthCheckRequest
3535 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3536
3537
3538 If this is not specified, the default behavior is defined by gRPC.
3539 type: string
3540 required:
3541 - port
3542 type: object
3543 httpGet:
3544 description: HTTPGet specifies the http request to perform.
3545 properties:
3546 host:
3547 description: |-
3548 Host name to connect to, defaults to the pod IP. You probably want to set
3549 "Host" in httpHeaders instead.
3550 type: string
3551 httpHeaders:
3552 description: Custom headers to set in the request. HTTP
3553 allows repeated headers.
3554 items:
3555 description: HTTPHeader describes a custom header
3556 to be used in HTTP probes
3557 properties:
3558 name:
3559 description: |-
3560 The header field name.
3561 This will be canonicalized upon output, so case-variant names will be understood as the same header.
3562 type: string
3563 value:
3564 description: The header field value
3565 type: string
3566 required:
3567 - name
3568 - value
3569 type: object
3570 type: array
3571 x-kubernetes-list-type: atomic
3572 path:
3573 description: Path to access on the HTTP server.
3574 type: string
3575 port:
3576 anyOf:
3577 - type: integer
3578 - type: string
3579 description: |-
3580 Name or number of the port to access on the container.
3581 Number must be in the range 1 to 65535.
3582 Name must be an IANA_SVC_NAME.
3583 x-kubernetes-int-or-string: true
3584 scheme:
3585 description: |-
3586 Scheme to use for connecting to the host.
3587 Defaults to HTTP.
3588 type: string
3589 required:
3590 - port
3591 type: object
3592 initialDelaySeconds:
3593 description: |-
3594 Number of seconds after the container has started before liveness probes are initiated.
3595 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3596 format: int32
3597 type: integer
3598 periodSeconds:
3599 description: |-
3600 How often (in seconds) to perform the probe.
3601 Default to 10 seconds. Minimum value is 1.
3602 format: int32
3603 type: integer
3604 successThreshold:
3605 description: |-
3606 Minimum consecutive successes for the probe to be considered successful after having failed.
3607 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3608 format: int32
3609 type: integer
3610 tcpSocket:
3611 description: TCPSocket specifies an action involving a TCP
3612 port.
3613 properties:
3614 host:
3615 description: 'Optional: Host name to connect to, defaults
3616 to the pod IP.'
3617 type: string
3618 port:
3619 anyOf:
3620 - type: integer
3621 - type: string
3622 description: |-
3623 Number or name of the port to access on the container.
3624 Number must be in the range 1 to 65535.
3625 Name must be an IANA_SVC_NAME.
3626 x-kubernetes-int-or-string: true
3627 required:
3628 - port
3629 type: object
3630 terminationGracePeriodSeconds:
3631 description: |-
3632 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
3633 The grace period is the duration in seconds after the processes running in the pod are sent
3634 a termination signal and the time when the processes are forcibly halted with a kill signal.
3635 Set this value longer than the expected cleanup time for your process.
3636 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
3637 value overrides the value provided by the pod spec.
3638 Value must be non-negative integer. The value zero indicates stop immediately via
3639 the kill signal (no opportunity to shut down).
3640 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
3641 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3642 format: int64
3643 type: integer
3644 timeoutSeconds:
3645 description: |-
3646 Number of seconds after which the probe times out.
3647 Defaults to 1 second. Minimum value is 1.
3648 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3649 format: int32
3650 type: integer
3651 type: object
3652 resizePolicy:
3653 description: Resources resize policy for the container.
3654 items:
3655 description: ContainerResizePolicy represents resource resize
3656 policy for the container.
3657 properties:
3658 resourceName:
3659 description: |-
3660 Name of the resource to which this resource resize policy applies.
3661 Supported values: cpu, memory.
3662 type: string
3663 restartPolicy:
3664 description: |-
3665 Restart policy to apply when specified resource is resized.
3666 If not specified, it defaults to NotRequired.
3667 type: string
3668 required:
3669 - resourceName
3670 - restartPolicy
3671 type: object
3672 type: array
3673 x-kubernetes-list-type: atomic
3674 resources:
3675 description: |-
3676 Compute Resources required by this container.
3677 Cannot be updated.
3678 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
3679 properties:
3680 claims:
3681 description: |-
3682 Claims lists the names of resources, defined in spec.resourceClaims,
3683 that are used by this container.
3684
3685
3686 This is an alpha field and requires enabling the
3687 DynamicResourceAllocation feature gate.
3688
3689
3690 This field is immutable. It can only be set for containers.
3691 items:
3692 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
3693 properties:
3694 name:
3695 description: |-
3696 Name must match the name of one entry in pod.spec.resourceClaims of
3697 the Pod where this field is used. It makes that resource available
3698 inside a container.
3699 type: string
3700 required:
3701 - name
3702 type: object
3703 type: array
3704 x-kubernetes-list-map-keys:
3705 - name
3706 x-kubernetes-list-type: map
3707 limits:
3708 additionalProperties:
3709 anyOf:
3710 - type: integer
3711 - type: string
3712 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3713 x-kubernetes-int-or-string: true
3714 description: |-
3715 Limits describes the maximum amount of compute resources allowed.
3716 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
3717 type: object
3718 requests:
3719 additionalProperties:
3720 anyOf:
3721 - type: integer
3722 - type: string
3723 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3724 x-kubernetes-int-or-string: true
3725 description: |-
3726 Requests describes the minimum amount of compute resources required.
3727 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
3728 otherwise to an implementation-defined value. Requests cannot exceed Limits.
3729 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
3730 type: object
3731 type: object
3732 restartPolicy:
3733 description: |-
3734 RestartPolicy defines the restart behavior of individual containers in a pod.
3735 This field may only be set for init containers, and the only allowed value is "Always".
3736 For non-init containers or when this field is not specified,
3737 the restart behavior is defined by the Pod's restart policy and the container type.
3738 Setting the RestartPolicy as "Always" for the init container will have the following effect:
3739 this init container will be continually restarted on
3740 exit until all regular containers have terminated. Once all regular
3741 containers have completed, all init containers with restartPolicy "Always"
3742 will be shut down. This lifecycle differs from normal init containers and
3743 is often referred to as a "sidecar" container. Although this init
3744 container still starts in the init container sequence, it does not wait
3745 for the container to complete before proceeding to the next init
3746 container. Instead, the next init container starts immediately after this
3747 init container is started, or after any startupProbe has successfully
3748 completed.
3749 type: string
3750 securityContext:
3751 description: |-
3752 SecurityContext defines the security options the container should be run with.
3753 If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
3754 More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
3755 properties:
3756 allowPrivilegeEscalation:
3757 description: |-
3758 AllowPrivilegeEscalation controls whether a process can gain more
3759 privileges than its parent process. This bool directly controls if
3760 the no_new_privs flag will be set on the container process.
3761 AllowPrivilegeEscalation is true always when the container is:
3762 1) run as Privileged
3763 2) has CAP_SYS_ADMIN
3764 Note that this field cannot be set when spec.os.name is windows.
3765 type: boolean
3766 appArmorProfile:
3767 description: |-
3768 appArmorProfile is the AppArmor options to use by this container. If set, this profile
3769 overrides the pod's appArmorProfile.
3770 Note that this field cannot be set when spec.os.name is windows.
3771 properties:
3772 localhostProfile:
3773 description: |-
3774 localhostProfile indicates a profile loaded on the node that should be used.
3775 The profile must be preconfigured on the node to work.
3776 Must match the loaded name of the profile.
3777 Must be set if and only if type is "Localhost".
3778 type: string
3779 type:
3780 description: |-
3781 type indicates which kind of AppArmor profile will be applied.
3782 Valid options are:
3783 Localhost - a profile pre-loaded on the node.
3784 RuntimeDefault - the container runtime's default profile.
3785 Unconfined - no AppArmor enforcement.
3786 type: string
3787 required:
3788 - type
3789 type: object
3790 capabilities:
3791 description: |-
3792 The capabilities to add/drop when running containers.
3793 Defaults to the default set of capabilities granted by the container runtime.
3794 Note that this field cannot be set when spec.os.name is windows.
3795 properties:
3796 add:
3797 description: Added capabilities
3798 items:
3799 description: Capability represent POSIX capabilities
3800 type
3801 type: string
3802 type: array
3803 x-kubernetes-list-type: atomic
3804 drop:
3805 description: Removed capabilities
3806 items:
3807 description: Capability represent POSIX capabilities
3808 type
3809 type: string
3810 type: array
3811 x-kubernetes-list-type: atomic
3812 type: object
3813 privileged:
3814 description: |-
3815 Run container in privileged mode.
3816 Processes in privileged containers are essentially equivalent to root on the host.
3817 Defaults to false.
3818 Note that this field cannot be set when spec.os.name is windows.
3819 type: boolean
3820 procMount:
3821 description: |-
3822 procMount denotes the type of proc mount to use for the containers.
3823 The default is DefaultProcMount which uses the container runtime defaults for
3824 readonly paths and masked paths.
3825 This requires the ProcMountType feature flag to be enabled.
3826 Note that this field cannot be set when spec.os.name is windows.
3827 type: string
3828 readOnlyRootFilesystem:
3829 description: |-
3830 Whether this container has a read-only root filesystem.
3831 Default is false.
3832 Note that this field cannot be set when spec.os.name is windows.
3833 type: boolean
3834 runAsGroup:
3835 description: |-
3836 The GID to run the entrypoint of the container process.
3837 Uses runtime default if unset.
3838 May also be set in PodSecurityContext. If set in both SecurityContext and
3839 PodSecurityContext, the value specified in SecurityContext takes precedence.
3840 Note that this field cannot be set when spec.os.name is windows.
3841 format: int64
3842 type: integer
3843 runAsNonRoot:
3844 description: |-
3845 Indicates that the container must run as a non-root user.
3846 If true, the Kubelet will validate the image at runtime to ensure that it
3847 does not run as UID 0 (root) and fail to start the container if it does.
3848 If unset or false, no such validation will be performed.
3849 May also be set in PodSecurityContext. If set in both SecurityContext and
3850 PodSecurityContext, the value specified in SecurityContext takes precedence.
3851 type: boolean
3852 runAsUser:
3853 description: |-
3854 The UID to run the entrypoint of the container process.
3855 Defaults to user specified in image metadata if unspecified.
3856 May also be set in PodSecurityContext. If set in both SecurityContext and
3857 PodSecurityContext, the value specified in SecurityContext takes precedence.
3858 Note that this field cannot be set when spec.os.name is windows.
3859 format: int64
3860 type: integer
3861 seLinuxOptions:
3862 description: |-
3863 The SELinux context to be applied to the container.
3864 If unspecified, the container runtime will allocate a random SELinux context for each
3865 container. May also be set in PodSecurityContext. If set in both SecurityContext and
3866 PodSecurityContext, the value specified in SecurityContext takes precedence.
3867 Note that this field cannot be set when spec.os.name is windows.
3868 properties:
3869 level:
3870 description: Level is SELinux level label that applies
3871 to the container.
3872 type: string
3873 role:
3874 description: Role is a SELinux role label that applies
3875 to the container.
3876 type: string
3877 type:
3878 description: Type is a SELinux type label that applies
3879 to the container.
3880 type: string
3881 user:
3882 description: User is a SELinux user label that applies
3883 to the container.
3884 type: string
3885 type: object
3886 seccompProfile:
3887 description: |-
3888 The seccomp options to use by this container. If seccomp options are
3889 provided at both the pod & container level, the container options
3890 override the pod options.
3891 Note that this field cannot be set when spec.os.name is windows.
3892 properties:
3893 localhostProfile:
3894 description: |-
3895 localhostProfile indicates a profile defined in a file on the node should be used.
3896 The profile must be preconfigured on the node to work.
3897 Must be a descending path, relative to the kubelet's configured seccomp profile location.
3898 Must be set if type is "Localhost". Must NOT be set for any other type.
3899 type: string
3900 type:
3901 description: |-
3902 type indicates which kind of seccomp profile will be applied.
3903 Valid options are:
3904
3905
3906 Localhost - a profile defined in a file on the node should be used.
3907 RuntimeDefault - the container runtime default profile should be used.
3908 Unconfined - no profile should be applied.
3909 type: string
3910 required:
3911 - type
3912 type: object
3913 windowsOptions:
3914 description: |-
3915 The Windows specific settings applied to all containers.
3916 If unspecified, the options from the PodSecurityContext will be used.
3917 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
3918 Note that this field cannot be set when spec.os.name is linux.
3919 properties:
3920 gmsaCredentialSpec:
3921 description: |-
3922 GMSACredentialSpec is where the GMSA admission webhook
3923 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
3924 GMSA credential spec named by the GMSACredentialSpecName field.
3925 type: string
3926 gmsaCredentialSpecName:
3927 description: GMSACredentialSpecName is the name of the
3928 GMSA credential spec to use.
3929 type: string
3930 hostProcess:
3931 description: |-
3932 HostProcess determines if a container should be run as a 'Host Process' container.
3933 All of a Pod's containers must have the same effective HostProcess value
3934 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
3935 In addition, if HostProcess is true then HostNetwork must also be set to true.
3936 type: boolean
3937 runAsUserName:
3938 description: |-
3939 The UserName in Windows to run the entrypoint of the container process.
3940 Defaults to the user specified in image metadata if unspecified.
3941 May also be set in PodSecurityContext. If set in both SecurityContext and
3942 PodSecurityContext, the value specified in SecurityContext takes precedence.
3943 type: string
3944 type: object
3945 type: object
3946 startupProbe:
3947 description: |-
3948 StartupProbe indicates that the Pod has successfully initialized.
3949 If specified, no other probes are executed until this completes successfully.
3950 If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
3951 This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
3952 when it might take a long time to load data or warm a cache, than during steady-state operation.
3953 This cannot be updated.
3954 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
3955 properties:
3956 exec:
3957 description: Exec specifies the action to take.
3958 properties:
3959 command:
3960 description: |-
3961 Command is the command line to execute inside the container, the working directory for the
3962 command is root ('/') in the container's filesystem. The command is simply exec'd, it is
3963 not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
3964 a shell, you need to explicitly call out to that shell.
3965 Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3966 items:
3967 type: string
3968 type: array
3969 x-kubernetes-list-type: atomic
3970 type: object
3971 failureThreshold:
3972 description: |-
3973 Minimum consecutive failures for the probe to be considered failed after having succeeded.
3974 Defaults to 3. Minimum value is 1.
3975 format: int32
3976 type: integer
3977 grpc:
3978 description: GRPC specifies an action involving a GRPC port.
3979 properties:
3980 port:
3981 description: Port number of the gRPC service. Number
3982 must be in the range 1 to 65535.
3983 format: int32
3984 type: integer
3985 service:
3986 description: |-
3987 Service is the name of the service to place in the gRPC HealthCheckRequest
3988 (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
3989
3990
3991 If this is not specified, the default behavior is defined by gRPC.
3992 type: string
3993 required:
3994 - port
3995 type: object
3996 httpGet:
3997 description: HTTPGet specifies the http request to perform.
3998 properties:
3999 host:
4000 description: |-
4001 Host name to connect to, defaults to the pod IP. You probably want to set
4002 "Host" in httpHeaders instead.
4003 type: string
4004 httpHeaders:
4005 description: Custom headers to set in the request. HTTP
4006 allows repeated headers.
4007 items:
4008 description: HTTPHeader describes a custom header
4009 to be used in HTTP probes
4010 properties:
4011 name:
4012 description: |-
4013 The header field name.
4014 This will be canonicalized upon output, so case-variant names will be understood as the same header.
4015 type: string
4016 value:
4017 description: The header field value
4018 type: string
4019 required:
4020 - name
4021 - value
4022 type: object
4023 type: array
4024 x-kubernetes-list-type: atomic
4025 path:
4026 description: Path to access on the HTTP server.
4027 type: string
4028 port:
4029 anyOf:
4030 - type: integer
4031 - type: string
4032 description: |-
4033 Name or number of the port to access on the container.
4034 Number must be in the range 1 to 65535.
4035 Name must be an IANA_SVC_NAME.
4036 x-kubernetes-int-or-string: true
4037 scheme:
4038 description: |-
4039 Scheme to use for connecting to the host.
4040 Defaults to HTTP.
4041 type: string
4042 required:
4043 - port
4044 type: object
4045 initialDelaySeconds:
4046 description: |-
4047 Number of seconds after the container has started before liveness probes are initiated.
4048 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4049 format: int32
4050 type: integer
4051 periodSeconds:
4052 description: |-
4053 How often (in seconds) to perform the probe.
4054 Default to 10 seconds. Minimum value is 1.
4055 format: int32
4056 type: integer
4057 successThreshold:
4058 description: |-
4059 Minimum consecutive successes for the probe to be considered successful after having failed.
4060 Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4061 format: int32
4062 type: integer
4063 tcpSocket:
4064 description: TCPSocket specifies an action involving a TCP
4065 port.
