1apiVersion: v1
2kind: Namespace
3metadata:
4 name: prometheus-operator
5 labels:
6 workload.edge.ncr.com: platform
7 annotations:
8 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
9 pallet.edge.ncr.com/name: prometheus-operator
10 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
11 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
12 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
13 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
14---
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 name: alertmanagerconfigs.monitoring.coreos.com
19 labels:
20 workload.edge.ncr.com: platform
21 annotations:
22 controller-gen.kubebuilder.io/version: v0.9.2
23 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
24 pallet.edge.ncr.com/name: prometheus-operator
25 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
26 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
27 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
28 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
29spec:
30 group: monitoring.coreos.com
31 names:
32 kind: AlertmanagerConfig
33 categories:
34 - prometheus-operator
35 listKind: AlertmanagerConfigList
36 plural: alertmanagerconfigs
37 shortNames:
38 - amcfg
39 singular: alertmanagerconfig
40 scope: Namespaced
41 versions:
42 - name: v1alpha1
43 schema:
44 openAPIV3Schema:
45 type: object
46 description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to be aggregated across multiple namespaces configuring one Alertmanager cluster.
47 properties:
48 apiVersion:
49 type: string
50 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
51 kind:
52 type: string
53 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
54 metadata:
55 type: object
56 spec:
57 type: object
58 description: AlertmanagerConfigSpec is a specification of the desired behavior of the Alertmanager configuration. By definition, the Alertmanager configuration only applies to alerts for which the `namespace` label is equal to the namespace of the AlertmanagerConfig resource.
59 properties:
60 inhibitRules:
61 type: array
62 description: List of inhibition rules. The rules will only apply to alerts matching the resource's namespace.
63 items:
64 type: object
65 description: InhibitRule defines an inhibition rule that allows to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule
66 properties:
67 equal:
68 type: array
69 description: Labels that must have an equal value in the source and target alert for the inhibition to take effect.
70 items:
71 type: string
72 sourceMatch:
73 type: array
74 description: Matchers for which one or more alerts have to exist for the inhibition to take effect. The operator enforces that the alert matches the resource's namespace.
75 items:
76 type: object
77 description: Matcher defines how to match on alert's labels.
78 properties:
79 name:
80 type: string
81 description: Label to match.
82 minLength: 1
83 value:
84 type: string
85 description: Label value to match.
86 matchType:
87 type: string
88 description: Match operation available with AlertManager >= v0.22.0 and takes precedence over Regex (deprecated) if non-empty.
89 enum:
90 - '!='
91 - =
92 - =~
93 - '!~'
94 regex:
95 type: boolean
96 description: Whether to match on equality (false) or regular-expression (true). Deprecated as of AlertManager >= v0.22.0 where a user should use MatchType instead.
97 required:
98 - name
99 targetMatch:
100 type: array
101 description: Matchers that have to be fulfilled in the alerts to be muted. The operator enforces that the alert matches the resource's namespace.
102 items:
103 type: object
104 description: Matcher defines how to match on alert's labels.
105 properties:
106 name:
107 type: string
108 description: Label to match.
109 minLength: 1
110 value:
111 type: string
112 description: Label value to match.
113 matchType:
114 type: string
115 description: Match operation available with AlertManager >= v0.22.0 and takes precedence over Regex (deprecated) if non-empty.
116 enum:
117 - '!='
118 - =
119 - =~
120 - '!~'
121 regex:
122 type: boolean
123 description: Whether to match on equality (false) or regular-expression (true). Deprecated as of AlertManager >= v0.22.0 where a user should use MatchType instead.
124 required:
125 - name
126 muteTimeIntervals:
127 type: array
128 description: List of MuteTimeInterval specifying when the routes should be muted.
129 items:
130 type: object
131 description: MuteTimeInterval specifies the periods in time when notifications will be muted
132 properties:
133 name:
134 type: string
135 description: Name of the time interval
136 timeIntervals:
137 type: array
138 description: TimeIntervals is a list of TimeInterval
139 items:
140 type: object
141 description: TimeInterval describes intervals of time
142 properties:
143 daysOfMonth:
144 type: array
145 description: DaysOfMonth is a list of DayOfMonthRange
146 items:
147 type: object
148 description: DayOfMonthRange is an inclusive range of days of the month beginning at 1
149 properties:
150 end:
151 type: integer
152 description: End of the inclusive range
153 maximum: 31
154 minimum: -31
155 start:
156 type: integer
157 description: Start of the inclusive range
158 maximum: 31
159 minimum: -31
160 months:
161 type: array
162 description: Months is a list of MonthRange
163 items:
164 type: string
165 description: MonthRange is an inclusive range of months of the year beginning in January Months can be specified by name (e.g 'January') by numerical month (e.g '1') or as an inclusive range (e.g 'January:March', '1:3', '1:March')
166 pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$)
167 times:
168 type: array
169 description: Times is a list of TimeRange
170 items:
171 type: object
172 description: TimeRange defines a start and end time in 24hr format
173 properties:
174 endTime:
175 type: string
176 description: EndTime is the end time in 24hr format.
177 pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$)
178 startTime:
179 type: string
180 description: StartTime is the start time in 24hr format.
181 pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$)
182 weekdays:
183 type: array
184 description: Weekdays is a list of WeekdayRange
185 items:
186 type: string
187 description: WeekdayRange is an inclusive range of days of the week beginning on Sunday Days can be specified by name (e.g 'Sunday') or as an inclusive range (e.g 'Monday:Friday')
188 pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$)
189 years:
190 type: array
191 description: Years is a list of YearRange
192 items:
193 type: string
194 description: YearRange is an inclusive range of years
195 pattern: ^2\d{3}(?::2\d{3}|$)
196 receivers:
197 type: array
198 description: List of receivers.
199 items:
200 type: object
201 description: Receiver defines one or more notification integrations.
202 properties:
203 name:
204 type: string
205 description: Name of the receiver. Must be unique across all items from the list.
206 minLength: 1
207 emailConfigs:
208 type: array
209 description: List of Email configurations.
210 items:
211 type: object
212 description: EmailConfig configures notifications via Email.
213 properties:
214 authIdentity:
215 type: string
216 description: The identity to use for authentication.
217 authPassword:
218 type: object
219 description: The secret's key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
220 properties:
221 name:
222 type: string
223 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
224 key:
225 type: string
226 description: The key of the secret to select from. Must be a valid secret key.
227 optional:
228 type: boolean
229 description: Specify whether the Secret or its key must be defined
230 required:
231 - key
232 authSecret:
233 type: object
234 description: The secret's key that contains the CRAM-MD5 secret. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
235 properties:
236 name:
237 type: string
238 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
239 key:
240 type: string
241 description: The key of the secret to select from. Must be a valid secret key.
242 optional:
243 type: boolean
244 description: Specify whether the Secret or its key must be defined
245 required:
246 - key
247 authUsername:
248 type: string
249 description: The username to use for authentication.
250 from:
251 type: string
252 description: The sender address.
253 headers:
254 type: array
255 description: Further headers email header key/value pairs. Overrides any headers previously set by the notification implementation.
256 items:
257 type: object
258 description: KeyValue defines a (key, value) tuple.
259 properties:
260 value:
261 type: string
262 description: Value of the tuple.
263 key:
264 type: string
265 description: Key of the tuple.
266 minLength: 1
267 required:
268 - key
269 - value
270 hello:
271 type: string
272 description: The hostname to identify to the SMTP server.
273 html:
274 type: string
275 description: The HTML body of the email notification.
276 requireTLS:
277 type: boolean
278 description: The SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints.
279 sendResolved:
280 type: boolean
281 description: Whether or not to notify about resolved alerts.
282 smarthost:
283 type: string
284 description: The SMTP host and port through which emails are sent. E.g. example.com:25
285 text:
286 type: string
287 description: The text body of the email notification.
288 tlsConfig:
289 type: object
290 description: TLS configuration
291 properties:
292 ca:
293 type: object
294 description: Struct containing the CA cert to use for the targets.
295 properties:
296 configMap:
297 type: object
298 description: ConfigMap containing data to use for the targets.
299 properties:
300 name:
301 type: string
302 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
303 key:
304 type: string
305 description: The key to select.
306 optional:
307 type: boolean
308 description: Specify whether the ConfigMap or its key must be defined
309 required:
310 - key
311 x-kubernetes-map-type: atomic
312 secret:
313 type: object
314 description: Secret containing data to use for the targets.
315 properties:
316 name:
317 type: string
318 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
319 key:
320 type: string
321 description: The key of the secret to select from. Must be a valid secret key.
322 optional:
323 type: boolean
324 description: Specify whether the Secret or its key must be defined
325 required:
326 - key
327 x-kubernetes-map-type: atomic
328 cert:
329 type: object
330 description: Struct containing the client cert file for the targets.
331 properties:
332 configMap:
333 type: object
334 description: ConfigMap containing data to use for the targets.
335 properties:
336 name:
337 type: string
338 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
339 key:
340 type: string
341 description: The key to select.
342 optional:
343 type: boolean
344 description: Specify whether the ConfigMap or its key must be defined
345 required:
346 - key
347 x-kubernetes-map-type: atomic
348 secret:
349 type: object
350 description: Secret containing data to use for the targets.
351 properties:
352 name:
353 type: string
354 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
355 key:
356 type: string
357 description: The key of the secret to select from. Must be a valid secret key.
358 optional:
359 type: boolean
360 description: Specify whether the Secret or its key must be defined
361 required:
362 - key
363 x-kubernetes-map-type: atomic
364 insecureSkipVerify:
365 type: boolean
366 description: Disable target certificate validation.
367 keySecret:
368 type: object
369 description: Secret containing the client key file for the targets.
370 properties:
371 name:
372 type: string
373 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
374 key:
375 type: string
376 description: The key of the secret to select from. Must be a valid secret key.
377 optional:
378 type: boolean
379 description: Specify whether the Secret or its key must be defined
380 required:
381 - key
382 x-kubernetes-map-type: atomic
383 serverName:
384 type: string
385 description: Used to verify the hostname for the targets.
386 to:
387 type: string
388 description: The email address to send notifications to.
389 opsgenieConfigs:
390 type: array
391 description: List of OpsGenie configurations.
392 items:
393 type: object
394 description: OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config
395 properties:
396 priority:
397 type: string
398 description: Priority level of alert. Possible values are P1, P2, P3, P4, and P5.
399 actions:
400 type: string
401 description: Comma separated list of actions that will be available for the alert.
402 apiKey:
403 type: object
404 description: The secret's key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
405 properties:
406 name:
407 type: string
408 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
409 key:
410 type: string
411 description: The key of the secret to select from. Must be a valid secret key.
412 optional:
413 type: boolean
414 description: Specify whether the Secret or its key must be defined
415 required:
416 - key
417 apiURL:
418 type: string
419 description: The URL to send OpsGenie API requests to.
420 description:
421 type: string
422 description: Description of the incident.
423 details:
424 type: array
425 description: A set of arbitrary key/value pairs that provide further detail about the incident.
426 items:
427 type: object
428 description: KeyValue defines a (key, value) tuple.
429 properties:
430 value:
431 type: string
432 description: Value of the tuple.
433 key:
434 type: string
435 description: Key of the tuple.
436 minLength: 1
437 required:
438 - key
439 - value
440 entity:
441 type: string
442 description: Optional field that can be used to specify which domain alert is related to.
443 httpConfig:
444 type: object
445 description: HTTP client configuration.
446 properties:
447 authorization:
448 type: object
449 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
450 properties:
451 type:
452 type: string
453 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
454 credentials:
455 type: object
456 description: The secret's key that contains the credentials of the request
457 properties:
458 name:
459 type: string
460 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
461 key:
462 type: string
463 description: The key of the secret to select from. Must be a valid secret key.
464 optional:
465 type: boolean
466 description: Specify whether the Secret or its key must be defined
467 required:
468 - key
469 x-kubernetes-map-type: atomic
470 basicAuth:
471 type: object
472 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
473 properties:
474 password:
475 type: object
476 description: The secret in the service monitor namespace that contains the password for authentication.
477 properties:
478 name:
479 type: string
480 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
481 key:
482 type: string
483 description: The key of the secret to select from. Must be a valid secret key.
484 optional:
485 type: boolean
486 description: Specify whether the Secret or its key must be defined
487 required:
488 - key
489 x-kubernetes-map-type: atomic
490 username:
491 type: object
492 description: The secret in the service monitor namespace that contains the username for authentication.
493 properties:
494 name:
495 type: string
496 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
497 key:
498 type: string
499 description: The key of the secret to select from. Must be a valid secret key.
500 optional:
501 type: boolean
502 description: Specify whether the Secret or its key must be defined
503 required:
504 - key
505 x-kubernetes-map-type: atomic
506 bearerTokenSecret:
507 type: object
508 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
509 properties:
510 name:
511 type: string
512 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
513 key:
514 type: string
515 description: The key of the secret to select from. Must be a valid secret key.
516 optional:
517 type: boolean
518 description: Specify whether the Secret or its key must be defined
519 required:
520 - key
521 followRedirects:
522 type: boolean
523 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
524 oauth2:
525 type: object
526 description: OAuth2 client credentials used to fetch a token for the targets.
527 properties:
528 clientId:
529 type: object
530 description: The secret or configmap containing the OAuth2 client id
531 properties:
532 configMap:
533 type: object
534 description: ConfigMap containing data to use for the targets.
535 properties:
536 name:
537 type: string
538 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
539 key:
540 type: string
541 description: The key to select.
542 optional:
543 type: boolean
544 description: Specify whether the ConfigMap or its key must be defined
545 required:
546 - key
547 x-kubernetes-map-type: atomic
548 secret:
549 type: object
550 description: Secret containing data to use for the targets.
551 properties:
552 name:
553 type: string
554 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
555 key:
556 type: string
557 description: The key of the secret to select from. Must be a valid secret key.
558 optional:
559 type: boolean
560 description: Specify whether the Secret or its key must be defined
561 required:
562 - key
563 x-kubernetes-map-type: atomic
564 clientSecret:
565 type: object
566 description: The secret containing the OAuth2 client secret
567 properties:
568 name:
569 type: string
570 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
571 key:
572 type: string
573 description: The key of the secret to select from. Must be a valid secret key.
574 optional:
575 type: boolean
576 description: Specify whether the Secret or its key must be defined
577 required:
578 - key
579 x-kubernetes-map-type: atomic
580 endpointParams:
581 type: object
582 additionalProperties:
583 type: string
584 description: Parameters to append to the token URL
585 scopes:
586 type: array
587 description: OAuth2 scopes used for the token request
588 items:
589 type: string
590 tokenUrl:
591 type: string
592 description: The URL to fetch the token from
593 minLength: 1
594 required:
595 - clientId
596 - clientSecret
597 - tokenUrl
598 proxyURL:
599 type: string
600 description: Optional proxy URL.
601 tlsConfig:
602 type: object
603 description: TLS configuration for the client.
604 properties:
605 ca:
606 type: object
607 description: Struct containing the CA cert to use for the targets.
608 properties:
609 configMap:
610 type: object
611 description: ConfigMap containing data to use for the targets.
612 properties:
613 name:
614 type: string
615 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
616 key:
617 type: string
618 description: The key to select.
619 optional:
620 type: boolean
621 description: Specify whether the ConfigMap or its key must be defined
622 required:
623 - key
624 x-kubernetes-map-type: atomic
625 secret:
626 type: object
627 description: Secret containing data to use for the targets.
628 properties:
629 name:
630 type: string
631 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
632 key:
633 type: string
634 description: The key of the secret to select from. Must be a valid secret key.
635 optional:
636 type: boolean
637 description: Specify whether the Secret or its key must be defined
638 required:
639 - key
640 x-kubernetes-map-type: atomic
641 cert:
642 type: object
643 description: Struct containing the client cert file for the targets.
644 properties:
645 configMap:
646 type: object
647 description: ConfigMap containing data to use for the targets.
648 properties:
649 name:
650 type: string
651 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
652 key:
653 type: string
654 description: The key to select.
655 optional:
656 type: boolean
657 description: Specify whether the ConfigMap or its key must be defined
658 required:
659 - key
660 x-kubernetes-map-type: atomic
661 secret:
662 type: object
663 description: Secret containing data to use for the targets.
664 properties:
665 name:
666 type: string
667 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
668 key:
669 type: string
670 description: The key of the secret to select from. Must be a valid secret key.
671 optional:
672 type: boolean
673 description: Specify whether the Secret or its key must be defined
674 required:
675 - key
676 x-kubernetes-map-type: atomic
677 insecureSkipVerify:
678 type: boolean
679 description: Disable target certificate validation.
680 keySecret:
681 type: object
682 description: Secret containing the client key file for the targets.
683 properties:
684 name:
685 type: string
686 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
687 key:
688 type: string
689 description: The key of the secret to select from. Must be a valid secret key.
690 optional:
691 type: boolean
692 description: Specify whether the Secret or its key must be defined
693 required:
694 - key
695 x-kubernetes-map-type: atomic
696 serverName:
697 type: string
698 description: Used to verify the hostname for the targets.
699 message:
700 type: string
701 description: Alert text limited to 130 characters.
702 note:
703 type: string
704 description: Additional alert note.
705 responders:
706 type: array
707 description: List of responders responsible for notifications.
708 items:
709 type: object
710 description: OpsGenieConfigResponder defines a responder to an incident. One of `id`, `name` or `username` has to be defined.
711 properties:
712 name:
713 type: string
714 description: Name of the responder.
715 type:
716 type: string
717 description: Type of responder.
718 enum:
719 - team
720 - teams
721 - user
722 - escalation
723 - schedule
724 minLength: 1
725 id:
726 type: string
727 description: ID of the responder.
728 username:
729 type: string
730 description: Username of the responder.
731 required:
732 - type
733 sendResolved:
734 type: boolean
735 description: Whether or not to notify about resolved alerts.
736 source:
737 type: string
738 description: Backlink to the sender of the notification.
739 tags:
740 type: string
741 description: Comma separated list of tags attached to the notifications.
742 updateAlerts:
743 type: boolean
744 description: Whether to update message and description of the alert in OpsGenie if it already exists By default, the alert is never updated in OpsGenie, the new message only appears in activity log.
745 pagerdutyConfigs:
746 type: array
747 description: List of PagerDuty configurations.
748 items:
749 type: object
750 description: PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config
751 properties:
752 class:
753 type: string
754 description: The class/type of the event.
755 client:
756 type: string
757 description: Client identification.
758 clientURL:
759 type: string
760 description: Backlink to the sender of notification.
761 component:
762 type: string
763 description: The part or component of the affected system that is broken.
764 description:
765 type: string
766 description: Description of the incident.
767 details:
768 type: array
769 description: Arbitrary key/value pairs that provide further detail about the incident.
770 items:
771 type: object
772 description: KeyValue defines a (key, value) tuple.
773 properties:
774 value:
775 type: string
776 description: Value of the tuple.
777 key:
778 type: string
779 description: Key of the tuple.
780 minLength: 1
781 required:
782 - key
783 - value
784 group:
785 type: string
786 description: A cluster or grouping of sources.
787 httpConfig:
788 type: object
789 description: HTTP client configuration.
790 properties:
791 authorization:
792 type: object
793 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
794 properties:
795 type:
796 type: string
797 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
798 credentials:
799 type: object
800 description: The secret's key that contains the credentials of the request
801 properties:
802 name:
803 type: string
804 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
805 key:
806 type: string
807 description: The key of the secret to select from. Must be a valid secret key.
808 optional:
809 type: boolean
810 description: Specify whether the Secret or its key must be defined
811 required:
812 - key
813 x-kubernetes-map-type: atomic
814 basicAuth:
815 type: object
816 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
817 properties:
818 password:
819 type: object
820 description: The secret in the service monitor namespace that contains the password for authentication.
821 properties:
822 name:
823 type: string
824 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
825 key:
826 type: string
827 description: The key of the secret to select from. Must be a valid secret key.
828 optional:
829 type: boolean
830 description: Specify whether the Secret or its key must be defined
831 required:
832 - key
833 x-kubernetes-map-type: atomic
834 username:
835 type: object
836 description: The secret in the service monitor namespace that contains the username for authentication.
837 properties:
838 name:
839 type: string
840 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
841 key:
842 type: string
843 description: The key of the secret to select from. Must be a valid secret key.
844 optional:
845 type: boolean
846 description: Specify whether the Secret or its key must be defined
847 required:
848 - key
849 x-kubernetes-map-type: atomic
850 bearerTokenSecret:
851 type: object
852 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
853 properties:
854 name:
855 type: string
856 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
857 key:
858 type: string
859 description: The key of the secret to select from. Must be a valid secret key.
860 optional:
861 type: boolean
862 description: Specify whether the Secret or its key must be defined
863 required:
864 - key
865 followRedirects:
866 type: boolean
867 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
868 oauth2:
869 type: object
870 description: OAuth2 client credentials used to fetch a token for the targets.
871 properties:
872 clientId:
873 type: object
874 description: The secret or configmap containing the OAuth2 client id
875 properties:
876 configMap:
877 type: object
878 description: ConfigMap containing data to use for the targets.
879 properties:
880 name:
881 type: string
882 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
883 key:
884 type: string
885 description: The key to select.
886 optional:
887 type: boolean
888 description: Specify whether the ConfigMap or its key must be defined
889 required:
890 - key
891 x-kubernetes-map-type: atomic
892 secret:
893 type: object
894 description: Secret containing data to use for the targets.
895 properties:
896 name:
897 type: string
898 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
899 key:
900 type: string
901 description: The key of the secret to select from. Must be a valid secret key.
902 optional:
903 type: boolean
904 description: Specify whether the Secret or its key must be defined
905 required:
906 - key
907 x-kubernetes-map-type: atomic
908 clientSecret:
909 type: object
910 description: The secret containing the OAuth2 client secret
911 properties:
912 name:
913 type: string
914 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
915 key:
916 type: string
917 description: The key of the secret to select from. Must be a valid secret key.
918 optional:
919 type: boolean
920 description: Specify whether the Secret or its key must be defined
921 required:
922 - key
923 x-kubernetes-map-type: atomic
924 endpointParams:
925 type: object
926 additionalProperties:
927 type: string
928 description: Parameters to append to the token URL
929 scopes:
930 type: array
931 description: OAuth2 scopes used for the token request
932 items:
933 type: string
934 tokenUrl:
935 type: string
936 description: The URL to fetch the token from
937 minLength: 1
938 required:
939 - clientId
940 - clientSecret
941 - tokenUrl
942 proxyURL:
943 type: string
944 description: Optional proxy URL.
945 tlsConfig:
946 type: object
947 description: TLS configuration for the client.
948 properties:
949 ca:
950 type: object
951 description: Struct containing the CA cert to use for the targets.
952 properties:
953 configMap:
954 type: object
955 description: ConfigMap containing data to use for the targets.
956 properties:
957 name:
958 type: string
959 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
960 key:
961 type: string
962 description: The key to select.
963 optional:
964 type: boolean
965 description: Specify whether the ConfigMap or its key must be defined
966 required:
967 - key
968 x-kubernetes-map-type: atomic
969 secret:
970 type: object
971 description: Secret containing data to use for the targets.
972 properties:
973 name:
974 type: string
975 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
976 key:
977 type: string
978 description: The key of the secret to select from. Must be a valid secret key.
979 optional:
980 type: boolean
981 description: Specify whether the Secret or its key must be defined
982 required:
983 - key
984 x-kubernetes-map-type: atomic
985 cert:
986 type: object
987 description: Struct containing the client cert file for the targets.
988 properties:
989 configMap:
990 type: object
991 description: ConfigMap containing data to use for the targets.
992 properties:
993 name:
994 type: string
995 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
996 key:
997 type: string
998 description: The key to select.
999 optional:
1000 type: boolean
1001 description: Specify whether the ConfigMap or its key must be defined
1002 required:
1003 - key
1004 x-kubernetes-map-type: atomic
1005 secret:
1006 type: object
1007 description: Secret containing data to use for the targets.
1008 properties:
1009 name:
1010 type: string
1011 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1012 key:
1013 type: string
1014 description: The key of the secret to select from. Must be a valid secret key.
1015 optional:
1016 type: boolean
1017 description: Specify whether the Secret or its key must be defined
1018 required:
1019 - key
1020 x-kubernetes-map-type: atomic
1021 insecureSkipVerify:
1022 type: boolean
1023 description: Disable target certificate validation.
1024 keySecret:
1025 type: object
1026 description: Secret containing the client key file for the targets.
1027 properties:
1028 name:
1029 type: string
1030 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1031 key:
1032 type: string
1033 description: The key of the secret to select from. Must be a valid secret key.
1034 optional:
1035 type: boolean
1036 description: Specify whether the Secret or its key must be defined
1037 required:
1038 - key
1039 x-kubernetes-map-type: atomic
1040 serverName:
1041 type: string
1042 description: Used to verify the hostname for the targets.
1043 pagerDutyImageConfigs:
1044 type: array
1045 description: A list of image details to attach that provide further detail about an incident.
1046 items:
1047 type: object
1048 description: PagerDutyImageConfig attaches images to an incident
1049 properties:
1050 alt:
1051 type: string
1052 description: Alt is the optional alternative text for the image.
1053 href:
1054 type: string
1055 description: Optional URL; makes the image a clickable link.
1056 src:
1057 type: string
1058 description: Src of the image being attached to the incident
1059 pagerDutyLinkConfigs:
1060 type: array
1061 description: A list of link details to attach that provide further detail about an incident.
1062 items:
1063 type: object
1064 description: PagerDutyLinkConfig attaches text links to an incident
1065 properties:
1066 alt:
1067 type: string
1068 description: Text that describes the purpose of the link, and can be used as the link's text.
1069 href:
1070 type: string
1071 description: Href is the URL of the link to be attached
1072 routingKey:
1073 type: object
1074 description: The secret's key that contains the PagerDuty integration key (when using Events API v2). Either this field or `serviceKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1075 properties:
1076 name:
1077 type: string
1078 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1079 key:
1080 type: string
1081 description: The key of the secret to select from. Must be a valid secret key.
1082 optional:
1083 type: boolean
1084 description: Specify whether the Secret or its key must be defined
1085 required:
1086 - key
1087 sendResolved:
1088 type: boolean
1089 description: Whether or not to notify about resolved alerts.
1090 serviceKey:
1091 type: object
1092 description: The secret's key that contains the PagerDuty service key (when using integration type "Prometheus"). Either this field or `routingKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1093 properties:
1094 name:
1095 type: string
1096 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1097 key:
1098 type: string
1099 description: The key of the secret to select from. Must be a valid secret key.
1100 optional:
1101 type: boolean
1102 description: Specify whether the Secret or its key must be defined
1103 required:
1104 - key
1105 severity:
1106 type: string
1107 description: Severity of the incident.
1108 url:
1109 type: string
1110 description: The URL to send requests to.
1111 pushoverConfigs:
1112 type: array
1113 description: List of Pushover configurations.
1114 items:
1115 type: object
1116 description: PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
1117 properties:
1118 priority:
1119 type: string
1120 description: Priority, see https://pushover.net/api#priority
1121 expire:
1122 type: string
1123 description: How long your notification will continue to be retried for, unless the user acknowledges the notification.
1124 pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
1125 html:
1126 type: boolean
1127 description: Whether notification message is HTML or plain text.
1128 httpConfig:
1129 type: object
1130 description: HTTP client configuration.
1131 properties:
1132 authorization:
1133 type: object
1134 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
1135 properties:
1136 type:
1137 type: string
1138 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
1139 credentials:
1140 type: object
1141 description: The secret's key that contains the credentials of the request
1142 properties:
1143 name:
1144 type: string
1145 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1146 key:
1147 type: string
1148 description: The key of the secret to select from. Must be a valid secret key.
1149 optional:
1150 type: boolean
1151 description: Specify whether the Secret or its key must be defined
1152 required:
1153 - key
1154 x-kubernetes-map-type: atomic
1155 basicAuth:
1156 type: object
1157 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
1158 properties:
1159 password:
1160 type: object
1161 description: The secret in the service monitor namespace that contains the password for authentication.
1162 properties:
1163 name:
1164 type: string
1165 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1166 key:
1167 type: string
1168 description: The key of the secret to select from. Must be a valid secret key.
1169 optional:
1170 type: boolean
1171 description: Specify whether the Secret or its key must be defined
1172 required:
1173 - key
1174 x-kubernetes-map-type: atomic
1175 username:
1176 type: object
1177 description: The secret in the service monitor namespace that contains the username for authentication.
1178 properties:
1179 name:
1180 type: string
1181 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1182 key:
1183 type: string
1184 description: The key of the secret to select from. Must be a valid secret key.
1185 optional:
1186 type: boolean
1187 description: Specify whether the Secret or its key must be defined
1188 required:
1189 - key
1190 x-kubernetes-map-type: atomic
1191 bearerTokenSecret:
1192 type: object
1193 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1194 properties:
1195 name:
1196 type: string
1197 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1198 key:
1199 type: string
1200 description: The key of the secret to select from. Must be a valid secret key.
1201 optional:
1202 type: boolean
1203 description: Specify whether the Secret or its key must be defined
1204 required:
1205 - key
1206 followRedirects:
1207 type: boolean
1208 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
1209 oauth2:
1210 type: object
1211 description: OAuth2 client credentials used to fetch a token for the targets.
1212 properties:
1213 clientId:
1214 type: object
1215 description: The secret or configmap containing the OAuth2 client id
1216 properties:
1217 configMap:
1218 type: object
1219 description: ConfigMap containing data to use for the targets.
1220 properties:
1221 name:
1222 type: string
1223 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1224 key:
1225 type: string
1226 description: The key to select.
1227 optional:
1228 type: boolean
1229 description: Specify whether the ConfigMap or its key must be defined
1230 required:
1231 - key
1232 x-kubernetes-map-type: atomic
1233 secret:
1234 type: object
1235 description: Secret containing data to use for the targets.
1236 properties:
1237 name:
1238 type: string
1239 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1240 key:
1241 type: string
1242 description: The key of the secret to select from. Must be a valid secret key.
1243 optional:
1244 type: boolean
1245 description: Specify whether the Secret or its key must be defined
1246 required:
1247 - key
1248 x-kubernetes-map-type: atomic
1249 clientSecret:
1250 type: object
1251 description: The secret containing the OAuth2 client secret
1252 properties:
1253 name:
1254 type: string
1255 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1256 key:
1257 type: string
1258 description: The key of the secret to select from. Must be a valid secret key.
1259 optional:
1260 type: boolean
1261 description: Specify whether the Secret or its key must be defined
1262 required:
1263 - key
1264 x-kubernetes-map-type: atomic
1265 endpointParams:
1266 type: object
1267 additionalProperties:
1268 type: string
1269 description: Parameters to append to the token URL
1270 scopes:
1271 type: array
1272 description: OAuth2 scopes used for the token request
1273 items:
1274 type: string
1275 tokenUrl:
1276 type: string
1277 description: The URL to fetch the token from
1278 minLength: 1
1279 required:
1280 - clientId
1281 - clientSecret
1282 - tokenUrl
1283 proxyURL:
1284 type: string
1285 description: Optional proxy URL.
1286 tlsConfig:
1287 type: object
1288 description: TLS configuration for the client.
1289 properties:
1290 ca:
1291 type: object
1292 description: Struct containing the CA cert to use for the targets.
1293 properties:
1294 configMap:
1295 type: object
1296 description: ConfigMap containing data to use for the targets.
1297 properties:
1298 name:
1299 type: string
1300 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1301 key:
1302 type: string
1303 description: The key to select.
1304 optional:
1305 type: boolean
1306 description: Specify whether the ConfigMap or its key must be defined
1307 required:
1308 - key
1309 x-kubernetes-map-type: atomic
1310 secret:
1311 type: object
1312 description: Secret containing data to use for the targets.
1313 properties:
1314 name:
1315 type: string
1316 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1317 key:
1318 type: string
1319 description: The key of the secret to select from. Must be a valid secret key.
1320 optional:
1321 type: boolean
1322 description: Specify whether the Secret or its key must be defined
1323 required:
1324 - key
1325 x-kubernetes-map-type: atomic
1326 cert:
1327 type: object
1328 description: Struct containing the client cert file for the targets.
1329 properties:
1330 configMap:
1331 type: object
1332 description: ConfigMap containing data to use for the targets.
1333 properties:
1334 name:
1335 type: string
1336 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1337 key:
1338 type: string
1339 description: The key to select.
1340 optional:
1341 type: boolean
1342 description: Specify whether the ConfigMap or its key must be defined
1343 required:
1344 - key
1345 x-kubernetes-map-type: atomic
1346 secret:
1347 type: object
1348 description: Secret containing data to use for the targets.
1349 properties:
1350 name:
1351 type: string
1352 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1353 key:
1354 type: string
1355 description: The key of the secret to select from. Must be a valid secret key.
1356 optional:
1357 type: boolean
1358 description: Specify whether the Secret or its key must be defined
1359 required:
1360 - key
1361 x-kubernetes-map-type: atomic
1362 insecureSkipVerify:
1363 type: boolean
1364 description: Disable target certificate validation.
1365 keySecret:
1366 type: object
1367 description: Secret containing the client key file for the targets.
1368 properties:
1369 name:
1370 type: string
1371 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1372 key:
1373 type: string
1374 description: The key of the secret to select from. Must be a valid secret key.
1375 optional:
1376 type: boolean
1377 description: Specify whether the Secret or its key must be defined
1378 required:
1379 - key
1380 x-kubernetes-map-type: atomic
1381 serverName:
1382 type: string
1383 description: Used to verify the hostname for the targets.
1384 message:
1385 type: string
1386 description: Notification message.
1387 retry:
1388 type: string
1389 description: How often the Pushover servers will send the same notification to the user. Must be at least 30 seconds.
1390 pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
1391 sendResolved:
1392 type: boolean
1393 description: Whether or not to notify about resolved alerts.
1394 sound:
1395 type: string
1396 description: The name of one of the sounds supported by device clients to override the user's default sound choice
1397 title:
1398 type: string
1399 description: Notification title.
1400 token:
1401 type: object
1402 description: The secret's key that contains the registered application's API token, see https://pushover.net/apps. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1403 properties:
1404 name:
1405 type: string
1406 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1407 key:
1408 type: string
1409 description: The key of the secret to select from. Must be a valid secret key.
1410 optional:
1411 type: boolean
1412 description: Specify whether the Secret or its key must be defined
1413 required:
1414 - key
1415 url:
1416 type: string
1417 description: A supplementary URL shown alongside the message.
1418 urlTitle:
1419 type: string
1420 description: A title for supplementary URL, otherwise just the URL is shown
1421 userKey:
1422 type: object
1423 description: The secret's key that contains the recipient user's user key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1424 properties:
1425 name:
1426 type: string
1427 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1428 key:
1429 type: string
1430 description: The key of the secret to select from. Must be a valid secret key.
1431 optional:
1432 type: boolean
1433 description: Specify whether the Secret or its key must be defined
1434 required:
1435 - key
1436 slackConfigs:
1437 type: array
1438 description: List of Slack configurations.
1439 items:
1440 type: object
1441 description: SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config
1442 properties:
1443 actions:
1444 type: array
1445 description: A list of Slack actions that are sent with each notification.
1446 items:
1447 type: object
1448 description: SlackAction configures a single Slack action that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields and https://api.slack.com/docs/message-buttons for more information.
1449 properties:
1450 name:
1451 type: string
1452 type:
1453 type: string
1454 minLength: 1
1455 value:
1456 type: string
1457 confirm:
1458 type: object
1459 description: SlackConfirmationField protect users from destructive actions or particularly distinguished decisions by asking them to confirm their button click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields for more information.
1460 properties:
1461 dismissText:
1462 type: string
1463 okText:
1464 type: string
1465 text:
1466 type: string
1467 minLength: 1
1468 title:
1469 type: string
1470 required:
1471 - text
1472 style:
1473 type: string
1474 text:
1475 type: string
1476 minLength: 1
1477 url:
1478 type: string
1479 required:
1480 - text
1481 - type
1482 apiURL:
1483 type: object
1484 description: The secret's key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1485 properties:
1486 name:
1487 type: string
1488 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1489 key:
1490 type: string
1491 description: The key of the secret to select from. Must be a valid secret key.
1492 optional:
1493 type: boolean
1494 description: Specify whether the Secret or its key must be defined
1495 required:
1496 - key
1497 callbackId:
1498 type: string
1499 channel:
1500 type: string
1501 description: The channel or user to send notifications to.
1502 color:
1503 type: string
1504 fallback:
1505 type: string
1506 fields:
1507 type: array
1508 description: A list of Slack fields that are sent with each notification.
1509 items:
1510 type: object
1511 description: SlackField configures a single Slack field that is sent with each notification. Each field must contain a title, value, and optionally, a boolean value to indicate if the field is short enough to be displayed next to other fields designated as short. See https://api.slack.com/docs/message-attachments#fields for more information.
1512 properties:
1513 value:
1514 type: string
1515 minLength: 1
1516 short:
1517 type: boolean
1518 title:
1519 type: string
1520 minLength: 1
1521 required:
1522 - title
1523 - value
1524 footer:
1525 type: string
1526 httpConfig:
1527 type: object
1528 description: HTTP client configuration.
1529 properties:
1530 authorization:
1531 type: object
1532 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
1533 properties:
1534 type:
1535 type: string
1536 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
1537 credentials:
1538 type: object
1539 description: The secret's key that contains the credentials of the request
1540 properties:
1541 name:
1542 type: string
1543 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1544 key:
1545 type: string
1546 description: The key of the secret to select from. Must be a valid secret key.
1547 optional:
1548 type: boolean
1549 description: Specify whether the Secret or its key must be defined
1550 required:
1551 - key
1552 x-kubernetes-map-type: atomic
1553 basicAuth:
1554 type: object
1555 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
1556 properties:
1557 password:
1558 type: object
1559 description: The secret in the service monitor namespace that contains the password for authentication.
1560 properties:
1561 name:
1562 type: string
1563 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1564 key:
1565 type: string
1566 description: The key of the secret to select from. Must be a valid secret key.
1567 optional:
1568 type: boolean
1569 description: Specify whether the Secret or its key must be defined
1570 required:
1571 - key
1572 x-kubernetes-map-type: atomic
1573 username:
1574 type: object
1575 description: The secret in the service monitor namespace that contains the username for authentication.
1576 properties:
1577 name:
1578 type: string
1579 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1580 key:
1581 type: string
1582 description: The key of the secret to select from. Must be a valid secret key.
1583 optional:
1584 type: boolean
1585 description: Specify whether the Secret or its key must be defined
1586 required:
1587 - key
1588 x-kubernetes-map-type: atomic
1589 bearerTokenSecret:
1590 type: object
1591 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1592 properties:
1593 name:
1594 type: string
1595 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1596 key:
1597 type: string
1598 description: The key of the secret to select from. Must be a valid secret key.
1599 optional:
1600 type: boolean
1601 description: Specify whether the Secret or its key must be defined
1602 required:
1603 - key
1604 followRedirects:
1605 type: boolean
1606 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
1607 oauth2:
1608 type: object
1609 description: OAuth2 client credentials used to fetch a token for the targets.
1610 properties:
1611 clientId:
1612 type: object
1613 description: The secret or configmap containing the OAuth2 client id
1614 properties:
1615 configMap:
1616 type: object
1617 description: ConfigMap containing data to use for the targets.
1618 properties:
1619 name:
1620 type: string
1621 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1622 key:
1623 type: string
1624 description: The key to select.
1625 optional:
1626 type: boolean
1627 description: Specify whether the ConfigMap or its key must be defined
1628 required:
1629 - key
1630 x-kubernetes-map-type: atomic
1631 secret:
1632 type: object
1633 description: Secret containing data to use for the targets.
1634 properties:
1635 name:
1636 type: string
1637 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1638 key:
1639 type: string
1640 description: The key of the secret to select from. Must be a valid secret key.
1641 optional:
1642 type: boolean
1643 description: Specify whether the Secret or its key must be defined
1644 required:
1645 - key
1646 x-kubernetes-map-type: atomic
1647 clientSecret:
1648 type: object
1649 description: The secret containing the OAuth2 client secret
1650 properties:
1651 name:
1652 type: string
1653 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1654 key:
1655 type: string
1656 description: The key of the secret to select from. Must be a valid secret key.
1657 optional:
1658 type: boolean
1659 description: Specify whether the Secret or its key must be defined
1660 required:
1661 - key
1662 x-kubernetes-map-type: atomic
1663 endpointParams:
1664 type: object
1665 additionalProperties:
1666 type: string
1667 description: Parameters to append to the token URL
1668 scopes:
1669 type: array
1670 description: OAuth2 scopes used for the token request
1671 items:
1672 type: string
1673 tokenUrl:
1674 type: string
1675 description: The URL to fetch the token from
1676 minLength: 1
1677 required:
1678 - clientId
1679 - clientSecret
1680 - tokenUrl
1681 proxyURL:
1682 type: string
1683 description: Optional proxy URL.
1684 tlsConfig:
1685 type: object
1686 description: TLS configuration for the client.
1687 properties:
1688 ca:
1689 type: object
1690 description: Struct containing the CA cert to use for the targets.
1691 properties:
1692 configMap:
1693 type: object
1694 description: ConfigMap containing data to use for the targets.
1695 properties:
1696 name:
1697 type: string
1698 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1699 key:
1700 type: string
1701 description: The key to select.
1702 optional:
1703 type: boolean
1704 description: Specify whether the ConfigMap or its key must be defined
1705 required:
1706 - key
1707 x-kubernetes-map-type: atomic
1708 secret:
1709 type: object
1710 description: Secret containing data to use for the targets.
1711 properties:
1712 name:
1713 type: string
1714 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1715 key:
1716 type: string
1717 description: The key of the secret to select from. Must be a valid secret key.
1718 optional:
1719 type: boolean
1720 description: Specify whether the Secret or its key must be defined
1721 required:
1722 - key
1723 x-kubernetes-map-type: atomic
1724 cert:
1725 type: object
1726 description: Struct containing the client cert file for the targets.
1727 properties:
1728 configMap:
1729 type: object
1730 description: ConfigMap containing data to use for the targets.
1731 properties:
1732 name:
1733 type: string
1734 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1735 key:
1736 type: string
1737 description: The key to select.
1738 optional:
1739 type: boolean
1740 description: Specify whether the ConfigMap or its key must be defined
1741 required:
1742 - key
1743 x-kubernetes-map-type: atomic
1744 secret:
1745 type: object
1746 description: Secret containing data to use for the targets.
1747 properties:
1748 name:
1749 type: string
1750 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1751 key:
1752 type: string
1753 description: The key of the secret to select from. Must be a valid secret key.
1754 optional:
1755 type: boolean
1756 description: Specify whether the Secret or its key must be defined
1757 required:
1758 - key
1759 x-kubernetes-map-type: atomic
1760 insecureSkipVerify:
1761 type: boolean
1762 description: Disable target certificate validation.
1763 keySecret:
1764 type: object
1765 description: Secret containing the client key file for the targets.
1766 properties:
1767 name:
1768 type: string
1769 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1770 key:
1771 type: string
1772 description: The key of the secret to select from. Must be a valid secret key.
1773 optional:
1774 type: boolean
1775 description: Specify whether the Secret or its key must be defined
1776 required:
1777 - key
1778 x-kubernetes-map-type: atomic
1779 serverName:
1780 type: string
1781 description: Used to verify the hostname for the targets.
1782 iconEmoji:
1783 type: string
1784 iconURL:
1785 type: string
1786 imageURL:
1787 type: string
1788 linkNames:
1789 type: boolean
1790 mrkdwnIn:
1791 type: array
1792 items:
1793 type: string
1794 pretext:
1795 type: string
1796 sendResolved:
1797 type: boolean
1798 description: Whether or not to notify about resolved alerts.
1799 shortFields:
1800 type: boolean
1801 text:
1802 type: string
1803 thumbURL:
1804 type: string
1805 title:
1806 type: string
1807 titleLink:
1808 type: string
1809 username:
1810 type: string
1811 snsConfigs:
1812 type: array
1813 description: List of SNS configurations
1814 items:
1815 type: object
1816 description: SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs
1817 properties:
1818 apiURL:
1819 type: string
1820 description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used.
1821 attributes:
1822 type: object
1823 additionalProperties:
1824 type: string
1825 description: SNS message attributes.
1826 httpConfig:
1827 type: object
1828 description: HTTP client configuration.
1829 properties:
1830 authorization:
1831 type: object
1832 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
1833 properties:
1834 type:
1835 type: string
1836 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
1837 credentials:
1838 type: object
1839 description: The secret's key that contains the credentials of the request
1840 properties:
1841 name:
1842 type: string
1843 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1844 key:
1845 type: string
1846 description: The key of the secret to select from. Must be a valid secret key.
1847 optional:
1848 type: boolean
1849 description: Specify whether the Secret or its key must be defined
1850 required:
1851 - key
1852 x-kubernetes-map-type: atomic
1853 basicAuth:
1854 type: object
1855 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
1856 properties:
1857 password:
1858 type: object
1859 description: The secret in the service monitor namespace that contains the password for authentication.
1860 properties:
1861 name:
1862 type: string
1863 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1864 key:
1865 type: string
1866 description: The key of the secret to select from. Must be a valid secret key.
1867 optional:
1868 type: boolean
1869 description: Specify whether the Secret or its key must be defined
1870 required:
1871 - key
1872 x-kubernetes-map-type: atomic
1873 username:
1874 type: object
1875 description: The secret in the service monitor namespace that contains the username for authentication.
1876 properties:
1877 name:
1878 type: string
1879 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1880 key:
1881 type: string
1882 description: The key of the secret to select from. Must be a valid secret key.
1883 optional:
1884 type: boolean
1885 description: Specify whether the Secret or its key must be defined
1886 required:
1887 - key
1888 x-kubernetes-map-type: atomic
1889 bearerTokenSecret:
1890 type: object
1891 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
1892 properties:
1893 name:
1894 type: string
1895 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1896 key:
1897 type: string
1898 description: The key of the secret to select from. Must be a valid secret key.
1899 optional:
1900 type: boolean
1901 description: Specify whether the Secret or its key must be defined
1902 required:
1903 - key
1904 followRedirects:
1905 type: boolean
1906 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
1907 oauth2:
1908 type: object
1909 description: OAuth2 client credentials used to fetch a token for the targets.
1910 properties:
1911 clientId:
1912 type: object
1913 description: The secret or configmap containing the OAuth2 client id
1914 properties:
1915 configMap:
1916 type: object
1917 description: ConfigMap containing data to use for the targets.
1918 properties:
1919 name:
1920 type: string
1921 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1922 key:
1923 type: string
1924 description: The key to select.
1925 optional:
1926 type: boolean
1927 description: Specify whether the ConfigMap or its key must be defined
1928 required:
1929 - key
1930 x-kubernetes-map-type: atomic
1931 secret:
1932 type: object
1933 description: Secret containing data to use for the targets.
1934 properties:
1935 name:
1936 type: string
1937 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1938 key:
1939 type: string
1940 description: The key of the secret to select from. Must be a valid secret key.
1941 optional:
1942 type: boolean
1943 description: Specify whether the Secret or its key must be defined
1944 required:
1945 - key
1946 x-kubernetes-map-type: atomic
1947 clientSecret:
1948 type: object
1949 description: The secret containing the OAuth2 client secret
1950 properties:
1951 name:
1952 type: string
1953 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1954 key:
1955 type: string
1956 description: The key of the secret to select from. Must be a valid secret key.
1957 optional:
1958 type: boolean
1959 description: Specify whether the Secret or its key must be defined
1960 required:
1961 - key
1962 x-kubernetes-map-type: atomic
1963 endpointParams:
1964 type: object
1965 additionalProperties:
1966 type: string
1967 description: Parameters to append to the token URL
1968 scopes:
1969 type: array
1970 description: OAuth2 scopes used for the token request
1971 items:
1972 type: string
1973 tokenUrl:
1974 type: string
1975 description: The URL to fetch the token from
1976 minLength: 1
1977 required:
1978 - clientId
1979 - clientSecret
1980 - tokenUrl
1981 proxyURL:
1982 type: string
1983 description: Optional proxy URL.
1984 tlsConfig:
1985 type: object
1986 description: TLS configuration for the client.
1987 properties:
1988 ca:
1989 type: object
1990 description: Struct containing the CA cert to use for the targets.
1991 properties:
1992 configMap:
1993 type: object
1994 description: ConfigMap containing data to use for the targets.
1995 properties:
1996 name:
1997 type: string
1998 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1999 key:
2000 type: string
2001 description: The key to select.
2002 optional:
2003 type: boolean
2004 description: Specify whether the ConfigMap or its key must be defined
2005 required:
2006 - key
2007 x-kubernetes-map-type: atomic
2008 secret:
2009 type: object
2010 description: Secret containing data to use for the targets.
2011 properties:
2012 name:
2013 type: string
2014 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2015 key:
2016 type: string
2017 description: The key of the secret to select from. Must be a valid secret key.
2018 optional:
2019 type: boolean
2020 description: Specify whether the Secret or its key must be defined
2021 required:
2022 - key
2023 x-kubernetes-map-type: atomic
2024 cert:
2025 type: object
2026 description: Struct containing the client cert file for the targets.
2027 properties:
2028 configMap:
2029 type: object
2030 description: ConfigMap containing data to use for the targets.
2031 properties:
2032 name:
2033 type: string
2034 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2035 key:
2036 type: string
2037 description: The key to select.
2038 optional:
2039 type: boolean
2040 description: Specify whether the ConfigMap or its key must be defined
2041 required:
2042 - key
2043 x-kubernetes-map-type: atomic
2044 secret:
2045 type: object
2046 description: Secret containing data to use for the targets.
2047 properties:
2048 name:
2049 type: string
2050 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2051 key:
2052 type: string
2053 description: The key of the secret to select from. Must be a valid secret key.
2054 optional:
2055 type: boolean
2056 description: Specify whether the Secret or its key must be defined
2057 required:
2058 - key
2059 x-kubernetes-map-type: atomic
2060 insecureSkipVerify:
2061 type: boolean
2062 description: Disable target certificate validation.
2063 keySecret:
2064 type: object
2065 description: Secret containing the client key file for the targets.
2066 properties:
2067 name:
2068 type: string
2069 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2070 key:
2071 type: string
2072 description: The key of the secret to select from. Must be a valid secret key.
2073 optional:
2074 type: boolean
2075 description: Specify whether the Secret or its key must be defined
2076 required:
2077 - key
2078 x-kubernetes-map-type: atomic
2079 serverName:
2080 type: string
2081 description: Used to verify the hostname for the targets.
2082 message:
2083 type: string
2084 description: The message content of the SNS notification.
2085 phoneNumber:
2086 type: string
2087 description: Phone number if message is delivered via SMS in E.164 format. If you don't specify this value, you must specify a value for the TopicARN or TargetARN.
2088 sendResolved:
2089 type: boolean
2090 description: Whether or not to notify about resolved alerts.
2091 sigv4:
2092 type: object
2093 description: Configures AWS's Signature Verification 4 signing process to sign requests.
2094 properties:
2095 accessKey:
2096 type: object
2097 description: AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used.
2098 properties:
2099 name:
2100 type: string
2101 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2102 key:
2103 type: string
2104 description: The key of the secret to select from. Must be a valid secret key.
2105 optional:
2106 type: boolean
2107 description: Specify whether the Secret or its key must be defined
2108 required:
2109 - key
2110 x-kubernetes-map-type: atomic
2111 profile:
2112 type: string
2113 description: Profile is the named AWS profile used to authenticate.
2114 region:
2115 type: string
2116 description: Region is the AWS region. If blank, the region from the default credentials chain used.
2117 roleArn:
2118 type: string
2119 description: RoleArn is the named AWS profile used to authenticate.
2120 secretKey:
2121 type: object
2122 description: SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
2123 properties:
2124 name:
2125 type: string
2126 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2127 key:
2128 type: string
2129 description: The key of the secret to select from. Must be a valid secret key.
2130 optional:
2131 type: boolean
2132 description: Specify whether the Secret or its key must be defined
2133 required:
2134 - key
2135 x-kubernetes-map-type: atomic
2136 subject:
2137 type: string
2138 description: Subject line when the message is delivered to email endpoints.
2139 targetARN:
2140 type: string
2141 description: The mobile platform endpoint ARN if message is delivered via mobile notifications. If you don't specify this value, you must specify a value for the topic_arn or PhoneNumber.
2142 topicARN:
2143 type: string
2144 description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic If you don't specify this value, you must specify a value for the PhoneNumber or TargetARN.
2145 telegramConfigs:
2146 type: array
2147 description: List of Telegram configurations.
2148 items:
2149 type: object
2150 description: TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config
2151 properties:
2152 apiURL:
2153 type: string
2154 description: The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used.
2155 botToken:
2156 type: object
2157 description: Telegram bot token The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
2158 properties:
2159 name:
2160 type: string
2161 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2162 key:
2163 type: string
2164 description: The key of the secret to select from. Must be a valid secret key.
2165 optional:
2166 type: boolean
2167 description: Specify whether the Secret or its key must be defined
2168 required:
2169 - key
2170 chatID:
2171 type: integer
2172 description: The Telegram chat ID.
2173 format: int64
2174 disableNotifications:
2175 type: boolean
2176 description: Disable telegram notifications
2177 httpConfig:
2178 type: object
2179 description: HTTP client configuration.
2180 properties:
2181 authorization:
2182 type: object
2183 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
2184 properties:
2185 type:
2186 type: string
2187 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
2188 credentials:
2189 type: object
2190 description: The secret's key that contains the credentials of the request
2191 properties:
2192 name:
2193 type: string
2194 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2195 key:
2196 type: string
2197 description: The key of the secret to select from. Must be a valid secret key.
2198 optional:
2199 type: boolean
2200 description: Specify whether the Secret or its key must be defined
2201 required:
2202 - key
2203 x-kubernetes-map-type: atomic
2204 basicAuth:
2205 type: object
2206 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
2207 properties:
2208 password:
2209 type: object
2210 description: The secret in the service monitor namespace that contains the password for authentication.
2211 properties:
2212 name:
2213 type: string
2214 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2215 key:
2216 type: string
2217 description: The key of the secret to select from. Must be a valid secret key.
2218 optional:
2219 type: boolean
2220 description: Specify whether the Secret or its key must be defined
2221 required:
2222 - key
2223 x-kubernetes-map-type: atomic
2224 username:
2225 type: object
2226 description: The secret in the service monitor namespace that contains the username for authentication.
2227 properties:
2228 name:
2229 type: string
2230 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2231 key:
2232 type: string
2233 description: The key of the secret to select from. Must be a valid secret key.
2234 optional:
2235 type: boolean
2236 description: Specify whether the Secret or its key must be defined
2237 required:
2238 - key
2239 x-kubernetes-map-type: atomic
2240 bearerTokenSecret:
2241 type: object
2242 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
2243 properties:
2244 name:
2245 type: string
2246 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2247 key:
2248 type: string
2249 description: The key of the secret to select from. Must be a valid secret key.
2250 optional:
2251 type: boolean
2252 description: Specify whether the Secret or its key must be defined
2253 required:
2254 - key
2255 followRedirects:
2256 type: boolean
2257 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
2258 oauth2:
2259 type: object
2260 description: OAuth2 client credentials used to fetch a token for the targets.
2261 properties:
2262 clientId:
2263 type: object
2264 description: The secret or configmap containing the OAuth2 client id
2265 properties:
2266 configMap:
2267 type: object
2268 description: ConfigMap containing data to use for the targets.
2269 properties:
2270 name:
2271 type: string
2272 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2273 key:
2274 type: string
2275 description: The key to select.
2276 optional:
2277 type: boolean
2278 description: Specify whether the ConfigMap or its key must be defined
2279 required:
2280 - key
2281 x-kubernetes-map-type: atomic
2282 secret:
2283 type: object
2284 description: Secret containing data to use for the targets.
2285 properties:
2286 name:
2287 type: string
2288 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2289 key:
2290 type: string
2291 description: The key of the secret to select from. Must be a valid secret key.
2292 optional:
2293 type: boolean
2294 description: Specify whether the Secret or its key must be defined
2295 required:
2296 - key
2297 x-kubernetes-map-type: atomic
2298 clientSecret:
2299 type: object
2300 description: The secret containing the OAuth2 client secret
2301 properties:
2302 name:
2303 type: string
2304 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2305 key:
2306 type: string
2307 description: The key of the secret to select from. Must be a valid secret key.
2308 optional:
2309 type: boolean
2310 description: Specify whether the Secret or its key must be defined
2311 required:
2312 - key
2313 x-kubernetes-map-type: atomic
2314 endpointParams:
2315 type: object
2316 additionalProperties:
2317 type: string
2318 description: Parameters to append to the token URL
2319 scopes:
2320 type: array
2321 description: OAuth2 scopes used for the token request
2322 items:
2323 type: string
2324 tokenUrl:
2325 type: string
2326 description: The URL to fetch the token from
2327 minLength: 1
2328 required:
2329 - clientId
2330 - clientSecret
2331 - tokenUrl
2332 proxyURL:
2333 type: string
2334 description: Optional proxy URL.
2335 tlsConfig:
2336 type: object
2337 description: TLS configuration for the client.
2338 properties:
2339 ca:
2340 type: object
2341 description: Struct containing the CA cert to use for the targets.
2342 properties:
2343 configMap:
2344 type: object
2345 description: ConfigMap containing data to use for the targets.
2346 properties:
2347 name:
2348 type: string
2349 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2350 key:
2351 type: string
2352 description: The key to select.
2353 optional:
2354 type: boolean
2355 description: Specify whether the ConfigMap or its key must be defined
2356 required:
2357 - key
2358 x-kubernetes-map-type: atomic
2359 secret:
2360 type: object
2361 description: Secret containing data to use for the targets.
2362 properties:
2363 name:
2364 type: string
2365 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2366 key:
2367 type: string
2368 description: The key of the secret to select from. Must be a valid secret key.
2369 optional:
2370 type: boolean
2371 description: Specify whether the Secret or its key must be defined
2372 required:
2373 - key
2374 x-kubernetes-map-type: atomic
2375 cert:
2376 type: object
2377 description: Struct containing the client cert file for the targets.
2378 properties:
2379 configMap:
2380 type: object
2381 description: ConfigMap containing data to use for the targets.
2382 properties:
2383 name:
2384 type: string
2385 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2386 key:
2387 type: string
2388 description: The key to select.
2389 optional:
2390 type: boolean
2391 description: Specify whether the ConfigMap or its key must be defined
2392 required:
2393 - key
2394 x-kubernetes-map-type: atomic
2395 secret:
2396 type: object
2397 description: Secret containing data to use for the targets.
2398 properties:
2399 name:
2400 type: string
2401 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2402 key:
2403 type: string
2404 description: The key of the secret to select from. Must be a valid secret key.
2405 optional:
2406 type: boolean
2407 description: Specify whether the Secret or its key must be defined
2408 required:
2409 - key
2410 x-kubernetes-map-type: atomic
2411 insecureSkipVerify:
2412 type: boolean
2413 description: Disable target certificate validation.
2414 keySecret:
2415 type: object
2416 description: Secret containing the client key file for the targets.
2417 properties:
2418 name:
2419 type: string
2420 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2421 key:
2422 type: string
2423 description: The key of the secret to select from. Must be a valid secret key.
2424 optional:
2425 type: boolean
2426 description: Specify whether the Secret or its key must be defined
2427 required:
2428 - key
2429 x-kubernetes-map-type: atomic
2430 serverName:
2431 type: string
2432 description: Used to verify the hostname for the targets.
2433 message:
2434 type: string
2435 description: Message template
2436 parseMode:
2437 type: string
2438 description: Parse mode for telegram message
2439 enum:
2440 - MarkdownV2
2441 - Markdown
2442 - HTML
2443 sendResolved:
2444 type: boolean
2445 description: Whether to notify about resolved alerts.
2446 victoropsConfigs:
2447 type: array
2448 description: List of VictorOps configurations.
2449 items:
2450 type: object
2451 description: VictorOpsConfig configures notifications via VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config
2452 properties:
2453 apiKey:
2454 type: object
2455 description: The secret's key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
2456 properties:
2457 name:
2458 type: string
2459 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2460 key:
2461 type: string
2462 description: The key of the secret to select from. Must be a valid secret key.
2463 optional:
2464 type: boolean
2465 description: Specify whether the Secret or its key must be defined
2466 required:
2467 - key
2468 apiUrl:
2469 type: string
2470 description: The VictorOps API URL.
2471 customFields:
2472 type: array
2473 description: Additional custom fields for notification.
2474 items:
2475 type: object
2476 description: KeyValue defines a (key, value) tuple.
2477 properties:
2478 value:
2479 type: string
2480 description: Value of the tuple.
2481 key:
2482 type: string
2483 description: Key of the tuple.
2484 minLength: 1
2485 required:
2486 - key
2487 - value
2488 entityDisplayName:
2489 type: string
2490 description: Contains summary of the alerted problem.
2491 httpConfig:
2492 type: object
2493 description: The HTTP client's configuration.
2494 properties:
2495 authorization:
2496 type: object
2497 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
2498 properties:
2499 type:
2500 type: string
2501 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
2502 credentials:
2503 type: object
2504 description: The secret's key that contains the credentials of the request
2505 properties:
2506 name:
2507 type: string
2508 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2509 key:
2510 type: string
2511 description: The key of the secret to select from. Must be a valid secret key.
2512 optional:
2513 type: boolean
2514 description: Specify whether the Secret or its key must be defined
2515 required:
2516 - key
2517 x-kubernetes-map-type: atomic
2518 basicAuth:
2519 type: object
2520 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
2521 properties:
2522 password:
2523 type: object
2524 description: The secret in the service monitor namespace that contains the password for authentication.
2525 properties:
2526 name:
2527 type: string
2528 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2529 key:
2530 type: string
2531 description: The key of the secret to select from. Must be a valid secret key.
2532 optional:
2533 type: boolean
2534 description: Specify whether the Secret or its key must be defined
2535 required:
2536 - key
2537 x-kubernetes-map-type: atomic
2538 username:
2539 type: object
2540 description: The secret in the service monitor namespace that contains the username for authentication.
2541 properties:
2542 name:
2543 type: string
2544 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2545 key:
2546 type: string
2547 description: The key of the secret to select from. Must be a valid secret key.
2548 optional:
2549 type: boolean
2550 description: Specify whether the Secret or its key must be defined
2551 required:
2552 - key
2553 x-kubernetes-map-type: atomic
2554 bearerTokenSecret:
2555 type: object
2556 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
2557 properties:
2558 name:
2559 type: string
2560 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2561 key:
2562 type: string
2563 description: The key of the secret to select from. Must be a valid secret key.
2564 optional:
2565 type: boolean
2566 description: Specify whether the Secret or its key must be defined
2567 required:
2568 - key
2569 followRedirects:
2570 type: boolean
2571 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
2572 oauth2:
2573 type: object
2574 description: OAuth2 client credentials used to fetch a token for the targets.
2575 properties:
2576 clientId:
2577 type: object
2578 description: The secret or configmap containing the OAuth2 client id
2579 properties:
2580 configMap:
2581 type: object
2582 description: ConfigMap containing data to use for the targets.
2583 properties:
2584 name:
2585 type: string
2586 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2587 key:
2588 type: string
2589 description: The key to select.
2590 optional:
2591 type: boolean
2592 description: Specify whether the ConfigMap or its key must be defined
2593 required:
2594 - key
2595 x-kubernetes-map-type: atomic
2596 secret:
2597 type: object
2598 description: Secret containing data to use for the targets.
2599 properties:
2600 name:
2601 type: string
2602 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2603 key:
2604 type: string
2605 description: The key of the secret to select from. Must be a valid secret key.
2606 optional:
2607 type: boolean
2608 description: Specify whether the Secret or its key must be defined
2609 required:
2610 - key
2611 x-kubernetes-map-type: atomic
2612 clientSecret:
2613 type: object
2614 description: The secret containing the OAuth2 client secret
2615 properties:
2616 name:
2617 type: string
2618 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2619 key:
2620 type: string
2621 description: The key of the secret to select from. Must be a valid secret key.