4066 properties:
4067 host:
4068 description: 'Optional: Host name to connect to, defaults
4069 to the pod IP.'
4070 type: string
4071 port:
4072 anyOf:
4073 - type: integer
4074 - type: string
4075 description: |-
4076 Number or name of the port to access on the container.
4077 Number must be in the range 1 to 65535.
4078 Name must be an IANA_SVC_NAME.
4079 x-kubernetes-int-or-string: true
4080 required:
4081 - port
4082 type: object
4083 terminationGracePeriodSeconds:
4084 description: |-
4085 Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
4086 The grace period is the duration in seconds after the processes running in the pod are sent
4087 a termination signal and the time when the processes are forcibly halted with a kill signal.
4088 Set this value longer than the expected cleanup time for your process.
4089 If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
4090 value overrides the value provided by the pod spec.
4091 Value must be non-negative integer. The value zero indicates stop immediately via
4092 the kill signal (no opportunity to shut down).
4093 This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
4094 Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4095 format: int64
4096 type: integer
4097 timeoutSeconds:
4098 description: |-
4099 Number of seconds after which the probe times out.
4100 Defaults to 1 second. Minimum value is 1.
4101 More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
4102 format: int32
4103 type: integer
4104 type: object
4105 stdin:
4106 description: |-
4107 Whether this container should allocate a buffer for stdin in the container runtime. If this
4108 is not set, reads from stdin in the container will always result in EOF.
4109 Default is false.
4110 type: boolean
4111 stdinOnce:
4112 description: |-
4113 Whether the container runtime should close the stdin channel after it has been opened by
4114 a single attach. When stdin is true the stdin stream will remain open across multiple attach
4115 sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
4116 first client attaches to stdin, and then remains open and accepts data until the client disconnects,
4117 at which time stdin is closed and remains closed until the container is restarted. If this
4118 flag is false, a container processes that reads from stdin will never receive an EOF.
4119 Default is false
4120 type: boolean
4121 terminationMessagePath:
4122 description: |-
4123 Optional: Path at which the file to which the container's termination message
4124 will be written is mounted into the container's filesystem.
4125 Message written is intended to be brief final status, such as an assertion failure message.
4126 Will be truncated by the node if greater than 4096 bytes. The total message length across
4127 all containers will be limited to 12kb.
4128 Defaults to /dev/termination-log.
4129 Cannot be updated.
4130 type: string
4131 terminationMessagePolicy:
4132 description: |-
4133 Indicate how the termination message should be populated. File will use the contents of
4134 terminationMessagePath to populate the container status message on both success and failure.
4135 FallbackToLogsOnError will use the last chunk of container log output if the termination
4136 message file is empty and the container exited with an error.
4137 The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
4138 Defaults to File.
4139 Cannot be updated.
4140 type: string
4141 tty:
4142 description: |-
4143 Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
4144 Default is false.
4145 type: boolean
4146 volumeDevices:
4147 description: volumeDevices is the list of block devices to be
4148 used by the container.
4149 items:
4150 description: volumeDevice describes a mapping of a raw block
4151 device within a container.
4152 properties:
4153 devicePath:
4154 description: devicePath is the path inside of the container
4155 that the device will be mapped to.
4156 type: string
4157 name:
4158 description: name must match the name of a persistentVolumeClaim
4159 in the pod
4160 type: string
4161 required:
4162 - devicePath
4163 - name
4164 type: object
4165 type: array
4166 x-kubernetes-list-map-keys:
4167 - devicePath
4168 x-kubernetes-list-type: map
4169 volumeMounts:
4170 description: |-
4171 Pod volumes to mount into the container's filesystem.
4172 Cannot be updated.
4173 items:
4174 description: VolumeMount describes a mounting of a Volume
4175 within a container.
4176 properties:
4177 mountPath:
4178 description: |-
4179 Path within the container at which the volume should be mounted. Must
4180 not contain ':'.
4181 type: string
4182 mountPropagation:
4183 description: |-
4184 mountPropagation determines how mounts are propagated from the host
4185 to container and the other way around.
4186 When not set, MountPropagationNone is used.
4187 This field is beta in 1.10.
4188 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
4189 (which defaults to None).
4190 type: string
4191 name:
4192 description: This must match the Name of a Volume.
4193 type: string
4194 readOnly:
4195 description: |-
4196 Mounted read-only if true, read-write otherwise (false or unspecified).
4197 Defaults to false.
4198 type: boolean
4199 recursiveReadOnly:
4200 description: |-
4201 RecursiveReadOnly specifies whether read-only mounts should be handled
4202 recursively.
4203
4204
4205 If ReadOnly is false, this field has no meaning and must be unspecified.
4206
4207
4208 If ReadOnly is true, and this field is set to Disabled, the mount is not made
4209 recursively read-only. If this field is set to IfPossible, the mount is made
4210 recursively read-only, if it is supported by the container runtime. If this
4211 field is set to Enabled, the mount is made recursively read-only if it is
4212 supported by the container runtime, otherwise the pod will not be started and
4213 an error will be generated to indicate the reason.
4214
4215
4216 If this field is set to IfPossible or Enabled, MountPropagation must be set to
4217 None (or be unspecified, which defaults to None).
4218
4219
4220 If this field is not specified, it is treated as an equivalent of Disabled.
4221 type: string
4222 subPath:
4223 description: |-
4224 Path within the volume from which the container's volume should be mounted.
4225 Defaults to "" (volume's root).
4226 type: string
4227 subPathExpr:
4228 description: |-
4229 Expanded path within the volume from which the container's volume should be mounted.
4230 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
4231 Defaults to "" (volume's root).
4232 SubPathExpr and SubPath are mutually exclusive.
4233 type: string
4234 required:
4235 - mountPath
4236 - name
4237 type: object
4238 type: array
4239 x-kubernetes-list-map-keys:
4240 - mountPath
4241 x-kubernetes-list-type: map
4242 workingDir:
4243 description: |-
4244 Container's working directory.
4245 If not specified, the container runtime's default will be used, which
4246 might be configured in the container image.
4247 Cannot be updated.
4248 type: string
4249 required:
4250 - name
4251 type: object
4252 type: array
4253 labels:
4254 additionalProperties:
4255 type: string
4256 description: |-
4257 Labels configure the external label pairs to ThanosRuler. A default replica label
4258 `thanos_ruler_replica` will be always added as a label with the value of the pod's name and it will be dropped in the alerts.
4259 type: object
4260 listenLocal:
4261 description: |-
4262 ListenLocal makes the Thanos ruler listen on loopback, so that it
4263 does not bind against the Pod IP.
4264 type: boolean
4265 logFormat:
4266 description: Log format for ThanosRuler to be configured with.
4267 enum:
4268 - ""
4269 - logfmt
4270 - json
4271 type: string
4272 logLevel:
4273 description: Log level for ThanosRuler to be configured with.
4274 enum:
4275 - ""
4276 - debug
4277 - info
4278 - warn
4279 - error
4280 type: string
4281 minReadySeconds:
4282 description: |-
4283 Minimum number of seconds for which a newly created pod should be ready
4284 without any of its container crashing for it to be considered available.
4285 Defaults to 0 (pod will be considered available as soon as it is ready)
4286 This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
4287 format: int32
4288 type: integer
4289 nodeSelector:
4290 additionalProperties:
4291 type: string
4292 description: Define which Nodes the Pods are scheduled on.
4293 type: object
4294 objectStorageConfig:
4295 description: |-
4296 ObjectStorageConfig configures object storage in Thanos.
4297 Alternative to ObjectStorageConfigFile, and lower order priority.
4298 properties:
4299 key:
4300 description: The key of the secret to select from. Must be a
4301 valid secret key.
4302 type: string
4303 name:
4304 default: ""
4305 description: |-
4306 Name of the referent.
4307 This field is effectively required, but due to backwards compatibility is
4308 allowed to be empty. Instances of this type with an empty value here are
4309 almost certainly wrong.
4310 TODO: Add other useful fields. apiVersion, kind, uid?
4311 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4312 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4313 type: string
4314 optional:
4315 description: Specify whether the Secret or its key must be defined
4316 type: boolean
4317 required:
4318 - key
4319 type: object
4320 x-kubernetes-map-type: atomic
4321 objectStorageConfigFile:
4322 description: |-
4323 ObjectStorageConfigFile specifies the path of the object storage configuration file.
4324 When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
4325 type: string
4326 paused:
4327 description: |-
4328 When a ThanosRuler deployment is paused, no actions except for deletion
4329 will be performed on the underlying objects.
4330 type: boolean
4331 podMetadata:
4332 description: PodMetadata contains Labels and Annotations gets propagated
4333 to the thanos ruler pods.
4334 properties:
4335 annotations:
4336 additionalProperties:
4337 type: string
4338 description: |-
4339 Annotations is an unstructured key value map stored with a resource that may be
4340 set by external tools to store and retrieve arbitrary metadata. They are not
4341 queryable and should be preserved when modifying objects.
4342 More info: http://kubernetes.io/docs/user-guide/annotations
4343 type: object
4344 labels:
4345 additionalProperties:
4346 type: string
4347 description: |-
4348 Map of string keys and values that can be used to organize and categorize
4349 (scope and select) objects. May match selectors of replication controllers
4350 and services.
4351 More info: http://kubernetes.io/docs/user-guide/labels
4352 type: object
4353 name:
4354 description: |-
4355 Name must be unique within a namespace. Is required when creating resources, although
4356 some resources may allow a client to request the generation of an appropriate name
4357 automatically. Name is primarily intended for creation idempotence and configuration
4358 definition.
4359 Cannot be updated.
4360 More info: http://kubernetes.io/docs/user-guide/identifiers#names
4361 type: string
4362 type: object
4363 portName:
4364 default: web
4365 description: |-
4366 Port name used for the pods and governing service.
4367 Defaults to `web`.
4368 type: string
4369 priorityClassName:
4370 description: Priority class assigned to the Pods
4371 type: string
4372 prometheusRulesExcludedFromEnforce:
4373 description: |-
4374 PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing
4375 of adding namespace labels. Works only if enforcedNamespaceLabel set to true.
4376 Make sure both ruleNamespace and ruleName are set for each pair
4377 Deprecated: use excludedFromEnforcement instead.
4378 items:
4379 description: |-
4380 PrometheusRuleExcludeConfig enables users to configure excluded
4381 PrometheusRule names and their namespaces to be ignored while enforcing
4382 namespace label for alerts and metrics.
4383 properties:
4384 ruleName:
4385 description: Name of the excluded PrometheusRule object.
4386 type: string
4387 ruleNamespace:
4388 description: Namespace of the excluded PrometheusRule object.
4389 type: string
4390 required:
4391 - ruleName
4392 - ruleNamespace
4393 type: object
4394 type: array
4395 queryConfig:
4396 description: |-
4397 Define configuration for connecting to thanos query instances.
4398 If this is defined, the QueryEndpoints field will be ignored.
4399 Maps to the `query.config` CLI argument.
4400 Only available with thanos v0.11.0 and higher.
4401 properties:
4402 key:
4403 description: The key of the secret to select from. Must be a
4404 valid secret key.
4405 type: string
4406 name:
4407 default: ""
4408 description: |-
4409 Name of the referent.
4410 This field is effectively required, but due to backwards compatibility is
4411 allowed to be empty. Instances of this type with an empty value here are
4412 almost certainly wrong.
4413 TODO: Add other useful fields. apiVersion, kind, uid?
4414 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
4415 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
4416 type: string
4417 optional:
4418 description: Specify whether the Secret or its key must be defined
4419 type: boolean
4420 required:
4421 - key
4422 type: object
4423 x-kubernetes-map-type: atomic
4424 queryEndpoints:
4425 description: |-
4426 QueryEndpoints defines Thanos querier endpoints from which to query metrics.
4427 Maps to the --query flag of thanos ruler.
4428 items:
4429 type: string
4430 type: array
4431 replicas:
4432 description: Number of thanos ruler instances to deploy.
4433 format: int32
4434 type: integer
4435 resources:
4436 description: |-
4437 Resources defines the resource requirements for single Pods.
4438 If not provided, no requests/limits will be set
4439 properties:
4440 claims:
4441 description: |-
4442 Claims lists the names of resources, defined in spec.resourceClaims,
4443 that are used by this container.
4444
4445
4446 This is an alpha field and requires enabling the
4447 DynamicResourceAllocation feature gate.
4448
4449
4450 This field is immutable. It can only be set for containers.
4451 items:
4452 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
4453 properties:
4454 name:
4455 description: |-
4456 Name must match the name of one entry in pod.spec.resourceClaims of
4457 the Pod where this field is used. It makes that resource available
4458 inside a container.
4459 type: string
4460 required:
4461 - name
4462 type: object
4463 type: array
4464 x-kubernetes-list-map-keys:
4465 - name
4466 x-kubernetes-list-type: map
4467 limits:
4468 additionalProperties:
4469 anyOf:
4470 - type: integer
4471 - type: string
4472 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4473 x-kubernetes-int-or-string: true
4474 description: |-
4475 Limits describes the maximum amount of compute resources allowed.
4476 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4477 type: object
4478 requests:
4479 additionalProperties:
4480 anyOf:
4481 - type: integer
4482 - type: string
4483 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4484 x-kubernetes-int-or-string: true
4485 description: |-
4486 Requests describes the minimum amount of compute resources required.
4487 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
4488 otherwise to an implementation-defined value. Requests cannot exceed Limits.
4489 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
4490 type: object
4491 type: object
4492 retention:
4493 default: 24h
4494 description: |-
4495 Time duration ThanosRuler shall retain data for. Default is '24h',
4496 and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years).
4497 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
4498 type: string
4499 routePrefix:
4500 description: The route prefix ThanosRuler registers HTTP handlers
4501 for. This allows thanos UI to be served on a sub-path.
4502 type: string
4503 ruleNamespaceSelector:
4504 description: |-
4505 Namespaces to be selected for Rules discovery. If unspecified, only
4506 the same namespace as the ThanosRuler object is in is used.
4507 properties:
4508 matchExpressions:
4509 description: matchExpressions is a list of label selector requirements.
4510 The requirements are ANDed.
4511 items:
4512 description: |-
4513 A label selector requirement is a selector that contains values, a key, and an operator that
4514 relates the key and values.
4515 properties:
4516 key:
4517 description: key is the label key that the selector applies
4518 to.
4519 type: string
4520 operator:
4521 description: |-
4522 operator represents a key's relationship to a set of values.
4523 Valid operators are In, NotIn, Exists and DoesNotExist.
4524 type: string
4525 values:
4526 description: |-
4527 values is an array of string values. If the operator is In or NotIn,
4528 the values array must be non-empty. If the operator is Exists or DoesNotExist,
4529 the values array must be empty. This array is replaced during a strategic
4530 merge patch.
4531 items:
4532 type: string
4533 type: array
4534 x-kubernetes-list-type: atomic
4535 required:
4536 - key
4537 - operator
4538 type: object
4539 type: array
4540 x-kubernetes-list-type: atomic
4541 matchLabels:
4542 additionalProperties:
4543 type: string
4544 description: |-
4545 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
4546 map is equivalent to an element of matchExpressions, whose key field is "key", the
4547 operator is "In", and the values array contains only "value". The requirements are ANDed.
4548 type: object
4549 type: object
4550 x-kubernetes-map-type: atomic
4551 ruleSelector:
4552 description: |-
4553 A label selector to select which PrometheusRules to mount for alerting and
4554 recording.
4555 properties:
4556 matchExpressions:
4557 description: matchExpressions is a list of label selector requirements.
4558 The requirements are ANDed.
4559 items:
4560 description: |-
4561 A label selector requirement is a selector that contains values, a key, and an operator that
4562 relates the key and values.
4563 properties:
4564 key:
4565 description: key is the label key that the selector applies
4566 to.
4567 type: string
4568 operator:
4569 description: |-
4570 operator represents a key's relationship to a set of values.
4571 Valid operators are In, NotIn, Exists and DoesNotExist.
4572 type: string
4573 values:
4574 description: |-
4575 values is an array of string values. If the operator is In or NotIn,
4576 the values array must be non-empty. If the operator is Exists or DoesNotExist,
4577 the values array must be empty. This array is replaced during a strategic
4578 merge patch.
4579 items:
4580 type: string
4581 type: array
4582 x-kubernetes-list-type: atomic
4583 required:
4584 - key
4585 - operator
4586 type: object
4587 type: array
4588 x-kubernetes-list-type: atomic
4589 matchLabels:
4590 additionalProperties:
4591 type: string
4592 description: |-
4593 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
4594 map is equivalent to an element of matchExpressions, whose key field is "key", the
4595 operator is "In", and the values array contains only "value". The requirements are ANDed.
4596 type: object
4597 type: object
4598 x-kubernetes-map-type: atomic
4599 securityContext:
4600 description: |-
4601 SecurityContext holds pod-level security attributes and common container settings.
4602 This defaults to the default PodSecurityContext.
4603 properties:
4604 appArmorProfile:
4605 description: |-
4606 appArmorProfile is the AppArmor options to use by the containers in this pod.
4607 Note that this field cannot be set when spec.os.name is windows.
4608 properties:
4609 localhostProfile:
4610 description: |-
4611 localhostProfile indicates a profile loaded on the node that should be used.
4612 The profile must be preconfigured on the node to work.
4613 Must match the loaded name of the profile.
4614 Must be set if and only if type is "Localhost".
4615 type: string
4616 type:
4617 description: |-
4618 type indicates which kind of AppArmor profile will be applied.
4619 Valid options are:
4620 Localhost - a profile pre-loaded on the node.
4621 RuntimeDefault - the container runtime's default profile.
4622 Unconfined - no AppArmor enforcement.
4623 type: string
4624 required:
4625 - type
4626 type: object
4627 fsGroup:
4628 description: |-
4629 A special supplemental group that applies to all containers in a pod.
4630 Some volume types allow the Kubelet to change the ownership of that volume
4631 to be owned by the pod:
4632
4633
4634 1. The owning GID will be the FSGroup
4635 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
4636 3. The permission bits are OR'd with rw-rw----
4637
4638
4639 If unset, the Kubelet will not modify the ownership and permissions of any volume.
4640 Note that this field cannot be set when spec.os.name is windows.
4641 format: int64
4642 type: integer
4643 fsGroupChangePolicy:
4644 description: |-
4645 fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
4646 before being exposed inside Pod. This field will only apply to
4647 volume types which support fsGroup based ownership(and permissions).
4648 It will have no effect on ephemeral volume types such as: secret, configmaps
4649 and emptydir.
4650 Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
4651 Note that this field cannot be set when spec.os.name is windows.
4652 type: string
4653 runAsGroup:
4654 description: |-
4655 The GID to run the entrypoint of the container process.
4656 Uses runtime default if unset.
4657 May also be set in SecurityContext. If set in both SecurityContext and
4658 PodSecurityContext, the value specified in SecurityContext takes precedence
4659 for that container.
4660 Note that this field cannot be set when spec.os.name is windows.
4661 format: int64
4662 type: integer
4663 runAsNonRoot:
4664 description: |-
4665 Indicates that the container must run as a non-root user.
4666 If true, the Kubelet will validate the image at runtime to ensure that it
4667 does not run as UID 0 (root) and fail to start the container if it does.
4668 If unset or false, no such validation will be performed.
4669 May also be set in SecurityContext. If set in both SecurityContext and
4670 PodSecurityContext, the value specified in SecurityContext takes precedence.
4671 type: boolean
4672 runAsUser:
4673 description: |-
4674 The UID to run the entrypoint of the container process.
4675 Defaults to user specified in image metadata if unspecified.
4676 May also be set in SecurityContext. If set in both SecurityContext and
4677 PodSecurityContext, the value specified in SecurityContext takes precedence
4678 for that container.
4679 Note that this field cannot be set when spec.os.name is windows.
4680 format: int64
4681 type: integer
4682 seLinuxOptions:
4683 description: |-
4684 The SELinux context to be applied to all containers.
4685 If unspecified, the container runtime will allocate a random SELinux context for each
4686 container. May also be set in SecurityContext. If set in
4687 both SecurityContext and PodSecurityContext, the value specified in SecurityContext
4688 takes precedence for that container.
4689 Note that this field cannot be set when spec.os.name is windows.
4690 properties:
4691 level:
4692 description: Level is SELinux level label that applies to
4693 the container.
4694 type: string
4695 role:
4696 description: Role is a SELinux role label that applies to
4697 the container.
4698 type: string
4699 type:
4700 description: Type is a SELinux type label that applies to
4701 the container.
4702 type: string
4703 user:
4704 description: User is a SELinux user label that applies to
4705 the container.
4706 type: string
4707 type: object
4708 seccompProfile:
4709 description: |-
4710 The seccomp options to use by the containers in this pod.
4711 Note that this field cannot be set when spec.os.name is windows.
4712 properties:
4713 localhostProfile:
4714 description: |-
4715 localhostProfile indicates a profile defined in a file on the node should be used.
4716 The profile must be preconfigured on the node to work.
4717 Must be a descending path, relative to the kubelet's configured seccomp profile location.
4718 Must be set if type is "Localhost". Must NOT be set for any other type.
4719 type: string
4720 type:
4721 description: |-
4722 type indicates which kind of seccomp profile will be applied.
4723 Valid options are:
4724
4725
4726 Localhost - a profile defined in a file on the node should be used.
4727 RuntimeDefault - the container runtime default profile should be used.
4728 Unconfined - no profile should be applied.
4729 type: string
4730 required:
4731 - type
4732 type: object
4733 supplementalGroups:
4734 description: |-
4735 A list of groups applied to the first process run in each container, in addition
4736 to the container's primary GID, the fsGroup (if specified), and group memberships
4737 defined in the container image for the uid of the container process. If unspecified,
4738 no additional groups are added to any container. Note that group memberships
4739 defined in the container image for the uid of the container process are still effective,
4740 even if they are not included in this list.
4741 Note that this field cannot be set when spec.os.name is windows.
4742 items:
4743 format: int64
4744 type: integer
4745 type: array
4746 x-kubernetes-list-type: atomic
4747 sysctls:
4748 description: |-
4749 Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
4750 sysctls (by the container runtime) might fail to launch.
4751 Note that this field cannot be set when spec.os.name is windows.
4752 items:
4753 description: Sysctl defines a kernel parameter to be set
4754 properties:
4755 name:
4756 description: Name of a property to set
4757 type: string
4758 value:
4759 description: Value of a property to set
4760 type: string
4761 required:
4762 - name
4763 - value
4764 type: object
4765 type: array
4766 x-kubernetes-list-type: atomic
4767 windowsOptions:
4768 description: |-
4769 The Windows specific settings applied to all containers.
4770 If unspecified, the options within a container's SecurityContext will be used.
4771 If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
4772 Note that this field cannot be set when spec.os.name is linux.
4773 properties:
4774 gmsaCredentialSpec:
4775 description: |-
4776 GMSACredentialSpec is where the GMSA admission webhook
4777 (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
4778 GMSA credential spec named by the GMSACredentialSpecName field.
4779 type: string
4780 gmsaCredentialSpecName:
4781 description: GMSACredentialSpecName is the name of the GMSA
4782 credential spec to use.
4783 type: string
4784 hostProcess:
4785 description: |-
4786 HostProcess determines if a container should be run as a 'Host Process' container.
4787 All of a Pod's containers must have the same effective HostProcess value
4788 (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
4789 In addition, if HostProcess is true then HostNetwork must also be set to true.
4790 type: boolean
4791 runAsUserName:
4792 description: |-
4793 The UserName in Windows to run the entrypoint of the container process.
4794 Defaults to the user specified in image metadata if unspecified.
4795 May also be set in PodSecurityContext. If set in both SecurityContext and
4796 PodSecurityContext, the value specified in SecurityContext takes precedence.
4797 type: string
4798 type: object
4799 type: object
4800 serviceAccountName:
4801 description: |-
4802 ServiceAccountName is the name of the ServiceAccount to use to run the
4803 Thanos Ruler Pods.
4804 type: string
4805 storage:
4806 description: Storage spec to specify how storage shall be used.
4807 properties:
4808 disableMountSubPath:
4809 description: '*Deprecated: subPath usage will be removed in a
4810 future release.*'
4811 type: boolean
4812 emptyDir:
4813 description: |-
4814 EmptyDirVolumeSource to be used by the StatefulSet.
4815 If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`.
4816 More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir
4817 properties:
4818 medium:
4819 description: |-
4820 medium represents what type of storage medium should back this directory.
4821 The default is "" which means to use the node's default medium.
4822 Must be an empty string (default) or Memory.
4823 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
4824 type: string
4825 sizeLimit:
4826 anyOf:
4827 - type: integer
4828 - type: string
4829 description: |-
4830 sizeLimit is the total amount of local storage required for this EmptyDir volume.
4831 The size limit is also applicable for memory medium.
4832 The maximum usage on memory medium EmptyDir would be the minimum value between
4833 the SizeLimit specified here and the sum of memory limits of all containers in a pod.
4834 The default is nil which means that the limit is undefined.
4835 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
4836 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4837 x-kubernetes-int-or-string: true
4838 type: object
4839 ephemeral:
4840 description: |-
4841 EphemeralVolumeSource to be used by the StatefulSet.
4842 This is a beta field in k8s 1.21 and GA in 1.15.
4843 For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate.
4844 More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes
4845 properties:
4846 volumeClaimTemplate:
4847 description: |-
4848 Will be used to create a stand-alone PVC to provision the volume.
4849 The pod in which this EphemeralVolumeSource is embedded will be the
4850 owner of the PVC, i.e. the PVC will be deleted together with the
4851 pod. The name of the PVC will be `<pod name>-<volume name>` where
4852 `<volume name>` is the name from the `PodSpec.Volumes` array
4853 entry. Pod validation will reject the pod if the concatenated name
4854 is not valid for a PVC (for example, too long).
4855
4856
4857 An existing PVC with that name that is not owned by the pod
4858 will *not* be used for the pod to avoid using an unrelated
4859 volume by mistake. Starting the pod is then blocked until
4860 the unrelated PVC is removed. If such a pre-created PVC is
4861 meant to be used by the pod, the PVC has to updated with an
4862 owner reference to the pod once the pod exists. Normally
4863 this should not be necessary, but it may be useful when
4864 manually reconstructing a broken cluster.
4865
4866
4867 This field is read-only and no changes will be made by Kubernetes
4868 to the PVC after it has been created.
4869
4870
4871 Required, must not be nil.
4872 properties:
4873 metadata:
4874 description: |-
4875 May contain labels and annotations that will be copied into the PVC
4876 when creating it. No other fields are allowed and will be rejected during
4877 validation.
4878 properties:
4879 annotations:
4880 additionalProperties:
4881 type: string
4882 type: object
4883 finalizers:
4884 items:
4885 type: string
4886 type: array
4887 labels:
4888 additionalProperties:
4889 type: string
4890 type: object
4891 name:
4892 type: string
4893 namespace:
4894 type: string
4895 type: object
4896 spec:
4897 description: |-
4898 The specification for the PersistentVolumeClaim. The entire content is
4899 copied unchanged into the PVC that gets created from this
4900 template. The same fields as in a PersistentVolumeClaim
4901 are also valid here.
4902 properties:
4903 accessModes:
4904 description: |-
4905 accessModes contains the desired access modes the volume should have.
4906 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
4907 items:
4908 type: string
4909 type: array
4910 x-kubernetes-list-type: atomic
4911 dataSource:
4912 description: |-
4913 dataSource field can be used to specify either:
4914 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
4915 * An existing PVC (PersistentVolumeClaim)
4916 If the provisioner or an external controller can support the specified data source,
4917 it will create a new volume based on the contents of the specified data source.
4918 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
4919 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
4920 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
4921 properties:
4922 apiGroup:
4923 description: |-
4924 APIGroup is the group for the resource being referenced.
4925 If APIGroup is not specified, the specified Kind must be in the core API group.
4926 For any other third-party types, APIGroup is required.
4927 type: string
4928 kind:
4929 description: Kind is the type of resource being
4930 referenced
4931 type: string
4932 name:
4933 description: Name is the name of resource being
4934 referenced
4935 type: string
4936 required:
4937 - kind
4938 - name
4939 type: object
4940 x-kubernetes-map-type: atomic
4941 dataSourceRef:
4942 description: |-
4943 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
4944 volume is desired. This may be any object from a non-empty API group (non
4945 core object) or a PersistentVolumeClaim object.
4946 When this field is specified, volume binding will only succeed if the type of
4947 the specified object matches some installed volume populator or dynamic
4948 provisioner.
4949 This field will replace the functionality of the dataSource field and as such
4950 if both fields are non-empty, they must have the same value. For backwards
4951 compatibility, when namespace isn't specified in dataSourceRef,
4952 both fields (dataSource and dataSourceRef) will be set to the same
4953 value automatically if one of them is empty and the other is non-empty.
4954 When namespace is specified in dataSourceRef,
4955 dataSource isn't set to the same value and must be empty.
4956 There are three important differences between dataSource and dataSourceRef:
4957 * While dataSource only allows two specific types of objects, dataSourceRef
4958 allows any non-core object, as well as PersistentVolumeClaim objects.
4959 * While dataSource ignores disallowed values (dropping them), dataSourceRef
4960 preserves all values, and generates an error if a disallowed value is
4961 specified.
4962 * While dataSource only allows local objects, dataSourceRef allows objects
4963 in any namespaces.
4964 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
4965 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
4966 properties:
4967 apiGroup:
4968 description: |-
4969 APIGroup is the group for the resource being referenced.
4970 If APIGroup is not specified, the specified Kind must be in the core API group.
4971 For any other third-party types, APIGroup is required.
4972 type: string
4973 kind:
4974 description: Kind is the type of resource being
4975 referenced
4976 type: string
4977 name:
4978 description: Name is the name of resource being
4979 referenced
4980 type: string
4981 namespace:
4982 description: |-
4983 Namespace is the namespace of resource being referenced
4984 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
4985 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
4986 type: string
4987 required:
4988 - kind
4989 - name
4990 type: object
4991 resources:
4992 description: |-
4993 resources represents the minimum resources the volume should have.
4994 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
4995 that are lower than previous value but must still be higher than capacity recorded in the
4996 status field of the claim.
4997 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
4998 properties:
4999 limits:
5000 additionalProperties:
5001 anyOf:
5002 - type: integer
5003 - type: string
5004 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5005 x-kubernetes-int-or-string: true
5006 description: |-
5007 Limits describes the maximum amount of compute resources allowed.
5008 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5009 type: object
5010 requests:
5011 additionalProperties:
5012 anyOf:
5013 - type: integer
5014 - type: string
5015 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5016 x-kubernetes-int-or-string: true
5017 description: |-
5018 Requests describes the minimum amount of compute resources required.
5019 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
5020 otherwise to an implementation-defined value. Requests cannot exceed Limits.
5021 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5022 type: object
5023 type: object
5024 selector:
5025 description: selector is a label query over volumes
5026 to consider for binding.
5027 properties:
5028 matchExpressions:
5029 description: matchExpressions is a list of label
5030 selector requirements. The requirements are
5031 ANDed.
5032 items:
5033 description: |-
5034 A label selector requirement is a selector that contains values, a key, and an operator that
5035 relates the key and values.
5036 properties:
5037 key:
5038 description: key is the label key that the
5039 selector applies to.
5040 type: string
5041 operator:
5042 description: |-
5043 operator represents a key's relationship to a set of values.
5044 Valid operators are In, NotIn, Exists and DoesNotExist.
5045 type: string
5046 values:
5047 description: |-
5048 values is an array of string values. If the operator is In or NotIn,
5049 the values array must be non-empty. If the operator is Exists or DoesNotExist,
5050 the values array must be empty. This array is replaced during a strategic
5051 merge patch.
5052 items:
5053 type: string
5054 type: array
5055 x-kubernetes-list-type: atomic
5056 required:
5057 - key
5058 - operator
5059 type: object
5060 type: array
5061 x-kubernetes-list-type: atomic
5062 matchLabels:
5063 additionalProperties:
5064 type: string
5065 description: |-
5066 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
5067 map is equivalent to an element of matchExpressions, whose key field is "key", the
5068 operator is "In", and the values array contains only "value". The requirements are ANDed.
5069 type: object
5070 type: object
5071 x-kubernetes-map-type: atomic
5072 storageClassName:
5073 description: |-
5074 storageClassName is the name of the StorageClass required by the claim.
5075 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
5076 type: string
5077 volumeAttributesClassName:
5078 description: |-
5079 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
5080 If specified, the CSI driver will create or update the volume with the attributes defined
5081 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
5082 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
5083 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
5084 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
5085 will be set by the persistentvolume controller if it exists.