2622 optional:
2623 type: boolean
2624 description: Specify whether the Secret or its key must be defined
2625 required:
2626 - key
2627 x-kubernetes-map-type: atomic
2628 endpointParams:
2629 type: object
2630 additionalProperties:
2631 type: string
2632 description: Parameters to append to the token URL
2633 scopes:
2634 type: array
2635 description: OAuth2 scopes used for the token request
2636 items:
2637 type: string
2638 tokenUrl:
2639 type: string
2640 description: The URL to fetch the token from
2641 minLength: 1
2642 required:
2643 - clientId
2644 - clientSecret
2645 - tokenUrl
2646 proxyURL:
2647 type: string
2648 description: Optional proxy URL.
2649 tlsConfig:
2650 type: object
2651 description: TLS configuration for the client.
2652 properties:
2653 ca:
2654 type: object
2655 description: Struct containing the CA cert to use for the targets.
2656 properties:
2657 configMap:
2658 type: object
2659 description: ConfigMap containing data to use for the targets.
2660 properties:
2661 name:
2662 type: string
2663 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2664 key:
2665 type: string
2666 description: The key to select.
2667 optional:
2668 type: boolean
2669 description: Specify whether the ConfigMap or its key must be defined
2670 required:
2671 - key
2672 x-kubernetes-map-type: atomic
2673 secret:
2674 type: object
2675 description: Secret containing data to use for the targets.
2676 properties:
2677 name:
2678 type: string
2679 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2680 key:
2681 type: string
2682 description: The key of the secret to select from. Must be a valid secret key.
2683 optional:
2684 type: boolean
2685 description: Specify whether the Secret or its key must be defined
2686 required:
2687 - key
2688 x-kubernetes-map-type: atomic
2689 cert:
2690 type: object
2691 description: Struct containing the client cert file for the targets.
2692 properties:
2693 configMap:
2694 type: object
2695 description: ConfigMap containing data to use for the targets.
2696 properties:
2697 name:
2698 type: string
2699 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2700 key:
2701 type: string
2702 description: The key to select.
2703 optional:
2704 type: boolean
2705 description: Specify whether the ConfigMap or its key must be defined
2706 required:
2707 - key
2708 x-kubernetes-map-type: atomic
2709 secret:
2710 type: object
2711 description: Secret containing data to use for the targets.
2712 properties:
2713 name:
2714 type: string
2715 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2716 key:
2717 type: string
2718 description: The key of the secret to select from. Must be a valid secret key.
2719 optional:
2720 type: boolean
2721 description: Specify whether the Secret or its key must be defined
2722 required:
2723 - key
2724 x-kubernetes-map-type: atomic
2725 insecureSkipVerify:
2726 type: boolean
2727 description: Disable target certificate validation.
2728 keySecret:
2729 type: object
2730 description: Secret containing the client key file for the targets.
2731 properties:
2732 name:
2733 type: string
2734 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2735 key:
2736 type: string
2737 description: The key of the secret to select from. Must be a valid secret key.
2738 optional:
2739 type: boolean
2740 description: Specify whether the Secret or its key must be defined
2741 required:
2742 - key
2743 x-kubernetes-map-type: atomic
2744 serverName:
2745 type: string
2746 description: Used to verify the hostname for the targets.
2747 messageType:
2748 type: string
2749 description: Describes the behavior of the alert (CRITICAL, WARNING, INFO).
2750 monitoringTool:
2751 type: string
2752 description: The monitoring tool the state message is from.
2753 routingKey:
2754 type: string
2755 description: A key used to map the alert to a team.
2756 sendResolved:
2757 type: boolean
2758 description: Whether or not to notify about resolved alerts.
2759 stateMessage:
2760 type: string
2761 description: Contains long explanation of the alerted problem.
2762 webhookConfigs:
2763 type: array
2764 description: List of webhook configurations.
2765 items:
2766 type: object
2767 description: WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config
2768 properties:
2769 httpConfig:
2770 type: object
2771 description: HTTP client configuration.
2772 properties:
2773 authorization:
2774 type: object
2775 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
2776 properties:
2777 type:
2778 type: string
2779 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
2780 credentials:
2781 type: object
2782 description: The secret's key that contains the credentials of the request
2783 properties:
2784 name:
2785 type: string
2786 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2787 key:
2788 type: string
2789 description: The key of the secret to select from. Must be a valid secret key.
2790 optional:
2791 type: boolean
2792 description: Specify whether the Secret or its key must be defined
2793 required:
2794 - key
2795 x-kubernetes-map-type: atomic
2796 basicAuth:
2797 type: object
2798 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
2799 properties:
2800 password:
2801 type: object
2802 description: The secret in the service monitor namespace that contains the password for authentication.
2803 properties:
2804 name:
2805 type: string
2806 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2807 key:
2808 type: string
2809 description: The key of the secret to select from. Must be a valid secret key.
2810 optional:
2811 type: boolean
2812 description: Specify whether the Secret or its key must be defined
2813 required:
2814 - key
2815 x-kubernetes-map-type: atomic
2816 username:
2817 type: object
2818 description: The secret in the service monitor namespace that contains the username for authentication.
2819 properties:
2820 name:
2821 type: string
2822 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2823 key:
2824 type: string
2825 description: The key of the secret to select from. Must be a valid secret key.
2826 optional:
2827 type: boolean
2828 description: Specify whether the Secret or its key must be defined
2829 required:
2830 - key
2831 x-kubernetes-map-type: atomic
2832 bearerTokenSecret:
2833 type: object
2834 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
2835 properties:
2836 name:
2837 type: string
2838 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2839 key:
2840 type: string
2841 description: The key of the secret to select from. Must be a valid secret key.
2842 optional:
2843 type: boolean
2844 description: Specify whether the Secret or its key must be defined
2845 required:
2846 - key
2847 followRedirects:
2848 type: boolean
2849 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
2850 oauth2:
2851 type: object
2852 description: OAuth2 client credentials used to fetch a token for the targets.
2853 properties:
2854 clientId:
2855 type: object
2856 description: The secret or configmap containing the OAuth2 client id
2857 properties:
2858 configMap:
2859 type: object
2860 description: ConfigMap containing data to use for the targets.
2861 properties:
2862 name:
2863 type: string
2864 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2865 key:
2866 type: string
2867 description: The key to select.
2868 optional:
2869 type: boolean
2870 description: Specify whether the ConfigMap or its key must be defined
2871 required:
2872 - key
2873 x-kubernetes-map-type: atomic
2874 secret:
2875 type: object
2876 description: Secret containing data to use for the targets.
2877 properties:
2878 name:
2879 type: string
2880 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2881 key:
2882 type: string
2883 description: The key of the secret to select from. Must be a valid secret key.
2884 optional:
2885 type: boolean
2886 description: Specify whether the Secret or its key must be defined
2887 required:
2888 - key
2889 x-kubernetes-map-type: atomic
2890 clientSecret:
2891 type: object
2892 description: The secret containing the OAuth2 client secret
2893 properties:
2894 name:
2895 type: string
2896 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2897 key:
2898 type: string
2899 description: The key of the secret to select from. Must be a valid secret key.
2900 optional:
2901 type: boolean
2902 description: Specify whether the Secret or its key must be defined
2903 required:
2904 - key
2905 x-kubernetes-map-type: atomic
2906 endpointParams:
2907 type: object
2908 additionalProperties:
2909 type: string
2910 description: Parameters to append to the token URL
2911 scopes:
2912 type: array
2913 description: OAuth2 scopes used for the token request
2914 items:
2915 type: string
2916 tokenUrl:
2917 type: string
2918 description: The URL to fetch the token from
2919 minLength: 1
2920 required:
2921 - clientId
2922 - clientSecret
2923 - tokenUrl
2924 proxyURL:
2925 type: string
2926 description: Optional proxy URL.
2927 tlsConfig:
2928 type: object
2929 description: TLS configuration for the client.
2930 properties:
2931 ca:
2932 type: object
2933 description: Struct containing the CA cert to use for the targets.
2934 properties:
2935 configMap:
2936 type: object
2937 description: ConfigMap containing data to use for the targets.
2938 properties:
2939 name:
2940 type: string
2941 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2942 key:
2943 type: string
2944 description: The key to select.
2945 optional:
2946 type: boolean
2947 description: Specify whether the ConfigMap or its key must be defined
2948 required:
2949 - key
2950 x-kubernetes-map-type: atomic
2951 secret:
2952 type: object
2953 description: Secret containing data to use for the targets.
2954 properties:
2955 name:
2956 type: string
2957 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2958 key:
2959 type: string
2960 description: The key of the secret to select from. Must be a valid secret key.
2961 optional:
2962 type: boolean
2963 description: Specify whether the Secret or its key must be defined
2964 required:
2965 - key
2966 x-kubernetes-map-type: atomic
2967 cert:
2968 type: object
2969 description: Struct containing the client cert file for the targets.
2970 properties:
2971 configMap:
2972 type: object
2973 description: ConfigMap containing data to use for the targets.
2974 properties:
2975 name:
2976 type: string
2977 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2978 key:
2979 type: string
2980 description: The key to select.
2981 optional:
2982 type: boolean
2983 description: Specify whether the ConfigMap or its key must be defined
2984 required:
2985 - key
2986 x-kubernetes-map-type: atomic
2987 secret:
2988 type: object
2989 description: Secret containing data to use for the targets.
2990 properties:
2991 name:
2992 type: string
2993 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
2994 key:
2995 type: string
2996 description: The key of the secret to select from. Must be a valid secret key.
2997 optional:
2998 type: boolean
2999 description: Specify whether the Secret or its key must be defined
3000 required:
3001 - key
3002 x-kubernetes-map-type: atomic
3003 insecureSkipVerify:
3004 type: boolean
3005 description: Disable target certificate validation.
3006 keySecret:
3007 type: object
3008 description: Secret containing the client key file for the targets.
3009 properties:
3010 name:
3011 type: string
3012 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3013 key:
3014 type: string
3015 description: The key of the secret to select from. Must be a valid secret key.
3016 optional:
3017 type: boolean
3018 description: Specify whether the Secret or its key must be defined
3019 required:
3020 - key
3021 x-kubernetes-map-type: atomic
3022 serverName:
3023 type: string
3024 description: Used to verify the hostname for the targets.
3025 maxAlerts:
3026 type: integer
3027 description: Maximum number of alerts to be sent per webhook message. When 0, all alerts are included.
3028 format: int32
3029 minimum: 0
3030 sendResolved:
3031 type: boolean
3032 description: Whether or not to notify about resolved alerts.
3033 url:
3034 type: string
3035 description: The URL to send HTTP POST requests to. `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` should be defined.
3036 urlSecret:
3037 type: object
3038 description: The secret's key that contains the webhook URL to send HTTP requests to. `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` should be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
3039 properties:
3040 name:
3041 type: string
3042 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3043 key:
3044 type: string
3045 description: The key of the secret to select from. Must be a valid secret key.
3046 optional:
3047 type: boolean
3048 description: Specify whether the Secret or its key must be defined
3049 required:
3050 - key
3051 wechatConfigs:
3052 type: array
3053 description: List of WeChat configurations.
3054 items:
3055 type: object
3056 description: WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config
3057 properties:
3058 agentID:
3059 type: string
3060 apiSecret:
3061 type: object
3062 description: The secret's key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
3063 properties:
3064 name:
3065 type: string
3066 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3067 key:
3068 type: string
3069 description: The key of the secret to select from. Must be a valid secret key.
3070 optional:
3071 type: boolean
3072 description: Specify whether the Secret or its key must be defined
3073 required:
3074 - key
3075 apiURL:
3076 type: string
3077 description: The WeChat API URL.
3078 corpID:
3079 type: string
3080 description: The corp id for authentication.
3081 httpConfig:
3082 type: object
3083 description: HTTP client configuration.
3084 properties:
3085 authorization:
3086 type: object
3087 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
3088 properties:
3089 type:
3090 type: string
3091 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
3092 credentials:
3093 type: object
3094 description: The secret's key that contains the credentials of the request
3095 properties:
3096 name:
3097 type: string
3098 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3099 key:
3100 type: string
3101 description: The key of the secret to select from. Must be a valid secret key.
3102 optional:
3103 type: boolean
3104 description: Specify whether the Secret or its key must be defined
3105 required:
3106 - key
3107 x-kubernetes-map-type: atomic
3108 basicAuth:
3109 type: object
3110 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
3111 properties:
3112 password:
3113 type: object
3114 description: The secret in the service monitor namespace that contains the password for authentication.
3115 properties:
3116 name:
3117 type: string
3118 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3119 key:
3120 type: string
3121 description: The key of the secret to select from. Must be a valid secret key.
3122 optional:
3123 type: boolean
3124 description: Specify whether the Secret or its key must be defined
3125 required:
3126 - key
3127 x-kubernetes-map-type: atomic
3128 username:
3129 type: object
3130 description: The secret in the service monitor namespace that contains the username for authentication.
3131 properties:
3132 name:
3133 type: string
3134 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3135 key:
3136 type: string
3137 description: The key of the secret to select from. Must be a valid secret key.
3138 optional:
3139 type: boolean
3140 description: Specify whether the Secret or its key must be defined
3141 required:
3142 - key
3143 x-kubernetes-map-type: atomic
3144 bearerTokenSecret:
3145 type: object
3146 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
3147 properties:
3148 name:
3149 type: string
3150 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3151 key:
3152 type: string
3153 description: The key of the secret to select from. Must be a valid secret key.
3154 optional:
3155 type: boolean
3156 description: Specify whether the Secret or its key must be defined
3157 required:
3158 - key
3159 followRedirects:
3160 type: boolean
3161 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
3162 oauth2:
3163 type: object
3164 description: OAuth2 client credentials used to fetch a token for the targets.
3165 properties:
3166 clientId:
3167 type: object
3168 description: The secret or configmap containing the OAuth2 client id
3169 properties:
3170 configMap:
3171 type: object
3172 description: ConfigMap containing data to use for the targets.
3173 properties:
3174 name:
3175 type: string
3176 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3177 key:
3178 type: string
3179 description: The key to select.
3180 optional:
3181 type: boolean
3182 description: Specify whether the ConfigMap or its key must be defined
3183 required:
3184 - key
3185 x-kubernetes-map-type: atomic
3186 secret:
3187 type: object
3188 description: Secret containing data to use for the targets.
3189 properties:
3190 name:
3191 type: string
3192 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3193 key:
3194 type: string
3195 description: The key of the secret to select from. Must be a valid secret key.
3196 optional:
3197 type: boolean
3198 description: Specify whether the Secret or its key must be defined
3199 required:
3200 - key
3201 x-kubernetes-map-type: atomic
3202 clientSecret:
3203 type: object
3204 description: The secret containing the OAuth2 client secret
3205 properties:
3206 name:
3207 type: string
3208 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3209 key:
3210 type: string
3211 description: The key of the secret to select from. Must be a valid secret key.
3212 optional:
3213 type: boolean
3214 description: Specify whether the Secret or its key must be defined
3215 required:
3216 - key
3217 x-kubernetes-map-type: atomic
3218 endpointParams:
3219 type: object
3220 additionalProperties:
3221 type: string
3222 description: Parameters to append to the token URL
3223 scopes:
3224 type: array
3225 description: OAuth2 scopes used for the token request
3226 items:
3227 type: string
3228 tokenUrl:
3229 type: string
3230 description: The URL to fetch the token from
3231 minLength: 1
3232 required:
3233 - clientId
3234 - clientSecret
3235 - tokenUrl
3236 proxyURL:
3237 type: string
3238 description: Optional proxy URL.
3239 tlsConfig:
3240 type: object
3241 description: TLS configuration for the client.
3242 properties:
3243 ca:
3244 type: object
3245 description: Struct containing the CA cert to use for the targets.
3246 properties:
3247 configMap:
3248 type: object
3249 description: ConfigMap containing data to use for the targets.
3250 properties:
3251 name:
3252 type: string
3253 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3254 key:
3255 type: string
3256 description: The key to select.
3257 optional:
3258 type: boolean
3259 description: Specify whether the ConfigMap or its key must be defined
3260 required:
3261 - key
3262 x-kubernetes-map-type: atomic
3263 secret:
3264 type: object
3265 description: Secret containing data to use for the targets.
3266 properties:
3267 name:
3268 type: string
3269 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3270 key:
3271 type: string
3272 description: The key of the secret to select from. Must be a valid secret key.
3273 optional:
3274 type: boolean
3275 description: Specify whether the Secret or its key must be defined
3276 required:
3277 - key
3278 x-kubernetes-map-type: atomic
3279 cert:
3280 type: object
3281 description: Struct containing the client cert file for the targets.
3282 properties:
3283 configMap:
3284 type: object
3285 description: ConfigMap containing data to use for the targets.
3286 properties:
3287 name:
3288 type: string
3289 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3290 key:
3291 type: string
3292 description: The key to select.
3293 optional:
3294 type: boolean
3295 description: Specify whether the ConfigMap or its key must be defined
3296 required:
3297 - key
3298 x-kubernetes-map-type: atomic
3299 secret:
3300 type: object
3301 description: Secret containing data to use for the targets.
3302 properties:
3303 name:
3304 type: string
3305 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3306 key:
3307 type: string
3308 description: The key of the secret to select from. Must be a valid secret key.
3309 optional:
3310 type: boolean
3311 description: Specify whether the Secret or its key must be defined
3312 required:
3313 - key
3314 x-kubernetes-map-type: atomic
3315 insecureSkipVerify:
3316 type: boolean
3317 description: Disable target certificate validation.
3318 keySecret:
3319 type: object
3320 description: Secret containing the client key file for the targets.
3321 properties:
3322 name:
3323 type: string
3324 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3325 key:
3326 type: string
3327 description: The key of the secret to select from. Must be a valid secret key.
3328 optional:
3329 type: boolean
3330 description: Specify whether the Secret or its key must be defined
3331 required:
3332 - key
3333 x-kubernetes-map-type: atomic
3334 serverName:
3335 type: string
3336 description: Used to verify the hostname for the targets.
3337 message:
3338 type: string
3339 description: API request data as defined by the WeChat API.
3340 messageType:
3341 type: string
3342 sendResolved:
3343 type: boolean
3344 description: Whether or not to notify about resolved alerts.
3345 toParty:
3346 type: string
3347 toTag:
3348 type: string
3349 toUser:
3350 type: string
3351 required:
3352 - name
3353 route:
3354 type: object
3355 description: The Alertmanager route definition for alerts matching the resource's namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route.
3356 properties:
3357 continue:
3358 type: boolean
3359 description: Boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator.
3360 groupBy:
3361 type: array
3362 description: List of labels to group by. Labels must not be repeated (unique list). Special label "..." (aggregate by all possible labels), if provided, must be the only element in the list.
3363 items:
3364 type: string
3365 groupInterval:
3366 type: string
3367 description: 'How long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "5m"'
3368 groupWait:
3369 type: string
3370 description: 'How long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "30s"'
3371 matchers:
3372 type: array
3373 description: 'List of matchers that the alert''s labels should match. For the first level route, the operator removes any existing equality and regexp matcher on the `namespace` label and adds a `namespace: <object namespace>` matcher.'
3374 items:
3375 type: object
3376 description: Matcher defines how to match on alert's labels.
3377 properties:
3378 name:
3379 type: string
3380 description: Label to match.
3381 minLength: 1
3382 value:
3383 type: string
3384 description: Label value to match.
3385 matchType:
3386 type: string
3387 description: Match operation available with AlertManager >= v0.22.0 and takes precedence over Regex (deprecated) if non-empty.
3388 enum:
3389 - '!='
3390 - =
3391 - =~
3392 - '!~'
3393 regex:
3394 type: boolean
3395 description: Whether to match on equality (false) or regular-expression (true). Deprecated as of AlertManager >= v0.22.0 where a user should use MatchType instead.
3396 required:
3397 - name
3398 muteTimeIntervals:
3399 type: array
3400 description: 'Note: this comment applies to the field definition above but appears below otherwise it gets included in the generated manifest. CRD schema doesn''t support self-referential types for now (see https://github.com/kubernetes/kubernetes/issues/62872). We have to use an alternative type to circumvent the limitation. The downside is that the Kube API can''t validate the data beyond the fact that it is a valid JSON representation. MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched,'
3401 items:
3402 type: string
3403 receiver:
3404 type: string
3405 description: Name of the receiver for this route. If not empty, it should be listed in the `receivers` field.
3406 repeatInterval:
3407 type: string
3408 description: 'How long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "4h"'
3409 routes:
3410 type: array
3411 description: Child routes.
3412 items:
3413 x-kubernetes-preserve-unknown-fields: true
3414 required:
3415 - spec
3416 served: true
3417 storage: true
3418---
3419apiVersion: apiextensions.k8s.io/v1
3420kind: CustomResourceDefinition
3421metadata:
3422 name: alertmanagers.monitoring.coreos.com
3423 labels:
3424 workload.edge.ncr.com: platform
3425 annotations:
3426 controller-gen.kubebuilder.io/version: v0.9.2
3427 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
3428 pallet.edge.ncr.com/name: prometheus-operator
3429 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
3430 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
3431 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
3432 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
3433spec:
3434 group: monitoring.coreos.com
3435 names:
3436 kind: Alertmanager
3437 categories:
3438 - prometheus-operator
3439 listKind: AlertmanagerList
3440 plural: alertmanagers
3441 shortNames:
3442 - am
3443 singular: alertmanager
3444 scope: Namespaced
3445 versions:
3446 - name: v1
3447 additionalPrinterColumns:
3448 - name: Version
3449 type: string
3450 description: The version of Alertmanager
3451 jsonPath: .spec.version
3452 - name: Replicas
3453 type: integer
3454 description: The number of desired replicas
3455 jsonPath: .spec.replicas
3456 - name: Age
3457 type: date
3458 jsonPath: .metadata.creationTimestamp
3459 - name: Paused
3460 type: boolean
3461 priority: 1
3462 description: Whether the resource reconciliation is paused or not
3463 jsonPath: .status.paused
3464 schema:
3465 openAPIV3Schema:
3466 type: object
3467 description: Alertmanager describes an Alertmanager cluster.
3468 properties:
3469 apiVersion:
3470 type: string
3471 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
3472 kind:
3473 type: string
3474 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
3475 metadata:
3476 type: object
3477 spec:
3478 type: object
3479 description: 'Specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
3480 properties:
3481 replicas:
3482 type: integer
3483 description: Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size.
3484 format: int32
3485 minReadySeconds:
3486 type: integer
3487 description: Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field and requires enabling StatefulSetMinReadySeconds feature gate.
3488 format: int32
3489 paused:
3490 type: boolean
3491 description: If set to true all actions on the underlying managed objects are not goint to be performed, except for delete actions.
3492 serviceAccountName:
3493 type: string
3494 description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
3495 priorityClassName:
3496 type: string
3497 description: Priority class assigned to the Pods
3498 nodeSelector:
3499 type: object
3500 additionalProperties:
3501 type: string
3502 description: Define which Nodes the Pods are scheduled on.
3503 hostAliases:
3504 type: array
3505 description: Pods' hostAliases configuration
3506 items:
3507 type: object
3508 description: HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
3509 properties:
3510 hostnames:
3511 type: array
3512 description: Hostnames for the above IP address.
3513 items:
3514 type: string
3515 ip:
3516 type: string
3517 description: IP address of the host file entry.
3518 required:
3519 - hostnames
3520 - ip
3521 x-kubernetes-list-map-keys:
3522 - ip
3523 x-kubernetes-list-type: map
3524 initContainers:
3525 type: array
3526 description: 'InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
3527 items:
3528 type: object
3529 description: A single application container that you want to run within a pod.
3530 properties:
3531 name:
3532 type: string
3533 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
3534 image:
3535 type: string
3536 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
3537 command:
3538 type: array
3539 description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
3540 items:
3541 type: string
3542 args:
3543 type: array
3544 description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
3545 items:
3546 type: string
3547 workingDir:
3548 type: string
3549 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
3550 ports:
3551 type: array
3552 description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
3553 items:
3554 type: object
3555 description: ContainerPort represents a network port in a single container.
3556 properties:
3557 name:
3558 type: string
3559 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
3560 protocol:
3561 type: string
3562 default: TCP
3563 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
3564 hostPort:
3565 type: integer
3566 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
3567 format: int32
3568 containerPort:
3569 type: integer
3570 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
3571 format: int32
3572 hostIP:
3573 type: string
3574 description: What host IP to bind the external port to.
3575 required:
3576 - containerPort
3577 x-kubernetes-list-map-keys:
3578 - containerPort
3579 - protocol
3580 x-kubernetes-list-type: map
3581 envFrom:
3582 type: array
3583 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
3584 items:
3585 type: object
3586 description: EnvFromSource represents the source of a set of ConfigMaps
3587 properties:
3588 prefix:
3589 type: string
3590 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
3591 configMapRef:
3592 type: object
3593 description: The ConfigMap to select from
3594 properties:
3595 name:
3596 type: string
3597 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3598 optional:
3599 type: boolean
3600 description: Specify whether the ConfigMap must be defined
3601 x-kubernetes-map-type: atomic
3602 secretRef:
3603 type: object
3604 description: The Secret to select from
3605 properties:
3606 name:
3607 type: string
3608 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3609 optional:
3610 type: boolean
3611 description: Specify whether the Secret must be defined
3612 x-kubernetes-map-type: atomic
3613 env:
3614 type: array
3615 description: List of environment variables to set in the container. Cannot be updated.
3616 items:
3617 type: object
3618 description: EnvVar represents an environment variable present in a Container.
3619 properties:
3620 name:
3621 type: string
3622 description: Name of the environment variable. Must be a C_IDENTIFIER.
3623 value:
3624 type: string
3625 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
3626 valueFrom:
3627 type: object
3628 description: Source for the environment variable's value. Cannot be used if value is not empty.
3629 properties:
3630 fieldRef:
3631 type: object
3632 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
3633 properties:
3634 apiVersion:
3635 type: string
3636 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
3637 fieldPath:
3638 type: string
3639 description: Path of the field to select in the specified API version.
3640 required:
3641 - fieldPath
3642 x-kubernetes-map-type: atomic
3643 resourceFieldRef:
3644 type: object
3645 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
3646 properties:
3647 containerName:
3648 type: string
3649 description: 'Container name: required for volumes, optional for env vars'
3650 divisor:
3651 anyOf:
3652 - type: integer
3653 - type: string
3654 description: Specifies the output format of the exposed resources, defaults to "1"
3655 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3656 x-kubernetes-int-or-string: true
3657 resource:
3658 type: string
3659 description: 'Required: resource to select'
3660 required:
3661 - resource
3662 x-kubernetes-map-type: atomic
3663 configMapKeyRef:
3664 type: object
3665 description: Selects a key of a ConfigMap.
3666 properties:
3667 name:
3668 type: string
3669 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3670 key:
3671 type: string
3672 description: The key to select.
3673 optional:
3674 type: boolean
3675 description: Specify whether the ConfigMap or its key must be defined
3676 required:
3677 - key
3678 x-kubernetes-map-type: atomic
3679 secretKeyRef:
3680 type: object
3681 description: Selects a key of a secret in the pod's namespace
3682 properties:
3683 name:
3684 type: string
3685 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
3686 key:
3687 type: string
3688 description: The key of the secret to select from. Must be a valid secret key.
3689 optional:
3690 type: boolean
3691 description: Specify whether the Secret or its key must be defined
3692 required:
3693 - key
3694 x-kubernetes-map-type: atomic
3695 required:
3696 - name
3697 resources:
3698 type: object
3699 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
3700 properties:
3701 limits:
3702 type: object
3703 additionalProperties:
3704 anyOf:
3705 - type: integer
3706 - type: string
3707 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3708 x-kubernetes-int-or-string: true
3709 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
3710 requests:
3711 type: object
3712 additionalProperties:
3713 anyOf:
3714 - type: integer
3715 - type: string
3716 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
3717 x-kubernetes-int-or-string: true
3718 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
3719 volumeMounts:
3720 type: array
3721 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
3722 items:
3723 type: object
3724 description: VolumeMount describes a mounting of a Volume within a container.
3725 properties:
3726 name:
3727 type: string
3728 description: This must match the Name of a Volume.
3729 readOnly:
3730 type: boolean
3731 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
3732 mountPath:
3733 type: string
3734 description: Path within the container at which the volume should be mounted. Must not contain ':'.
3735 subPath:
3736 type: string
3737 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
3738 subPathExpr:
3739 type: string
3740 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
3741 mountPropagation:
3742 type: string
3743 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
3744 required:
3745 - mountPath
3746 - name
3747 volumeDevices:
3748 type: array
3749 description: volumeDevices is the list of block devices to be used by the container.
3750 items:
3751 type: object
3752 description: volumeDevice describes a mapping of a raw block device within a container.
3753 properties:
3754 name:
3755 type: string
3756 description: name must match the name of a persistentVolumeClaim in the pod
3757 devicePath:
3758 type: string
3759 description: devicePath is the path inside of the container that the device will be mapped to.
3760 required:
3761 - devicePath
3762 - name
3763 livenessProbe:
3764 type: object
3765 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
3766 properties:
3767 terminationGracePeriodSeconds:
3768 type: integer
3769 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3770 format: int64
3771 exec:
3772 type: object
3773 description: Exec specifies the action to take.
3774 properties:
3775 command:
3776 type: array
3777 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3778 items:
3779 type: string
3780 failureThreshold:
3781 type: integer
3782 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
3783 format: int32
3784 grpc:
3785 type: object
3786 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
3787 properties:
3788 service:
3789 type: string
3790 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
3791 port:
3792 type: integer
3793 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
3794 format: int32
3795 required:
3796 - port
3797 httpGet:
3798 type: object
3799 description: HTTPGet specifies the http request to perform.
3800 properties:
3801 port:
3802 anyOf:
3803 - type: integer
3804 - type: string
3805 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
3806 x-kubernetes-int-or-string: true
3807 host:
3808 type: string
3809 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
3810 httpHeaders:
3811 type: array
3812 description: Custom headers to set in the request. HTTP allows repeated headers.
3813 items:
3814 type: object
3815 description: HTTPHeader describes a custom header to be used in HTTP probes
3816 properties:
3817 name:
3818 type: string
3819 description: The header field name
3820 value:
3821 type: string
3822 description: The header field value
3823 required:
3824 - name
3825 - value
3826 path:
3827 type: string
3828 description: Path to access on the HTTP server.
3829 scheme:
3830 type: string
3831 description: Scheme to use for connecting to the host. Defaults to HTTP.
3832 required:
3833 - port
3834 initialDelaySeconds:
3835 type: integer
3836 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
3837 format: int32
3838 periodSeconds:
3839 type: integer
3840 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
3841 format: int32
3842 successThreshold:
3843 type: integer
3844 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3845 format: int32
3846 tcpSocket:
3847 type: object
3848 description: TCPSocket specifies an action involving a TCP port.
3849 properties:
3850 port:
3851 anyOf:
3852 - type: integer
3853 - type: string
3854 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
3855 x-kubernetes-int-or-string: true
3856 host:
3857 type: string
3858 description: 'Optional: Host name to connect to, defaults to the pod IP.'
3859 required:
3860 - port
3861 timeoutSeconds:
3862 type: integer
3863 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
3864 format: int32
3865 readinessProbe:
3866 type: object
3867 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
3868 properties:
3869 terminationGracePeriodSeconds:
3870 type: integer
3871 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
3872 format: int64
3873 exec:
3874 type: object
3875 description: Exec specifies the action to take.
3876 properties:
3877 command:
3878 type: array
3879 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3880 items:
3881 type: string
3882 failureThreshold:
3883 type: integer
3884 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
3885 format: int32
3886 grpc:
3887 type: object
3888 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
3889 properties:
3890 service:
3891 type: string
3892 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
3893 port:
3894 type: integer
3895 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
3896 format: int32
3897 required:
3898 - port
3899 httpGet:
3900 type: object
3901 description: HTTPGet specifies the http request to perform.
3902 properties:
3903 port:
3904 anyOf:
3905 - type: integer
3906 - type: string
3907 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
3908 x-kubernetes-int-or-string: true
3909 host:
3910 type: string
3911 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
3912 httpHeaders:
3913 type: array
3914 description: Custom headers to set in the request. HTTP allows repeated headers.
3915 items:
3916 type: object
3917 description: HTTPHeader describes a custom header to be used in HTTP probes
3918 properties:
3919 name:
3920 type: string
3921 description: The header field name
3922 value:
3923 type: string
3924 description: The header field value
3925 required:
3926 - name
3927 - value
3928 path:
3929 type: string
3930 description: Path to access on the HTTP server.
3931 scheme:
3932 type: string
3933 description: Scheme to use for connecting to the host. Defaults to HTTP.
3934 required:
3935 - port
3936 initialDelaySeconds:
3937 type: integer
3938 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
3939 format: int32
3940 periodSeconds:
3941 type: integer
3942 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
3943 format: int32
3944 successThreshold:
3945 type: integer
3946 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
3947 format: int32
3948 tcpSocket:
3949 type: object
3950 description: TCPSocket specifies an action involving a TCP port.
3951 properties:
3952 port:
3953 anyOf:
3954 - type: integer
3955 - type: string
3956 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
3957 x-kubernetes-int-or-string: true
3958 host:
3959 type: string
3960 description: 'Optional: Host name to connect to, defaults to the pod IP.'
3961 required:
3962 - port
3963 timeoutSeconds:
3964 type: integer
3965 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
3966 format: int32
3967 lifecycle:
3968 type: object
3969 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated.
3970 properties:
3971 postStart:
3972 type: object
3973 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
3974 properties:
3975 exec:
3976 type: object
3977 description: Exec specifies the action to take.
3978 properties:
3979 command:
3980 type: array
3981 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
3982 items:
3983 type: string
3984 httpGet:
3985 type: object
3986 description: HTTPGet specifies the http request to perform.
3987 properties:
3988 port:
3989 anyOf:
3990 - type: integer
3991 - type: string
3992 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
3993 x-kubernetes-int-or-string: true
3994 host:
3995 type: string
3996 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
3997 httpHeaders:
3998 type: array
3999 description: Custom headers to set in the request. HTTP allows repeated headers.
4000 items:
4001 type: object
4002 description: HTTPHeader describes a custom header to be used in HTTP probes
4003 properties:
4004 name:
4005 type: string
4006 description: The header field name
4007 value:
4008 type: string
4009 description: The header field value
4010 required:
4011 - name
4012 - value
4013 path:
4014 type: string
4015 description: Path to access on the HTTP server.
4016 scheme:
4017 type: string
4018 description: Scheme to use for connecting to the host. Defaults to HTTP.
4019 required:
4020 - port
4021 tcpSocket:
4022 type: object
4023 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
4024 properties:
4025 port:
4026 anyOf:
4027 - type: integer
4028 - type: string
4029 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4030 x-kubernetes-int-or-string: true
4031 host:
4032 type: string
4033 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4034 required:
4035 - port
4036 preStop:
4037 type: object
4038 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod''s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
4039 properties:
4040 exec:
4041 type: object
4042 description: Exec specifies the action to take.
4043 properties:
4044 command:
4045 type: array
4046 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4047 items:
4048 type: string
4049 httpGet:
4050 type: object
4051 description: HTTPGet specifies the http request to perform.
4052 properties:
4053 port:
4054 anyOf:
4055 - type: integer
4056 - type: string
4057 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4058 x-kubernetes-int-or-string: true
4059 host:
4060 type: string
4061 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
4062 httpHeaders:
4063 type: array
4064 description: Custom headers to set in the request. HTTP allows repeated headers.
4065 items:
4066 type: object
4067 description: HTTPHeader describes a custom header to be used in HTTP probes
4068 properties:
4069 name:
4070 type: string
4071 description: The header field name
4072 value:
4073 type: string
4074 description: The header field value
4075 required:
4076 - name
4077 - value
4078 path:
4079 type: string
4080 description: Path to access on the HTTP server.
4081 scheme:
4082 type: string
4083 description: Scheme to use for connecting to the host. Defaults to HTTP.
4084 required:
4085 - port
4086 tcpSocket:
4087 type: object
4088 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
4089 properties:
4090 port:
4091 anyOf:
4092 - type: integer
4093 - type: string
4094 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4095 x-kubernetes-int-or-string: true
4096 host:
4097 type: string
4098 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4099 required:
4100 - port
4101 terminationMessagePath:
4102 type: string
4103 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
4104 terminationMessagePolicy:
4105 type: string
4106 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
4107 imagePullPolicy:
4108 type: string
4109 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
4110 securityContext:
4111 type: object
4112 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
4113 properties:
4114 allowPrivilegeEscalation:
4115 type: boolean
4116 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.'
4117 capabilities:
4118 type: object
4119 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
4120 properties:
4121 add:
4122 type: array
4123 description: Added capabilities
4124 items:
4125 type: string
4126 description: Capability represent POSIX capabilities type
4127 drop:
4128 type: array
4129 description: Removed capabilities
4130 items:
4131 type: string
4132 description: Capability represent POSIX capabilities type
4133 privileged:
4134 type: boolean
4135 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
4136 procMount:
4137 type: string
4138 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
4139 readOnlyRootFilesystem:
4140 type: boolean
4141 description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
4142 runAsGroup:
4143 type: integer
4144 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
4145 format: int64
4146 runAsNonRoot:
4147 type: boolean
4148 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
4149 runAsUser:
4150 type: integer
4151 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
4152 format: int64
4153 seLinuxOptions:
4154 type: object
4155 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
4156 properties:
4157 type:
4158 type: string
4159 description: Type is a SELinux type label that applies to the container.
4160 level:
4161 type: string
4162 description: Level is SELinux level label that applies to the container.
4163 role:
4164 type: string
4165 description: Role is a SELinux role label that applies to the container.
4166 user:
4167 type: string
4168 description: User is a SELinux user label that applies to the container.
4169 seccompProfile:
4170 type: object
4171 description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
4172 properties:
4173 type:
4174 type: string
4175 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
4176 localhostProfile:
4177 type: string
4178 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
4179 required:
4180 - type
4181 windowsOptions:
4182 type: object
4183 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
4184 properties:
4185 gmsaCredentialSpec:
4186 type: string
4187 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
4188 gmsaCredentialSpecName:
4189 type: string
4190 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
4191 hostProcess:
4192 type: boolean
4193 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
4194 runAsUserName:
4195 type: string
4196 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
4197 stdin:
4198 type: boolean
4199 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
4200 stdinOnce:
4201 type: boolean
4202 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
4203 tty:
4204 type: boolean
4205 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
4206 startupProbe:
4207 type: object
4208 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4209 properties:
4210 terminationGracePeriodSeconds:
4211 type: integer
4212 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4213 format: int64
4214 exec:
4215 type: object
4216 description: Exec specifies the action to take.
4217 properties:
4218 command:
4219 type: array
4220 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4221 items:
4222 type: string
4223 failureThreshold:
4224 type: integer
4225 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
4226 format: int32
4227 grpc:
4228 type: object
4229 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
4230 properties:
4231 service:
4232 type: string
4233 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
4234 port:
4235 type: integer
4236 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
4237 format: int32
4238 required:
4239 - port
4240 httpGet:
4241 type: object
4242 description: HTTPGet specifies the http request to perform.
4243 properties:
4244 port:
4245 anyOf:
4246 - type: integer
4247 - type: string
4248 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4249 x-kubernetes-int-or-string: true
4250 host:
4251 type: string
4252 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
4253 httpHeaders:
4254 type: array
4255 description: Custom headers to set in the request. HTTP allows repeated headers.
4256 items:
4257 type: object
4258 description: HTTPHeader describes a custom header to be used in HTTP probes
4259 properties:
4260 name:
4261 type: string
4262 description: The header field name
4263 value:
4264 type: string
4265 description: The header field value
4266 required:
4267 - name
4268 - value
4269 path:
4270 type: string
4271 description: Path to access on the HTTP server.
4272 scheme:
4273 type: string
4274 description: Scheme to use for connecting to the host. Defaults to HTTP.
4275 required:
4276 - port
4277 initialDelaySeconds:
4278 type: integer
4279 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4280 format: int32
4281 periodSeconds:
4282 type: integer
4283 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
4284 format: int32
4285 successThreshold:
4286 type: integer
4287 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4288 format: int32
4289 tcpSocket:
4290 type: object
4291 description: TCPSocket specifies an action involving a TCP port.
4292 properties:
4293 port:
4294 anyOf:
4295 - type: integer
4296 - type: string
4297 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4298 x-kubernetes-int-or-string: true
4299 host:
4300 type: string
4301 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4302 required:
4303 - port
4304 timeoutSeconds:
4305 type: integer
4306 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4307 format: int32
4308 required:
4309 - name
4310 containers:
4311 type: array
4312 description: 'Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `alertmanager` and `config-reloader`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
4313 items:
4314 type: object
4315 description: A single application container that you want to run within a pod.
4316 properties:
4317 name:
4318 type: string
4319 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
4320 image:
4321 type: string
4322 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
4323 command:
4324 type: array
4325 description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
4326 items:
4327 type: string
4328 args:
4329 type: array
4330 description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
4331 items:
4332 type: string
4333 workingDir:
4334 type: string
4335 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
4336 ports:
4337 type: array
4338 description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
4339 items:
4340 type: object
4341 description: ContainerPort represents a network port in a single container.
4342 properties:
4343 name:
4344 type: string
4345 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
4346 protocol:
4347 type: string
4348 default: TCP
4349 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
4350 hostPort:
4351 type: integer
4352 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
4353 format: int32
4354 containerPort:
4355 type: integer
4356 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
4357 format: int32
4358 hostIP:
4359 type: string
4360 description: What host IP to bind the external port to.
4361 required:
4362 - containerPort
4363 x-kubernetes-list-map-keys:
4364 - containerPort
4365 - protocol
4366 x-kubernetes-list-type: map
4367 envFrom:
4368 type: array
4369 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
4370 items:
4371 type: object
4372 description: EnvFromSource represents the source of a set of ConfigMaps
4373 properties:
4374 prefix:
4375 type: string
4376 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
4377 configMapRef:
4378 type: object
4379 description: The ConfigMap to select from
4380 properties:
4381 name:
4382 type: string
4383 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
4384 optional:
4385 type: boolean
4386 description: Specify whether the ConfigMap must be defined
4387 x-kubernetes-map-type: atomic
4388 secretRef:
4389 type: object
4390 description: The Secret to select from
4391 properties:
4392 name:
4393 type: string
4394 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
4395 optional:
4396 type: boolean
4397 description: Specify whether the Secret must be defined
4398 x-kubernetes-map-type: atomic
4399 env:
4400 type: array
4401 description: List of environment variables to set in the container. Cannot be updated.
4402 items:
4403 type: object
4404 description: EnvVar represents an environment variable present in a Container.
4405 properties:
4406 name:
4407 type: string
4408 description: Name of the environment variable. Must be a C_IDENTIFIER.
4409 value:
4410 type: string
4411 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
4412 valueFrom:
4413 type: object
4414 description: Source for the environment variable's value. Cannot be used if value is not empty.
4415 properties:
4416 fieldRef:
4417 type: object
4418 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
4419 properties:
4420 apiVersion:
4421 type: string
4422 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
4423 fieldPath:
4424 type: string
4425 description: Path of the field to select in the specified API version.
4426 required:
4427 - fieldPath
4428 x-kubernetes-map-type: atomic
4429 resourceFieldRef:
4430 type: object
4431 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
4432 properties:
4433 containerName:
4434 type: string
4435 description: 'Container name: required for volumes, optional for env vars'
4436 divisor:
4437 anyOf:
4438 - type: integer
4439 - type: string
4440 description: Specifies the output format of the exposed resources, defaults to "1"
4441 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4442 x-kubernetes-int-or-string: true
4443 resource:
4444 type: string
4445 description: 'Required: resource to select'
4446 required:
4447 - resource
4448 x-kubernetes-map-type: atomic
4449 configMapKeyRef:
4450 type: object
4451 description: Selects a key of a ConfigMap.
4452 properties:
4453 name:
4454 type: string
4455 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
4456 key:
4457 type: string
4458 description: The key to select.
4459 optional:
4460 type: boolean
4461 description: Specify whether the ConfigMap or its key must be defined
4462 required:
4463 - key
4464 x-kubernetes-map-type: atomic
4465 secretKeyRef:
4466 type: object
4467 description: Selects a key of a secret in the pod's namespace
4468 properties:
4469 name:
4470 type: string
4471 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
4472 key:
4473 type: string
4474 description: The key of the secret to select from. Must be a valid secret key.
4475 optional:
4476 type: boolean
4477 description: Specify whether the Secret or its key must be defined
4478 required:
4479 - key
4480 x-kubernetes-map-type: atomic
4481 required:
4482 - name
4483 resources:
4484 type: object
4485 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
4486 properties:
4487 limits:
4488 type: object
4489 additionalProperties:
4490 anyOf:
4491 - type: integer
4492 - type: string
4493 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4494 x-kubernetes-int-or-string: true
4495 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
4496 requests:
4497 type: object
4498 additionalProperties:
4499 anyOf:
4500 - type: integer
4501 - type: string
4502 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
4503 x-kubernetes-int-or-string: true
4504 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
4505 volumeMounts:
4506 type: array
4507 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
4508 items:
4509 type: object
4510 description: VolumeMount describes a mounting of a Volume within a container.
4511 properties:
4512 name:
4513 type: string
4514 description: This must match the Name of a Volume.
4515 readOnly:
4516 type: boolean
4517 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
4518 mountPath:
4519 type: string
4520 description: Path within the container at which the volume should be mounted. Must not contain ':'.
4521 subPath:
4522 type: string
4523 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
4524 subPathExpr:
4525 type: string
4526 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
4527 mountPropagation:
4528 type: string
4529 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
4530 required:
4531 - mountPath
4532 - name
4533 volumeDevices:
4534 type: array
4535 description: volumeDevices is the list of block devices to be used by the container.
4536 items:
4537 type: object
4538 description: volumeDevice describes a mapping of a raw block device within a container.
4539 properties:
4540 name:
4541 type: string
4542 description: name must match the name of a persistentVolumeClaim in the pod
4543 devicePath:
4544 type: string
4545 description: devicePath is the path inside of the container that the device will be mapped to.
4546 required:
4547 - devicePath
4548 - name
4549 livenessProbe:
4550 type: object
4551 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4552 properties:
4553 terminationGracePeriodSeconds:
4554 type: integer
4555 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4556 format: int64
4557 exec:
4558 type: object
4559 description: Exec specifies the action to take.
4560 properties:
4561 command:
4562 type: array
4563 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4564 items:
4565 type: string
4566 failureThreshold:
4567 type: integer
4568 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
4569 format: int32
4570 grpc:
4571 type: object
4572 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
4573 properties:
4574 service:
4575 type: string
4576 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
4577 port:
4578 type: integer
4579 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
4580 format: int32
4581 required:
4582 - port
4583 httpGet:
4584 type: object
4585 description: HTTPGet specifies the http request to perform.
4586 properties:
4587 port:
4588 anyOf:
4589 - type: integer
4590 - type: string
4591 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4592 x-kubernetes-int-or-string: true
4593 host:
4594 type: string
4595 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
4596 httpHeaders:
4597 type: array
4598 description: Custom headers to set in the request. HTTP allows repeated headers.
4599 items:
4600 type: object
4601 description: HTTPHeader describes a custom header to be used in HTTP probes
4602 properties:
4603 name:
4604 type: string
4605 description: The header field name
4606 value:
4607 type: string
4608 description: The header field value
4609 required:
4610 - name
4611 - value
4612 path:
4613 type: string
4614 description: Path to access on the HTTP server.
4615 scheme:
4616 type: string
4617 description: Scheme to use for connecting to the host. Defaults to HTTP.
4618 required:
4619 - port
4620 initialDelaySeconds:
4621 type: integer
4622 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4623 format: int32
4624 periodSeconds:
4625 type: integer
4626 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
4627 format: int32
4628 successThreshold:
4629 type: integer
4630 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4631 format: int32
4632 tcpSocket:
4633 type: object
4634 description: TCPSocket specifies an action involving a TCP port.
4635 properties:
4636 port:
4637 anyOf:
4638 - type: integer
4639 - type: string
4640 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4641 x-kubernetes-int-or-string: true
4642 host:
4643 type: string
4644 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4645 required:
4646 - port
4647 timeoutSeconds:
4648 type: integer
4649 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4650 format: int32
4651 readinessProbe:
4652 type: object
4653 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4654 properties:
4655 terminationGracePeriodSeconds:
4656 type: integer
4657 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4658 format: int64
4659 exec:
4660 type: object
4661 description: Exec specifies the action to take.
4662 properties:
4663 command:
4664 type: array
4665 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4666 items:
4667 type: string
4668 failureThreshold:
4669 type: integer
4670 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
4671 format: int32
4672 grpc:
4673 type: object
4674 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
4675 properties:
4676 service:
4677 type: string
4678 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
4679 port:
4680 type: integer
4681 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
4682 format: int32
4683 required:
4684 - port
4685 httpGet:
4686 type: object
4687 description: HTTPGet specifies the http request to perform.
4688 properties:
4689 port:
4690 anyOf:
4691 - type: integer
4692 - type: string
4693 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4694 x-kubernetes-int-or-string: true
4695 host:
4696 type: string
4697 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
4698 httpHeaders:
4699 type: array
4700 description: Custom headers to set in the request. HTTP allows repeated headers.
4701 items:
4702 type: object
4703 description: HTTPHeader describes a custom header to be used in HTTP probes
4704 properties:
4705 name:
4706 type: string
4707 description: The header field name
4708 value:
4709 type: string
4710 description: The header field value
4711 required:
4712 - name
4713 - value
4714 path:
4715 type: string
4716 description: Path to access on the HTTP server.
4717 scheme:
4718 type: string
4719 description: Scheme to use for connecting to the host. Defaults to HTTP.
4720 required:
4721 - port
4722 initialDelaySeconds:
4723 type: integer
4724 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4725 format: int32
4726 periodSeconds:
4727 type: integer
4728 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
4729 format: int32
4730 successThreshold:
4731 type: integer
4732 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
4733 format: int32
4734 tcpSocket:
4735 type: object
4736 description: TCPSocket specifies an action involving a TCP port.
4737 properties:
4738 port:
4739 anyOf:
4740 - type: integer
4741 - type: string
4742 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4743 x-kubernetes-int-or-string: true
4744 host:
4745 type: string
4746 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4747 required:
4748 - port
4749 timeoutSeconds:
4750 type: integer
4751 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4752 format: int32
4753 lifecycle:
4754 type: object
4755 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated.
4756 properties:
4757 postStart:
4758 type: object
4759 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
4760 properties:
4761 exec:
4762 type: object
4763 description: Exec specifies the action to take.
4764 properties:
4765 command:
4766 type: array
4767 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4768 items:
4769 type: string
4770 httpGet:
4771 type: object
4772 description: HTTPGet specifies the http request to perform.
4773 properties:
4774 port:
4775 anyOf:
4776 - type: integer
4777 - type: string
4778 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4779 x-kubernetes-int-or-string: true
4780 host:
4781 type: string
4782 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
4783 httpHeaders:
4784 type: array
4785 description: Custom headers to set in the request. HTTP allows repeated headers.
4786 items:
4787 type: object
4788 description: HTTPHeader describes a custom header to be used in HTTP probes
4789 properties:
4790 name:
4791 type: string
4792 description: The header field name
4793 value:
4794 type: string
4795 description: The header field value
4796 required:
4797 - name
4798 - value
4799 path:
4800 type: string
4801 description: Path to access on the HTTP server.
4802 scheme:
4803 type: string
4804 description: Scheme to use for connecting to the host. Defaults to HTTP.
4805 required:
4806 - port
4807 tcpSocket:
4808 type: object
4809 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
4810 properties:
4811 port:
4812 anyOf:
4813 - type: integer
4814 - type: string
4815 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4816 x-kubernetes-int-or-string: true
4817 host:
4818 type: string
4819 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4820 required:
4821 - port
4822 preStop:
4823 type: object
4824 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod''s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
4825 properties:
4826 exec:
4827 type: object
4828 description: Exec specifies the action to take.
4829 properties:
4830 command:
4831 type: array
4832 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
4833 items:
4834 type: string
4835 httpGet:
4836 type: object
4837 description: HTTPGet specifies the http request to perform.
4838 properties:
4839 port:
4840 anyOf:
4841 - type: integer
4842 - type: string
4843 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4844 x-kubernetes-int-or-string: true
4845 host:
4846 type: string
4847 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
4848 httpHeaders:
4849 type: array
4850 description: Custom headers to set in the request. HTTP allows repeated headers.
4851 items:
4852 type: object
4853 description: HTTPHeader describes a custom header to be used in HTTP probes
4854 properties:
4855 name:
4856 type: string
4857 description: The header field name
4858 value:
4859 type: string
4860 description: The header field value
4861 required:
4862 - name
4863 - value
4864 path:
4865 type: string
4866 description: Path to access on the HTTP server.
4867 scheme:
4868 type: string
4869 description: Scheme to use for connecting to the host. Defaults to HTTP.
4870 required:
4871 - port
4872 tcpSocket:
4873 type: object
4874 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
4875 properties:
4876 port:
4877 anyOf:
4878 - type: integer
4879 - type: string
4880 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
4881 x-kubernetes-int-or-string: true
4882 host:
4883 type: string
4884 description: 'Optional: Host name to connect to, defaults to the pod IP.'
4885 required:
4886 - port
4887 terminationMessagePath:
4888 type: string
4889 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
4890 terminationMessagePolicy:
4891 type: string
4892 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
4893 imagePullPolicy:
4894 type: string
4895 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
4896 securityContext:
4897 type: object
4898 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
4899 properties:
4900 allowPrivilegeEscalation:
4901 type: boolean
4902 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.'
4903 capabilities:
4904 type: object
4905 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
4906 properties:
4907 add:
4908 type: array
4909 description: Added capabilities
4910 items:
4911 type: string
4912 description: Capability represent POSIX capabilities type
4913 drop:
4914 type: array
4915 description: Removed capabilities
4916 items:
4917 type: string
4918 description: Capability represent POSIX capabilities type
4919 privileged:
4920 type: boolean
4921 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
4922 procMount:
4923 type: string
4924 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
4925 readOnlyRootFilesystem:
4926 type: boolean
4927 description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
4928 runAsGroup:
4929 type: integer
4930 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
4931 format: int64
4932 runAsNonRoot:
4933 type: boolean
4934 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
4935 runAsUser:
4936 type: integer
4937 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
4938 format: int64
4939 seLinuxOptions:
4940 type: object
4941 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
4942 properties:
4943 type:
4944 type: string
4945 description: Type is a SELinux type label that applies to the container.
4946 level:
4947 type: string
4948 description: Level is SELinux level label that applies to the container.
4949 role:
4950 type: string
4951 description: Role is a SELinux role label that applies to the container.
4952 user:
4953 type: string
4954 description: User is a SELinux user label that applies to the container.
4955 seccompProfile:
4956 type: object
4957 description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
4958 properties:
4959 type:
4960 type: string
4961 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
4962 localhostProfile:
4963 type: string
4964 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
4965 required:
4966 - type
4967 windowsOptions:
4968 type: object
4969 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
4970 properties:
4971 gmsaCredentialSpec:
4972 type: string
4973 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
4974 gmsaCredentialSpecName:
4975 type: string
4976 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
4977 hostProcess:
4978 type: boolean
4979 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
4980 runAsUserName:
4981 type: string
4982 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
4983 stdin:
4984 type: boolean
4985 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
4986 stdinOnce:
4987 type: boolean
4988 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
4989 tty:
4990 type: boolean
4991 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
4992 startupProbe:
4993 type: object
4994 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
4995 properties:
4996 terminationGracePeriodSeconds:
4997 type: integer
4998 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
4999 format: int64
5000 exec:
5001 type: object
5002 description: Exec specifies the action to take.
5003 properties:
5004 command:
5005 type: array
5006 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
5007 items:
5008 type: string
5009 failureThreshold:
5010 type: integer
5011 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
5012 format: int32
5013 grpc:
5014 type: object
5015 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
5016 properties:
5017 service:
5018 type: string
5019 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
5020 port:
5021 type: integer
5022 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
5023 format: int32
5024 required:
5025 - port
5026 httpGet:
5027 type: object
5028 description: HTTPGet specifies the http request to perform.
5029 properties:
5030 port:
5031 anyOf:
5032 - type: integer
5033 - type: string
5034 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
5035 x-kubernetes-int-or-string: true
5036 host:
5037 type: string
5038 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
5039 httpHeaders:
5040 type: array
5041 description: Custom headers to set in the request. HTTP allows repeated headers.
5042 items:
5043 type: object
5044 description: HTTPHeader describes a custom header to be used in HTTP probes
5045 properties:
5046 name:
5047 type: string
5048 description: The header field name
5049 value:
5050 type: string
5051 description: The header field value
5052 required:
5053 - name
5054 - value
5055 path:
5056 type: string
5057 description: Path to access on the HTTP server.
5058 scheme:
5059 type: string
5060 description: Scheme to use for connecting to the host. Defaults to HTTP.
5061 required:
5062 - port
5063 initialDelaySeconds:
5064 type: integer
5065 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
5066 format: int32
5067 periodSeconds:
5068 type: integer
5069 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
5070 format: int32
5071 successThreshold:
5072 type: integer
5073 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
5074 format: int32
5075 tcpSocket:
5076 type: object
5077 description: TCPSocket specifies an action involving a TCP port.
5078 properties:
5079 port:
5080 anyOf:
5081 - type: integer
5082 - type: string
5083 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
5084 x-kubernetes-int-or-string: true
5085 host:
5086 type: string
5087 description: 'Optional: Host name to connect to, defaults to the pod IP.'
5088 required:
5089 - port
5090 timeoutSeconds:
5091 type: integer
5092 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
5093 format: int32
5094 required:
5095 - name
5096 volumes:
5097 type: array
5098 description: Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
5099 items:
5100 type: object
5101 description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
5102 properties:
5103 name:
5104 type: string
5105 description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
5106 awsElasticBlockStore:
5107 type: object
5108 description: 'awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
5109 properties:
5110 readOnly:
5111 type: boolean
5112 description: 'readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
5113 fsType:
5114 type: string
5115 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine'
5116 partition:
5117 type: integer
5118 description: 'partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).'
5119 format: int32
5120 volumeID:
5121 type: string
5122 description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
5123 required:
5124 - volumeID
5125 azureDisk:
5126 type: object
5127 description: azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
5128 properties:
5129 kind:
5130 type: string
5131 description: 'kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared'
5132 readOnly:
5133 type: boolean
5134 description: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
5135 cachingMode:
5136 type: string
5137 description: 'cachingMode is the Host Caching mode: None, Read Only, Read Write.'
5138 diskName:
5139 type: string
5140 description: diskName is the Name of the data disk in the blob storage
5141 diskURI:
5142 type: string
5143 description: diskURI is the URI of data disk in the blob storage
5144 fsType:
5145 type: string
5146 description: fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
5147 required:
5148 - diskName
5149 - diskURI
5150 azureFile:
5151 type: object
5152 description: azureFile represents an Azure File Service mount on the host and bind mount to the pod.
5153 properties:
5154 readOnly:
5155 type: boolean
5156 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
5157 secretName:
5158 type: string
5159 description: secretName is the name of secret that contains Azure Storage Account Name and Key
5160 shareName:
5161 type: string
5162 description: shareName is the azure share Name
5163 required:
5164 - secretName
5165 - shareName
5166 cephfs:
5167 type: object
5168 description: cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
5169 properties:
5170 readOnly:
5171 type: boolean
5172 description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
5173 secretRef:
5174 type: object
5175 description: 'secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
5176 properties:
5177 name:
5178 type: string
5179 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5180 x-kubernetes-map-type: atomic
5181 monitors:
5182 type: array
5183 description: 'monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
5184 items:
5185 type: string
5186 path:
5187 type: string
5188 description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
5189 secretFile:
5190 type: string
5191 description: 'secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
5192 user:
5193 type: string
5194 description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
5195 required:
5196 - monitors
5197 cinder:
5198 type: object
5199 description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
5200 properties:
5201 readOnly:
5202 type: boolean
5203 description: 'readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
5204 secretRef:
5205 type: object
5206 description: 'secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.'
5207 properties:
5208 name:
5209 type: string
5210 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5211 x-kubernetes-map-type: atomic
5212 fsType:
5213 type: string
5214 description: 'fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
5215 volumeID:
5216 type: string
5217 description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
5218 required:
5219 - volumeID
5220 configMap:
5221 type: object
5222 description: configMap represents a configMap that should populate this volume
5223 properties:
5224 name:
5225 type: string
5226 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5227 defaultMode:
5228 type: integer
5229 description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5230 format: int32
5231 items:
5232 type: array
5233 description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
5234 items:
5235 type: object
5236 description: Maps a string key to a path within a volume.
5237 properties:
5238 key:
5239 type: string
5240 description: key is the key to project.
5241 mode:
5242 type: integer
5243 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5244 format: int32
5245 path:
5246 type: string
5247 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
5248 required:
5249 - key
5250 - path
5251 optional:
5252 type: boolean
5253 description: optional specify whether the ConfigMap or its keys must be defined
5254 x-kubernetes-map-type: atomic
5255 csi:
5256 type: object
5257 description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
5258 properties:
5259 readOnly:
5260 type: boolean
5261 description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
5262 driver:
5263 type: string
5264 description: driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.
5265 fsType:
5266 type: string
5267 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.
5268 nodePublishSecretRef:
5269 type: object
5270 description: nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.
5271 properties:
5272 name:
5273 type: string
5274 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5275 x-kubernetes-map-type: atomic
5276 volumeAttributes:
5277 type: object
5278 additionalProperties:
5279 type: string
5280 description: volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.
5281 required:
5282 - driver
5283 downwardAPI:
5284 type: object
5285 description: downwardAPI represents downward API about the pod that should populate this volume
5286 properties:
5287 defaultMode:
5288 type: integer
5289 description: 'Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5290 format: int32
5291 items:
5292 type: array
5293 description: Items is a list of downward API volume file
5294 items:
5295 type: object
5296 description: DownwardAPIVolumeFile represents information to create the file containing the pod field
5297 properties:
5298 fieldRef:
5299 type: object
5300 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
5301 properties:
5302 apiVersion:
5303 type: string
5304 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
5305 fieldPath:
5306 type: string
5307 description: Path of the field to select in the specified API version.
5308 required:
5309 - fieldPath
5310 x-kubernetes-map-type: atomic
5311 resourceFieldRef:
5312 type: object
5313 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
5314 properties:
5315 containerName:
5316 type: string
5317 description: 'Container name: required for volumes, optional for env vars'
5318 divisor:
5319 anyOf:
5320 - type: integer
5321 - type: string
5322 description: Specifies the output format of the exposed resources, defaults to "1"
5323 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5324 x-kubernetes-int-or-string: true
5325 resource:
5326 type: string
5327 description: 'Required: resource to select'
5328 required:
5329 - resource
5330 x-kubernetes-map-type: atomic
5331 mode:
5332 type: integer
5333 description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5334 format: int32
5335 path:
5336 type: string
5337 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
5338 required:
5339 - path
5340 emptyDir:
5341 type: object
5342 description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
5343 properties:
5344 medium:
5345 type: string
5346 description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
5347 sizeLimit:
5348 anyOf:
5349 - type: integer
5350 - type: string
5351 description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
5352 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5353 x-kubernetes-int-or-string: true
5354 ephemeral:
5355 type: object
5356 description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
5357 properties:
5358 volumeClaimTemplate:
5359 type: object
5360 description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
5361 properties:
5362 metadata:
5363 type: object
5364 description: May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
5365 spec:
5366 type: object
5367 description: The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
5368 properties:
5369 selector:
5370 type: object
5371 description: selector is a label query over volumes to consider for binding.
5372 properties:
5373 matchExpressions:
5374 type: array
5375 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
5376 items:
5377 type: object
5378 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
5379 properties:
5380 key:
5381 type: string
5382 description: key is the label key that the selector applies to.