5086 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
5087 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
5088 exists.
5089 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
5090 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
5091 type: string
5092 volumeMode:
5093 description: |-
5094 volumeMode defines what type of volume is required by the claim.
5095 Value of Filesystem is implied when not included in claim spec.
5096 type: string
5097 volumeName:
5098 description: volumeName is the binding reference to
5099 the PersistentVolume backing this claim.
5100 type: string
5101 type: object
5102 required:
5103 - spec
5104 type: object
5105 type: object
5106 volumeClaimTemplate:
5107 description: |-
5108 Defines the PVC spec to be used by the Prometheus StatefulSets.
5109 The easiest way to use a volume that cannot be automatically provisioned
5110 is to use a label selector alongside manually created PersistentVolumes.
5111 properties:
5112 apiVersion:
5113 description: |-
5114 APIVersion defines the versioned schema of this representation of an object.
5115 Servers should convert recognized schemas to the latest internal value, and
5116 may reject unrecognized values.
5117 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
5118 type: string
5119 kind:
5120 description: |-
5121 Kind is a string value representing the REST resource this object represents.
5122 Servers may infer this from the endpoint the client submits requests to.
5123 Cannot be updated.
5124 In CamelCase.
5125 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
5126 type: string
5127 metadata:
5128 description: EmbeddedMetadata contains metadata relevant to
5129 an EmbeddedResource.
5130 properties:
5131 annotations:
5132 additionalProperties:
5133 type: string
5134 description: |-
5135 Annotations is an unstructured key value map stored with a resource that may be
5136 set by external tools to store and retrieve arbitrary metadata. They are not
5137 queryable and should be preserved when modifying objects.
5138 More info: http://kubernetes.io/docs/user-guide/annotations
5139 type: object
5140 labels:
5141 additionalProperties:
5142 type: string
5143 description: |-
5144 Map of string keys and values that can be used to organize and categorize
5145 (scope and select) objects. May match selectors of replication controllers
5146 and services.
5147 More info: http://kubernetes.io/docs/user-guide/labels
5148 type: object
5149 name:
5150 description: |-
5151 Name must be unique within a namespace. Is required when creating resources, although
5152 some resources may allow a client to request the generation of an appropriate name
5153 automatically. Name is primarily intended for creation idempotence and configuration
5154 definition.
5155 Cannot be updated.
5156 More info: http://kubernetes.io/docs/user-guide/identifiers#names
5157 type: string
5158 type: object
5159 spec:
5160 description: |-
5161 Defines the desired characteristics of a volume requested by a pod author.
5162 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
5163 properties:
5164 accessModes:
5165 description: |-
5166 accessModes contains the desired access modes the volume should have.
5167 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
5168 items:
5169 type: string
5170 type: array
5171 x-kubernetes-list-type: atomic
5172 dataSource:
5173 description: |-
5174 dataSource field can be used to specify either:
5175 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
5176 * An existing PVC (PersistentVolumeClaim)
5177 If the provisioner or an external controller can support the specified data source,
5178 it will create a new volume based on the contents of the specified data source.
5179 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
5180 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
5181 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
5182 properties:
5183 apiGroup:
5184 description: |-
5185 APIGroup is the group for the resource being referenced.
5186 If APIGroup is not specified, the specified Kind must be in the core API group.
5187 For any other third-party types, APIGroup is required.
5188 type: string
5189 kind:
5190 description: Kind is the type of resource being referenced
5191 type: string
5192 name:
5193 description: Name is the name of resource being referenced
5194 type: string
5195 required:
5196 - kind
5197 - name
5198 type: object
5199 x-kubernetes-map-type: atomic
5200 dataSourceRef:
5201 description: |-
5202 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
5203 volume is desired. This may be any object from a non-empty API group (non
5204 core object) or a PersistentVolumeClaim object.
5205 When this field is specified, volume binding will only succeed if the type of
5206 the specified object matches some installed volume populator or dynamic
5207 provisioner.
5208 This field will replace the functionality of the dataSource field and as such
5209 if both fields are non-empty, they must have the same value. For backwards
5210 compatibility, when namespace isn't specified in dataSourceRef,
5211 both fields (dataSource and dataSourceRef) will be set to the same
5212 value automatically if one of them is empty and the other is non-empty.
5213 When namespace is specified in dataSourceRef,
5214 dataSource isn't set to the same value and must be empty.
5215 There are three important differences between dataSource and dataSourceRef:
5216 * While dataSource only allows two specific types of objects, dataSourceRef
5217 allows any non-core object, as well as PersistentVolumeClaim objects.
5218 * While dataSource ignores disallowed values (dropping them), dataSourceRef
5219 preserves all values, and generates an error if a disallowed value is
5220 specified.
5221 * While dataSource only allows local objects, dataSourceRef allows objects
5222 in any namespaces.
5223 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
5224 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
5225 properties:
5226 apiGroup:
5227 description: |-
5228 APIGroup is the group for the resource being referenced.
5229 If APIGroup is not specified, the specified Kind must be in the core API group.
5230 For any other third-party types, APIGroup is required.
5231 type: string
5232 kind:
5233 description: Kind is the type of resource being referenced
5234 type: string
5235 name:
5236 description: Name is the name of resource being referenced
5237 type: string
5238 namespace:
5239 description: |-
5240 Namespace is the namespace of resource being referenced
5241 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
5242 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
5243 type: string
5244 required:
5245 - kind
5246 - name
5247 type: object
5248 resources:
5249 description: |-
5250 resources represents the minimum resources the volume should have.
5251 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
5252 that are lower than previous value but must still be higher than capacity recorded in the
5253 status field of the claim.
5254 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
5255 properties:
5256 limits:
5257 additionalProperties:
5258 anyOf:
5259 - type: integer
5260 - type: string
5261 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5262 x-kubernetes-int-or-string: true
5263 description: |-
5264 Limits describes the maximum amount of compute resources allowed.
5265 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5266 type: object
5267 requests:
5268 additionalProperties:
5269 anyOf:
5270 - type: integer
5271 - type: string
5272 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5273 x-kubernetes-int-or-string: true
5274 description: |-
5275 Requests describes the minimum amount of compute resources required.
5276 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
5277 otherwise to an implementation-defined value. Requests cannot exceed Limits.
5278 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
5279 type: object
5280 type: object
5281 selector:
5282 description: selector is a label query over volumes to
5283 consider for binding.
5284 properties:
5285 matchExpressions:
5286 description: matchExpressions is a list of label selector
5287 requirements. The requirements are ANDed.
5288 items:
5289 description: |-
5290 A label selector requirement is a selector that contains values, a key, and an operator that
5291 relates the key and values.
5292 properties:
5293 key:
5294 description: key is the label key that the selector
5295 applies to.
5296 type: string
5297 operator:
5298 description: |-
5299 operator represents a key's relationship to a set of values.
5300 Valid operators are In, NotIn, Exists and DoesNotExist.
5301 type: string
5302 values:
5303 description: |-
5304 values is an array of string values. If the operator is In or NotIn,
5305 the values array must be non-empty. If the operator is Exists or DoesNotExist,
5306 the values array must be empty. This array is replaced during a strategic
5307 merge patch.
5308 items:
5309 type: string
5310 type: array
5311 x-kubernetes-list-type: atomic
5312 required:
5313 - key
5314 - operator
5315 type: object
5316 type: array
5317 x-kubernetes-list-type: atomic
5318 matchLabels:
5319 additionalProperties:
5320 type: string
5321 description: |-
5322 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
5323 map is equivalent to an element of matchExpressions, whose key field is "key", the
5324 operator is "In", and the values array contains only "value". The requirements are ANDed.
5325 type: object
5326 type: object
5327 x-kubernetes-map-type: atomic
5328 storageClassName:
5329 description: |-
5330 storageClassName is the name of the StorageClass required by the claim.
5331 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
5332 type: string
5333 volumeAttributesClassName:
5334 description: |-
5335 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
5336 If specified, the CSI driver will create or update the volume with the attributes defined
5337 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
5338 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
5339 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
5340 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
5341 will be set by the persistentvolume controller if it exists.
5342 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
5343 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
5344 exists.
5345 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
5346 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
5347 type: string
5348 volumeMode:
5349 description: |-
5350 volumeMode defines what type of volume is required by the claim.
5351 Value of Filesystem is implied when not included in claim spec.
5352 type: string
5353 volumeName:
5354 description: volumeName is the binding reference to the
5355 PersistentVolume backing this claim.
5356 type: string
5357 type: object
5358 status:
5359 description: '*Deprecated: this field is never set.*'
5360 properties:
5361 accessModes:
5362 description: |-
5363 accessModes contains the actual access modes the volume backing the PVC has.
5364 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
5365 items:
5366 type: string
5367 type: array
5368 x-kubernetes-list-type: atomic
5369 allocatedResourceStatuses:
5370 additionalProperties:
5371 description: |-
5372 When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource
5373 that it does not recognizes, then it should ignore that update and let other controllers
5374 handle it.
5375 type: string
5376 description: "allocatedResourceStatuses stores status
5377 of resource being resized for the given PVC.\nKey names
5378 follow standard Kubernetes label syntax. Valid values
5379 are either:\n\t* Un-prefixed keys:\n\t\t- storage -
5380 the capacity of the volume.\n\t* Custom resources must
5381 use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart
5382 from above values - keys that are unprefixed or have
5383 kubernetes.io prefix are considered\nreserved and hence
5384 may not be used.\n\n\nClaimResourceStatus can be in
5385 any of following states:\n\t- ControllerResizeInProgress:\n\t\tState
5386 set when resize controller starts resizing the volume
5387 in control-plane.\n\t- ControllerResizeFailed:\n\t\tState
5388 set when resize has failed in resize controller with
5389 a terminal error.\n\t- NodeResizePending:\n\t\tState
5390 set when resize controller has finished resizing the
5391 volume but further resizing of\n\t\tvolume is needed
5392 on the node.\n\t- NodeResizeInProgress:\n\t\tState set
5393 when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState
5394 set when resizing has failed in kubelet with a terminal
5395 error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor
5396 example: if expanding a PVC for more capacity - this
5397 field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage']
5398 = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage']
5399 = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage']
5400 = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage']
5401 = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage']
5402 = \"NodeResizeFailed\"\nWhen this field is not set,
5403 it means that no resize operation is in progress for
5404 the given PVC.\n\n\nA controller that receives PVC update
5405 with previously unknown resourceName or ClaimResourceStatus\nshould
5406 ignore the update for the purpose it was designed. For
5407 example - a controller that\nonly is responsible for
5408 resizing capacity of the volume, should ignore PVC updates
5409 that change other valid\nresources associated with PVC.\n\n\nThis
5410 is an alpha field and requires enabling RecoverVolumeExpansionFailure
5411 feature."
5412 type: object
5413 x-kubernetes-map-type: granular
5414 allocatedResources:
5415 additionalProperties:
5416 anyOf:
5417 - type: integer
5418 - type: string
5419 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5420 x-kubernetes-int-or-string: true
5421 description: "allocatedResources tracks the resources
5422 allocated to a PVC including its capacity.\nKey names
5423 follow standard Kubernetes label syntax. Valid values
5424 are either:\n\t* Un-prefixed keys:\n\t\t- storage -
5425 the capacity of the volume.\n\t* Custom resources must
5426 use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart
5427 from above values - keys that are unprefixed or have
5428 kubernetes.io prefix are considered\nreserved and hence
5429 may not be used.\n\n\nCapacity reported here may be
5430 larger than the actual capacity when a volume expansion
5431 operation\nis requested.\nFor storage quota, the larger
5432 value from allocatedResources and PVC.spec.resources
5433 is used.\nIf allocatedResources is not set, PVC.spec.resources
5434 alone is used for quota calculation.\nIf a volume expansion
5435 capacity request is lowered, allocatedResources is only\nlowered
5436 if there are no expansion operations in progress and
5437 if the actual volume capacity\nis equal or lower than
5438 the requested capacity.\n\n\nA controller that receives
5439 PVC update with previously unknown resourceName\nshould
5440 ignore the update for the purpose it was designed. For
5441 example - a controller that\nonly is responsible for
5442 resizing capacity of the volume, should ignore PVC updates
5443 that change other valid\nresources associated with PVC.\n\n\nThis
5444 is an alpha field and requires enabling RecoverVolumeExpansionFailure
5445 feature."
5446 type: object
5447 capacity:
5448 additionalProperties:
5449 anyOf:
5450 - type: integer
5451 - type: string
5452 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5453 x-kubernetes-int-or-string: true
5454 description: capacity represents the actual resources
5455 of the underlying volume.
5456 type: object
5457 conditions:
5458 description: |-
5459 conditions is the current Condition of persistent volume claim. If underlying persistent volume is being
5460 resized then the Condition will be set to 'Resizing'.
5461 items:
5462 description: PersistentVolumeClaimCondition contains
5463 details about state of pvc
5464 properties:
5465 lastProbeTime:
5466 description: lastProbeTime is the time we probed
5467 the condition.
5468 format: date-time
5469 type: string
5470 lastTransitionTime:
5471 description: lastTransitionTime is the time the
5472 condition transitioned from one status to another.
5473 format: date-time
5474 type: string
5475 message:
5476 description: message is the human-readable message
5477 indicating details about last transition.
5478 type: string
5479 reason:
5480 description: |-
5481 reason is a unique, this should be a short, machine understandable string that gives the reason
5482 for condition's last transition. If it reports "Resizing" that means the underlying
5483 persistent volume is being resized.
5484 type: string
5485 status:
5486 type: string
5487 type:
5488 description: PersistentVolumeClaimConditionType
5489 is a valid value of PersistentVolumeClaimCondition.Type
5490 type: string
5491 required:
5492 - status
5493 - type
5494 type: object
5495 type: array
5496 x-kubernetes-list-map-keys:
5497 - type
5498 x-kubernetes-list-type: map
5499 currentVolumeAttributesClassName:
5500 description: |-
5501 currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.
5502 When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim
5503 This is an alpha field and requires enabling VolumeAttributesClass feature.
5504 type: string
5505 modifyVolumeStatus:
5506 description: |-
5507 ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.
5508 When this is unset, there is no ModifyVolume operation being attempted.
5509 This is an alpha field and requires enabling VolumeAttributesClass feature.
5510 properties:
5511 status:
5512 description: "status is the status of the ControllerModifyVolume
5513 operation. It can be in any of following states:\n
5514 - Pending\n Pending indicates that the PersistentVolumeClaim
5515 cannot be modified due to unmet requirements, such
5516 as\n the specified VolumeAttributesClass not existing.\n
5517 - InProgress\n InProgress indicates that the volume
5518 is being modified.\n - Infeasible\n Infeasible
5519 indicates that the request has been rejected as
5520 invalid by the CSI driver. To\n\t resolve the error,
5521 a valid VolumeAttributesClass needs to be specified.\nNote:
5522 New statuses can be added in the future. Consumers
5523 should check for unknown statuses and fail appropriately."
5524 type: string
5525 targetVolumeAttributesClassName:
5526 description: targetVolumeAttributesClassName is the
5527 name of the VolumeAttributesClass the PVC currently
5528 being reconciled
5529 type: string
5530 required:
5531 - status
5532 type: object
5533 phase:
5534 description: phase represents the current phase of PersistentVolumeClaim.
5535 type: string
5536 type: object
5537 type: object
5538 type: object
5539 tolerations:
5540 description: If specified, the pod's tolerations.
5541 items:
5542 description: |-
5543 The pod this Toleration is attached to tolerates any taint that matches
5544 the triple <key,value,effect> using the matching operator <operator>.
5545 properties:
5546 effect:
5547 description: |-
5548 Effect indicates the taint effect to match. Empty means match all taint effects.
5549 When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
5550 type: string
5551 key:
5552 description: |-
5553 Key is the taint key that the toleration applies to. Empty means match all taint keys.
5554 If the key is empty, operator must be Exists; this combination means to match all values and all keys.
5555 type: string
5556 operator:
5557 description: |-
5558 Operator represents a key's relationship to the value.
5559 Valid operators are Exists and Equal. Defaults to Equal.
5560 Exists is equivalent to wildcard for value, so that a pod can
5561 tolerate all taints of a particular category.
5562 type: string
5563 tolerationSeconds:
5564 description: |-
5565 TolerationSeconds represents the period of time the toleration (which must be
5566 of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
5567 it is not set, which means tolerate the taint forever (do not evict). Zero and
5568 negative values will be treated as 0 (evict immediately) by the system.