5383 operator:
5384 type: string
5385 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
5386 values:
5387 type: array
5388 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
5389 items:
5390 type: string
5391 required:
5392 - key
5393 - operator
5394 matchLabels:
5395 type: object
5396 additionalProperties:
5397 type: string
5398 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
5399 x-kubernetes-map-type: atomic
5400 resources:
5401 type: object
5402 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
5403 properties:
5404 limits:
5405 type: object
5406 additionalProperties:
5407 anyOf:
5408 - type: integer
5409 - type: string
5410 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5411 x-kubernetes-int-or-string: true
5412 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
5413 requests:
5414 type: object
5415 additionalProperties:
5416 anyOf:
5417 - type: integer
5418 - type: string
5419 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5420 x-kubernetes-int-or-string: true
5421 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
5422 accessModes:
5423 type: array
5424 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
5425 items:
5426 type: string
5427 dataSource:
5428 type: object
5429 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
5430 properties:
5431 name:
5432 type: string
5433 description: Name is the name of resource being referenced
5434 kind:
5435 type: string
5436 description: Kind is the type of resource being referenced
5437 apiGroup:
5438 type: string
5439 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
5440 required:
5441 - kind
5442 - name
5443 x-kubernetes-map-type: atomic
5444 dataSourceRef:
5445 type: object
5446 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
5447 properties:
5448 name:
5449 type: string
5450 description: Name is the name of resource being referenced
5451 kind:
5452 type: string
5453 description: Kind is the type of resource being referenced
5454 apiGroup:
5455 type: string
5456 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
5457 required:
5458 - kind
5459 - name
5460 x-kubernetes-map-type: atomic
5461 storageClassName:
5462 type: string
5463 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
5464 volumeMode:
5465 type: string
5466 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
5467 volumeName:
5468 type: string
5469 description: volumeName is the binding reference to the PersistentVolume backing this claim.
5470 required:
5471 - spec
5472 fc:
5473 type: object
5474 description: fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
5475 properties:
5476 readOnly:
5477 type: boolean
5478 description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.'
5479 fsType:
5480 type: string
5481 description: 'fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine'
5482 lun:
5483 type: integer
5484 description: 'lun is Optional: FC target lun number'
5485 format: int32
5486 targetWWNs:
5487 type: array
5488 description: 'targetWWNs is Optional: FC target worldwide names (WWNs)'
5489 items:
5490 type: string
5491 wwids:
5492 type: array
5493 description: 'wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.'
5494 items:
5495 type: string
5496 flexVolume:
5497 type: object
5498 description: flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
5499 properties:
5500 readOnly:
5501 type: boolean
5502 description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.'
5503 secretRef:
5504 type: object
5505 description: 'secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.'
5506 properties:
5507 name:
5508 type: string
5509 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5510 x-kubernetes-map-type: atomic
5511 driver:
5512 type: string
5513 description: driver is the name of the driver to use for this volume.
5514 fsType:
5515 type: string
5516 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
5517 options:
5518 type: object
5519 additionalProperties:
5520 type: string
5521 description: 'options is Optional: this field holds extra command options if any.'
5522 required:
5523 - driver
5524 flocker:
5525 type: object
5526 description: flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running
5527 properties:
5528 datasetName:
5529 type: string
5530 description: datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated
5531 datasetUUID:
5532 type: string
5533 description: datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset
5534 gcePersistentDisk:
5535 type: object
5536 description: 'gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
5537 properties:
5538 readOnly:
5539 type: boolean
5540 description: 'readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
5541 fsType:
5542 type: string
5543 description: 'fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine'
5544 partition:
5545 type: integer
5546 description: 'partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
5547 format: int32
5548 pdName:
5549 type: string
5550 description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
5551 required:
5552 - pdName
5553 gitRepo:
5554 type: object
5555 description: 'gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod''s container.'
5556 properties:
5557 revision:
5558 type: string
5559 description: revision is the commit hash for the specified revision.
5560 directory:
5561 type: string
5562 description: directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.
5563 repository:
5564 type: string
5565 description: repository is the URL
5566 required:
5567 - repository
5568 glusterfs:
5569 type: object
5570 description: 'glusterfs represents a Glusterfs mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
5571 properties:
5572 readOnly:
5573 type: boolean
5574 description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
5575 endpoints:
5576 type: string
5577 description: 'endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
5578 path:
5579 type: string
5580 description: 'path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
5581 required:
5582 - endpoints
5583 - path
5584 hostPath:
5585 type: object
5586 description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.'
5587 properties:
5588 type:
5589 type: string
5590 description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
5591 path:
5592 type: string
5593 description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
5594 required:
5595 - path
5596 iscsi:
5597 type: object
5598 description: 'iscsi represents an ISCSI Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
5599 properties:
5600 readOnly:
5601 type: boolean
5602 description: readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
5603 secretRef:
5604 type: object
5605 description: secretRef is the CHAP Secret for iSCSI target and initiator authentication
5606 properties:
5607 name:
5608 type: string
5609 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5610 x-kubernetes-map-type: atomic
5611 chapAuthDiscovery:
5612 type: boolean
5613 description: chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
5614 chapAuthSession:
5615 type: boolean
5616 description: chapAuthSession defines whether support iSCSI Session CHAP authentication
5617 fsType:
5618 type: string
5619 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine'
5620 initiatorName:
5621 type: string
5622 description: initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.
5623 iqn:
5624 type: string
5625 description: iqn is the target iSCSI Qualified Name.
5626 iscsiInterface:
5627 type: string
5628 description: iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
5629 lun:
5630 type: integer
5631 description: lun represents iSCSI Target Lun number.
5632 format: int32
5633 portals:
5634 type: array
5635 description: portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
5636 items:
5637 type: string
5638 targetPortal:
5639 type: string
5640 description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
5641 required:
5642 - iqn
5643 - lun
5644 - targetPortal
5645 nfs:
5646 type: object
5647 description: 'nfs represents an NFS mount on the host that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
5648 properties:
5649 readOnly:
5650 type: boolean
5651 description: 'readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
5652 path:
5653 type: string
5654 description: 'path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
5655 server:
5656 type: string
5657 description: 'server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
5658 required:
5659 - path
5660 - server
5661 persistentVolumeClaim:
5662 type: object
5663 description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
5664 properties:
5665 readOnly:
5666 type: boolean
5667 description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
5668 claimName:
5669 type: string
5670 description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
5671 required:
5672 - claimName
5673 photonPersistentDisk:
5674 type: object
5675 description: photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
5676 properties:
5677 fsType:
5678 type: string
5679 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
5680 pdID:
5681 type: string
5682 description: pdID is the ID that identifies Photon Controller persistent disk
5683 required:
5684 - pdID
5685 portworxVolume:
5686 type: object
5687 description: portworxVolume represents a portworx volume attached and mounted on kubelets host machine
5688 properties:
5689 readOnly:
5690 type: boolean
5691 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
5692 fsType:
5693 type: string
5694 description: fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
5695 volumeID:
5696 type: string
5697 description: volumeID uniquely identifies a Portworx volume
5698 required:
5699 - volumeID
5700 projected:
5701 type: object
5702 description: projected items for all in one resources secrets, configmaps, and downward API
5703 properties:
5704 defaultMode:
5705 type: integer
5706 description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
5707 format: int32
5708 sources:
5709 type: array
5710 description: sources is the list of volume projections
5711 items:
5712 type: object
5713 description: Projection that may be projected along with other supported volume types
5714 properties:
5715 configMap:
5716 type: object
5717 description: configMap information about the configMap data to project
5718 properties:
5719 name:
5720 type: string
5721 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5722 items:
5723 type: array
5724 description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
5725 items:
5726 type: object
5727 description: Maps a string key to a path within a volume.
5728 properties:
5729 key:
5730 type: string
5731 description: key is the key to project.
5732 mode:
5733 type: integer
5734 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5735 format: int32
5736 path:
5737 type: string
5738 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
5739 required:
5740 - key
5741 - path
5742 optional:
5743 type: boolean
5744 description: optional specify whether the ConfigMap or its keys must be defined
5745 x-kubernetes-map-type: atomic
5746 downwardAPI:
5747 type: object
5748 description: downwardAPI information about the downwardAPI data to project
5749 properties:
5750 items:
5751 type: array
5752 description: Items is a list of DownwardAPIVolume file
5753 items:
5754 type: object
5755 description: DownwardAPIVolumeFile represents information to create the file containing the pod field
5756 properties:
5757 fieldRef:
5758 type: object
5759 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
5760 properties:
5761 apiVersion:
5762 type: string
5763 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
5764 fieldPath:
5765 type: string
5766 description: Path of the field to select in the specified API version.
5767 required:
5768 - fieldPath
5769 x-kubernetes-map-type: atomic
5770 resourceFieldRef:
5771 type: object
5772 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
5773 properties:
5774 containerName:
5775 type: string
5776 description: 'Container name: required for volumes, optional for env vars'
5777 divisor:
5778 anyOf:
5779 - type: integer
5780 - type: string
5781 description: Specifies the output format of the exposed resources, defaults to "1"
5782 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
5783 x-kubernetes-int-or-string: true
5784 resource:
5785 type: string
5786 description: 'Required: resource to select'
5787 required:
5788 - resource
5789 x-kubernetes-map-type: atomic
5790 mode:
5791 type: integer
5792 description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5793 format: int32
5794 path:
5795 type: string
5796 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
5797 required:
5798 - path
5799 secret:
5800 type: object
5801 description: secret information about the secret data to project
5802 properties:
5803 name:
5804 type: string
5805 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5806 items:
5807 type: array
5808 description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
5809 items:
5810 type: object
5811 description: Maps a string key to a path within a volume.
5812 properties:
5813 key:
5814 type: string
5815 description: key is the key to project.
5816 mode:
5817 type: integer
5818 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5819 format: int32
5820 path:
5821 type: string
5822 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
5823 required:
5824 - key
5825 - path
5826 optional:
5827 type: boolean
5828 description: optional field specify whether the Secret or its key must be defined
5829 x-kubernetes-map-type: atomic
5830 serviceAccountToken:
5831 type: object
5832 description: serviceAccountToken is information about the serviceAccountToken data to project
5833 properties:
5834 audience:
5835 type: string
5836 description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
5837 expirationSeconds:
5838 type: integer
5839 description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
5840 format: int64
5841 path:
5842 type: string
5843 description: path is the path relative to the mount point of the file to project the token into.
5844 required:
5845 - path
5846 quobyte:
5847 type: object
5848 description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime
5849 properties:
5850 readOnly:
5851 type: boolean
5852 description: readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.
5853 group:
5854 type: string
5855 description: group to map volume access to Default is no group
5856 registry:
5857 type: string
5858 description: registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes
5859 tenant:
5860 type: string
5861 description: tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin
5862 user:
5863 type: string
5864 description: user to map volume access to Defaults to serivceaccount user
5865 volume:
5866 type: string
5867 description: volume is a string that references an already created Quobyte volume by name.
5868 required:
5869 - registry
5870 - volume
5871 rbd:
5872 type: object
5873 description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
5874 properties:
5875 image:
5876 type: string
5877 description: 'image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5878 readOnly:
5879 type: boolean
5880 description: 'readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5881 secretRef:
5882 type: object
5883 description: 'secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5884 properties:
5885 name:
5886 type: string
5887 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5888 x-kubernetes-map-type: atomic
5889 fsType:
5890 type: string
5891 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine'
5892 keyring:
5893 type: string
5894 description: 'keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5895 monitors:
5896 type: array
5897 description: 'monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5898 items:
5899 type: string
5900 pool:
5901 type: string
5902 description: 'pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5903 user:
5904 type: string
5905 description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
5906 required:
5907 - image
5908 - monitors
5909 scaleIO:
5910 type: object
5911 description: scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
5912 properties:
5913 readOnly:
5914 type: boolean
5915 description: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
5916 secretRef:
5917 type: object
5918 description: secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.
5919 properties:
5920 name:
5921 type: string
5922 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
5923 x-kubernetes-map-type: atomic
5924 fsType:
5925 type: string
5926 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".
5927 gateway:
5928 type: string
5929 description: gateway is the host address of the ScaleIO API Gateway.
5930 protectionDomain:
5931 type: string
5932 description: protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.
5933 sslEnabled:
5934 type: boolean
5935 description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
5936 storageMode:
5937 type: string
5938 description: storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.
5939 storagePool:
5940 type: string
5941 description: storagePool is the ScaleIO Storage Pool associated with the protection domain.
5942 system:
5943 type: string
5944 description: system is the name of the storage system as configured in ScaleIO.
5945 volumeName:
5946 type: string
5947 description: volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.
5948 required:
5949 - gateway
5950 - secretRef
5951 - system
5952 secret:
5953 type: object
5954 description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
5955 properties:
5956 defaultMode:
5957 type: integer
5958 description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5959 format: int32
5960 items:
5961 type: array
5962 description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
5963 items:
5964 type: object
5965 description: Maps a string key to a path within a volume.
5966 properties:
5967 key:
5968 type: string
5969 description: key is the key to project.
5970 mode:
5971 type: integer
5972 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
5973 format: int32
5974 path:
5975 type: string
5976 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
5977 required:
5978 - key
5979 - path
5980 optional:
5981 type: boolean
5982 description: optional field specify whether the Secret or its keys must be defined
5983 secretName:
5984 type: string
5985 description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
5986 storageos:
5987 type: object
5988 description: storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.
5989 properties:
5990 readOnly:
5991 type: boolean
5992 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
5993 secretRef:
5994 type: object
5995 description: secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.
5996 properties:
5997 name:
5998 type: string
5999 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6000 x-kubernetes-map-type: atomic
6001 fsType:
6002 type: string
6003 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6004 volumeName:
6005 type: string
6006 description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
6007 volumeNamespace:
6008 type: string
6009 description: volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.
6010 vsphereVolume:
6011 type: object
6012 description: vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
6013 properties:
6014 fsType:
6015 type: string
6016 description: fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
6017 storagePolicyID:
6018 type: string
6019 description: storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
6020 storagePolicyName:
6021 type: string
6022 description: storagePolicyName is the storage Policy Based Management (SPBM) profile name.
6023 volumePath:
6024 type: string
6025 description: volumePath is the path that identifies vSphere volume vmdk
6026 required:
6027 - volumePath
6028 required:
6029 - name
6030 imagePullSecrets:
6031 type: array
6032 description: An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
6033 items:
6034 type: object
6035 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
6036 properties:
6037 name:
6038 type: string
6039 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6040 x-kubernetes-map-type: atomic
6041 affinity:
6042 type: object
6043 description: If specified, the pod's scheduling constraints.
6044 properties:
6045 nodeAffinity:
6046 type: object
6047 description: Describes node affinity scheduling rules for the pod.
6048 properties:
6049 preferredDuringSchedulingIgnoredDuringExecution:
6050 type: array
6051 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
6052 items:
6053 type: object
6054 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
6055 properties:
6056 preference:
6057 type: object
6058 description: A node selector term, associated with the corresponding weight.
6059 properties:
6060 matchExpressions:
6061 type: array
6062 description: A list of node selector requirements by node's labels.
6063 items:
6064 type: object
6065 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6066 properties:
6067 key:
6068 type: string
6069 description: The label key that the selector applies to.
6070 operator:
6071 type: string
6072 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
6073 values:
6074 type: array
6075 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
6076 items:
6077 type: string
6078 required:
6079 - key
6080 - operator
6081 matchFields:
6082 type: array
6083 description: A list of node selector requirements by node's fields.
6084 items:
6085 type: object
6086 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6087 properties:
6088 key:
6089 type: string
6090 description: The label key that the selector applies to.
6091 operator:
6092 type: string
6093 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
6094 values:
6095 type: array
6096 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
6097 items:
6098 type: string
6099 required:
6100 - key
6101 - operator
6102 x-kubernetes-map-type: atomic
6103 weight:
6104 type: integer
6105 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
6106 format: int32
6107 required:
6108 - preference
6109 - weight
6110 requiredDuringSchedulingIgnoredDuringExecution:
6111 type: object
6112 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
6113 properties:
6114 nodeSelectorTerms:
6115 type: array
6116 description: Required. A list of node selector terms. The terms are ORed.
6117 items:
6118 type: object
6119 description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
6120 properties:
6121 matchExpressions:
6122 type: array
6123 description: A list of node selector requirements by node's labels.
6124 items:
6125 type: object
6126 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6127 properties:
6128 key:
6129 type: string
6130 description: The label key that the selector applies to.
6131 operator:
6132 type: string
6133 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
6134 values:
6135 type: array
6136 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
6137 items:
6138 type: string
6139 required:
6140 - key
6141 - operator
6142 matchFields:
6143 type: array
6144 description: A list of node selector requirements by node's fields.
6145 items:
6146 type: object
6147 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6148 properties:
6149 key:
6150 type: string
6151 description: The label key that the selector applies to.
6152 operator:
6153 type: string
6154 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
6155 values:
6156 type: array
6157 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
6158 items:
6159 type: string
6160 required:
6161 - key
6162 - operator
6163 x-kubernetes-map-type: atomic
6164 required:
6165 - nodeSelectorTerms
6166 x-kubernetes-map-type: atomic
6167 podAffinity:
6168 type: object
6169 description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
6170 properties:
6171 preferredDuringSchedulingIgnoredDuringExecution:
6172 type: array
6173 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
6174 items:
6175 type: object
6176 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
6177 properties:
6178 podAffinityTerm:
6179 type: object
6180 description: Required. A pod affinity term, associated with the corresponding weight.
6181 properties:
6182 labelSelector:
6183 type: object
6184 description: A label query over a set of resources, in this case pods.
6185 properties:
6186 matchExpressions:
6187 type: array
6188 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6189 items:
6190 type: object
6191 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6192 properties:
6193 key:
6194 type: string
6195 description: key is the label key that the selector applies to.
6196 operator:
6197 type: string
6198 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6199 values:
6200 type: array
6201 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6202 items:
6203 type: string
6204 required:
6205 - key
6206 - operator
6207 matchLabels:
6208 type: object
6209 additionalProperties:
6210 type: string
6211 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6212 x-kubernetes-map-type: atomic
6213 namespaceSelector:
6214 type: object
6215 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
6216 properties:
6217 matchExpressions:
6218 type: array
6219 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6220 items:
6221 type: object
6222 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6223 properties:
6224 key:
6225 type: string
6226 description: key is the label key that the selector applies to.
6227 operator:
6228 type: string
6229 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6230 values:
6231 type: array
6232 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6233 items:
6234 type: string
6235 required:
6236 - key
6237 - operator
6238 matchLabels:
6239 type: object
6240 additionalProperties:
6241 type: string
6242 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6243 x-kubernetes-map-type: atomic
6244 namespaces:
6245 type: array
6246 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
6247 items:
6248 type: string
6249 topologyKey:
6250 type: string
6251 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
6252 required:
6253 - topologyKey
6254 weight:
6255 type: integer
6256 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
6257 format: int32
6258 required:
6259 - podAffinityTerm
6260 - weight
6261 requiredDuringSchedulingIgnoredDuringExecution:
6262 type: array
6263 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
6264 items:
6265 type: object
6266 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
6267 properties:
6268 labelSelector:
6269 type: object
6270 description: A label query over a set of resources, in this case pods.
6271 properties:
6272 matchExpressions:
6273 type: array
6274 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6275 items:
6276 type: object
6277 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6278 properties:
6279 key:
6280 type: string
6281 description: key is the label key that the selector applies to.
6282 operator:
6283 type: string
6284 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6285 values:
6286 type: array
6287 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6288 items:
6289 type: string
6290 required:
6291 - key
6292 - operator
6293 matchLabels:
6294 type: object
6295 additionalProperties:
6296 type: string
6297 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6298 x-kubernetes-map-type: atomic
6299 namespaceSelector:
6300 type: object
6301 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
6302 properties:
6303 matchExpressions:
6304 type: array
6305 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6306 items:
6307 type: object
6308 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6309 properties:
6310 key:
6311 type: string
6312 description: key is the label key that the selector applies to.
6313 operator:
6314 type: string
6315 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6316 values:
6317 type: array
6318 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6319 items:
6320 type: string
6321 required:
6322 - key
6323 - operator
6324 matchLabels:
6325 type: object
6326 additionalProperties:
6327 type: string
6328 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6329 x-kubernetes-map-type: atomic
6330 namespaces:
6331 type: array
6332 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
6333 items:
6334 type: string
6335 topologyKey:
6336 type: string
6337 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
6338 required:
6339 - topologyKey
6340 podAntiAffinity:
6341 type: object
6342 description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
6343 properties:
6344 preferredDuringSchedulingIgnoredDuringExecution:
6345 type: array
6346 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
6347 items:
6348 type: object
6349 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
6350 properties:
6351 podAffinityTerm:
6352 type: object
6353 description: Required. A pod affinity term, associated with the corresponding weight.
6354 properties:
6355 labelSelector:
6356 type: object
6357 description: A label query over a set of resources, in this case pods.
6358 properties:
6359 matchExpressions:
6360 type: array
6361 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6362 items:
6363 type: object
6364 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6365 properties:
6366 key:
6367 type: string
6368 description: key is the label key that the selector applies to.
6369 operator:
6370 type: string
6371 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6372 values:
6373 type: array
6374 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6375 items:
6376 type: string
6377 required:
6378 - key
6379 - operator
6380 matchLabels:
6381 type: object
6382 additionalProperties:
6383 type: string
6384 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6385 x-kubernetes-map-type: atomic
6386 namespaceSelector:
6387 type: object
6388 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
6389 properties:
6390 matchExpressions:
6391 type: array
6392 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6393 items:
6394 type: object
6395 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6396 properties:
6397 key:
6398 type: string
6399 description: key is the label key that the selector applies to.
6400 operator:
6401 type: string
6402 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6403 values:
6404 type: array
6405 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6406 items:
6407 type: string
6408 required:
6409 - key
6410 - operator
6411 matchLabels:
6412 type: object
6413 additionalProperties:
6414 type: string
6415 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6416 x-kubernetes-map-type: atomic
6417 namespaces:
6418 type: array
6419 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
6420 items:
6421 type: string
6422 topologyKey:
6423 type: string
6424 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
6425 required:
6426 - topologyKey
6427 weight:
6428 type: integer
6429 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
6430 format: int32
6431 required:
6432 - podAffinityTerm
6433 - weight
6434 requiredDuringSchedulingIgnoredDuringExecution:
6435 type: array
6436 description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
6437 items:
6438 type: object
6439 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
6440 properties:
6441 labelSelector:
6442 type: object
6443 description: A label query over a set of resources, in this case pods.
6444 properties:
6445 matchExpressions:
6446 type: array
6447 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6448 items:
6449 type: object
6450 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6451 properties:
6452 key:
6453 type: string
6454 description: key is the label key that the selector applies to.
6455 operator:
6456 type: string
6457 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6458 values:
6459 type: array
6460 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6461 items:
6462 type: string
6463 required:
6464 - key
6465 - operator
6466 matchLabels:
6467 type: object
6468 additionalProperties:
6469 type: string
6470 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6471 x-kubernetes-map-type: atomic
6472 namespaceSelector:
6473 type: object
6474 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
6475 properties:
6476 matchExpressions:
6477 type: array
6478 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6479 items:
6480 type: object
6481 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6482 properties:
6483 key:
6484 type: string
6485 description: key is the label key that the selector applies to.
6486 operator:
6487 type: string
6488 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6489 values:
6490 type: array
6491 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6492 items:
6493 type: string
6494 required:
6495 - key
6496 - operator
6497 matchLabels:
6498 type: object
6499 additionalProperties:
6500 type: string
6501 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6502 x-kubernetes-map-type: atomic
6503 namespaces:
6504 type: array
6505 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
6506 items:
6507 type: string
6508 topologyKey:
6509 type: string
6510 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
6511 required:
6512 - topologyKey
6513 tolerations:
6514 type: array
6515 description: If specified, the pod's tolerations.
6516 items:
6517 type: object
6518 description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
6519 properties:
6520 value:
6521 type: string
6522 description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
6523 effect:
6524 type: string
6525 description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
6526 key:
6527 type: string
6528 description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
6529 operator:
6530 type: string
6531 description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
6532 tolerationSeconds:
6533 type: integer
6534 description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
6535 format: int64
6536 image:
6537 type: string
6538 description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured.
6539 resources:
6540 type: object
6541 description: Define resources requests and limits for single Pods.
6542 properties:
6543 limits:
6544 type: object
6545 additionalProperties:
6546 anyOf:
6547 - type: integer
6548 - type: string
6549 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6550 x-kubernetes-int-or-string: true
6551 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
6552 requests:
6553 type: object
6554 additionalProperties:
6555 anyOf:
6556 - type: integer
6557 - type: string
6558 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
6559 x-kubernetes-int-or-string: true
6560 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
6561 volumeMounts:
6562 type: array
6563 description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects.
6564 items:
6565 type: object
6566 description: VolumeMount describes a mounting of a Volume within a container.
6567 properties:
6568 name:
6569 type: string
6570 description: This must match the Name of a Volume.
6571 readOnly:
6572 type: boolean
6573 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
6574 mountPath:
6575 type: string
6576 description: Path within the container at which the volume should be mounted. Must not contain ':'.
6577 subPath:
6578 type: string
6579 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
6580 subPathExpr:
6581 type: string
6582 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
6583 mountPropagation:
6584 type: string
6585 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
6586 required:
6587 - mountPath
6588 - name
6589 securityContext:
6590 type: object
6591 description: SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
6592 properties:
6593 fsGroup:
6594 type: integer
6595 description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."
6596 format: int64
6597 fsGroupChangePolicy:
6598 type: string
6599 description: 'fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.'
6600 runAsGroup:
6601 type: integer
6602 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
6603 format: int64
6604 runAsNonRoot:
6605 type: boolean
6606 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
6607 runAsUser:
6608 type: integer
6609 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
6610 format: int64
6611 seLinuxOptions:
6612 type: object
6613 description: The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
6614 properties:
6615 type:
6616 type: string
6617 description: Type is a SELinux type label that applies to the container.
6618 level:
6619 type: string
6620 description: Level is SELinux level label that applies to the container.
6621 role:
6622 type: string
6623 description: Role is a SELinux role label that applies to the container.
6624 user:
6625 type: string
6626 description: User is a SELinux user label that applies to the container.
6627 seccompProfile:
6628 type: object
6629 description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
6630 properties:
6631 type:
6632 type: string
6633 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
6634 localhostProfile:
6635 type: string
6636 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
6637 required:
6638 - type
6639 supplementalGroups:
6640 type: array
6641 description: A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows.
6642 items:
6643 type: integer
6644 format: int64
6645 sysctls:
6646 type: array
6647 description: Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.
6648 items:
6649 type: object
6650 description: Sysctl defines a kernel parameter to be set
6651 properties:
6652 name:
6653 type: string
6654 description: Name of a property to set
6655 value:
6656 type: string
6657 description: Value of a property to set
6658 required:
6659 - name
6660 - value
6661 windowsOptions:
6662 type: object
6663 description: The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
6664 properties:
6665 gmsaCredentialSpec:
6666 type: string
6667 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
6668 gmsaCredentialSpecName:
6669 type: string
6670 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
6671 hostProcess:
6672 type: boolean
6673 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
6674 runAsUserName:
6675 type: string
6676 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
6677 additionalPeers:
6678 type: array
6679 description: AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
6680 items:
6681 type: string
6682 alertmanagerConfigNamespaceSelector:
6683 type: object
6684 description: Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.
6685 properties:
6686 matchExpressions:
6687 type: array
6688 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6689 items:
6690 type: object
6691 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6692 properties:
6693 key:
6694 type: string
6695 description: key is the label key that the selector applies to.
6696 operator:
6697 type: string
6698 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6699 values:
6700 type: array
6701 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6702 items:
6703 type: string
6704 required:
6705 - key
6706 - operator
6707 matchLabels:
6708 type: object
6709 additionalProperties:
6710 type: string
6711 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6712 x-kubernetes-map-type: atomic
6713 alertmanagerConfigSelector:
6714 type: object
6715 description: AlertmanagerConfigs to be selected for to merge and configure Alertmanager with.
6716 properties:
6717 matchExpressions:
6718 type: array
6719 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
6720 items:
6721 type: object
6722 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
6723 properties:
6724 key:
6725 type: string
6726 description: key is the label key that the selector applies to.
6727 operator:
6728 type: string
6729 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
6730 values:
6731 type: array
6732 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
6733 items:
6734 type: string
6735 required:
6736 - key
6737 - operator
6738 matchLabels:
6739 type: object
6740 additionalProperties:
6741 type: string
6742 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
6743 x-kubernetes-map-type: atomic
6744 alertmanagerConfiguration:
6745 type: object
6746 description: 'EXPERIMENTAL: alertmanagerConfiguration specifies the configuration of Alertmanager. If defined, it takes precedence over the `configSecret` field. This field may change in future releases.'
6747 properties:
6748 name:
6749 type: string
6750 description: The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a `namespace` label for routes and inhibition rules.
6751 minLength: 1
6752 global:
6753 type: object
6754 description: Defines the global parameters of the Alertmanager configuration.
6755 properties:
6756 httpConfig:
6757 type: object
6758 description: HTTP client configuration.
6759 properties:
6760 authorization:
6761 type: object
6762 description: Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
6763 properties:
6764 type:
6765 type: string
6766 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
6767 credentials:
6768 type: object
6769 description: The secret's key that contains the credentials of the request
6770 properties:
6771 name:
6772 type: string
6773 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6774 key:
6775 type: string
6776 description: The key of the secret to select from. Must be a valid secret key.
6777 optional:
6778 type: boolean
6779 description: Specify whether the Secret or its key must be defined
6780 required:
6781 - key
6782 x-kubernetes-map-type: atomic
6783 basicAuth:
6784 type: object
6785 description: BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
6786 properties:
6787 password:
6788 type: object
6789 description: The secret in the service monitor namespace that contains the password for authentication.
6790 properties:
6791 name:
6792 type: string
6793 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6794 key:
6795 type: string
6796 description: The key of the secret to select from. Must be a valid secret key.
6797 optional:
6798 type: boolean
6799 description: Specify whether the Secret or its key must be defined
6800 required:
6801 - key
6802 x-kubernetes-map-type: atomic
6803 username:
6804 type: object
6805 description: The secret in the service monitor namespace that contains the username for authentication.
6806 properties:
6807 name:
6808 type: string
6809 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6810 key:
6811 type: string
6812 description: The key of the secret to select from. Must be a valid secret key.
6813 optional:
6814 type: boolean
6815 description: Specify whether the Secret or its key must be defined
6816 required:
6817 - key
6818 x-kubernetes-map-type: atomic
6819 bearerTokenSecret:
6820 type: object
6821 description: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the Alertmanager object and accessible by the Prometheus Operator.
6822 properties:
6823 name:
6824 type: string
6825 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6826 key:
6827 type: string
6828 description: The key of the secret to select from. Must be a valid secret key.
6829 optional:
6830 type: boolean
6831 description: Specify whether the Secret or its key must be defined
6832 required:
6833 - key
6834 x-kubernetes-map-type: atomic
6835 followRedirects:
6836 type: boolean
6837 description: FollowRedirects specifies whether the client should follow HTTP 3xx redirects.
6838 oauth2:
6839 type: object
6840 description: OAuth2 client credentials used to fetch a token for the targets.
6841 properties:
6842 clientId:
6843 type: object
6844 description: The secret or configmap containing the OAuth2 client id
6845 properties:
6846 configMap:
6847 type: object
6848 description: ConfigMap containing data to use for the targets.
6849 properties:
6850 name:
6851 type: string
6852 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6853 key:
6854 type: string
6855 description: The key to select.
6856 optional:
6857 type: boolean
6858 description: Specify whether the ConfigMap or its key must be defined
6859 required:
6860 - key
6861 x-kubernetes-map-type: atomic
6862 secret:
6863 type: object
6864 description: Secret containing data to use for the targets.
6865 properties:
6866 name:
6867 type: string
6868 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6869 key:
6870 type: string
6871 description: The key of the secret to select from. Must be a valid secret key.
6872 optional:
6873 type: boolean
6874 description: Specify whether the Secret or its key must be defined
6875 required:
6876 - key
6877 x-kubernetes-map-type: atomic
6878 clientSecret:
6879 type: object
6880 description: The secret containing the OAuth2 client secret
6881 properties:
6882 name:
6883 type: string
6884 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6885 key:
6886 type: string
6887 description: The key of the secret to select from. Must be a valid secret key.
6888 optional:
6889 type: boolean
6890 description: Specify whether the Secret or its key must be defined
6891 required:
6892 - key
6893 x-kubernetes-map-type: atomic
6894 endpointParams:
6895 type: object
6896 additionalProperties:
6897 type: string
6898 description: Parameters to append to the token URL
6899 scopes:
6900 type: array
6901 description: OAuth2 scopes used for the token request
6902 items:
6903 type: string
6904 tokenUrl:
6905 type: string
6906 description: The URL to fetch the token from
6907 minLength: 1
6908 required:
6909 - clientId
6910 - clientSecret
6911 - tokenUrl
6912 proxyURL:
6913 type: string
6914 description: Optional proxy URL.
6915 tlsConfig:
6916 type: object
6917 description: TLS configuration for the client.
6918 properties:
6919 ca:
6920 type: object
6921 description: Struct containing the CA cert to use for the targets.
6922 properties:
6923 configMap:
6924 type: object
6925 description: ConfigMap containing data to use for the targets.
6926 properties:
6927 name:
6928 type: string
6929 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6930 key:
6931 type: string
6932 description: The key to select.
6933 optional:
6934 type: boolean
6935 description: Specify whether the ConfigMap or its key must be defined
6936 required:
6937 - key
6938 x-kubernetes-map-type: atomic
6939 secret:
6940 type: object
6941 description: Secret containing data to use for the targets.
6942 properties:
6943 name:
6944 type: string
6945 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6946 key:
6947 type: string
6948 description: The key of the secret to select from. Must be a valid secret key.
6949 optional:
6950 type: boolean
6951 description: Specify whether the Secret or its key must be defined
6952 required:
6953 - key
6954 x-kubernetes-map-type: atomic
6955 cert:
6956 type: object
6957 description: Struct containing the client cert file for the targets.
6958 properties:
6959 configMap:
6960 type: object
6961 description: ConfigMap containing data to use for the targets.
6962 properties:
6963 name:
6964 type: string
6965 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6966 key:
6967 type: string
6968 description: The key to select.
6969 optional:
6970 type: boolean
6971 description: Specify whether the ConfigMap or its key must be defined
6972 required:
6973 - key
6974 x-kubernetes-map-type: atomic
6975 secret:
6976 type: object
6977 description: Secret containing data to use for the targets.
6978 properties:
6979 name:
6980 type: string
6981 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
6982 key:
6983 type: string
6984 description: The key of the secret to select from. Must be a valid secret key.
6985 optional:
6986 type: boolean
6987 description: Specify whether the Secret or its key must be defined
6988 required:
6989 - key
6990 x-kubernetes-map-type: atomic
6991 insecureSkipVerify:
6992 type: boolean
6993 description: Disable target certificate validation.
6994 keySecret:
6995 type: object
6996 description: Secret containing the client key file for the targets.
6997 properties:
6998 name:
6999 type: string
7000 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7001 key:
7002 type: string
7003 description: The key of the secret to select from. Must be a valid secret key.
7004 optional:
7005 type: boolean
7006 description: Specify whether the Secret or its key must be defined
7007 required:
7008 - key
7009 x-kubernetes-map-type: atomic
7010 serverName:
7011 type: string
7012 description: Used to verify the hostname for the targets.
7013 resolveTimeout:
7014 type: string
7015 description: ResolveTimeout is the default value used by alertmanager if the alert does not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. This has no impact on alerts from Prometheus, as they always include EndsAt.
7016 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
7017 templates:
7018 type: array
7019 description: Custom notification templates.
7020 items:
7021 type: object
7022 description: SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive.
7023 properties:
7024 configMap:
7025 type: object
7026 description: ConfigMap containing data to use for the targets.
7027 properties:
7028 name:
7029 type: string
7030 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7031 key:
7032 type: string
7033 description: The key to select.
7034 optional:
7035 type: boolean
7036 description: Specify whether the ConfigMap or its key must be defined
7037 required:
7038 - key
7039 x-kubernetes-map-type: atomic
7040 secret:
7041 type: object
7042 description: Secret containing data to use for the targets.
7043 properties:
7044 name:
7045 type: string
7046 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7047 key:
7048 type: string
7049 description: The key of the secret to select from. Must be a valid secret key.
7050 optional:
7051 type: boolean
7052 description: Specify whether the Secret or its key must be defined
7053 required:
7054 - key
7055 x-kubernetes-map-type: atomic
7056 baseImage:
7057 type: string
7058 description: 'Base image that is used to deploy pods, without tag. Deprecated: use ''image'' instead'
7059 clusterAdvertiseAddress:
7060 type: string
7061 description: 'ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918'
7062 clusterGossipInterval:
7063 type: string
7064 description: Interval between gossip attempts.
7065 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
7066 clusterPeerTimeout:
7067 type: string
7068 description: Timeout for cluster peering.
7069 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
7070 clusterPushpullInterval:
7071 type: string
7072 description: Interval between pushpull attempts.
7073 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
7074 configMaps:
7075 type: array
7076 description: ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into `/etc/alertmanager/configmaps/<configmap-name>` in the 'alertmanager' container.
7077 items:
7078 type: string
7079 configSecret:
7080 type: string
7081 description: "ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to `alertmanager-<alertmanager-name>`. \n The Alertmanager configuration should be available under the `alertmanager.yaml` key. Additional keys from the original secret are copied to the generated secret. \n If either the secret or the `alertmanager.yaml` key is missing, the operator provisions an Alertmanager configuration with one empty receiver (effectively dropping alert notifications)."
7082 externalUrl:
7083 type: string
7084 description: The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name.
7085 forceEnableClusterMode:
7086 type: boolean
7087 description: ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
7088 listenLocal:
7089 type: boolean
7090 description: ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication.
7091 logFormat:
7092 type: string
7093 description: Log format for Alertmanager to be configured with.
7094 enum:
7095 - ""
7096 - logfmt
7097 - json
7098 logLevel:
7099 type: string
7100 description: Log level for Alertmanager to be configured with.
7101 enum:
7102 - ""
7103 - debug
7104 - info
7105 - warn
7106 - error
7107 podMetadata:
7108 type: object
7109 description: PodMetadata configures Labels and Annotations which are propagated to the alertmanager pods.
7110 properties:
7111 name:
7112 type: string
7113 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
7114 labels:
7115 type: object
7116 additionalProperties:
7117 type: string
7118 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
7119 annotations:
7120 type: object
7121 additionalProperties:
7122 type: string
7123 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
7124 portName:
7125 type: string
7126 description: Port name used for the pods and governing service. This defaults to web
7127 retention:
7128 type: string
7129 default: 120h
7130 description: Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours).
7131 pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
7132 routePrefix:
7133 type: string
7134 description: The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
7135 secrets:
7136 type: array
7137 description: Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into `/etc/alertmanager/secrets/<secret-name>` in the 'alertmanager' container.
7138 items:
7139 type: string
7140 sha:
7141 type: string
7142 description: 'SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.'
7143 storage:
7144 type: object
7145 description: Storage is the definition of how storage will be used by the Alertmanager instances.
7146 properties:
7147 disableMountSubPath:
7148 type: boolean
7149 description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
7150 emptyDir:
7151 type: object
7152 description: 'EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
7153 properties:
7154 medium:
7155 type: string
7156 description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
7157 sizeLimit:
7158 anyOf:
7159 - type: integer
7160 - type: string
7161 description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
7162 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7163 x-kubernetes-int-or-string: true
7164 ephemeral:
7165 type: object
7166 description: 'EphemeralVolumeSource to be used by the Prometheus StatefulSets. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
7167 properties:
7168 volumeClaimTemplate:
7169 type: object
7170 description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
7171 properties:
7172 metadata:
7173 type: object
7174 description: May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
7175 spec:
7176 type: object
7177 description: The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
7178 properties:
7179 selector:
7180 type: object
7181 description: selector is a label query over volumes to consider for binding.
7182 properties:
7183 matchExpressions:
7184 type: array
7185 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
7186 items:
7187 type: object
7188 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
7189 properties:
7190 key:
7191 type: string
7192 description: key is the label key that the selector applies to.
7193 operator:
7194 type: string
7195 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
7196 values:
7197 type: array
7198 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
7199 items:
7200 type: string
7201 required:
7202 - key
7203 - operator
7204 matchLabels:
7205 type: object
7206 additionalProperties:
7207 type: string
7208 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
7209 x-kubernetes-map-type: atomic
7210 resources:
7211 type: object
7212 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
7213 properties:
7214 limits:
7215 type: object
7216 additionalProperties:
7217 anyOf:
7218 - type: integer
7219 - type: string
7220 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7221 x-kubernetes-int-or-string: true
7222 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
7223 requests:
7224 type: object
7225 additionalProperties:
7226 anyOf:
7227 - type: integer
7228 - type: string
7229 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7230 x-kubernetes-int-or-string: true
7231 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
7232 accessModes:
7233 type: array
7234 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
7235 items:
7236 type: string
7237 dataSource:
7238 type: object
7239 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
7240 properties:
7241 name:
7242 type: string
7243 description: Name is the name of resource being referenced
7244 kind:
7245 type: string
7246 description: Kind is the type of resource being referenced
7247 apiGroup:
7248 type: string
7249 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
7250 required:
7251 - kind
7252 - name
7253 x-kubernetes-map-type: atomic
7254 dataSourceRef:
7255 type: object
7256 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
7257 properties:
7258 name:
7259 type: string
7260 description: Name is the name of resource being referenced
7261 kind:
7262 type: string
7263 description: Kind is the type of resource being referenced
7264 apiGroup:
7265 type: string
7266 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
7267 required:
7268 - kind
7269 - name
7270 x-kubernetes-map-type: atomic
7271 storageClassName:
7272 type: string
7273 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
7274 volumeMode:
7275 type: string
7276 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
7277 volumeName:
7278 type: string
7279 description: volumeName is the binding reference to the PersistentVolume backing this claim.
7280 required:
7281 - spec
7282 volumeClaimTemplate:
7283 type: object
7284 description: A PVC spec to be used by the Prometheus StatefulSets.
7285 properties:
7286 apiVersion:
7287 type: string
7288 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
7289 kind:
7290 type: string
7291 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
7292 metadata:
7293 type: object
7294 description: EmbeddedMetadata contains metadata relevant to an EmbeddedResource.
7295 properties:
7296 name:
7297 type: string
7298 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
7299 labels:
7300 type: object
7301 additionalProperties:
7302 type: string
7303 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
7304 annotations:
7305 type: object
7306 additionalProperties:
7307 type: string
7308 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
7309 spec:
7310 type: object
7311 description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
7312 properties:
7313 selector:
7314 type: object
7315 description: selector is a label query over volumes to consider for binding.
7316 properties:
7317 matchExpressions:
7318 type: array
7319 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
7320 items:
7321 type: object
7322 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
7323 properties:
7324 key:
7325 type: string
7326 description: key is the label key that the selector applies to.
7327 operator:
7328 type: string
7329 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
7330 values:
7331 type: array
7332 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
7333 items:
7334 type: string
7335 required:
7336 - key
7337 - operator
7338 matchLabels:
7339 type: object
7340 additionalProperties:
7341 type: string
7342 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
7343 x-kubernetes-map-type: atomic
7344 resources:
7345 type: object
7346 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
7347 properties:
7348 limits:
7349 type: object
7350 additionalProperties:
7351 anyOf:
7352 - type: integer
7353 - type: string
7354 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7355 x-kubernetes-int-or-string: true
7356 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
7357 requests:
7358 type: object
7359 additionalProperties:
7360 anyOf:
7361 - type: integer
7362 - type: string
7363 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7364 x-kubernetes-int-or-string: true
7365 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
7366 accessModes:
7367 type: array
7368 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
7369 items:
7370 type: string
7371 dataSource:
7372 type: object
7373 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
7374 properties:
7375 name:
7376 type: string
7377 description: Name is the name of resource being referenced
7378 kind:
7379 type: string
7380 description: Kind is the type of resource being referenced
7381 apiGroup:
7382 type: string
7383 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
7384 required:
7385 - kind
7386 - name
7387 x-kubernetes-map-type: atomic
7388 dataSourceRef:
7389 type: object
7390 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
7391 properties:
7392 name:
7393 type: string
7394 description: Name is the name of resource being referenced
7395 kind:
7396 type: string
7397 description: Kind is the type of resource being referenced
7398 apiGroup:
7399 type: string
7400 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
7401 required:
7402 - kind
7403 - name
7404 x-kubernetes-map-type: atomic
7405 storageClassName:
7406 type: string
7407 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
7408 volumeMode:
7409 type: string
7410 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
7411 volumeName:
7412 type: string
7413 description: volumeName is the binding reference to the PersistentVolume backing this claim.
7414 status:
7415 type: object
7416 description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
7417 properties:
7418 accessModes:
7419 type: array
7420 description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
7421 items:
7422 type: string
7423 allocatedResources:
7424 type: object
7425 additionalProperties:
7426 anyOf:
7427 - type: integer
7428 - type: string
7429 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7430 x-kubernetes-int-or-string: true
7431 description: allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
7432 capacity:
7433 type: object
7434 additionalProperties:
7435 anyOf:
7436 - type: integer
7437 - type: string
7438 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
7439 x-kubernetes-int-or-string: true
7440 description: capacity represents the actual resources of the underlying volume.
7441 conditions:
7442 type: array
7443 description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
7444 items:
7445 type: object
7446 description: PersistentVolumeClaimCondition contails details about state of pvc
7447 properties:
7448 type:
7449 type: string
7450 description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
7451 status:
7452 type: string
7453 lastProbeTime:
7454 type: string
7455 description: lastProbeTime is the time we probed the condition.
7456 format: date-time
7457 lastTransitionTime:
7458 type: string
7459 description: lastTransitionTime is the time the condition transitioned from one status to another.
7460 format: date-time
7461 message:
7462 type: string
7463 description: message is the human-readable message indicating details about last transition.
7464 reason:
7465 type: string
7466 description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
7467 required:
7468 - status
7469 - type
7470 phase:
7471 type: string
7472 description: phase represents the current phase of PersistentVolumeClaim.
7473 resizeStatus:
7474 type: string
7475 description: resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
7476 tag:
7477 type: string
7478 description: 'Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.'
7479 topologySpreadConstraints:
7480 type: array
7481 description: If specified, the pod's topology spread constraints.
7482 items:
7483 type: object
7484 description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
7485 properties:
7486 labelSelector:
7487 type: object
7488 description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
7489 properties:
7490 matchExpressions:
7491 type: array
7492 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
7493 items:
7494 type: object
7495 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
7496 properties:
7497 key:
7498 type: string
7499 description: key is the label key that the selector applies to.
7500 operator:
7501 type: string
7502 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
7503 values:
7504 type: array
7505 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
7506 items:
7507 type: string
7508 required:
7509 - key
7510 - operator
7511 matchLabels:
7512 type: object
7513 additionalProperties:
7514 type: string
7515 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
7516 x-kubernetes-map-type: atomic
7517 matchLabelKeys:
7518 type: array
7519 description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
7520 items:
7521 type: string
7522 x-kubernetes-list-type: atomic
7523 maxSkew:
7524 type: integer
7525 description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
7526 format: int32
7527 minDomains:
7528 type: integer
7529 description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
7530 format: int32
7531 nodeAffinityPolicy:
7532 type: string
7533 description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
7534 nodeTaintsPolicy:
7535 type: string
7536 description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
7537 topologyKey:
7538 type: string
7539 description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
7540 whenUnsatisfiable:
7541 type: string
7542 description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
7543 required:
7544 - maxSkew
7545 - topologyKey
7546 - whenUnsatisfiable
7547 version:
7548 type: string
7549 description: Version the cluster should be on.
7550 web:
7551 type: object
7552 description: Defines the web command line flags when starting Alertmanager.
7553 properties:
7554 httpConfig:
7555 type: object
7556 description: Defines HTTP parameters for web server.
7557 properties:
7558 headers:
7559 type: object
7560 description: List of headers that can be added to HTTP responses.
7561 properties:
7562 contentSecurityPolicy:
7563 type: string
7564 description: Set the Content-Security-Policy header to HTTP responses. Unset if blank.
7565 strictTransportSecurity:
7566 type: string
7567 description: Set the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same domain and subdomains over HTTPS. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
7568 xContentTypeOptions:
7569 type: string
7570 description: Set the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
7571 enum:
7572 - ""
7573 - NoSniff
7574 xFrameOptions:
7575 type: string
7576 description: Set the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
7577 enum:
7578 - ""
7579 - Deny
7580 - SameOrigin
7581 xXSSProtection:
7582 type: string
7583 description: Set the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
7584 http2:
7585 type: boolean
7586 description: Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered.
7587 tlsConfig:
7588 type: object
7589 description: Defines the TLS parameters for HTTPS.
7590 properties:
7591 cert:
7592 type: object
7593 description: Contains the TLS certificate for the server.
7594 properties:
7595 configMap:
7596 type: object
7597 description: ConfigMap containing data to use for the targets.
7598 properties:
7599 name:
7600 type: string
7601 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7602 key:
7603 type: string
7604 description: The key to select.
7605 optional:
7606 type: boolean
7607 description: Specify whether the ConfigMap or its key must be defined
7608 required:
7609 - key
7610 x-kubernetes-map-type: atomic
7611 secret:
7612 type: object
7613 description: Secret containing data to use for the targets.
7614 properties:
7615 name:
7616 type: string
7617 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7618 key:
7619 type: string
7620 description: The key of the secret to select from. Must be a valid secret key.
7621 optional:
7622 type: boolean
7623 description: Specify whether the Secret or its key must be defined
7624 required:
7625 - key
7626 x-kubernetes-map-type: atomic
7627 cipherSuites:
7628 type: array
7629 description: 'List of supported cipher suites for TLS versions up to TLS 1.2. If empty, Go default cipher suites are used. Available cipher suites are documented in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants'
7630 items:
7631 type: string
7632 clientAuthType:
7633 type: string
7634 description: 'Server policy for client authentication. Maps to ClientAuth Policies. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType'
7635 client_ca:
7636 type: object
7637 description: Contains the CA certificate for client certificate authentication to the server.
7638 properties:
7639 configMap:
7640 type: object
7641 description: ConfigMap containing data to use for the targets.
7642 properties:
7643 name:
7644 type: string
7645 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7646 key:
7647 type: string
7648 description: The key to select.
7649 optional:
7650 type: boolean
7651 description: Specify whether the ConfigMap or its key must be defined
7652 required:
7653 - key
7654 x-kubernetes-map-type: atomic
7655 secret:
7656 type: object
7657 description: Secret containing data to use for the targets.
7658 properties:
7659 name:
7660 type: string
7661 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7662 key:
7663 type: string
7664 description: The key of the secret to select from. Must be a valid secret key.
7665 optional:
7666 type: boolean
7667 description: Specify whether the Secret or its key must be defined
7668 required:
7669 - key
7670 x-kubernetes-map-type: atomic
7671 curvePreferences:
7672 type: array
7673 description: 'Elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID'
7674 items:
7675 type: string
7676 keySecret:
7677 type: object
7678 description: Secret containing the TLS key for the server.
7679 properties:
7680 name:
7681 type: string
7682 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7683 key:
7684 type: string
7685 description: The key of the secret to select from. Must be a valid secret key.
7686 optional:
7687 type: boolean
7688 description: Specify whether the Secret or its key must be defined
7689 required:
7690 - key
7691 x-kubernetes-map-type: atomic
7692 maxVersion:
7693 type: string
7694 description: Maximum TLS version that is acceptable. Defaults to TLS13.
7695 minVersion:
7696 type: string
7697 description: Minimum TLS version that is acceptable. Defaults to TLS12.
7698 preferServerCipherSuites:
7699 type: boolean
7700 description: Controls whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in the order of elements in cipherSuites, is used.
7701 required:
7702 - cert
7703 - keySecret
7704 status:
7705 type: object
7706 description: 'Most recent observed status of the Alertmanager cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
7707 properties:
7708 replicas:
7709 type: integer
7710 description: Total number of non-terminated pods targeted by this Alertmanager cluster (their labels match the selector).
7711 format: int32
7712 paused:
7713 type: boolean
7714 description: Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed.
7715 availableReplicas:
7716 type: integer
7717 description: Total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster.
7718 format: int32
7719 unavailableReplicas:
7720 type: integer
7721 description: Total number of unavailable pods targeted by this Alertmanager cluster.
7722 format: int32
7723 updatedReplicas:
7724 type: integer
7725 description: Total number of non-terminated pods targeted by this Alertmanager cluster that have the desired version spec.
7726 format: int32
7727 required:
7728 - availableReplicas
7729 - paused
7730 - replicas
7731 - unavailableReplicas
7732 - updatedReplicas
7733 required:
7734 - spec
7735 served: true
7736 storage: true
7737 subresources: {}
7738---
7739apiVersion: apiextensions.k8s.io/v1
7740kind: CustomResourceDefinition
7741metadata:
7742 name: podmonitors.monitoring.coreos.com
7743 labels:
7744 workload.edge.ncr.com: platform
7745 annotations:
7746 controller-gen.kubebuilder.io/version: v0.9.2
7747 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
7748 pallet.edge.ncr.com/name: prometheus-operator
7749 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
7750 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
7751 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
7752 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
7753spec:
7754 group: monitoring.coreos.com
7755 names:
7756 kind: PodMonitor
7757 categories:
7758 - prometheus-operator
7759 listKind: PodMonitorList
7760 plural: podmonitors
7761 shortNames:
7762 - pmon
7763 singular: podmonitor
7764 scope: Namespaced
7765 versions:
7766 - name: v1
7767 schema:
7768 openAPIV3Schema:
7769 type: object
7770 description: PodMonitor defines monitoring for a set of pods.
7771 properties:
7772 apiVersion:
7773 type: string
7774 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
7775 kind:
7776 type: string
7777 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
7778 metadata:
7779 type: object
7780 spec:
7781 type: object
7782 description: Specification of desired Pod selection for target discovery by Prometheus.
7783 properties:
7784 selector:
7785 type: object
7786 description: Selector to select Pod objects.
7787 properties:
7788 matchExpressions:
7789 type: array
7790 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
7791 items:
7792 type: object
7793 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
7794 properties:
7795 key:
7796 type: string
7797 description: key is the label key that the selector applies to.
7798 operator:
7799 type: string
7800 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
7801 values:
7802 type: array
7803 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
7804 items:
7805 type: string
7806 required:
7807 - key
7808 - operator
7809 matchLabels:
7810 type: object
7811 additionalProperties:
7812 type: string
7813 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
7814 x-kubernetes-map-type: atomic
7815 attachMetadata:
7816 type: object
7817 description: 'Attaches node metadata to discovered targets. Only valid for role: pod. Only valid in Prometheus versions 2.35.0 and newer.'
7818 properties:
7819 node:
7820 type: boolean
7821 description: When set to true, Prometheus must have permissions to get Nodes.
7822 jobLabel:
7823 type: string
7824 description: The label to use to retrieve the job name from.
7825 labelLimit:
7826 type: integer
7827 description: Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
7828 format: int64
7829 labelNameLengthLimit:
7830 type: integer
7831 description: Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
7832 format: int64
7833 labelValueLengthLimit:
7834 type: integer
7835 description: Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
7836 format: int64
7837 namespaceSelector:
7838 type: object
7839 description: Selector to select which namespaces the Endpoints objects are discovered from.
7840 properties:
7841 any:
7842 type: boolean
7843 description: Boolean describing whether all namespaces are selected in contrast to a list restricting them.
7844 matchNames:
7845 type: array
7846 description: List of namespace names to select from.
7847 items:
7848 type: string
7849 podMetricsEndpoints:
7850 type: array
7851 description: A list of endpoints allowed as part of this PodMonitor.
7852 items:
7853 type: object
7854 description: PodMetricsEndpoint defines a scrapeable endpoint of a Kubernetes Pod serving Prometheus metrics.
7855 properties:
7856 port:
7857 type: string
7858 description: Name of the pod port this endpoint refers to. Mutually exclusive with targetPort.
7859 targetPort:
7860 anyOf:
7861 - type: integer
7862 - type: string
7863 description: 'Deprecated: Use ''port'' instead.'
7864 x-kubernetes-int-or-string: true
7865 authorization:
7866 type: object
7867 description: Authorization section for this endpoint
7868 properties:
7869 type:
7870 type: string
7871 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
7872 credentials:
7873 type: object
7874 description: The secret's key that contains the credentials of the request
7875 properties:
7876 name:
7877 type: string
7878 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7879 key:
7880 type: string
7881 description: The key of the secret to select from. Must be a valid secret key.
7882 optional:
7883 type: boolean
7884 description: Specify whether the Secret or its key must be defined
7885 required:
7886 - key
7887 x-kubernetes-map-type: atomic
7888 basicAuth:
7889 type: object
7890 description: 'BasicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
7891 properties:
7892 password:
7893 type: object
7894 description: The secret in the service monitor namespace that contains the password for authentication.
7895 properties:
7896 name:
7897 type: string
7898 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7899 key:
7900 type: string
7901 description: The key of the secret to select from. Must be a valid secret key.
7902 optional:
7903 type: boolean
7904 description: Specify whether the Secret or its key must be defined
7905 required:
7906 - key
7907 x-kubernetes-map-type: atomic
7908 username:
7909 type: object
7910 description: The secret in the service monitor namespace that contains the username for authentication.
7911 properties:
7912 name:
7913 type: string
7914 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7915 key:
7916 type: string
7917 description: The key of the secret to select from. Must be a valid secret key.
7918 optional:
7919 type: boolean
7920 description: Specify whether the Secret or its key must be defined
7921 required:
7922 - key
7923 x-kubernetes-map-type: atomic
7924 bearerTokenSecret:
7925 type: object
7926 description: Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
7927 properties:
7928 name:
7929 type: string
7930 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
7931 key:
7932 type: string
7933 description: The key of the secret to select from. Must be a valid secret key.
7934 optional:
7935 type: boolean
7936 description: Specify whether the Secret or its key must be defined
7937 required:
7938 - key
7939 x-kubernetes-map-type: atomic
7940 enableHttp2:
7941 type: boolean
7942 description: Whether to enable HTTP2.
7943 filterRunning:
7944 type: boolean
7945 description: 'Drop pods that are not running. (Failed, Succeeded). Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase'
7946 followRedirects:
7947 type: boolean
7948 description: FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
7949 honorLabels:
7950 type: boolean
7951 description: HonorLabels chooses the metric's labels on collisions with target labels.
7952 honorTimestamps:
7953 type: boolean
7954 description: HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
7955 interval:
7956 type: string
7957 description: Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used.
7958 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
7959 metricRelabelings:
7960 type: array
7961 description: MetricRelabelConfigs to apply to samples before ingestion.
7962 items:
7963 type: object
7964 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
7965 properties:
7966 action:
7967 type: string
7968 default: replace
7969 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
7970 enum:
7971 - replace
7972 - Replace
7973 - keep
7974 - Keep
7975 - drop
7976 - Drop
7977 - hashmod
7978 - HashMod
7979 - labelmap
7980 - LabelMap
7981 - labeldrop
7982 - LabelDrop
7983 - labelkeep
7984 - LabelKeep
7985 - lowercase
7986 - Lowercase
7987 - uppercase
7988 - Uppercase
7989 modulus:
7990 type: integer
7991 description: Modulus to take of the hash of the source label values.
7992 format: int64
7993 regex:
7994 type: string
7995 description: Regular expression against which the extracted value is matched. Default is '(.*)'
7996 replacement:
7997 type: string
7998 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
7999 separator:
8000 type: string
8001 description: Separator placed between concatenated source label values. default is ';'.
8002 sourceLabels:
8003 type: array
8004 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
8005 items:
8006 type: string
8007 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
8008 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
8009 targetLabel:
8010 type: string
8011 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
8012 oauth2:
8013 type: object
8014 description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
8015 properties:
8016 clientId:
8017 type: object
8018 description: The secret or configmap containing the OAuth2 client id
8019 properties:
8020 configMap:
8021 type: object
8022 description: ConfigMap containing data to use for the targets.
8023 properties:
8024 name:
8025 type: string
8026 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8027 key:
8028 type: string
8029 description: The key to select.
8030 optional:
8031 type: boolean
8032 description: Specify whether the ConfigMap or its key must be defined
8033 required:
8034 - key
8035 x-kubernetes-map-type: atomic
8036 secret:
8037 type: object
8038 description: Secret containing data to use for the targets.
8039 properties:
8040 name:
8041 type: string
8042 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8043 key:
8044 type: string
8045 description: The key of the secret to select from. Must be a valid secret key.
8046 optional:
8047 type: boolean
8048 description: Specify whether the Secret or its key must be defined
8049 required:
8050 - key
8051 x-kubernetes-map-type: atomic
8052 clientSecret:
8053 type: object
8054 description: The secret containing the OAuth2 client secret
8055 properties:
8056 name:
8057 type: string
8058 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8059 key:
8060 type: string
8061 description: The key of the secret to select from. Must be a valid secret key.
8062 optional:
8063 type: boolean
8064 description: Specify whether the Secret or its key must be defined
8065 required:
8066 - key
8067 x-kubernetes-map-type: atomic
8068 endpointParams:
8069 type: object
8070 additionalProperties:
8071 type: string
8072 description: Parameters to append to the token URL
8073 scopes:
8074 type: array
8075 description: OAuth2 scopes used for the token request
8076 items:
8077 type: string
8078 tokenUrl:
8079 type: string
8080 description: The URL to fetch the token from
8081 minLength: 1
8082 required:
8083 - clientId
8084 - clientSecret
8085 - tokenUrl
8086 params:
8087 type: object
8088 additionalProperties:
8089 type: array
8090 items:
8091 type: string
8092 description: Optional HTTP URL parameters
8093 path:
8094 type: string
8095 description: HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`).
8096 proxyUrl:
8097 type: string
8098 description: ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint.
8099 relabelings:
8100 type: array
8101 description: 'RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job''s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
8102 items:
8103 type: object
8104 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
8105 properties:
8106 action:
8107 type: string
8108 default: replace
8109 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
8110 enum:
8111 - replace
8112 - Replace
8113 - keep
8114 - Keep
8115 - drop
8116 - Drop
8117 - hashmod
8118 - HashMod
8119 - labelmap
8120 - LabelMap
8121 - labeldrop
8122 - LabelDrop
8123 - labelkeep
8124 - LabelKeep
8125 - lowercase
8126 - Lowercase
8127 - uppercase
8128 - Uppercase
8129 modulus:
8130 type: integer
8131 description: Modulus to take of the hash of the source label values.
8132 format: int64
8133 regex:
8134 type: string
8135 description: Regular expression against which the extracted value is matched. Default is '(.*)'
8136 replacement:
8137 type: string
8138 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
8139 separator:
8140 type: string
8141 description: Separator placed between concatenated source label values. default is ';'.
8142 sourceLabels:
8143 type: array
8144 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
8145 items:
8146 type: string
8147 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
8148 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
8149 targetLabel:
8150 type: string
8151 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
8152 scheme:
8153 type: string
8154 description: HTTP scheme to use for scraping.
8155 scrapeTimeout:
8156 type: string
8157 description: Timeout after which the scrape is ended If not specified, the Prometheus global scrape interval is used.
8158 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
8159 tlsConfig:
8160 type: object
8161 description: TLS configuration to use when scraping the endpoint.
8162 properties:
8163 ca:
8164 type: object
8165 description: Struct containing the CA cert to use for the targets.
8166 properties:
8167 configMap:
8168 type: object
8169 description: ConfigMap containing data to use for the targets.
8170 properties:
8171 name:
8172 type: string
8173 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8174 key:
8175 type: string
8176 description: The key to select.
8177 optional:
8178 type: boolean
8179 description: Specify whether the ConfigMap or its key must be defined
8180 required:
8181 - key
8182 x-kubernetes-map-type: atomic
8183 secret:
8184 type: object
8185 description: Secret containing data to use for the targets.
8186 properties:
8187 name:
8188 type: string
8189 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8190 key:
8191 type: string
8192 description: The key of the secret to select from. Must be a valid secret key.
8193 optional:
8194 type: boolean
8195 description: Specify whether the Secret or its key must be defined
8196 required:
8197 - key
8198 x-kubernetes-map-type: atomic
8199 cert:
8200 type: object
8201 description: Struct containing the client cert file for the targets.
8202 properties:
8203 configMap:
8204 type: object
8205 description: ConfigMap containing data to use for the targets.