5569 format: int64
5570 type: integer
5571 value:
5572 description: |-
5573 Value is the taint value the toleration matches to.
5574 If the operator is Exists, the value should be empty, otherwise just a regular string.
5575 type: string
5576 type: object
5577 type: array
5578 topologySpreadConstraints:
5579 description: If specified, the pod's topology spread constraints.
5580 items:
5581 description: TopologySpreadConstraint specifies how to spread matching
5582 pods among the given topology.
5583 properties:
5584 labelSelector:
5585 description: |-
5586 LabelSelector is used to find matching pods.
5587 Pods that match this label selector are counted to determine the number of pods
5588 in their corresponding topology domain.
5589 properties:
5590 matchExpressions:
5591 description: matchExpressions is a list of label selector
5592 requirements. The requirements are ANDed.
5593 items:
5594 description: |-
5595 A label selector requirement is a selector that contains values, a key, and an operator that
5596 relates the key and values.
5597 properties:
5598 key:
5599 description: key is the label key that the selector
5600 applies to.
5601 type: string
5602 operator:
5603 description: |-
5604 operator represents a key's relationship to a set of values.
5605 Valid operators are In, NotIn, Exists and DoesNotExist.
5606 type: string
5607 values:
5608 description: |-
5609 values is an array of string values. If the operator is In or NotIn,
5610 the values array must be non-empty. If the operator is Exists or DoesNotExist,
5611 the values array must be empty. This array is replaced during a strategic
5612 merge patch.
5613 items:
5614 type: string
5615 type: array
5616 x-kubernetes-list-type: atomic
5617 required:
5618 - key
5619 - operator
5620 type: object
5621 type: array
5622 x-kubernetes-list-type: atomic
5623 matchLabels:
5624 additionalProperties:
5625 type: string
5626 description: |-
5627 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
5628 map is equivalent to an element of matchExpressions, whose key field is "key", the
5629 operator is "In", and the values array contains only "value". The requirements are ANDed.
5630 type: object
5631 type: object
5632 x-kubernetes-map-type: atomic
5633 matchLabelKeys:
5634 description: |-
5635 MatchLabelKeys is a set of pod label keys to select the pods over which
5636 spreading will be calculated. The keys are used to lookup values from the
5637 incoming pod labels, those key-value labels are ANDed with labelSelector
5638 to select the group of existing pods over which spreading will be calculated
5639 for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
5640 MatchLabelKeys cannot be set when LabelSelector isn't set.
5641 Keys that don't exist in the incoming pod labels will
5642 be ignored. A null or empty list means only match against labelSelector.
5643
5644
5645 This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
5646 items:
5647 type: string
5648 type: array
5649 x-kubernetes-list-type: atomic
5650 maxSkew:
5651 description: |-
5652 MaxSkew describes the degree to which pods may be unevenly distributed.
5653 When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
5654 between the number of matching pods in the target topology and the global minimum.
5655 The global minimum is the minimum number of matching pods in an eligible domain
5656 or zero if the number of eligible domains is less than MinDomains.
5657 For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
5658 labelSelector spread as 2/2/1:
5659 In this case, the global minimum is 1.
5660 | zone1 | zone2 | zone3 |
5661 | P P | P P | P |
5662 - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
5663 scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
5664 violate MaxSkew(1).
5665 - if MaxSkew is 2, incoming pod can be scheduled onto any zone.
5666 When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
5667 to topologies that satisfy it.
5668 It's a required field. Default value is 1 and 0 is not allowed.
5669 format: int32
5670 type: integer
5671 minDomains:
5672 description: |-
5673 MinDomains indicates a minimum number of eligible domains.
5674 When the number of eligible domains with matching topology keys is less than minDomains,
5675 Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
5676 And when the number of eligible domains with matching topology keys equals or greater than minDomains,
5677 this value has no effect on scheduling.
5678 As a result, when the number of eligible domains is less than minDomains,
5679 scheduler won't schedule more than maxSkew Pods to those domains.
5680 If value is nil, the constraint behaves as if MinDomains is equal to 1.
5681 Valid values are integers greater than 0.
5682 When value is not nil, WhenUnsatisfiable must be DoNotSchedule.
5683
5684
5685 For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
5686 labelSelector spread as 2/2/2:
5687 | zone1 | zone2 | zone3 |
5688 | P P | P P | P P |
5689 The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
5690 In this situation, new pod with the same labelSelector cannot be scheduled,
5691 because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
5692 it will violate MaxSkew.
5693 format: int32
5694 type: integer
5695 nodeAffinityPolicy:
5696 description: |-
5697 NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
5698 when calculating pod topology spread skew. Options are:
5699 - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
5700 - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
5701
5702
5703 If this value is nil, the behavior is equivalent to the Honor policy.
5704 This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
5705 type: string
5706 nodeTaintsPolicy:
5707 description: |-
5708 NodeTaintsPolicy indicates how we will treat node taints when calculating
5709 pod topology spread skew. Options are:
5710 - Honor: nodes without taints, along with tainted nodes for which the incoming pod
5711 has a toleration, are included.
5712 - Ignore: node taints are ignored. All nodes are included.
5713
5714
5715 If this value is nil, the behavior is equivalent to the Ignore policy.
5716 This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
5717 type: string
5718 topologyKey:
5719 description: |-
5720 TopologyKey is the key of node labels. Nodes that have a label with this key
5721 and identical values are considered to be in the same topology.
5722 We consider each <key, value> as a "bucket", and try to put balanced number
5723 of pods into each bucket.
5724 We define a domain as a particular instance of a topology.
5725 Also, we define an eligible domain as a domain whose nodes meet the requirements of
5726 nodeAffinityPolicy and nodeTaintsPolicy.
5727 e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
5728 And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
5729 It's a required field.
5730 type: string
5731 whenUnsatisfiable:
5732 description: |-
5733 WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy
5734 the spread constraint.
5735 - DoNotSchedule (default) tells the scheduler not to schedule it.
5736 - ScheduleAnyway tells the scheduler to schedule the pod in any location,
5737 but giving higher precedence to topologies that would help reduce the
5738 skew.
5739 A constraint is considered "Unsatisfiable" for an incoming pod
5740 if and only if every possible node assignment for that pod would violate
5741 "MaxSkew" on some topology.
5742 For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
5743 labelSelector spread as 3/1/1:
5744 | zone1 | zone2 | zone3 |
5745 | P P P | P | P |
5746 If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled
5747 to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies
5748 MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler
5749 won't make it *more* imbalanced.
5750 It's a required field.
5751 type: string
5752 required:
5753 - maxSkew
5754 - topologyKey
5755 - whenUnsatisfiable
5756 type: object
5757 type: array
5758 tracingConfig:
5759 description: TracingConfig configures tracing in Thanos. This is an
5760 experimental feature, it may change in any upcoming release in a
5761 breaking way.
5762 properties:
5763 key:
5764 description: The key of the secret to select from. Must be a
5765 valid secret key.
5766 type: string
5767 name:
5768 default: ""
5769 description: |-
5770 Name of the referent.
5771 This field is effectively required, but due to backwards compatibility is
5772 allowed to be empty. Instances of this type with an empty value here are
5773 almost certainly wrong.
5774 TODO: Add other useful fields. apiVersion, kind, uid?
5775 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
5776 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
5777 type: string
5778 optional:
5779 description: Specify whether the Secret or its key must be defined
5780 type: boolean
5781 required:
5782 - key
5783 type: object
5784 x-kubernetes-map-type: atomic
5785 tracingConfigFile:
5786 description: |-
5787 TracingConfig specifies the path of the tracing configuration file.
5788 When used alongside with TracingConfig, TracingConfigFile takes precedence.
5789 type: string
5790 version:
5791 description: Version of Thanos to be deployed.
5792 type: string
5793 volumeMounts:
5794 description: |-
5795 VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition.
5796 VolumeMounts specified will be appended to other VolumeMounts in the ruler container,
5797 that are generated as a result of StorageSpec objects.
5798 items:
5799 description: VolumeMount describes a mounting of a Volume within
5800 a container.
5801 properties:
5802 mountPath:
5803 description: |-
5804 Path within the container at which the volume should be mounted. Must
5805 not contain ':'.
5806 type: string
5807 mountPropagation:
5808 description: |-
5809 mountPropagation determines how mounts are propagated from the host
5810 to container and the other way around.
5811 When not set, MountPropagationNone is used.
5812 This field is beta in 1.10.
5813 When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
5814 (which defaults to None).
5815 type: string
5816 name:
5817 description: This must match the Name of a Volume.
5818 type: string
5819 readOnly:
5820 description: |-
5821 Mounted read-only if true, read-write otherwise (false or unspecified).
5822 Defaults to false.
5823 type: boolean
5824 recursiveReadOnly:
5825 description: |-
5826 RecursiveReadOnly specifies whether read-only mounts should be handled
5827 recursively.
5828
5829
5830 If ReadOnly is false, this field has no meaning and must be unspecified.
5831
5832
5833 If ReadOnly is true, and this field is set to Disabled, the mount is not made
5834 recursively read-only. If this field is set to IfPossible, the mount is made
5835 recursively read-only, if it is supported by the container runtime. If this
5836 field is set to Enabled, the mount is made recursively read-only if it is
5837 supported by the container runtime, otherwise the pod will not be started and
5838 an error will be generated to indicate the reason.
5839
5840
5841 If this field is set to IfPossible or Enabled, MountPropagation must be set to
5842 None (or be unspecified, which defaults to None).
5843
5844
5845 If this field is not specified, it is treated as an equivalent of Disabled.
5846 type: string
5847 subPath:
5848 description: |-
5849 Path within the volume from which the container's volume should be mounted.
5850 Defaults to "" (volume's root).
5851 type: string
5852 subPathExpr:
5853 description: |-
5854 Expanded path within the volume from which the container's volume should be mounted.
5855 Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
5856 Defaults to "" (volume's root).
5857 SubPathExpr and SubPath are mutually exclusive.
5858 type: string
5859 required:
5860 - mountPath
5861 - name
5862 type: object
5863 type: array
5864 volumes:
5865 description: |-
5866 Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will
5867 be appended to other volumes that are generated as a result of StorageSpec objects.
5868 items:
5869 description: Volume represents a named volume in a pod that may
5870 be accessed by any container in the pod.
5871 properties:
5872 awsElasticBlockStore:
5873 description: |-
5874 awsElasticBlockStore represents an AWS Disk resource that is attached to a
5875 kubelet's host machine and then exposed to the pod.
5876 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
5877 properties:
5878 fsType:
5879 description: |-
5880 fsType is the filesystem type of the volume that you want to mount.
5881 Tip: Ensure that the filesystem type is supported by the host operating system.
5882 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
5883 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
5884 TODO: how do we prevent errors in the filesystem from compromising the machine
5885 type: string
5886 partition:
5887 description: |-
5888 partition is the partition in the volume that you want to mount.
5889 If omitted, the default is to mount by volume name.
5890 Examples: For volume /dev/sda1, you specify the partition as "1".
5891 Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
5892 format: int32
5893 type: integer
5894 readOnly:
5895 description: |-
5896 readOnly value true will force the readOnly setting in VolumeMounts.
5897 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
5898 type: boolean
5899 volumeID:
5900 description: |-
5901 volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).
5902 More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
5903 type: string
5904 required:
5905 - volumeID
5906 type: object
5907 azureDisk:
5908 description: azureDisk represents an Azure Data Disk mount on
5909 the host and bind mount to the pod.
5910 properties:
5911 cachingMode:
5912 description: 'cachingMode is the Host Caching mode: None,
5913 Read Only, Read Write.'
5914 type: string
5915 diskName:
5916 description: diskName is the Name of the data disk in the
5917 blob storage
5918 type: string
5919 diskURI:
5920 description: diskURI is the URI of data disk in the blob
5921 storage
5922 type: string
5923 fsType:
5924 description: |-
5925 fsType is Filesystem type to mount.
5926 Must be a filesystem type supported by the host operating system.
5927 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
5928 type: string
5929 kind:
5930 description: 'kind expected values are Shared: multiple
5931 blob disks per storage account Dedicated: single blob
5932 disk per storage account Managed: azure managed data
5933 disk (only in managed availability set). defaults to shared'
5934 type: string
5935 readOnly:
5936 description: |-
5937 readOnly Defaults to false (read/write). ReadOnly here will force
5938 the ReadOnly setting in VolumeMounts.
5939 type: boolean
5940 required:
5941 - diskName
5942 - diskURI
5943 type: object
5944 azureFile:
5945 description: azureFile represents an Azure File Service mount
5946 on the host and bind mount to the pod.
5947 properties:
5948 readOnly:
5949 description: |-
5950 readOnly defaults to false (read/write). ReadOnly here will force
5951 the ReadOnly setting in VolumeMounts.
5952 type: boolean
5953 secretName:
5954 description: secretName is the name of secret that contains
5955 Azure Storage Account Name and Key
5956 type: string
5957 shareName:
5958 description: shareName is the azure share Name
5959 type: string
5960 required:
5961 - secretName
5962 - shareName
5963 type: object
5964 cephfs:
5965 description: cephFS represents a Ceph FS mount on the host that
5966 shares a pod's lifetime
5967 properties:
5968 monitors:
5969 description: |-
5970 monitors is Required: Monitors is a collection of Ceph monitors
5971 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
5972 items:
5973 type: string
5974 type: array
5975 x-kubernetes-list-type: atomic
5976 path:
5977 description: 'path is Optional: Used as the mounted root,
5978 rather than the full Ceph tree, default is /'
5979 type: string
5980 readOnly:
5981 description: |-
5982 readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
5983 the ReadOnly setting in VolumeMounts.
5984 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
5985 type: boolean
5986 secretFile:
5987 description: |-
5988 secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
5989 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
5990 type: string
5991 secretRef:
5992 description: |-
5993 secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.
5994 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
5995 properties:
5996 name:
5997 default: ""
5998 description: |-
5999 Name of the referent.
6000 This field is effectively required, but due to backwards compatibility is
6001 allowed to be empty. Instances of this type with an empty value here are
6002 almost certainly wrong.
6003 TODO: Add other useful fields. apiVersion, kind, uid?
6004 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6005 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6006 type: string
6007 type: object
6008 x-kubernetes-map-type: atomic
6009 user:
6010 description: |-
6011 user is optional: User is the rados user name, default is admin
6012 More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
6013 type: string
6014 required:
6015 - monitors
6016 type: object
6017 cinder:
6018 description: |-
6019 cinder represents a cinder volume attached and mounted on kubelets host machine.
6020 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6021 properties:
6022 fsType:
6023 description: |-
6024 fsType is the filesystem type to mount.
6025 Must be a filesystem type supported by the host operating system.
6026 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6027 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6028 type: string
6029 readOnly:
6030 description: |-
6031 readOnly defaults to false (read/write). ReadOnly here will force
6032 the ReadOnly setting in VolumeMounts.
6033 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6034 type: boolean
6035 secretRef:
6036 description: |-
6037 secretRef is optional: points to a secret object containing parameters used to connect
6038 to OpenStack.
6039 properties:
6040 name:
6041 default: ""
6042 description: |-
6043 Name of the referent.
6044 This field is effectively required, but due to backwards compatibility is
6045 allowed to be empty. Instances of this type with an empty value here are
6046 almost certainly wrong.
6047 TODO: Add other useful fields. apiVersion, kind, uid?
6048 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6049 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6050 type: string
6051 type: object
6052 x-kubernetes-map-type: atomic
6053 volumeID:
6054 description: |-
6055 volumeID used to identify the volume in cinder.
6056 More info: https://examples.k8s.io/mysql-cinder-pd/README.md
6057 type: string
6058 required:
6059 - volumeID
6060 type: object
6061 configMap:
6062 description: configMap represents a configMap that should populate
6063 this volume
6064 properties:
6065 defaultMode:
6066 description: |-
6067 defaultMode is optional: mode bits used to set permissions on created files by default.
6068 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6069 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6070 Defaults to 0644.
6071 Directories within the path are not affected by this setting.
6072 This might be in conflict with other options that affect the file
6073 mode, like fsGroup, and the result can be other mode bits set.
6074 format: int32
6075 type: integer
6076 items:
6077 description: |-
6078 items if unspecified, each key-value pair in the Data field of the referenced
6079 ConfigMap will be projected into the volume as a file whose name is the
6080 key and content is the value. If specified, the listed keys will be
6081 projected into the specified paths, and unlisted keys will not be
6082 present. If a key is specified which is not present in the ConfigMap,
6083 the volume setup will error unless it is marked optional. Paths must be
6084 relative and may not contain the '..' path or start with '..'.
6085 items:
6086 description: Maps a string key to a path within a volume.
6087 properties:
6088 key:
6089 description: key is the key to project.