8206 properties:
8207 name:
8208 type: string
8209 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8210 key:
8211 type: string
8212 description: The key to select.
8213 optional:
8214 type: boolean
8215 description: Specify whether the ConfigMap or its key must be defined
8216 required:
8217 - key
8218 x-kubernetes-map-type: atomic
8219 secret:
8220 type: object
8221 description: Secret containing data to use for the targets.
8222 properties:
8223 name:
8224 type: string
8225 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8226 key:
8227 type: string
8228 description: The key of the secret to select from. Must be a valid secret key.
8229 optional:
8230 type: boolean
8231 description: Specify whether the Secret or its key must be defined
8232 required:
8233 - key
8234 x-kubernetes-map-type: atomic
8235 insecureSkipVerify:
8236 type: boolean
8237 description: Disable target certificate validation.
8238 keySecret:
8239 type: object
8240 description: Secret containing the client key file for the targets.
8241 properties:
8242 name:
8243 type: string
8244 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8245 key:
8246 type: string
8247 description: The key of the secret to select from. Must be a valid secret key.
8248 optional:
8249 type: boolean
8250 description: Specify whether the Secret or its key must be defined
8251 required:
8252 - key
8253 x-kubernetes-map-type: atomic
8254 serverName:
8255 type: string
8256 description: Used to verify the hostname for the targets.
8257 podTargetLabels:
8258 type: array
8259 description: PodTargetLabels transfers labels on the Kubernetes Pod onto the target.
8260 items:
8261 type: string
8262 sampleLimit:
8263 type: integer
8264 description: SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
8265 format: int64
8266 targetLimit:
8267 type: integer
8268 description: TargetLimit defines a limit on the number of scraped targets that will be accepted.
8269 format: int64
8270 required:
8271 - podMetricsEndpoints
8272 - selector
8273 required:
8274 - spec
8275 served: true
8276 storage: true
8277---
8278apiVersion: apiextensions.k8s.io/v1
8279kind: CustomResourceDefinition
8280metadata:
8281 name: probes.monitoring.coreos.com
8282 labels:
8283 workload.edge.ncr.com: platform
8284 annotations:
8285 controller-gen.kubebuilder.io/version: v0.9.2
8286 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
8287 pallet.edge.ncr.com/name: prometheus-operator
8288 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
8289 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
8290 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
8291 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
8292spec:
8293 group: monitoring.coreos.com
8294 names:
8295 kind: Probe
8296 categories:
8297 - prometheus-operator
8298 listKind: ProbeList
8299 plural: probes
8300 shortNames:
8301 - prb
8302 singular: probe
8303 scope: Namespaced
8304 versions:
8305 - name: v1
8306 schema:
8307 openAPIV3Schema:
8308 type: object
8309 description: Probe defines monitoring for a set of static targets or ingresses.
8310 properties:
8311 apiVersion:
8312 type: string
8313 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
8314 kind:
8315 type: string
8316 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
8317 metadata:
8318 type: object
8319 spec:
8320 type: object
8321 description: Specification of desired Ingress selection for target discovery by Prometheus.
8322 properties:
8323 authorization:
8324 type: object
8325 description: Authorization section for this endpoint
8326 properties:
8327 type:
8328 type: string
8329 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
8330 credentials:
8331 type: object
8332 description: The secret's key that contains the credentials of the request
8333 properties:
8334 name:
8335 type: string
8336 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8337 key:
8338 type: string
8339 description: The key of the secret to select from. Must be a valid secret key.
8340 optional:
8341 type: boolean
8342 description: Specify whether the Secret or its key must be defined
8343 required:
8344 - key
8345 x-kubernetes-map-type: atomic
8346 basicAuth:
8347 type: object
8348 description: 'BasicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
8349 properties:
8350 password:
8351 type: object
8352 description: The secret in the service monitor namespace that contains the password for authentication.
8353 properties:
8354 name:
8355 type: string
8356 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8357 key:
8358 type: string
8359 description: The key of the secret to select from. Must be a valid secret key.
8360 optional:
8361 type: boolean
8362 description: Specify whether the Secret or its key must be defined
8363 required:
8364 - key
8365 x-kubernetes-map-type: atomic
8366 username:
8367 type: object
8368 description: The secret in the service monitor namespace that contains the username for authentication.
8369 properties:
8370 name:
8371 type: string
8372 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8373 key:
8374 type: string
8375 description: The key of the secret to select from. Must be a valid secret key.
8376 optional:
8377 type: boolean
8378 description: Specify whether the Secret or its key must be defined
8379 required:
8380 - key
8381 x-kubernetes-map-type: atomic
8382 bearerTokenSecret:
8383 type: object
8384 description: Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the probe and accessible by the Prometheus Operator.
8385 properties:
8386 name:
8387 type: string
8388 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8389 key:
8390 type: string
8391 description: The key of the secret to select from. Must be a valid secret key.
8392 optional:
8393 type: boolean
8394 description: Specify whether the Secret or its key must be defined
8395 required:
8396 - key
8397 x-kubernetes-map-type: atomic
8398 interval:
8399 type: string
8400 description: Interval at which targets are probed using the configured prober. If not specified Prometheus' global scrape interval is used.
8401 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
8402 jobName:
8403 type: string
8404 description: The job name assigned to scraped metrics by default.
8405 labelLimit:
8406 type: integer
8407 description: Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
8408 format: int64
8409 labelNameLengthLimit:
8410 type: integer
8411 description: Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
8412 format: int64
8413 labelValueLengthLimit:
8414 type: integer
8415 description: Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
8416 format: int64
8417 metricRelabelings:
8418 type: array
8419 description: MetricRelabelConfigs to apply to samples before ingestion.
8420 items:
8421 type: object
8422 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
8423 properties:
8424 action:
8425 type: string
8426 default: replace
8427 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
8428 enum:
8429 - replace
8430 - Replace
8431 - keep
8432 - Keep
8433 - drop
8434 - Drop
8435 - hashmod
8436 - HashMod
8437 - labelmap
8438 - LabelMap
8439 - labeldrop
8440 - LabelDrop
8441 - labelkeep
8442 - LabelKeep
8443 - lowercase
8444 - Lowercase
8445 - uppercase
8446 - Uppercase
8447 modulus:
8448 type: integer
8449 description: Modulus to take of the hash of the source label values.
8450 format: int64
8451 regex:
8452 type: string
8453 description: Regular expression against which the extracted value is matched. Default is '(.*)'
8454 replacement:
8455 type: string
8456 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
8457 separator:
8458 type: string
8459 description: Separator placed between concatenated source label values. default is ';'.
8460 sourceLabels:
8461 type: array
8462 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
8463 items:
8464 type: string
8465 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
8466 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
8467 targetLabel:
8468 type: string
8469 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
8470 module:
8471 type: string
8472 description: 'The module to use for probing specifying how to probe the target. Example module configuring in the blackbox exporter: https://github.com/prometheus/blackbox_exporter/blob/master/example.yml'
8473 oauth2:
8474 type: object
8475 description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
8476 properties:
8477 clientId:
8478 type: object
8479 description: The secret or configmap containing the OAuth2 client id
8480 properties:
8481 configMap:
8482 type: object
8483 description: ConfigMap containing data to use for the targets.
8484 properties:
8485 name:
8486 type: string
8487 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8488 key:
8489 type: string
8490 description: The key to select.
8491 optional:
8492 type: boolean
8493 description: Specify whether the ConfigMap or its key must be defined
8494 required:
8495 - key
8496 x-kubernetes-map-type: atomic
8497 secret:
8498 type: object
8499 description: Secret containing data to use for the targets.
8500 properties:
8501 name:
8502 type: string
8503 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8504 key:
8505 type: string
8506 description: The key of the secret to select from. Must be a valid secret key.
8507 optional:
8508 type: boolean
8509 description: Specify whether the Secret or its key must be defined
8510 required:
8511 - key
8512 x-kubernetes-map-type: atomic
8513 clientSecret:
8514 type: object
8515 description: The secret containing the OAuth2 client secret
8516 properties:
8517 name:
8518 type: string
8519 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8520 key:
8521 type: string
8522 description: The key of the secret to select from. Must be a valid secret key.
8523 optional:
8524 type: boolean
8525 description: Specify whether the Secret or its key must be defined
8526 required:
8527 - key
8528 x-kubernetes-map-type: atomic
8529 endpointParams:
8530 type: object
8531 additionalProperties:
8532 type: string
8533 description: Parameters to append to the token URL
8534 scopes:
8535 type: array
8536 description: OAuth2 scopes used for the token request
8537 items:
8538 type: string
8539 tokenUrl:
8540 type: string
8541 description: The URL to fetch the token from
8542 minLength: 1
8543 required:
8544 - clientId
8545 - clientSecret
8546 - tokenUrl
8547 prober:
8548 type: object
8549 description: Specification for the prober to use for probing targets. The prober.URL parameter is required. Targets cannot be probed if left empty.
8550 properties:
8551 path:
8552 type: string
8553 default: /probe
8554 description: Path to collect metrics from. Defaults to `/probe`.
8555 proxyUrl:
8556 type: string
8557 description: Optional ProxyURL.
8558 scheme:
8559 type: string
8560 description: HTTP scheme to use for scraping. Defaults to `http`.
8561 url:
8562 type: string
8563 description: Mandatory URL of the prober.
8564 required:
8565 - url
8566 sampleLimit:
8567 type: integer
8568 description: SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
8569 format: int64
8570 scrapeTimeout:
8571 type: string
8572 description: Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape interval is used.
8573 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
8574 targetLimit:
8575 type: integer
8576 description: TargetLimit defines a limit on the number of scraped targets that will be accepted.
8577 format: int64
8578 targets:
8579 type: object
8580 description: Targets defines a set of static or dynamically discovered targets to probe.
8581 properties:
8582 ingress:
8583 type: object
8584 description: ingress defines the Ingress objects to probe and the relabeling configuration. If `staticConfig` is also defined, `staticConfig` takes precedence.
8585 properties:
8586 selector:
8587 type: object
8588 description: Selector to select the Ingress objects.
8589 properties:
8590 matchExpressions:
8591 type: array
8592 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
8593 items:
8594 type: object
8595 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
8596 properties:
8597 key:
8598 type: string
8599 description: key is the label key that the selector applies to.
8600 operator:
8601 type: string
8602 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
8603 values:
8604 type: array
8605 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
8606 items:
8607 type: string
8608 required:
8609 - key
8610 - operator
8611 matchLabels:
8612 type: object
8613 additionalProperties:
8614 type: string
8615 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
8616 x-kubernetes-map-type: atomic
8617 namespaceSelector:
8618 type: object
8619 description: From which namespaces to select Ingress objects.
8620 properties:
8621 any:
8622 type: boolean
8623 description: Boolean describing whether all namespaces are selected in contrast to a list restricting them.
8624 matchNames:
8625 type: array
8626 description: List of namespace names to select from.
8627 items:
8628 type: string
8629 relabelingConfigs:
8630 type: array
8631 description: 'RelabelConfigs to apply to the label set of the target before it gets scraped. The original ingress address is available via the `__tmp_prometheus_ingress_address` label. It can be used to customize the probed URL. The original scrape job''s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
8632 items:
8633 type: object
8634 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
8635 properties:
8636 action:
8637 type: string
8638 default: replace
8639 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
8640 enum:
8641 - replace
8642 - Replace
8643 - keep
8644 - Keep
8645 - drop
8646 - Drop
8647 - hashmod
8648 - HashMod
8649 - labelmap
8650 - LabelMap
8651 - labeldrop
8652 - LabelDrop
8653 - labelkeep
8654 - LabelKeep
8655 - lowercase
8656 - Lowercase
8657 - uppercase
8658 - Uppercase
8659 modulus:
8660 type: integer
8661 description: Modulus to take of the hash of the source label values.
8662 format: int64
8663 regex:
8664 type: string
8665 description: Regular expression against which the extracted value is matched. Default is '(.*)'
8666 replacement:
8667 type: string
8668 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
8669 separator:
8670 type: string
8671 description: Separator placed between concatenated source label values. default is ';'.
8672 sourceLabels:
8673 type: array
8674 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
8675 items:
8676 type: string
8677 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
8678 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
8679 targetLabel:
8680 type: string
8681 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
8682 staticConfig:
8683 type: object
8684 description: 'staticConfig defines the static list of targets to probe and the relabeling configuration. If `ingress` is also defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.'
8685 properties:
8686 labels:
8687 type: object
8688 additionalProperties:
8689 type: string
8690 description: Labels assigned to all metrics scraped from the targets.
8691 relabelingConfigs:
8692 type: array
8693 description: 'RelabelConfigs to apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
8694 items:
8695 type: object
8696 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
8697 properties:
8698 action:
8699 type: string
8700 default: replace
8701 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
8702 enum:
8703 - replace
8704 - Replace
8705 - keep
8706 - Keep
8707 - drop
8708 - Drop
8709 - hashmod
8710 - HashMod
8711 - labelmap
8712 - LabelMap
8713 - labeldrop
8714 - LabelDrop
8715 - labelkeep
8716 - LabelKeep
8717 - lowercase
8718 - Lowercase
8719 - uppercase
8720 - Uppercase
8721 modulus:
8722 type: integer
8723 description: Modulus to take of the hash of the source label values.
8724 format: int64
8725 regex:
8726 type: string
8727 description: Regular expression against which the extracted value is matched. Default is '(.*)'
8728 replacement:
8729 type: string
8730 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
8731 separator:
8732 type: string
8733 description: Separator placed between concatenated source label values. default is ';'.
8734 sourceLabels:
8735 type: array
8736 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
8737 items:
8738 type: string
8739 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
8740 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
8741 targetLabel:
8742 type: string
8743 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
8744 static:
8745 type: array
8746 description: The list of hosts to probe.
8747 items:
8748 type: string
8749 tlsConfig:
8750 type: object
8751 description: TLS configuration to use when scraping the endpoint.
8752 properties:
8753 ca:
8754 type: object
8755 description: Struct containing the CA cert to use for the targets.
8756 properties:
8757 configMap:
8758 type: object
8759 description: ConfigMap containing data to use for the targets.
8760 properties:
8761 name:
8762 type: string
8763 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8764 key:
8765 type: string
8766 description: The key to select.
8767 optional:
8768 type: boolean
8769 description: Specify whether the ConfigMap or its key must be defined
8770 required:
8771 - key
8772 x-kubernetes-map-type: atomic
8773 secret:
8774 type: object
8775 description: Secret containing data to use for the targets.
8776 properties:
8777 name:
8778 type: string
8779 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8780 key:
8781 type: string
8782 description: The key of the secret to select from. Must be a valid secret key.
8783 optional:
8784 type: boolean
8785 description: Specify whether the Secret or its key must be defined
8786 required:
8787 - key
8788 x-kubernetes-map-type: atomic
8789 cert:
8790 type: object
8791 description: Struct containing the client cert file for the targets.
8792 properties:
8793 configMap:
8794 type: object
8795 description: ConfigMap containing data to use for the targets.
8796 properties:
8797 name:
8798 type: string
8799 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8800 key:
8801 type: string
8802 description: The key to select.
8803 optional:
8804 type: boolean
8805 description: Specify whether the ConfigMap or its key must be defined
8806 required:
8807 - key
8808 x-kubernetes-map-type: atomic
8809 secret:
8810 type: object
8811 description: Secret containing data to use for the targets.
8812 properties:
8813 name:
8814 type: string
8815 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8816 key:
8817 type: string
8818 description: The key of the secret to select from. Must be a valid secret key.
8819 optional:
8820 type: boolean
8821 description: Specify whether the Secret or its key must be defined
8822 required:
8823 - key
8824 x-kubernetes-map-type: atomic
8825 insecureSkipVerify:
8826 type: boolean
8827 description: Disable target certificate validation.
8828 keySecret:
8829 type: object
8830 description: Secret containing the client key file for the targets.
8831 properties:
8832 name:
8833 type: string
8834 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
8835 key:
8836 type: string
8837 description: The key of the secret to select from. Must be a valid secret key.
8838 optional:
8839 type: boolean
8840 description: Specify whether the Secret or its key must be defined
8841 required:
8842 - key
8843 x-kubernetes-map-type: atomic
8844 serverName:
8845 type: string
8846 description: Used to verify the hostname for the targets.
8847 required:
8848 - spec
8849 served: true
8850 storage: true
8851---
8852apiVersion: apiextensions.k8s.io/v1
8853kind: CustomResourceDefinition
8854metadata:
8855 name: prometheuses.monitoring.coreos.com
8856 labels:
8857 workload.edge.ncr.com: platform
8858 annotations:
8859 controller-gen.kubebuilder.io/version: v0.9.2
8860 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
8861 pallet.edge.ncr.com/name: prometheus-operator
8862 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
8863 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
8864 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
8865 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
8866spec:
8867 group: monitoring.coreos.com
8868 names:
8869 kind: Prometheus
8870 categories:
8871 - prometheus-operator
8872 listKind: PrometheusList
8873 plural: prometheuses
8874 shortNames:
8875 - prom
8876 singular: prometheus
8877 scope: Namespaced
8878 versions:
8879 - name: v1
8880 additionalPrinterColumns:
8881 - name: Version
8882 type: string
8883 description: The version of Prometheus
8884 jsonPath: .spec.version
8885 - name: Desired
8886 type: integer
8887 description: The number of desired replicas
8888 jsonPath: .spec.replicas
8889 - name: Ready
8890 type: integer
8891 description: The number of ready replicas
8892 jsonPath: .status.availableReplicas
8893 - name: Reconciled
8894 type: string
8895 jsonPath: .status.conditions[?(@.type == 'Reconciled')].status
8896 - name: Available
8897 type: string
8898 jsonPath: .status.conditions[?(@.type == 'Available')].status
8899 - name: Age
8900 type: date
8901 jsonPath: .metadata.creationTimestamp
8902 - name: Paused
8903 type: boolean
8904 priority: 1
8905 description: Whether the resource reconciliation is paused or not
8906 jsonPath: .status.paused
8907 schema:
8908 openAPIV3Schema:
8909 type: object
8910 description: Prometheus defines a Prometheus deployment.
8911 properties:
8912 apiVersion:
8913 type: string
8914 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
8915 kind:
8916 type: string
8917 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
8918 metadata:
8919 type: object
8920 spec:
8921 type: object
8922 description: 'Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
8923 properties:
8924 replicas:
8925 type: integer
8926 description: Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
8927 format: int32
8928 minReadySeconds:
8929 type: integer
8930 description: Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field and requires enabling StatefulSetMinReadySeconds feature gate.
8931 format: int32
8932 paused:
8933 type: boolean
8934 description: When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
8935 serviceAccountName:
8936 type: string
8937 description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
8938 hostNetwork:
8939 type: boolean
8940 description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
8941 priorityClassName:
8942 type: string
8943 description: Priority class assigned to the Pods
8944 nodeSelector:
8945 type: object
8946 additionalProperties:
8947 type: string
8948 description: Define which Nodes the Pods are scheduled on.
8949 hostAliases:
8950 type: array
8951 description: Pods' hostAliases configuration
8952 items:
8953 type: object
8954 description: HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
8955 properties:
8956 hostnames:
8957 type: array
8958 description: Hostnames for the above IP address.
8959 items:
8960 type: string
8961 ip:
8962 type: string
8963 description: IP address of the host file entry.
8964 required:
8965 - hostnames
8966 - ip
8967 x-kubernetes-list-map-keys:
8968 - ip
8969 x-kubernetes-list-type: map
8970 initContainers:
8971 type: array
8972 description: 'InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
8973 items:
8974 type: object
8975 description: A single application container that you want to run within a pod.
8976 properties:
8977 name:
8978 type: string
8979 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
8980 image:
8981 type: string
8982 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
8983 command:
8984 type: array
8985 description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
8986 items:
8987 type: string
8988 args:
8989 type: array
8990 description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
8991 items:
8992 type: string
8993 workingDir:
8994 type: string
8995 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
8996 ports:
8997 type: array
8998 description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
8999 items:
9000 type: object
9001 description: ContainerPort represents a network port in a single container.
9002 properties:
9003 name:
9004 type: string
9005 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
9006 protocol:
9007 type: string
9008 default: TCP
9009 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
9010 hostPort:
9011 type: integer
9012 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
9013 format: int32
9014 containerPort:
9015 type: integer
9016 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
9017 format: int32
9018 hostIP:
9019 type: string
9020 description: What host IP to bind the external port to.
9021 required:
9022 - containerPort
9023 x-kubernetes-list-map-keys:
9024 - containerPort
9025 - protocol
9026 x-kubernetes-list-type: map
9027 envFrom:
9028 type: array
9029 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
9030 items:
9031 type: object
9032 description: EnvFromSource represents the source of a set of ConfigMaps
9033 properties:
9034 prefix:
9035 type: string
9036 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
9037 configMapRef:
9038 type: object
9039 description: The ConfigMap to select from
9040 properties:
9041 name:
9042 type: string
9043 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9044 optional:
9045 type: boolean
9046 description: Specify whether the ConfigMap must be defined
9047 x-kubernetes-map-type: atomic
9048 secretRef:
9049 type: object
9050 description: The Secret to select from
9051 properties:
9052 name:
9053 type: string
9054 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9055 optional:
9056 type: boolean
9057 description: Specify whether the Secret must be defined
9058 x-kubernetes-map-type: atomic
9059 env:
9060 type: array
9061 description: List of environment variables to set in the container. Cannot be updated.
9062 items:
9063 type: object
9064 description: EnvVar represents an environment variable present in a Container.
9065 properties:
9066 name:
9067 type: string
9068 description: Name of the environment variable. Must be a C_IDENTIFIER.
9069 value:
9070 type: string
9071 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
9072 valueFrom:
9073 type: object
9074 description: Source for the environment variable's value. Cannot be used if value is not empty.
9075 properties:
9076 fieldRef:
9077 type: object
9078 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
9079 properties:
9080 apiVersion:
9081 type: string
9082 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
9083 fieldPath:
9084 type: string
9085 description: Path of the field to select in the specified API version.
9086 required:
9087 - fieldPath
9088 x-kubernetes-map-type: atomic
9089 resourceFieldRef:
9090 type: object
9091 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
9092 properties:
9093 containerName:
9094 type: string
9095 description: 'Container name: required for volumes, optional for env vars'
9096 divisor:
9097 anyOf:
9098 - type: integer
9099 - type: string
9100 description: Specifies the output format of the exposed resources, defaults to "1"
9101 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9102 x-kubernetes-int-or-string: true
9103 resource:
9104 type: string
9105 description: 'Required: resource to select'
9106 required:
9107 - resource
9108 x-kubernetes-map-type: atomic
9109 configMapKeyRef:
9110 type: object
9111 description: Selects a key of a ConfigMap.
9112 properties:
9113 name:
9114 type: string
9115 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9116 key:
9117 type: string
9118 description: The key to select.
9119 optional:
9120 type: boolean
9121 description: Specify whether the ConfigMap or its key must be defined
9122 required:
9123 - key
9124 x-kubernetes-map-type: atomic
9125 secretKeyRef:
9126 type: object
9127 description: Selects a key of a secret in the pod's namespace
9128 properties:
9129 name:
9130 type: string
9131 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9132 key:
9133 type: string
9134 description: The key of the secret to select from. Must be a valid secret key.
9135 optional:
9136 type: boolean
9137 description: Specify whether the Secret or its key must be defined
9138 required:
9139 - key
9140 x-kubernetes-map-type: atomic
9141 required:
9142 - name
9143 resources:
9144 type: object
9145 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
9146 properties:
9147 limits:
9148 type: object
9149 additionalProperties:
9150 anyOf:
9151 - type: integer
9152 - type: string
9153 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9154 x-kubernetes-int-or-string: true
9155 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
9156 requests:
9157 type: object
9158 additionalProperties:
9159 anyOf:
9160 - type: integer
9161 - type: string
9162 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9163 x-kubernetes-int-or-string: true
9164 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
9165 volumeMounts:
9166 type: array
9167 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
9168 items:
9169 type: object
9170 description: VolumeMount describes a mounting of a Volume within a container.
9171 properties:
9172 name:
9173 type: string
9174 description: This must match the Name of a Volume.
9175 readOnly:
9176 type: boolean
9177 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
9178 mountPath:
9179 type: string
9180 description: Path within the container at which the volume should be mounted. Must not contain ':'.
9181 subPath:
9182 type: string
9183 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
9184 subPathExpr:
9185 type: string
9186 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
9187 mountPropagation:
9188 type: string
9189 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
9190 required:
9191 - mountPath
9192 - name
9193 volumeDevices:
9194 type: array
9195 description: volumeDevices is the list of block devices to be used by the container.
9196 items:
9197 type: object
9198 description: volumeDevice describes a mapping of a raw block device within a container.
9199 properties:
9200 name:
9201 type: string
9202 description: name must match the name of a persistentVolumeClaim in the pod
9203 devicePath:
9204 type: string
9205 description: devicePath is the path inside of the container that the device will be mapped to.
9206 required:
9207 - devicePath
9208 - name
9209 livenessProbe:
9210 type: object
9211 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9212 properties:
9213 terminationGracePeriodSeconds:
9214 type: integer
9215 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
9216 format: int64
9217 exec:
9218 type: object
9219 description: Exec specifies the action to take.
9220 properties:
9221 command:
9222 type: array
9223 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
9224 items:
9225 type: string
9226 failureThreshold:
9227 type: integer
9228 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
9229 format: int32
9230 grpc:
9231 type: object
9232 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
9233 properties:
9234 service:
9235 type: string
9236 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
9237 port:
9238 type: integer
9239 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
9240 format: int32
9241 required:
9242 - port
9243 httpGet:
9244 type: object
9245 description: HTTPGet specifies the http request to perform.
9246 properties:
9247 port:
9248 anyOf:
9249 - type: integer
9250 - type: string
9251 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9252 x-kubernetes-int-or-string: true
9253 host:
9254 type: string
9255 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
9256 httpHeaders:
9257 type: array
9258 description: Custom headers to set in the request. HTTP allows repeated headers.
9259 items:
9260 type: object
9261 description: HTTPHeader describes a custom header to be used in HTTP probes
9262 properties:
9263 name:
9264 type: string
9265 description: The header field name
9266 value:
9267 type: string
9268 description: The header field value
9269 required:
9270 - name
9271 - value
9272 path:
9273 type: string
9274 description: Path to access on the HTTP server.
9275 scheme:
9276 type: string
9277 description: Scheme to use for connecting to the host. Defaults to HTTP.
9278 required:
9279 - port
9280 initialDelaySeconds:
9281 type: integer
9282 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9283 format: int32
9284 periodSeconds:
9285 type: integer
9286 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
9287 format: int32
9288 successThreshold:
9289 type: integer
9290 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
9291 format: int32
9292 tcpSocket:
9293 type: object
9294 description: TCPSocket specifies an action involving a TCP port.
9295 properties:
9296 port:
9297 anyOf:
9298 - type: integer
9299 - type: string
9300 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9301 x-kubernetes-int-or-string: true
9302 host:
9303 type: string
9304 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9305 required:
9306 - port
9307 timeoutSeconds:
9308 type: integer
9309 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9310 format: int32
9311 readinessProbe:
9312 type: object
9313 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9314 properties:
9315 terminationGracePeriodSeconds:
9316 type: integer
9317 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
9318 format: int64
9319 exec:
9320 type: object
9321 description: Exec specifies the action to take.
9322 properties:
9323 command:
9324 type: array
9325 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
9326 items:
9327 type: string
9328 failureThreshold:
9329 type: integer
9330 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
9331 format: int32
9332 grpc:
9333 type: object
9334 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
9335 properties:
9336 service:
9337 type: string
9338 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
9339 port:
9340 type: integer
9341 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
9342 format: int32
9343 required:
9344 - port
9345 httpGet:
9346 type: object
9347 description: HTTPGet specifies the http request to perform.
9348 properties:
9349 port:
9350 anyOf:
9351 - type: integer
9352 - type: string
9353 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9354 x-kubernetes-int-or-string: true
9355 host:
9356 type: string
9357 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
9358 httpHeaders:
9359 type: array
9360 description: Custom headers to set in the request. HTTP allows repeated headers.
9361 items:
9362 type: object
9363 description: HTTPHeader describes a custom header to be used in HTTP probes
9364 properties:
9365 name:
9366 type: string
9367 description: The header field name
9368 value:
9369 type: string
9370 description: The header field value
9371 required:
9372 - name
9373 - value
9374 path:
9375 type: string
9376 description: Path to access on the HTTP server.
9377 scheme:
9378 type: string
9379 description: Scheme to use for connecting to the host. Defaults to HTTP.
9380 required:
9381 - port
9382 initialDelaySeconds:
9383 type: integer
9384 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9385 format: int32
9386 periodSeconds:
9387 type: integer
9388 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
9389 format: int32
9390 successThreshold:
9391 type: integer
9392 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
9393 format: int32
9394 tcpSocket:
9395 type: object
9396 description: TCPSocket specifies an action involving a TCP port.
9397 properties:
9398 port:
9399 anyOf:
9400 - type: integer
9401 - type: string
9402 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9403 x-kubernetes-int-or-string: true
9404 host:
9405 type: string
9406 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9407 required:
9408 - port
9409 timeoutSeconds:
9410 type: integer
9411 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9412 format: int32
9413 lifecycle:
9414 type: object
9415 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated.
9416 properties:
9417 postStart:
9418 type: object
9419 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
9420 properties:
9421 exec:
9422 type: object
9423 description: Exec specifies the action to take.
9424 properties:
9425 command:
9426 type: array
9427 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
9428 items:
9429 type: string
9430 httpGet:
9431 type: object
9432 description: HTTPGet specifies the http request to perform.
9433 properties:
9434 port:
9435 anyOf:
9436 - type: integer
9437 - type: string
9438 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9439 x-kubernetes-int-or-string: true
9440 host:
9441 type: string
9442 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
9443 httpHeaders:
9444 type: array
9445 description: Custom headers to set in the request. HTTP allows repeated headers.
9446 items:
9447 type: object
9448 description: HTTPHeader describes a custom header to be used in HTTP probes
9449 properties:
9450 name:
9451 type: string
9452 description: The header field name
9453 value:
9454 type: string
9455 description: The header field value
9456 required:
9457 - name
9458 - value
9459 path:
9460 type: string
9461 description: Path to access on the HTTP server.
9462 scheme:
9463 type: string
9464 description: Scheme to use for connecting to the host. Defaults to HTTP.
9465 required:
9466 - port
9467 tcpSocket:
9468 type: object
9469 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
9470 properties:
9471 port:
9472 anyOf:
9473 - type: integer
9474 - type: string
9475 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9476 x-kubernetes-int-or-string: true
9477 host:
9478 type: string
9479 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9480 required:
9481 - port
9482 preStop:
9483 type: object
9484 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod''s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
9485 properties:
9486 exec:
9487 type: object
9488 description: Exec specifies the action to take.
9489 properties:
9490 command:
9491 type: array
9492 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
9493 items:
9494 type: string
9495 httpGet:
9496 type: object
9497 description: HTTPGet specifies the http request to perform.
9498 properties:
9499 port:
9500 anyOf:
9501 - type: integer
9502 - type: string
9503 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9504 x-kubernetes-int-or-string: true
9505 host:
9506 type: string
9507 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
9508 httpHeaders:
9509 type: array
9510 description: Custom headers to set in the request. HTTP allows repeated headers.
9511 items:
9512 type: object
9513 description: HTTPHeader describes a custom header to be used in HTTP probes
9514 properties:
9515 name:
9516 type: string
9517 description: The header field name
9518 value:
9519 type: string
9520 description: The header field value
9521 required:
9522 - name
9523 - value
9524 path:
9525 type: string
9526 description: Path to access on the HTTP server.
9527 scheme:
9528 type: string
9529 description: Scheme to use for connecting to the host. Defaults to HTTP.
9530 required:
9531 - port
9532 tcpSocket:
9533 type: object
9534 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
9535 properties:
9536 port:
9537 anyOf:
9538 - type: integer
9539 - type: string
9540 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9541 x-kubernetes-int-or-string: true
9542 host:
9543 type: string
9544 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9545 required:
9546 - port
9547 terminationMessagePath:
9548 type: string
9549 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
9550 terminationMessagePolicy:
9551 type: string
9552 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
9553 imagePullPolicy:
9554 type: string
9555 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
9556 securityContext:
9557 type: object
9558 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
9559 properties:
9560 allowPrivilegeEscalation:
9561 type: boolean
9562 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.'