6090 type: string
6091 mode:
6092 description: |-
6093 mode is Optional: mode bits used to set permissions on this file.
6094 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6095 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6096 If not specified, the volume defaultMode will be used.
6097 This might be in conflict with other options that affect the file
6098 mode, like fsGroup, and the result can be other mode bits set.
6099 format: int32
6100 type: integer
6101 path:
6102 description: |-
6103 path is the relative path of the file to map the key to.
6104 May not be an absolute path.
6105 May not contain the path element '..'.
6106 May not start with the string '..'.
6107 type: string
6108 required:
6109 - key
6110 - path
6111 type: object
6112 type: array
6113 x-kubernetes-list-type: atomic
6114 name:
6115 default: ""
6116 description: |-
6117 Name of the referent.
6118 This field is effectively required, but due to backwards compatibility is
6119 allowed to be empty. Instances of this type with an empty value here are
6120 almost certainly wrong.
6121 TODO: Add other useful fields. apiVersion, kind, uid?
6122 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6123 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6124 type: string
6125 optional:
6126 description: optional specify whether the ConfigMap or its
6127 keys must be defined
6128 type: boolean
6129 type: object
6130 x-kubernetes-map-type: atomic
6131 csi:
6132 description: csi (Container Storage Interface) represents ephemeral
6133 storage that is handled by certain external CSI drivers (Beta
6134 feature).
6135 properties:
6136 driver:
6137 description: |-
6138 driver is the name of the CSI driver that handles this volume.
6139 Consult with your admin for the correct name as registered in the cluster.
6140 type: string
6141 fsType:
6142 description: |-
6143 fsType to mount. Ex. "ext4", "xfs", "ntfs".
6144 If not provided, the empty value is passed to the associated CSI driver
6145 which will determine the default filesystem to apply.
6146 type: string
6147 nodePublishSecretRef:
6148 description: |-
6149 nodePublishSecretRef is a reference to the secret object containing
6150 sensitive information to pass to the CSI driver to complete the CSI
6151 NodePublishVolume and NodeUnpublishVolume calls.
6152 This field is optional, and may be empty if no secret is required. If the
6153 secret object contains more than one secret, all secret references are passed.
6154 properties:
6155 name:
6156 default: ""
6157 description: |-
6158 Name of the referent.
6159 This field is effectively required, but due to backwards compatibility is
6160 allowed to be empty. Instances of this type with an empty value here are
6161 almost certainly wrong.
6162 TODO: Add other useful fields. apiVersion, kind, uid?
6163 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6164 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6165 type: string
6166 type: object
6167 x-kubernetes-map-type: atomic
6168 readOnly:
6169 description: |-
6170 readOnly specifies a read-only configuration for the volume.
6171 Defaults to false (read/write).
6172 type: boolean
6173 volumeAttributes:
6174 additionalProperties:
6175 type: string
6176 description: |-
6177 volumeAttributes stores driver-specific properties that are passed to the CSI
6178 driver. Consult your driver's documentation for supported values.
6179 type: object
6180 required:
6181 - driver
6182 type: object
6183 downwardAPI:
6184 description: downwardAPI represents downward API about the pod
6185 that should populate this volume
6186 properties:
6187 defaultMode:
6188 description: |-
6189 Optional: mode bits to use on created files by default. Must be a
6190 Optional: mode bits used to set permissions on created files by default.
6191 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6192 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6193 Defaults to 0644.
6194 Directories within the path are not affected by this setting.
6195 This might be in conflict with other options that affect the file
6196 mode, like fsGroup, and the result can be other mode bits set.
6197 format: int32
6198 type: integer
6199 items:
6200 description: Items is a list of downward API volume file
6201 items:
6202 description: DownwardAPIVolumeFile represents information
6203 to create the file containing the pod field
6204 properties:
6205 fieldRef:
6206 description: 'Required: Selects a field of the pod:
6207 only annotations, labels, name, namespace and uid
6208 are supported.'
6209 properties:
6210 apiVersion:
6211 description: Version of the schema the FieldPath
6212 is written in terms of, defaults to "v1".
6213 type: string
6214 fieldPath:
6215 description: Path of the field to select in the
6216 specified API version.
6217 type: string
6218 required:
6219 - fieldPath
6220 type: object
6221 x-kubernetes-map-type: atomic
6222 mode:
6223 description: |-
6224 Optional: mode bits used to set permissions on this file, must be an octal value
6225 between 0000 and 0777 or a decimal value between 0 and 511.
6226 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6227 If not specified, the volume defaultMode will be used.
6228 This might be in conflict with other options that affect the file
6229 mode, like fsGroup, and the result can be other mode bits set.
6230 format: int32
6231 type: integer
6232 path:
6233 description: 'Required: Path is the relative path
6234 name of the file to be created. Must not be absolute
6235 or contain the ''..'' path. Must be utf-8 encoded.
6236 The first item of the relative path must not start
6237 with ''..'''
6238 type: string
6239 resourceFieldRef:
6240 description: |-
6241 Selects a resource of the container: only resources limits and requests
6242 (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
6243 properties:
6244 containerName:
6245 description: 'Container name: required for volumes,
6246 optional for env vars'
6247 type: string
6248 divisor:
6249 anyOf:
6250 - type: integer
6251 - type: string
6252 description: Specifies the output format of the
6253 exposed resources, defaults to "1"
6254 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6255 x-kubernetes-int-or-string: true
6256 resource:
6257 description: 'Required: resource to select'
6258 type: string
6259 required:
6260 - resource
6261 type: object
6262 x-kubernetes-map-type: atomic
6263 required:
6264 - path
6265 type: object
6266 type: array
6267 x-kubernetes-list-type: atomic
6268 type: object
6269 emptyDir:
6270 description: |-
6271 emptyDir represents a temporary directory that shares a pod's lifetime.
6272 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
6273 properties:
6274 medium:
6275 description: |-
6276 medium represents what type of storage medium should back this directory.
6277 The default is "" which means to use the node's default medium.
6278 Must be an empty string (default) or Memory.
6279 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
6280 type: string
6281 sizeLimit:
6282 anyOf:
6283 - type: integer
6284 - type: string
6285 description: |-
6286 sizeLimit is the total amount of local storage required for this EmptyDir volume.
6287 The size limit is also applicable for memory medium.
6288 The maximum usage on memory medium EmptyDir would be the minimum value between
6289 the SizeLimit specified here and the sum of memory limits of all containers in a pod.
6290 The default is nil which means that the limit is undefined.
6291 More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
6292 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6293 x-kubernetes-int-or-string: true
6294 type: object
6295 ephemeral:
6296 description: |-
6297 ephemeral represents a volume that is handled by a cluster storage driver.
6298 The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
6299 and deleted when the pod is removed.
6300
6301
6302 Use this if:
6303 a) the volume is only needed while the pod runs,
6304 b) features of normal volumes like restoring from snapshot or capacity
6305 tracking are needed,
6306 c) the storage driver is specified through a storage class, and
6307 d) the storage driver supports dynamic volume provisioning through
6308 a PersistentVolumeClaim (see EphemeralVolumeSource for more
6309 information on the connection between this volume type
6310 and PersistentVolumeClaim).
6311
6312
6313 Use PersistentVolumeClaim or one of the vendor-specific
6314 APIs for volumes that persist for longer than the lifecycle
6315 of an individual pod.
6316
6317
6318 Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
6319 be used that way - see the documentation of the driver for
6320 more information.
6321
6322
6323 A pod can use both types of ephemeral volumes and
6324 persistent volumes at the same time.
6325 properties:
6326 volumeClaimTemplate:
6327 description: |-
6328 Will be used to create a stand-alone PVC to provision the volume.
6329 The pod in which this EphemeralVolumeSource is embedded will be the
6330 owner of the PVC, i.e. the PVC will be deleted together with the
6331 pod. The name of the PVC will be `<pod name>-<volume name>` where
6332 `<volume name>` is the name from the `PodSpec.Volumes` array
6333 entry. Pod validation will reject the pod if the concatenated name
6334 is not valid for a PVC (for example, too long).
6335
6336
6337 An existing PVC with that name that is not owned by the pod
6338 will *not* be used for the pod to avoid using an unrelated
6339 volume by mistake. Starting the pod is then blocked until
6340 the unrelated PVC is removed. If such a pre-created PVC is
6341 meant to be used by the pod, the PVC has to updated with an
6342 owner reference to the pod once the pod exists. Normally
6343 this should not be necessary, but it may be useful when
6344 manually reconstructing a broken cluster.
6345
6346
6347 This field is read-only and no changes will be made by Kubernetes
6348 to the PVC after it has been created.
6349
6350
6351 Required, must not be nil.
6352 properties:
6353 metadata:
6354 description: |-
6355 May contain labels and annotations that will be copied into the PVC
6356 when creating it. No other fields are allowed and will be rejected during
6357 validation.
6358 properties:
6359 annotations:
6360 additionalProperties:
6361 type: string
6362 type: object
6363 finalizers:
6364 items:
6365 type: string
6366 type: array
6367 labels:
6368 additionalProperties:
6369 type: string
6370 type: object
6371 name:
6372 type: string
6373 namespace:
6374 type: string
6375 type: object
6376 spec:
6377 description: |-
6378 The specification for the PersistentVolumeClaim. The entire content is
6379 copied unchanged into the PVC that gets created from this
6380 template. The same fields as in a PersistentVolumeClaim
6381 are also valid here.
6382 properties:
6383 accessModes:
6384 description: |-
6385 accessModes contains the desired access modes the volume should have.
6386 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
6387 items:
6388 type: string
6389 type: array
6390 x-kubernetes-list-type: atomic
6391 dataSource:
6392 description: |-
6393 dataSource field can be used to specify either:
6394 * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
6395 * An existing PVC (PersistentVolumeClaim)
6396 If the provisioner or an external controller can support the specified data source,
6397 it will create a new volume based on the contents of the specified data source.
6398 When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,
6399 and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.
6400 If the namespace is specified, then dataSourceRef will not be copied to dataSource.
6401 properties:
6402 apiGroup:
6403 description: |-
6404 APIGroup is the group for the resource being referenced.
6405 If APIGroup is not specified, the specified Kind must be in the core API group.
6406 For any other third-party types, APIGroup is required.
6407 type: string
6408 kind:
6409 description: Kind is the type of resource being
6410 referenced
6411 type: string
6412 name:
6413 description: Name is the name of resource being
6414 referenced
6415 type: string
6416 required:
6417 - kind
6418 - name
6419 type: object
6420 x-kubernetes-map-type: atomic
6421 dataSourceRef:
6422 description: |-
6423 dataSourceRef specifies the object from which to populate the volume with data, if a non-empty
6424 volume is desired. This may be any object from a non-empty API group (non
6425 core object) or a PersistentVolumeClaim object.
6426 When this field is specified, volume binding will only succeed if the type of
6427 the specified object matches some installed volume populator or dynamic
6428 provisioner.
6429 This field will replace the functionality of the dataSource field and as such
6430 if both fields are non-empty, they must have the same value. For backwards
6431 compatibility, when namespace isn't specified in dataSourceRef,
6432 both fields (dataSource and dataSourceRef) will be set to the same
6433 value automatically if one of them is empty and the other is non-empty.
6434 When namespace is specified in dataSourceRef,
6435 dataSource isn't set to the same value and must be empty.
6436 There are three important differences between dataSource and dataSourceRef:
6437 * While dataSource only allows two specific types of objects, dataSourceRef
6438 allows any non-core object, as well as PersistentVolumeClaim objects.
6439 * While dataSource ignores disallowed values (dropping them), dataSourceRef
6440 preserves all values, and generates an error if a disallowed value is
6441 specified.
6442 * While dataSource only allows local objects, dataSourceRef allows objects
6443 in any namespaces.
6444 (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.
6445 (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
6446 properties:
6447 apiGroup:
6448 description: |-
6449 APIGroup is the group for the resource being referenced.
6450 If APIGroup is not specified, the specified Kind must be in the core API group.
6451 For any other third-party types, APIGroup is required.
6452 type: string
6453 kind:
6454 description: Kind is the type of resource being
6455 referenced
6456 type: string
6457 name:
6458 description: Name is the name of resource being
6459 referenced
6460 type: string
6461 namespace:
6462 description: |-
6463 Namespace is the namespace of resource being referenced
6464 Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.
6465 (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
6466 type: string
6467 required:
6468 - kind
6469 - name
6470 type: object
6471 resources:
6472 description: |-
6473 resources represents the minimum resources the volume should have.
6474 If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements
6475 that are lower than previous value but must still be higher than capacity recorded in the
6476 status field of the claim.
6477 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
6478 properties:
6479 limits:
6480 additionalProperties:
6481 anyOf:
6482 - type: integer
6483 - type: string
6484 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6485 x-kubernetes-int-or-string: true
6486 description: |-
6487 Limits describes the maximum amount of compute resources allowed.
6488 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
6489 type: object
6490 requests:
6491 additionalProperties:
6492 anyOf:
6493 - type: integer
6494 - type: string
6495 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6496 x-kubernetes-int-or-string: true
6497 description: |-
6498 Requests describes the minimum amount of compute resources required.
6499 If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
6500 otherwise to an implementation-defined value. Requests cannot exceed Limits.
6501 More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
6502 type: object
6503 type: object
6504 selector:
6505 description: selector is a label query over volumes
6506 to consider for binding.
6507 properties:
6508 matchExpressions:
6509 description: matchExpressions is a list of label
6510 selector requirements. The requirements are
6511 ANDed.
6512 items:
6513 description: |-
6514 A label selector requirement is a selector that contains values, a key, and an operator that
6515 relates the key and values.
6516 properties:
6517 key:
6518 description: key is the label key that
6519 the selector applies to.
6520 type: string
6521 operator:
6522 description: |-
6523 operator represents a key's relationship to a set of values.
6524 Valid operators are In, NotIn, Exists and DoesNotExist.
6525 type: string
6526 values:
6527 description: |-
6528 values is an array of string values. If the operator is In or NotIn,
6529 the values array must be non-empty. If the operator is Exists or DoesNotExist,
6530 the values array must be empty. This array is replaced during a strategic
6531 merge patch.
6532 items:
6533 type: string
6534 type: array
6535 x-kubernetes-list-type: atomic
6536 required:
6537 - key
6538 - operator
6539 type: object
6540 type: array
6541 x-kubernetes-list-type: atomic
6542 matchLabels:
6543 additionalProperties:
6544 type: string
6545 description: |-
6546 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
6547 map is equivalent to an element of matchExpressions, whose key field is "key", the
6548 operator is "In", and the values array contains only "value". The requirements are ANDed.
6549 type: object
6550 type: object
6551 x-kubernetes-map-type: atomic
6552 storageClassName:
6553 description: |-
6554 storageClassName is the name of the StorageClass required by the claim.
6555 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
6556 type: string
6557 volumeAttributesClassName:
6558 description: |-
6559 volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
6560 If specified, the CSI driver will create or update the volume with the attributes defined
6561 in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
6562 it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
6563 will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
6564 If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
6565 will be set by the persistentvolume controller if it exists.
6566 If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
6567 set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
6568 exists.
6569 More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
6570 (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
6571 type: string
6572 volumeMode:
6573 description: |-
6574 volumeMode defines what type of volume is required by the claim.
6575 Value of Filesystem is implied when not included in claim spec.
6576 type: string
6577 volumeName:
6578 description: volumeName is the binding reference
6579 to the PersistentVolume backing this claim.
6580 type: string
6581 type: object
6582 required:
6583 - spec
6584 type: object
6585 type: object
6586 fc:
6587 description: fc represents a Fibre Channel resource that is
6588 attached to a kubelet's host machine and then exposed to the
6589 pod.
6590 properties:
6591 fsType:
6592 description: |-
6593 fsType is the filesystem type to mount.
6594 Must be a filesystem type supported by the host operating system.
6595 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6596 TODO: how do we prevent errors in the filesystem from compromising the machine
6597 type: string
6598 lun:
6599 description: 'lun is Optional: FC target lun number'
6600 format: int32
6601 type: integer
6602 readOnly:
6603 description: |-
6604 readOnly is Optional: Defaults to false (read/write). ReadOnly here will force
6605 the ReadOnly setting in VolumeMounts.
6606 type: boolean
6607 targetWWNs:
6608 description: 'targetWWNs is Optional: FC target worldwide
6609 names (WWNs)'
6610 items:
6611 type: string
6612 type: array
6613 x-kubernetes-list-type: atomic
6614 wwids:
6615 description: |-
6616 wwids Optional: FC volume world wide identifiers (wwids)
6617 Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
6618 items:
6619 type: string
6620 type: array
6621 x-kubernetes-list-type: atomic
6622 type: object
6623 flexVolume:
6624 description: |-
6625 flexVolume represents a generic volume resource that is
6626 provisioned/attached using an exec based plugin.
6627 properties:
6628 driver:
6629 description: driver is the name of the driver to use for
6630 this volume.
6631 type: string
6632 fsType:
6633 description: |-
6634 fsType is the filesystem type to mount.
6635 Must be a filesystem type supported by the host operating system.
6636 Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
6637 type: string
6638 options:
6639 additionalProperties:
6640 type: string
6641 description: 'options is Optional: this field holds extra
6642 command options if any.'
6643 type: object
6644 readOnly:
6645 description: |-
6646 readOnly is Optional: defaults to false (read/write). ReadOnly here will force
6647 the ReadOnly setting in VolumeMounts.
6648 type: boolean
6649 secretRef:
6650 description: |-
6651 secretRef is Optional: secretRef is reference to the secret object containing
6652 sensitive information to pass to the plugin scripts. This may be
6653 empty if no secret object is specified. If the secret object
6654 contains more than one secret, all secrets are passed to the plugin
6655 scripts.
6656 properties:
6657 name:
6658 default: ""
6659 description: |-
6660 Name of the referent.
6661 This field is effectively required, but due to backwards compatibility is
6662 allowed to be empty. Instances of this type with an empty value here are
6663 almost certainly wrong.
6664 TODO: Add other useful fields. apiVersion, kind, uid?
6665 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6666 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6667 type: string
6668 type: object
6669 x-kubernetes-map-type: atomic
6670 required:
6671 - driver
6672 type: object
6673 flocker:
6674 description: flocker represents a Flocker volume attached to
6675 a kubelet's host machine. This depends on the Flocker control
6676 service being running
6677 properties:
6678 datasetName:
6679 description: |-
6680 datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker
6681 should be considered as deprecated
6682 type: string
6683 datasetUUID:
6684 description: datasetUUID is the UUID of the dataset. This
6685 is unique identifier of a Flocker dataset
6686 type: string
6687 type: object
6688 gcePersistentDisk:
6689 description: |-
6690 gcePersistentDisk represents a GCE Disk resource that is attached to a
6691 kubelet's host machine and then exposed to the pod.
6692 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
6693 properties:
6694 fsType:
6695 description: |-
6696 fsType is filesystem type of the volume that you want to mount.
6697 Tip: Ensure that the filesystem type is supported by the host operating system.
6698 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6699 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
6700 TODO: how do we prevent errors in the filesystem from compromising the machine
6701 type: string
6702 partition:
6703 description: |-
6704 partition is the partition in the volume that you want to mount.
6705 If omitted, the default is to mount by volume name.
6706 Examples: For volume /dev/sda1, you specify the partition as "1".
6707 Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
6708 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
6709 format: int32
6710 type: integer
6711 pdName:
6712 description: |-
6713 pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.
6714 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
6715 type: string
6716 readOnly:
6717 description: |-
6718 readOnly here will force the ReadOnly setting in VolumeMounts.
6719 Defaults to false.
6720 More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
6721 type: boolean
6722 required:
6723 - pdName
6724 type: object
6725 gitRepo:
6726 description: |-
6727 gitRepo represents a git repository at a particular revision.
6728 DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
6729 EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
6730 into the Pod's container.
6731 properties:
6732 directory:
6733 description: |-
6734 directory is the target directory name.
6735 Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
6736 git repository. Otherwise, if specified, the volume will contain the git repository in
6737 the subdirectory with the given name.
6738 type: string
6739 repository:
6740 description: repository is the URL
6741 type: string
6742 revision:
6743 description: revision is the commit hash for the specified
6744 revision.
6745 type: string
6746 required:
6747 - repository
6748 type: object
6749 glusterfs:
6750 description: |-
6751 glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
6752 More info: https://examples.k8s.io/volumes/glusterfs/README.md
6753 properties:
6754 endpoints:
6755 description: |-
6756 endpoints is the endpoint name that details Glusterfs topology.
6757 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
6758 type: string
6759 path:
6760 description: |-
6761 path is the Glusterfs volume path.
6762 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
6763 type: string
6764 readOnly:
6765 description: |-
6766 readOnly here will force the Glusterfs volume to be mounted with read-only permissions.
6767 Defaults to false.
6768 More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
6769 type: boolean
6770 required:
6771 - endpoints
6772 - path
6773 type: object
6774 hostPath:
6775 description: |-
6776 hostPath represents a pre-existing file or directory on the host
6777 machine that is directly exposed to the container. This is generally
6778 used for system agents or other privileged things that are allowed
6779 to see the host machine. Most containers will NOT need this.
6780 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
6781 ---
6782 TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
6783 mount host directories as read/write.
6784 properties:
6785 path:
6786 description: |-
6787 path of the directory on the host.
6788 If the path is a symlink, it will follow the link to the real path.
6789 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
6790 type: string
6791 type:
6792 description: |-
6793 type for HostPath Volume
6794 Defaults to ""
6795 More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
6796 type: string
6797 required:
6798 - path
6799 type: object
6800 iscsi:
6801 description: |-
6802 iscsi represents an ISCSI Disk resource that is attached to a
6803 kubelet's host machine and then exposed to the pod.
6804 More info: https://examples.k8s.io/volumes/iscsi/README.md
6805 properties:
6806 chapAuthDiscovery:
6807 description: chapAuthDiscovery defines whether support iSCSI
6808 Discovery CHAP authentication
6809 type: boolean
6810 chapAuthSession:
6811 description: chapAuthSession defines whether support iSCSI
6812 Session CHAP authentication
6813 type: boolean
6814 fsType:
6815 description: |-
6816 fsType is the filesystem type of the volume that you want to mount.
6817 Tip: Ensure that the filesystem type is supported by the host operating system.
6818 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6819 More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
6820 TODO: how do we prevent errors in the filesystem from compromising the machine
6821 type: string
6822 initiatorName:
6823 description: |-
6824 initiatorName is the custom iSCSI Initiator Name.
6825 If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
6826 <target portal>:<volume name> will be created for the connection.
6827 type: string
6828 iqn:
6829 description: iqn is the target iSCSI Qualified Name.
6830 type: string
6831 iscsiInterface:
6832 description: |-
6833 iscsiInterface is the interface Name that uses an iSCSI transport.
6834 Defaults to 'default' (tcp).
6835 type: string
6836 lun:
6837 description: lun represents iSCSI Target Lun number.
6838 format: int32
6839 type: integer
6840 portals:
6841 description: |-
6842 portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
6843 is other than default (typically TCP ports 860 and 3260).
6844 items:
6845 type: string
6846 type: array
6847 x-kubernetes-list-type: atomic
6848 readOnly:
6849 description: |-
6850 readOnly here will force the ReadOnly setting in VolumeMounts.
6851 Defaults to false.
6852 type: boolean
6853 secretRef:
6854 description: secretRef is the CHAP Secret for iSCSI target
6855 and initiator authentication
6856 properties:
6857 name:
6858 default: ""
6859 description: |-
6860 Name of the referent.
6861 This field is effectively required, but due to backwards compatibility is
6862 allowed to be empty. Instances of this type with an empty value here are
6863 almost certainly wrong.
6864 TODO: Add other useful fields. apiVersion, kind, uid?
6865 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6866 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
6867 type: string
6868 type: object
6869 x-kubernetes-map-type: atomic
6870 targetPortal:
6871 description: |-
6872 targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
6873 is other than default (typically TCP ports 860 and 3260).
6874 type: string
6875 required:
6876 - iqn
6877 - lun
6878 - targetPortal
6879 type: object
6880 name:
6881 description: |-
6882 name of the volume.
6883 Must be a DNS_LABEL and unique within the pod.
6884 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
6885 type: string
6886 nfs:
6887 description: |-
6888 nfs represents an NFS mount on the host that shares a pod's lifetime
6889 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
6890 properties:
6891 path:
6892 description: |-
6893 path that is exported by the NFS server.
6894 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
6895 type: string
6896 readOnly:
6897 description: |-
6898 readOnly here will force the NFS export to be mounted with read-only permissions.
6899 Defaults to false.
6900 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
6901 type: boolean
6902 server:
6903 description: |-
6904 server is the hostname or IP address of the NFS server.
6905 More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
6906 type: string
6907 required:
6908 - path
6909 - server
6910 type: object
6911 persistentVolumeClaim:
6912 description: |-
6913 persistentVolumeClaimVolumeSource represents a reference to a
6914 PersistentVolumeClaim in the same namespace.
6915 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
6916 properties:
6917 claimName:
6918 description: |-
6919 claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
6920 More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
6921 type: string
6922 readOnly:
6923 description: |-
6924 readOnly Will force the ReadOnly setting in VolumeMounts.
6925 Default false.
6926 type: boolean
6927 required:
6928 - claimName
6929 type: object
6930 photonPersistentDisk:
6931 description: photonPersistentDisk represents a PhotonController
6932 persistent disk attached and mounted on kubelets host machine
6933 properties:
6934 fsType:
6935 description: |-
6936 fsType is the filesystem type to mount.
6937 Must be a filesystem type supported by the host operating system.
6938 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6939 type: string
6940 pdID:
6941 description: pdID is the ID that identifies Photon Controller
6942 persistent disk
6943 type: string
6944 required:
6945 - pdID
6946 type: object
6947 portworxVolume:
6948 description: portworxVolume represents a portworx volume attached
6949 and mounted on kubelets host machine
6950 properties:
6951 fsType:
6952 description: |-
6953 fSType represents the filesystem type to mount
6954 Must be a filesystem type supported by the host operating system.
6955 Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
6956 type: string
6957 readOnly:
6958 description: |-
6959 readOnly defaults to false (read/write). ReadOnly here will force
6960 the ReadOnly setting in VolumeMounts.
6961 type: boolean
6962 volumeID:
6963 description: volumeID uniquely identifies a Portworx volume
6964 type: string
6965 required:
6966 - volumeID
6967 type: object
6968 projected:
6969 description: projected items for all in one resources secrets,
6970 configmaps, and downward API
6971 properties:
6972 defaultMode:
6973 description: |-
6974 defaultMode are the mode bits used to set permissions on created files by default.
6975 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
6976 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
6977 Directories within the path are not affected by this setting.
6978 This might be in conflict with other options that affect the file
6979 mode, like fsGroup, and the result can be other mode bits set.
6980 format: int32
6981 type: integer
6982 sources:
6983 description: sources is the list of volume projections
6984 items:
6985 description: Projection that may be projected along with
6986 other supported volume types
6987 properties:
6988 clusterTrustBundle:
6989 description: |-
6990 ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
6991 of ClusterTrustBundle objects in an auto-updating file.
6992
6993
6994 Alpha, gated by the ClusterTrustBundleProjection feature gate.
6995
6996
6997 ClusterTrustBundle objects can either be selected by name, or by the
6998 combination of signer name and a label selector.
6999
7000
7001 Kubelet performs aggressive normalization of the PEM contents written
7002 into the pod filesystem. Esoteric PEM features such as inter-block
7003 comments and block headers are stripped. Certificates are deduplicated.
7004 The ordering of certificates within the file is arbitrary, and Kubelet
7005 may change the order over time.
7006 properties:
7007 labelSelector:
7008 description: |-
7009 Select all ClusterTrustBundles that match this label selector. Only has
7010 effect if signerName is set. Mutually-exclusive with name. If unset,
7011 interpreted as "match nothing". If set but empty, interpreted as "match
7012 everything".
7013 properties:
7014 matchExpressions:
7015 description: matchExpressions is a list of
7016 label selector requirements. The requirements
7017 are ANDed.
7018 items:
7019 description: |-
7020 A label selector requirement is a selector that contains values, a key, and an operator that
7021 relates the key and values.
7022 properties:
7023 key:
7024 description: key is the label key that
7025 the selector applies to.
7026 type: string
7027 operator:
7028 description: |-
7029 operator represents a key's relationship to a set of values.
7030 Valid operators are In, NotIn, Exists and DoesNotExist.
7031 type: string
7032 values:
7033 description: |-
7034 values is an array of string values. If the operator is In or NotIn,
7035 the values array must be non-empty. If the operator is Exists or DoesNotExist,
7036 the values array must be empty. This array is replaced during a strategic
7037 merge patch.
7038 items:
7039 type: string
7040 type: array
7041 x-kubernetes-list-type: atomic
7042 required:
7043 - key
7044 - operator
7045 type: object
7046 type: array
7047 x-kubernetes-list-type: atomic
7048 matchLabels:
7049 additionalProperties:
7050 type: string
7051 description: |-
7052 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
7053 map is equivalent to an element of matchExpressions, whose key field is "key", the
7054 operator is "In", and the values array contains only "value". The requirements are ANDed.
7055 type: object
7056 type: object
7057 x-kubernetes-map-type: atomic
7058 name:
7059 description: |-
7060 Select a single ClusterTrustBundle by object name. Mutually-exclusive
7061 with signerName and labelSelector.
7062 type: string
7063 optional:
7064 description: |-
7065 If true, don't block pod startup if the referenced ClusterTrustBundle(s)
7066 aren't available. If using name, then the named ClusterTrustBundle is
7067 allowed not to exist. If using signerName, then the combination of
7068 signerName and labelSelector is allowed to match zero
7069 ClusterTrustBundles.
7070 type: boolean
7071 path:
7072 description: Relative path from the volume root
7073 to write the bundle.
7074 type: string
7075 signerName:
7076 description: |-
7077 Select all ClusterTrustBundles that match this signer name.
7078 Mutually-exclusive with name. The contents of all selected
7079 ClusterTrustBundles will be unified and deduplicated.
7080 type: string
7081 required:
7082 - path
7083 type: object
7084 configMap:
7085 description: configMap information about the configMap
7086 data to project
7087 properties:
7088 items:
7089 description: |-
7090 items if unspecified, each key-value pair in the Data field of the referenced
7091 ConfigMap will be projected into the volume as a file whose name is the
7092 key and content is the value. If specified, the listed keys will be
7093 projected into the specified paths, and unlisted keys will not be
7094 present. If a key is specified which is not present in the ConfigMap,
7095 the volume setup will error unless it is marked optional. Paths must be
7096 relative and may not contain the '..' path or start with '..'.
7097 items:
7098 description: Maps a string key to a path within
7099 a volume.
7100 properties:
7101 key:
7102 description: key is the key to project.
7103 type: string
7104 mode:
7105 description: |-
7106 mode is Optional: mode bits used to set permissions on this file.
7107 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7108 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7109 If not specified, the volume defaultMode will be used.
7110 This might be in conflict with other options that affect the file
7111 mode, like fsGroup, and the result can be other mode bits set.
7112 format: int32
7113 type: integer
7114 path:
7115 description: |-
7116 path is the relative path of the file to map the key to.
7117 May not be an absolute path.
7118 May not contain the path element '..'.
7119 May not start with the string '..'.
7120 type: string
7121 required:
7122 - key
7123 - path
7124 type: object
7125 type: array
7126 x-kubernetes-list-type: atomic
7127 name:
7128 default: ""
7129 description: |-
7130 Name of the referent.
7131 This field is effectively required, but due to backwards compatibility is
7132 allowed to be empty. Instances of this type with an empty value here are
7133 almost certainly wrong.
7134 TODO: Add other useful fields. apiVersion, kind, uid?
7135 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7136 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7137 type: string
7138 optional:
7139 description: optional specify whether the ConfigMap
7140 or its keys must be defined
7141 type: boolean
7142 type: object
7143 x-kubernetes-map-type: atomic
7144 downwardAPI:
7145 description: downwardAPI information about the downwardAPI
7146 data to project
7147 properties:
7148 items:
7149 description: Items is a list of DownwardAPIVolume
7150 file
7151 items:
7152 description: DownwardAPIVolumeFile represents
7153 information to create the file containing
7154 the pod field
7155 properties:
7156 fieldRef:
7157 description: 'Required: Selects a field
7158 of the pod: only annotations, labels,
7159 name, namespace and uid are supported.'
7160 properties:
7161 apiVersion:
7162 description: Version of the schema the
7163 FieldPath is written in terms of,
7164 defaults to "v1".
7165 type: string
7166 fieldPath:
7167 description: Path of the field to select
7168 in the specified API version.
7169 type: string
7170 required:
7171 - fieldPath
7172 type: object
7173 x-kubernetes-map-type: atomic
7174 mode:
7175 description: |-
7176 Optional: mode bits used to set permissions on this file, must be an octal value
7177 between 0000 and 0777 or a decimal value between 0 and 511.
7178 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7179 If not specified, the volume defaultMode will be used.
7180 This might be in conflict with other options that affect the file
7181 mode, like fsGroup, and the result can be other mode bits set.
7182 format: int32
7183 type: integer
7184 path:
7185 description: 'Required: Path is the relative
7186 path name of the file to be created. Must
7187 not be absolute or contain the ''..''
7188 path. Must be utf-8 encoded. The first
7189 item of the relative path must not start
7190 with ''..'''
7191 type: string
7192 resourceFieldRef:
7193 description: |-
7194 Selects a resource of the container: only resources limits and requests
7195 (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
7196 properties:
7197 containerName:
7198 description: 'Container name: required
7199 for volumes, optional for env vars'
7200 type: string
7201 divisor:
7202 anyOf:
7203 - type: integer
7204 - type: string
7205 description: Specifies the output format
7206 of the exposed resources, defaults
7207 to "1"
7208 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7209 x-kubernetes-int-or-string: true
7210 resource:
7211 description: 'Required: resource to
7212 select'
7213 type: string
7214 required:
7215 - resource
7216 type: object
7217 x-kubernetes-map-type: atomic
7218 required:
7219 - path
7220 type: object
7221 type: array
7222 x-kubernetes-list-type: atomic
7223 type: object
7224 secret:
7225 description: secret information about the secret data
7226 to project
7227 properties:
7228 items:
7229 description: |-
7230 items if unspecified, each key-value pair in the Data field of the referenced
7231 Secret will be projected into the volume as a file whose name is the
7232 key and content is the value. If specified, the listed keys will be
7233 projected into the specified paths, and unlisted keys will not be
7234 present. If a key is specified which is not present in the Secret,
7235 the volume setup will error unless it is marked optional. Paths must be
7236 relative and may not contain the '..' path or start with '..'.
7237 items:
7238 description: Maps a string key to a path within
7239 a volume.
7240 properties:
7241 key:
7242 description: key is the key to project.
7243 type: string
7244 mode:
7245 description: |-
7246 mode is Optional: mode bits used to set permissions on this file.
7247 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7248 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7249 If not specified, the volume defaultMode will be used.
7250 This might be in conflict with other options that affect the file
7251 mode, like fsGroup, and the result can be other mode bits set.
7252 format: int32
7253 type: integer
7254 path:
7255 description: |-
7256 path is the relative path of the file to map the key to.
7257 May not be an absolute path.
7258 May not contain the path element '..'.
7259 May not start with the string '..'.
7260 type: string
7261 required:
7262 - key
7263 - path
7264 type: object
7265 type: array
7266 x-kubernetes-list-type: atomic
7267 name:
7268 default: ""
7269 description: |-
7270 Name of the referent.
7271 This field is effectively required, but due to backwards compatibility is
7272 allowed to be empty. Instances of this type with an empty value here are
7273 almost certainly wrong.
7274 TODO: Add other useful fields. apiVersion, kind, uid?
7275 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7276 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7277 type: string
7278 optional:
7279 description: optional field specify whether the
7280 Secret or its key must be defined
7281 type: boolean
7282 type: object
7283 x-kubernetes-map-type: atomic
7284 serviceAccountToken:
7285 description: serviceAccountToken is information about
7286 the serviceAccountToken data to project
7287 properties:
7288 audience:
7289 description: |-
7290 audience is the intended audience of the token. A recipient of a token
7291 must identify itself with an identifier specified in the audience of the
7292 token, and otherwise should reject the token. The audience defaults to the
7293 identifier of the apiserver.
7294 type: string
7295 expirationSeconds:
7296 description: |-
7297 expirationSeconds is the requested duration of validity of the service
7298 account token. As the token approaches expiration, the kubelet volume
7299 plugin will proactively rotate the service account token. The kubelet will
7300 start trying to rotate the token if the token is older than 80 percent of
7301 its time to live or if the token is older than 24 hours.Defaults to 1 hour
7302 and must be at least 10 minutes.
7303 format: int64
7304 type: integer
7305 path:
7306 description: |-
7307 path is the path relative to the mount point of the file to project the
7308 token into.
7309 type: string
7310 required:
7311 - path
7312 type: object
7313 type: object
7314 type: array
7315 x-kubernetes-list-type: atomic
7316 type: object
7317 quobyte:
7318 description: quobyte represents a Quobyte mount on the host
7319 that shares a pod's lifetime
7320 properties:
7321 group:
7322 description: |-
7323 group to map volume access to
7324 Default is no group
7325 type: string
7326 readOnly:
7327 description: |-
7328 readOnly here will force the Quobyte volume to be mounted with read-only permissions.
7329 Defaults to false.
7330 type: boolean
7331 registry:
7332 description: |-
7333 registry represents a single or multiple Quobyte Registry services
7334 specified as a string as host:port pair (multiple entries are separated with commas)
7335 which acts as the central registry for volumes
7336 type: string
7337 tenant:
7338 description: |-
7339 tenant owning the given Quobyte volume in the Backend
7340 Used with dynamically provisioned Quobyte volumes, value is set by the plugin
7341 type: string
7342 user:
7343 description: |-
7344 user to map volume access to
7345 Defaults to serivceaccount user
7346 type: string
7347 volume:
7348 description: volume is a string that references an already
7349 created Quobyte volume by name.
7350 type: string
7351 required:
7352 - registry
7353 - volume
7354 type: object
7355 rbd:
7356 description: |-
7357 rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.
7358 More info: https://examples.k8s.io/volumes/rbd/README.md
7359 properties:
7360 fsType:
7361 description: |-
7362 fsType is the filesystem type of the volume that you want to mount.
7363 Tip: Ensure that the filesystem type is supported by the host operating system.
7364 Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7365 More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
7366 TODO: how do we prevent errors in the filesystem from compromising the machine
7367 type: string
7368 image:
7369 description: |-
7370 image is the rados image name.
7371 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7372 type: string
7373 keyring:
7374 description: |-
7375 keyring is the path to key ring for RBDUser.
7376 Default is /etc/ceph/keyring.
7377 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7378 type: string
7379 monitors:
7380 description: |-
7381 monitors is a collection of Ceph monitors.
7382 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7383 items:
7384 type: string
7385 type: array
7386 x-kubernetes-list-type: atomic
7387 pool:
7388 description: |-
7389 pool is the rados pool name.
7390 Default is rbd.
7391 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7392 type: string
7393 readOnly:
7394 description: |-
7395 readOnly here will force the ReadOnly setting in VolumeMounts.
7396 Defaults to false.
7397 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7398 type: boolean
7399 secretRef:
7400 description: |-
7401 secretRef is name of the authentication secret for RBDUser. If provided
7402 overrides keyring.
7403 Default is nil.
7404 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7405 properties:
7406 name:
7407 default: ""
7408 description: |-
7409 Name of the referent.
7410 This field is effectively required, but due to backwards compatibility is
7411 allowed to be empty. Instances of this type with an empty value here are
7412 almost certainly wrong.
7413 TODO: Add other useful fields. apiVersion, kind, uid?
7414 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7415 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7416 type: string
7417 type: object
7418 x-kubernetes-map-type: atomic
7419 user:
7420 description: |-
7421 user is the rados user name.
7422 Default is admin.
7423 More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
7424 type: string
7425 required:
7426 - image
7427 - monitors
7428 type: object
7429 scaleIO:
7430 description: scaleIO represents a ScaleIO persistent volume
7431 attached and mounted on Kubernetes nodes.
7432 properties:
7433 fsType:
7434 description: |-
7435 fsType is the filesystem type to mount.
7436 Must be a filesystem type supported by the host operating system.
7437 Ex. "ext4", "xfs", "ntfs".
7438 Default is "xfs".
7439 type: string
7440 gateway:
7441 description: gateway is the host address of the ScaleIO
7442 API Gateway.
7443 type: string
7444 protectionDomain:
7445 description: protectionDomain is the name of the ScaleIO
7446 Protection Domain for the configured storage.
7447 type: string
7448 readOnly:
7449 description: |-
7450 readOnly Defaults to false (read/write). ReadOnly here will force
7451 the ReadOnly setting in VolumeMounts.
7452 type: boolean
7453 secretRef:
7454 description: |-
7455 secretRef references to the secret for ScaleIO user and other
7456 sensitive information. If this is not provided, Login operation will fail.
7457 properties:
7458 name:
7459 default: ""
7460 description: |-
7461 Name of the referent.
7462 This field is effectively required, but due to backwards compatibility is
7463 allowed to be empty. Instances of this type with an empty value here are
7464 almost certainly wrong.
7465 TODO: Add other useful fields. apiVersion, kind, uid?
7466 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7467 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7468 type: string
7469 type: object
7470 x-kubernetes-map-type: atomic
7471 sslEnabled:
7472 description: sslEnabled Flag enable/disable SSL communication
7473 with Gateway, default false
7474 type: boolean
7475 storageMode:
7476 description: |-
7477 storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
7478 Default is ThinProvisioned.
7479 type: string
7480 storagePool:
7481 description: storagePool is the ScaleIO Storage Pool associated
7482 with the protection domain.
7483 type: string
7484 system:
7485 description: system is the name of the storage system as
7486 configured in ScaleIO.
7487 type: string
7488 volumeName:
7489 description: |-
7490 volumeName is the name of a volume already created in the ScaleIO system
7491 that is associated with this volume source.
7492 type: string
7493 required:
7494 - gateway
7495 - secretRef
7496 - system
7497 type: object
7498 secret:
7499 description: |-
7500 secret represents a secret that should populate this volume.
7501 More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
7502 properties:
7503 defaultMode:
7504 description: |-
7505 defaultMode is Optional: mode bits used to set permissions on created files by default.
7506 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7507 YAML accepts both octal and decimal values, JSON requires decimal values
7508 for mode bits. Defaults to 0644.
7509 Directories within the path are not affected by this setting.
7510 This might be in conflict with other options that affect the file
7511 mode, like fsGroup, and the result can be other mode bits set.
7512 format: int32
7513 type: integer
7514 items:
7515 description: |-
7516 items If unspecified, each key-value pair in the Data field of the referenced
7517 Secret will be projected into the volume as a file whose name is the
7518 key and content is the value. If specified, the listed keys will be
7519 projected into the specified paths, and unlisted keys will not be
7520 present. If a key is specified which is not present in the Secret,
7521 the volume setup will error unless it is marked optional. Paths must be
7522 relative and may not contain the '..' path or start with '..'.
7523 items:
7524 description: Maps a string key to a path within a volume.
7525 properties:
7526 key:
7527 description: key is the key to project.
7528 type: string
7529 mode:
7530 description: |-
7531 mode is Optional: mode bits used to set permissions on this file.
7532 Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
7533 YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
7534 If not specified, the volume defaultMode will be used.
7535 This might be in conflict with other options that affect the file
7536 mode, like fsGroup, and the result can be other mode bits set.
7537 format: int32
7538 type: integer
7539 path:
7540 description: |-
7541 path is the relative path of the file to map the key to.
7542 May not be an absolute path.
7543 May not contain the path element '..'.
7544 May not start with the string '..'.
7545 type: string
7546 required:
7547 - key
7548 - path
7549 type: object
7550 type: array
7551 x-kubernetes-list-type: atomic
7552 optional:
7553 description: optional field specify whether the Secret or
7554 its keys must be defined
7555 type: boolean
7556 secretName:
7557 description: |-
7558 secretName is the name of the secret in the pod's namespace to use.
7559 More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
7560 type: string
7561 type: object
7562 storageos:
7563 description: storageOS represents a StorageOS volume attached
7564 and mounted on Kubernetes nodes.
7565 properties:
7566 fsType:
7567 description: |-
7568 fsType is the filesystem type to mount.
7569 Must be a filesystem type supported by the host operating system.
7570 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7571 type: string
7572 readOnly:
7573 description: |-
7574 readOnly defaults to false (read/write). ReadOnly here will force
7575 the ReadOnly setting in VolumeMounts.
7576 type: boolean
7577 secretRef:
7578 description: |-
7579 secretRef specifies the secret to use for obtaining the StorageOS API
7580 credentials. If not specified, default values will be attempted.
7581 properties:
7582 name:
7583 default: ""
7584 description: |-
7585 Name of the referent.
7586 This field is effectively required, but due to backwards compatibility is
7587 allowed to be empty. Instances of this type with an empty value here are
7588 almost certainly wrong.
7589 TODO: Add other useful fields. apiVersion, kind, uid?
7590 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
7591 TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
7592 type: string
7593 type: object
7594 x-kubernetes-map-type: atomic
7595 volumeName:
7596 description: |-
7597 volumeName is the human-readable name of the StorageOS volume. Volume
7598 names are only unique within a namespace.
7599 type: string
7600 volumeNamespace:
7601 description: |-
7602 volumeNamespace specifies the scope of the volume within StorageOS. If no
7603 namespace is specified then the Pod's namespace will be used. This allows the
7604 Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
7605 Set VolumeName to any name to override the default behaviour.
7606 Set to "default" if you are not using namespaces within StorageOS.
7607 Namespaces that do not pre-exist within StorageOS will be created.
7608 type: string
7609 type: object
7610 vsphereVolume:
7611 description: vsphereVolume represents a vSphere volume attached
7612 and mounted on kubelets host machine
7613 properties:
7614 fsType:
7615 description: |-
7616 fsType is filesystem type to mount.
7617 Must be a filesystem type supported by the host operating system.
7618 Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
7619 type: string
7620 storagePolicyID:
7621 description: storagePolicyID is the storage Policy Based
7622 Management (SPBM) profile ID associated with the StoragePolicyName.
7623 type: string
7624 storagePolicyName:
7625 description: storagePolicyName is the storage Policy Based
7626 Management (SPBM) profile name.
7627 type: string
7628 volumePath:
7629 description: volumePath is the path that identifies vSphere
7630 volume vmdk
7631 type: string
7632 required:
7633 - volumePath
7634 type: object
7635 required:
7636 - name
7637 type: object
7638 type: array
7639 type: object
7640 status:
7641 description: |-
7642 Most recent observed status of the ThanosRuler cluster. Read-only.
7643 More info:
7644 https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
7645 properties:
7646 availableReplicas:
7647 description: |-
7648 Total number of available pods (ready for at least minReadySeconds)
7649 targeted by this ThanosRuler deployment.
7650 format: int32
7651 type: integer
7652 conditions:
7653 description: The current state of the Alertmanager object.
7654 items:
7655 description: |-
7656 Condition represents the state of the resources associated with the
7657 Prometheus, Alertmanager or ThanosRuler resource.
7658 properties:
7659 lastTransitionTime:
7660 description: lastTransitionTime is the time of the last update
7661 to the current status property.
7662 format: date-time
7663 type: string
7664 message:
7665 description: Human-readable message indicating details for the
7666 condition's last transition.
7667 type: string
7668 observedGeneration:
7669 description: |-
7670 ObservedGeneration represents the .metadata.generation that the
7671 condition was set based upon. For instance, if `.metadata.generation` is
7672 currently 12, but the `.status.conditions[].observedGeneration` is 9, the
7673 condition is out of date with respect to the current state of the
7674 instance.
7675 format: int64
7676 type: integer
7677 reason:
7678 description: Reason for the condition's last transition.
7679 type: string
7680 status:
7681 description: Status of the condition.
7682 type: string
7683 type:
7684 description: Type of the condition being reported.
7685 type: string
7686 required:
7687 - lastTransitionTime
7688 - status
7689 - type
7690 type: object
7691 type: array
7692 x-kubernetes-list-map-keys:
7693 - type
7694 x-kubernetes-list-type: map
7695 paused:
7696 description: |-
7697 Represents whether any actions on the underlying managed objects are
7698 being performed. Only delete actions will be performed.
7699 type: boolean
7700 replicas:
7701 description: |-
7702 Total number of non-terminated pods targeted by this ThanosRuler deployment
7703 (their labels match the selector).
7704 format: int32
7705 type: integer
7706 unavailableReplicas:
7707 description: Total number of unavailable pods targeted by this ThanosRuler
7708 deployment.
7709 format: int32
7710 type: integer
7711 updatedReplicas:
7712 description: |-
7713 Total number of non-terminated pods targeted by this ThanosRuler deployment
7714 that have the desired version spec.
7715 format: int32
7716 type: integer
7717 required:
7718 - availableReplicas
7719 - paused
7720 - replicas
7721 - unavailableReplicas
7722 - updatedReplicas
7723 type: object
7724 required:
7725 - spec
7726 type: object
7727 served: true
7728 storage: true
7729 subresources:
7730 status: {}
View as plain text