9563 capabilities:
9564 type: object
9565 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
9566 properties:
9567 add:
9568 type: array
9569 description: Added capabilities
9570 items:
9571 type: string
9572 description: Capability represent POSIX capabilities type
9573 drop:
9574 type: array
9575 description: Removed capabilities
9576 items:
9577 type: string
9578 description: Capability represent POSIX capabilities type
9579 privileged:
9580 type: boolean
9581 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
9582 procMount:
9583 type: string
9584 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
9585 readOnlyRootFilesystem:
9586 type: boolean
9587 description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
9588 runAsGroup:
9589 type: integer
9590 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
9591 format: int64
9592 runAsNonRoot:
9593 type: boolean
9594 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
9595 runAsUser:
9596 type: integer
9597 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
9598 format: int64
9599 seLinuxOptions:
9600 type: object
9601 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
9602 properties:
9603 type:
9604 type: string
9605 description: Type is a SELinux type label that applies to the container.
9606 level:
9607 type: string
9608 description: Level is SELinux level label that applies to the container.
9609 role:
9610 type: string
9611 description: Role is a SELinux role label that applies to the container.
9612 user:
9613 type: string
9614 description: User is a SELinux user label that applies to the container.
9615 seccompProfile:
9616 type: object
9617 description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
9618 properties:
9619 type:
9620 type: string
9621 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
9622 localhostProfile:
9623 type: string
9624 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
9625 required:
9626 - type
9627 windowsOptions:
9628 type: object
9629 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
9630 properties:
9631 gmsaCredentialSpec:
9632 type: string
9633 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
9634 gmsaCredentialSpecName:
9635 type: string
9636 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
9637 hostProcess:
9638 type: boolean
9639 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
9640 runAsUserName:
9641 type: string
9642 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
9643 stdin:
9644 type: boolean
9645 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
9646 stdinOnce:
9647 type: boolean
9648 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
9649 tty:
9650 type: boolean
9651 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
9652 startupProbe:
9653 type: object
9654 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9655 properties:
9656 terminationGracePeriodSeconds:
9657 type: integer
9658 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
9659 format: int64
9660 exec:
9661 type: object
9662 description: Exec specifies the action to take.
9663 properties:
9664 command:
9665 type: array
9666 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
9667 items:
9668 type: string
9669 failureThreshold:
9670 type: integer
9671 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
9672 format: int32
9673 grpc:
9674 type: object
9675 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
9676 properties:
9677 service:
9678 type: string
9679 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
9680 port:
9681 type: integer
9682 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
9683 format: int32
9684 required:
9685 - port
9686 httpGet:
9687 type: object
9688 description: HTTPGet specifies the http request to perform.
9689 properties:
9690 port:
9691 anyOf:
9692 - type: integer
9693 - type: string
9694 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9695 x-kubernetes-int-or-string: true
9696 host:
9697 type: string
9698 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
9699 httpHeaders:
9700 type: array
9701 description: Custom headers to set in the request. HTTP allows repeated headers.
9702 items:
9703 type: object
9704 description: HTTPHeader describes a custom header to be used in HTTP probes
9705 properties:
9706 name:
9707 type: string
9708 description: The header field name
9709 value:
9710 type: string
9711 description: The header field value
9712 required:
9713 - name
9714 - value
9715 path:
9716 type: string
9717 description: Path to access on the HTTP server.
9718 scheme:
9719 type: string
9720 description: Scheme to use for connecting to the host. Defaults to HTTP.
9721 required:
9722 - port
9723 initialDelaySeconds:
9724 type: integer
9725 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9726 format: int32
9727 periodSeconds:
9728 type: integer
9729 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
9730 format: int32
9731 successThreshold:
9732 type: integer
9733 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
9734 format: int32
9735 tcpSocket:
9736 type: object
9737 description: TCPSocket specifies an action involving a TCP port.
9738 properties:
9739 port:
9740 anyOf:
9741 - type: integer
9742 - type: string
9743 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
9744 x-kubernetes-int-or-string: true
9745 host:
9746 type: string
9747 description: 'Optional: Host name to connect to, defaults to the pod IP.'
9748 required:
9749 - port
9750 timeoutSeconds:
9751 type: integer
9752 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9753 format: int32
9754 required:
9755 - name
9756 containers:
9757 type: array
9758 description: 'Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
9759 items:
9760 type: object
9761 description: A single application container that you want to run within a pod.
9762 properties:
9763 name:
9764 type: string
9765 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
9766 image:
9767 type: string
9768 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
9769 command:
9770 type: array
9771 description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
9772 items:
9773 type: string
9774 args:
9775 type: array
9776 description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
9777 items:
9778 type: string
9779 workingDir:
9780 type: string
9781 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
9782 ports:
9783 type: array
9784 description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
9785 items:
9786 type: object
9787 description: ContainerPort represents a network port in a single container.
9788 properties:
9789 name:
9790 type: string
9791 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
9792 protocol:
9793 type: string
9794 default: TCP
9795 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
9796 hostPort:
9797 type: integer
9798 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
9799 format: int32
9800 containerPort:
9801 type: integer
9802 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
9803 format: int32
9804 hostIP:
9805 type: string
9806 description: What host IP to bind the external port to.
9807 required:
9808 - containerPort
9809 x-kubernetes-list-map-keys:
9810 - containerPort
9811 - protocol
9812 x-kubernetes-list-type: map
9813 envFrom:
9814 type: array
9815 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
9816 items:
9817 type: object
9818 description: EnvFromSource represents the source of a set of ConfigMaps
9819 properties:
9820 prefix:
9821 type: string
9822 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
9823 configMapRef:
9824 type: object
9825 description: The ConfigMap to select from
9826 properties:
9827 name:
9828 type: string
9829 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9830 optional:
9831 type: boolean
9832 description: Specify whether the ConfigMap must be defined
9833 x-kubernetes-map-type: atomic
9834 secretRef:
9835 type: object
9836 description: The Secret to select from
9837 properties:
9838 name:
9839 type: string
9840 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9841 optional:
9842 type: boolean
9843 description: Specify whether the Secret must be defined
9844 x-kubernetes-map-type: atomic
9845 env:
9846 type: array
9847 description: List of environment variables to set in the container. Cannot be updated.
9848 items:
9849 type: object
9850 description: EnvVar represents an environment variable present in a Container.
9851 properties:
9852 name:
9853 type: string
9854 description: Name of the environment variable. Must be a C_IDENTIFIER.
9855 value:
9856 type: string
9857 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
9858 valueFrom:
9859 type: object
9860 description: Source for the environment variable's value. Cannot be used if value is not empty.
9861 properties:
9862 fieldRef:
9863 type: object
9864 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
9865 properties:
9866 apiVersion:
9867 type: string
9868 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
9869 fieldPath:
9870 type: string
9871 description: Path of the field to select in the specified API version.
9872 required:
9873 - fieldPath
9874 x-kubernetes-map-type: atomic
9875 resourceFieldRef:
9876 type: object
9877 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
9878 properties:
9879 containerName:
9880 type: string
9881 description: 'Container name: required for volumes, optional for env vars'
9882 divisor:
9883 anyOf:
9884 - type: integer
9885 - type: string
9886 description: Specifies the output format of the exposed resources, defaults to "1"
9887 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9888 x-kubernetes-int-or-string: true
9889 resource:
9890 type: string
9891 description: 'Required: resource to select'
9892 required:
9893 - resource
9894 x-kubernetes-map-type: atomic
9895 configMapKeyRef:
9896 type: object
9897 description: Selects a key of a ConfigMap.
9898 properties:
9899 name:
9900 type: string
9901 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9902 key:
9903 type: string
9904 description: The key to select.
9905 optional:
9906 type: boolean
9907 description: Specify whether the ConfigMap or its key must be defined
9908 required:
9909 - key
9910 x-kubernetes-map-type: atomic
9911 secretKeyRef:
9912 type: object
9913 description: Selects a key of a secret in the pod's namespace
9914 properties:
9915 name:
9916 type: string
9917 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
9918 key:
9919 type: string
9920 description: The key of the secret to select from. Must be a valid secret key.
9921 optional:
9922 type: boolean
9923 description: Specify whether the Secret or its key must be defined
9924 required:
9925 - key
9926 x-kubernetes-map-type: atomic
9927 required:
9928 - name
9929 resources:
9930 type: object
9931 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
9932 properties:
9933 limits:
9934 type: object
9935 additionalProperties:
9936 anyOf:
9937 - type: integer
9938 - type: string
9939 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9940 x-kubernetes-int-or-string: true
9941 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
9942 requests:
9943 type: object
9944 additionalProperties:
9945 anyOf:
9946 - type: integer
9947 - type: string
9948 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
9949 x-kubernetes-int-or-string: true
9950 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
9951 volumeMounts:
9952 type: array
9953 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
9954 items:
9955 type: object
9956 description: VolumeMount describes a mounting of a Volume within a container.
9957 properties:
9958 name:
9959 type: string
9960 description: This must match the Name of a Volume.
9961 readOnly:
9962 type: boolean
9963 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
9964 mountPath:
9965 type: string
9966 description: Path within the container at which the volume should be mounted. Must not contain ':'.
9967 subPath:
9968 type: string
9969 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
9970 subPathExpr:
9971 type: string
9972 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
9973 mountPropagation:
9974 type: string
9975 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
9976 required:
9977 - mountPath
9978 - name
9979 volumeDevices:
9980 type: array
9981 description: volumeDevices is the list of block devices to be used by the container.
9982 items:
9983 type: object
9984 description: volumeDevice describes a mapping of a raw block device within a container.
9985 properties:
9986 name:
9987 type: string
9988 description: name must match the name of a persistentVolumeClaim in the pod
9989 devicePath:
9990 type: string
9991 description: devicePath is the path inside of the container that the device will be mapped to.
9992 required:
9993 - devicePath
9994 - name
9995 livenessProbe:
9996 type: object
9997 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
9998 properties:
9999 terminationGracePeriodSeconds:
10000 type: integer
10001 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
10002 format: int64
10003 exec:
10004 type: object
10005 description: Exec specifies the action to take.
10006 properties:
10007 command:
10008 type: array
10009 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
10010 items:
10011 type: string
10012 failureThreshold:
10013 type: integer
10014 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
10015 format: int32
10016 grpc:
10017 type: object
10018 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
10019 properties:
10020 service:
10021 type: string
10022 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
10023 port:
10024 type: integer
10025 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
10026 format: int32
10027 required:
10028 - port
10029 httpGet:
10030 type: object
10031 description: HTTPGet specifies the http request to perform.
10032 properties:
10033 port:
10034 anyOf:
10035 - type: integer
10036 - type: string
10037 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10038 x-kubernetes-int-or-string: true
10039 host:
10040 type: string
10041 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
10042 httpHeaders:
10043 type: array
10044 description: Custom headers to set in the request. HTTP allows repeated headers.
10045 items:
10046 type: object
10047 description: HTTPHeader describes a custom header to be used in HTTP probes
10048 properties:
10049 name:
10050 type: string
10051 description: The header field name
10052 value:
10053 type: string
10054 description: The header field value
10055 required:
10056 - name
10057 - value
10058 path:
10059 type: string
10060 description: Path to access on the HTTP server.
10061 scheme:
10062 type: string
10063 description: Scheme to use for connecting to the host. Defaults to HTTP.
10064 required:
10065 - port
10066 initialDelaySeconds:
10067 type: integer
10068 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10069 format: int32
10070 periodSeconds:
10071 type: integer
10072 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
10073 format: int32
10074 successThreshold:
10075 type: integer
10076 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
10077 format: int32
10078 tcpSocket:
10079 type: object
10080 description: TCPSocket specifies an action involving a TCP port.
10081 properties:
10082 port:
10083 anyOf:
10084 - type: integer
10085 - type: string
10086 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10087 x-kubernetes-int-or-string: true
10088 host:
10089 type: string
10090 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10091 required:
10092 - port
10093 timeoutSeconds:
10094 type: integer
10095 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10096 format: int32
10097 readinessProbe:
10098 type: object
10099 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10100 properties:
10101 terminationGracePeriodSeconds:
10102 type: integer
10103 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
10104 format: int64
10105 exec:
10106 type: object
10107 description: Exec specifies the action to take.
10108 properties:
10109 command:
10110 type: array
10111 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
10112 items:
10113 type: string
10114 failureThreshold:
10115 type: integer
10116 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
10117 format: int32
10118 grpc:
10119 type: object
10120 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
10121 properties:
10122 service:
10123 type: string
10124 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
10125 port:
10126 type: integer
10127 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
10128 format: int32
10129 required:
10130 - port
10131 httpGet:
10132 type: object
10133 description: HTTPGet specifies the http request to perform.
10134 properties:
10135 port:
10136 anyOf:
10137 - type: integer
10138 - type: string
10139 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10140 x-kubernetes-int-or-string: true
10141 host:
10142 type: string
10143 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
10144 httpHeaders:
10145 type: array
10146 description: Custom headers to set in the request. HTTP allows repeated headers.
10147 items:
10148 type: object
10149 description: HTTPHeader describes a custom header to be used in HTTP probes
10150 properties:
10151 name:
10152 type: string
10153 description: The header field name
10154 value:
10155 type: string
10156 description: The header field value
10157 required:
10158 - name
10159 - value
10160 path:
10161 type: string
10162 description: Path to access on the HTTP server.
10163 scheme:
10164 type: string
10165 description: Scheme to use for connecting to the host. Defaults to HTTP.
10166 required:
10167 - port
10168 initialDelaySeconds:
10169 type: integer
10170 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10171 format: int32
10172 periodSeconds:
10173 type: integer
10174 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
10175 format: int32
10176 successThreshold:
10177 type: integer
10178 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
10179 format: int32
10180 tcpSocket:
10181 type: object
10182 description: TCPSocket specifies an action involving a TCP port.
10183 properties:
10184 port:
10185 anyOf:
10186 - type: integer
10187 - type: string
10188 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10189 x-kubernetes-int-or-string: true
10190 host:
10191 type: string
10192 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10193 required:
10194 - port
10195 timeoutSeconds:
10196 type: integer
10197 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10198 format: int32
10199 lifecycle:
10200 type: object
10201 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated.
10202 properties:
10203 postStart:
10204 type: object
10205 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
10206 properties:
10207 exec:
10208 type: object
10209 description: Exec specifies the action to take.
10210 properties:
10211 command:
10212 type: array
10213 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
10214 items:
10215 type: string
10216 httpGet:
10217 type: object
10218 description: HTTPGet specifies the http request to perform.
10219 properties:
10220 port:
10221 anyOf:
10222 - type: integer
10223 - type: string
10224 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10225 x-kubernetes-int-or-string: true
10226 host:
10227 type: string
10228 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
10229 httpHeaders:
10230 type: array
10231 description: Custom headers to set in the request. HTTP allows repeated headers.
10232 items:
10233 type: object
10234 description: HTTPHeader describes a custom header to be used in HTTP probes
10235 properties:
10236 name:
10237 type: string
10238 description: The header field name
10239 value:
10240 type: string
10241 description: The header field value
10242 required:
10243 - name
10244 - value
10245 path:
10246 type: string
10247 description: Path to access on the HTTP server.
10248 scheme:
10249 type: string
10250 description: Scheme to use for connecting to the host. Defaults to HTTP.
10251 required:
10252 - port
10253 tcpSocket:
10254 type: object
10255 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
10256 properties:
10257 port:
10258 anyOf:
10259 - type: integer
10260 - type: string
10261 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10262 x-kubernetes-int-or-string: true
10263 host:
10264 type: string
10265 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10266 required:
10267 - port
10268 preStop:
10269 type: object
10270 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod''s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
10271 properties:
10272 exec:
10273 type: object
10274 description: Exec specifies the action to take.
10275 properties:
10276 command:
10277 type: array
10278 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
10279 items:
10280 type: string
10281 httpGet:
10282 type: object
10283 description: HTTPGet specifies the http request to perform.
10284 properties:
10285 port:
10286 anyOf:
10287 - type: integer
10288 - type: string
10289 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10290 x-kubernetes-int-or-string: true
10291 host:
10292 type: string
10293 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
10294 httpHeaders:
10295 type: array
10296 description: Custom headers to set in the request. HTTP allows repeated headers.
10297 items:
10298 type: object
10299 description: HTTPHeader describes a custom header to be used in HTTP probes
10300 properties:
10301 name:
10302 type: string
10303 description: The header field name
10304 value:
10305 type: string
10306 description: The header field value
10307 required:
10308 - name
10309 - value
10310 path:
10311 type: string
10312 description: Path to access on the HTTP server.
10313 scheme:
10314 type: string
10315 description: Scheme to use for connecting to the host. Defaults to HTTP.
10316 required:
10317 - port
10318 tcpSocket:
10319 type: object
10320 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
10321 properties:
10322 port:
10323 anyOf:
10324 - type: integer
10325 - type: string
10326 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10327 x-kubernetes-int-or-string: true
10328 host:
10329 type: string
10330 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10331 required:
10332 - port
10333 terminationMessagePath:
10334 type: string
10335 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
10336 terminationMessagePolicy:
10337 type: string
10338 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
10339 imagePullPolicy:
10340 type: string
10341 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
10342 securityContext:
10343 type: object
10344 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
10345 properties:
10346 allowPrivilegeEscalation:
10347 type: boolean
10348 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.'
10349 capabilities:
10350 type: object
10351 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
10352 properties:
10353 add:
10354 type: array
10355 description: Added capabilities
10356 items:
10357 type: string
10358 description: Capability represent POSIX capabilities type
10359 drop:
10360 type: array
10361 description: Removed capabilities
10362 items:
10363 type: string
10364 description: Capability represent POSIX capabilities type
10365 privileged:
10366 type: boolean
10367 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
10368 procMount:
10369 type: string
10370 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
10371 readOnlyRootFilesystem:
10372 type: boolean
10373 description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
10374 runAsGroup:
10375 type: integer
10376 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
10377 format: int64
10378 runAsNonRoot:
10379 type: boolean
10380 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
10381 runAsUser:
10382 type: integer
10383 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
10384 format: int64
10385 seLinuxOptions:
10386 type: object
10387 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
10388 properties:
10389 type:
10390 type: string
10391 description: Type is a SELinux type label that applies to the container.
10392 level:
10393 type: string
10394 description: Level is SELinux level label that applies to the container.
10395 role:
10396 type: string
10397 description: Role is a SELinux role label that applies to the container.
10398 user:
10399 type: string
10400 description: User is a SELinux user label that applies to the container.
10401 seccompProfile:
10402 type: object
10403 description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
10404 properties:
10405 type:
10406 type: string
10407 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
10408 localhostProfile:
10409 type: string
10410 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
10411 required:
10412 - type
10413 windowsOptions:
10414 type: object
10415 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
10416 properties:
10417 gmsaCredentialSpec:
10418 type: string
10419 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
10420 gmsaCredentialSpecName:
10421 type: string
10422 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
10423 hostProcess:
10424 type: boolean
10425 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
10426 runAsUserName:
10427 type: string
10428 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
10429 stdin:
10430 type: boolean
10431 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
10432 stdinOnce:
10433 type: boolean
10434 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
10435 tty:
10436 type: boolean
10437 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
10438 startupProbe:
10439 type: object
10440 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10441 properties:
10442 terminationGracePeriodSeconds:
10443 type: integer
10444 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
10445 format: int64
10446 exec:
10447 type: object
10448 description: Exec specifies the action to take.
10449 properties:
10450 command:
10451 type: array
10452 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
10453 items:
10454 type: string
10455 failureThreshold:
10456 type: integer
10457 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
10458 format: int32
10459 grpc:
10460 type: object
10461 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
10462 properties:
10463 service:
10464 type: string
10465 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
10466 port:
10467 type: integer
10468 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
10469 format: int32
10470 required:
10471 - port
10472 httpGet:
10473 type: object
10474 description: HTTPGet specifies the http request to perform.
10475 properties:
10476 port:
10477 anyOf:
10478 - type: integer
10479 - type: string
10480 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10481 x-kubernetes-int-or-string: true
10482 host:
10483 type: string
10484 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
10485 httpHeaders:
10486 type: array
10487 description: Custom headers to set in the request. HTTP allows repeated headers.
10488 items:
10489 type: object
10490 description: HTTPHeader describes a custom header to be used in HTTP probes
10491 properties:
10492 name:
10493 type: string
10494 description: The header field name
10495 value:
10496 type: string
10497 description: The header field value
10498 required:
10499 - name
10500 - value
10501 path:
10502 type: string
10503 description: Path to access on the HTTP server.
10504 scheme:
10505 type: string
10506 description: Scheme to use for connecting to the host. Defaults to HTTP.
10507 required:
10508 - port
10509 initialDelaySeconds:
10510 type: integer
10511 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10512 format: int32
10513 periodSeconds:
10514 type: integer
10515 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
10516 format: int32
10517 successThreshold:
10518 type: integer
10519 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
10520 format: int32
10521 tcpSocket:
10522 type: object
10523 description: TCPSocket specifies an action involving a TCP port.
10524 properties:
10525 port:
10526 anyOf:
10527 - type: integer
10528 - type: string
10529 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
10530 x-kubernetes-int-or-string: true
10531 host:
10532 type: string
10533 description: 'Optional: Host name to connect to, defaults to the pod IP.'
10534 required:
10535 - port
10536 timeoutSeconds:
10537 type: integer
10538 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
10539 format: int32
10540 required:
10541 - name
10542 volumes:
10543 type: array
10544 description: Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
10545 items:
10546 type: object
10547 description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
10548 properties:
10549 name:
10550 type: string
10551 description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
10552 awsElasticBlockStore:
10553 type: object
10554 description: 'awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
10555 properties:
10556 readOnly:
10557 type: boolean
10558 description: 'readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
10559 fsType:
10560 type: string
10561 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine'
10562 partition:
10563 type: integer
10564 description: 'partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).'
10565 format: int32
10566 volumeID:
10567 type: string
10568 description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
10569 required:
10570 - volumeID
10571 azureDisk:
10572 type: object
10573 description: azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
10574 properties:
10575 kind:
10576 type: string
10577 description: 'kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared'
10578 readOnly:
10579 type: boolean
10580 description: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
10581 cachingMode:
10582 type: string
10583 description: 'cachingMode is the Host Caching mode: None, Read Only, Read Write.'
10584 diskName:
10585 type: string
10586 description: diskName is the Name of the data disk in the blob storage
10587 diskURI:
10588 type: string
10589 description: diskURI is the URI of data disk in the blob storage
10590 fsType:
10591 type: string
10592 description: fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
10593 required:
10594 - diskName
10595 - diskURI
10596 azureFile:
10597 type: object
10598 description: azureFile represents an Azure File Service mount on the host and bind mount to the pod.
10599 properties:
10600 readOnly:
10601 type: boolean
10602 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
10603 secretName:
10604 type: string
10605 description: secretName is the name of secret that contains Azure Storage Account Name and Key
10606 shareName:
10607 type: string
10608 description: shareName is the azure share Name
10609 required:
10610 - secretName
10611 - shareName
10612 cephfs:
10613 type: object
10614 description: cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
10615 properties:
10616 readOnly:
10617 type: boolean
10618 description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
10619 secretRef:
10620 type: object
10621 description: 'secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
10622 properties:
10623 name:
10624 type: string
10625 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
10626 x-kubernetes-map-type: atomic
10627 monitors:
10628 type: array
10629 description: 'monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
10630 items:
10631 type: string
10632 path:
10633 type: string
10634 description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
10635 secretFile:
10636 type: string
10637 description: 'secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
10638 user:
10639 type: string
10640 description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
10641 required:
10642 - monitors
10643 cinder:
10644 type: object
10645 description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
10646 properties:
10647 readOnly:
10648 type: boolean
10649 description: 'readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
10650 secretRef:
10651 type: object
10652 description: 'secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.'
10653 properties:
10654 name:
10655 type: string
10656 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
10657 x-kubernetes-map-type: atomic
10658 fsType:
10659 type: string
10660 description: 'fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
10661 volumeID:
10662 type: string
10663 description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
10664 required:
10665 - volumeID
10666 configMap:
10667 type: object
10668 description: configMap represents a configMap that should populate this volume
10669 properties:
10670 name:
10671 type: string
10672 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
10673 defaultMode:
10674 type: integer
10675 description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
10676 format: int32
10677 items:
10678 type: array
10679 description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
10680 items:
10681 type: object
10682 description: Maps a string key to a path within a volume.
10683 properties:
10684 key:
10685 type: string
10686 description: key is the key to project.
10687 mode:
10688 type: integer
10689 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
10690 format: int32
10691 path:
10692 type: string
10693 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
10694 required:
10695 - key
10696 - path
10697 optional:
10698 type: boolean
10699 description: optional specify whether the ConfigMap or its keys must be defined
10700 x-kubernetes-map-type: atomic
10701 csi:
10702 type: object
10703 description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
10704 properties:
10705 readOnly:
10706 type: boolean
10707 description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
10708 driver:
10709 type: string
10710 description: driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.
10711 fsType:
10712 type: string
10713 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.
10714 nodePublishSecretRef:
10715 type: object
10716 description: nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.
10717 properties:
10718 name:
10719 type: string
10720 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
10721 x-kubernetes-map-type: atomic
10722 volumeAttributes:
10723 type: object
10724 additionalProperties:
10725 type: string
10726 description: volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.
10727 required:
10728 - driver
10729 downwardAPI:
10730 type: object
10731 description: downwardAPI represents downward API about the pod that should populate this volume
10732 properties:
10733 defaultMode:
10734 type: integer
10735 description: 'Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
10736 format: int32
10737 items:
10738 type: array
10739 description: Items is a list of downward API volume file
10740 items:
10741 type: object
10742 description: DownwardAPIVolumeFile represents information to create the file containing the pod field
10743 properties:
10744 fieldRef:
10745 type: object
10746 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
10747 properties:
10748 apiVersion:
10749 type: string
10750 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
10751 fieldPath:
10752 type: string
10753 description: Path of the field to select in the specified API version.
10754 required:
10755 - fieldPath
10756 x-kubernetes-map-type: atomic
10757 resourceFieldRef:
10758 type: object
10759 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
10760 properties:
10761 containerName:
10762 type: string
10763 description: 'Container name: required for volumes, optional for env vars'
10764 divisor:
10765 anyOf:
10766 - type: integer
10767 - type: string
10768 description: Specifies the output format of the exposed resources, defaults to "1"
10769 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10770 x-kubernetes-int-or-string: true
10771 resource:
10772 type: string
10773 description: 'Required: resource to select'
10774 required:
10775 - resource
10776 x-kubernetes-map-type: atomic
10777 mode:
10778 type: integer
10779 description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
10780 format: int32
10781 path:
10782 type: string
10783 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
10784 required:
10785 - path
10786 emptyDir:
10787 type: object
10788 description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
10789 properties:
10790 medium:
10791 type: string
10792 description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
10793 sizeLimit:
10794 anyOf:
10795 - type: integer
10796 - type: string
10797 description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
10798 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10799 x-kubernetes-int-or-string: true
10800 ephemeral:
10801 type: object
10802 description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
10803 properties:
10804 volumeClaimTemplate:
10805 type: object
10806 description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
10807 properties:
10808 metadata:
10809 type: object
10810 description: May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
10811 spec:
10812 type: object
10813 description: The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
10814 properties:
10815 selector:
10816 type: object
10817 description: selector is a label query over volumes to consider for binding.
10818 properties:
10819 matchExpressions:
10820 type: array
10821 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
10822 items:
10823 type: object
10824 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
10825 properties:
10826 key:
10827 type: string
10828 description: key is the label key that the selector applies to.
10829 operator:
10830 type: string
10831 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
10832 values:
10833 type: array
10834 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
10835 items:
10836 type: string
10837 required:
10838 - key
10839 - operator
10840 matchLabels:
10841 type: object
10842 additionalProperties:
10843 type: string
10844 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
10845 x-kubernetes-map-type: atomic
10846 resources:
10847 type: object
10848 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
10849 properties:
10850 limits:
10851 type: object
10852 additionalProperties:
10853 anyOf:
10854 - type: integer
10855 - type: string
10856 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10857 x-kubernetes-int-or-string: true
10858 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
10859 requests:
10860 type: object
10861 additionalProperties:
10862 anyOf:
10863 - type: integer
10864 - type: string
10865 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
10866 x-kubernetes-int-or-string: true
10867 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
10868 accessModes:
10869 type: array
10870 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
10871 items:
10872 type: string
10873 dataSource:
10874 type: object
10875 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
10876 properties:
10877 name:
10878 type: string
10879 description: Name is the name of resource being referenced
10880 kind:
10881 type: string
10882 description: Kind is the type of resource being referenced
10883 apiGroup:
10884 type: string
10885 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
10886 required:
10887 - kind
10888 - name
10889 x-kubernetes-map-type: atomic
10890 dataSourceRef:
10891 type: object
10892 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
10893 properties:
10894 name:
10895 type: string
10896 description: Name is the name of resource being referenced
10897 kind:
10898 type: string
10899 description: Kind is the type of resource being referenced
10900 apiGroup:
10901 type: string
10902 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
10903 required:
10904 - kind
10905 - name
10906 x-kubernetes-map-type: atomic
10907 storageClassName:
10908 type: string
10909 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
10910 volumeMode:
10911 type: string
10912 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
10913 volumeName:
10914 type: string
10915 description: volumeName is the binding reference to the PersistentVolume backing this claim.
10916 required:
10917 - spec
10918 fc:
10919 type: object
10920 description: fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
10921 properties:
10922 readOnly:
10923 type: boolean
10924 description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.'
10925 fsType:
10926 type: string
10927 description: 'fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine'
10928 lun:
10929 type: integer
10930 description: 'lun is Optional: FC target lun number'
10931 format: int32
10932 targetWWNs:
10933 type: array
10934 description: 'targetWWNs is Optional: FC target worldwide names (WWNs)'
10935 items:
10936 type: string
10937 wwids:
10938 type: array
10939 description: 'wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.'
10940 items:
10941 type: string
10942 flexVolume:
10943 type: object
10944 description: flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
10945 properties:
10946 readOnly:
10947 type: boolean
10948 description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.'
10949 secretRef:
10950 type: object
10951 description: 'secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.'
10952 properties:
10953 name:
10954 type: string
10955 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
10956 x-kubernetes-map-type: atomic
10957 driver:
10958 type: string
10959 description: driver is the name of the driver to use for this volume.
10960 fsType:
10961 type: string
10962 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
10963 options:
10964 type: object
10965 additionalProperties:
10966 type: string
10967 description: 'options is Optional: this field holds extra command options if any.'
10968 required:
10969 - driver
10970 flocker:
10971 type: object
10972 description: flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running
10973 properties:
10974 datasetName:
10975 type: string
10976 description: datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated
10977 datasetUUID:
10978 type: string
10979 description: datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset
10980 gcePersistentDisk:
10981 type: object
10982 description: 'gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
10983 properties:
10984 readOnly:
10985 type: boolean
10986 description: 'readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
10987 fsType:
10988 type: string
10989 description: 'fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine'
10990 partition:
10991 type: integer
10992 description: 'partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
10993 format: int32
10994 pdName:
10995 type: string
10996 description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
10997 required:
10998 - pdName
10999 gitRepo:
11000 type: object
11001 description: 'gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod''s container.'
11002 properties:
11003 revision:
11004 type: string
11005 description: revision is the commit hash for the specified revision.
11006 directory:
11007 type: string
11008 description: directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.
11009 repository:
11010 type: string
11011 description: repository is the URL
11012 required:
11013 - repository
11014 glusterfs:
11015 type: object
11016 description: 'glusterfs represents a Glusterfs mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
11017 properties:
11018 readOnly:
11019 type: boolean
11020 description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
11021 endpoints:
11022 type: string
11023 description: 'endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
11024 path:
11025 type: string
11026 description: 'path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
11027 required:
11028 - endpoints
11029 - path
11030 hostPath:
11031 type: object
11032 description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.'
11033 properties:
11034 type:
11035 type: string
11036 description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
11037 path:
11038 type: string
11039 description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
11040 required:
11041 - path
11042 iscsi:
11043 type: object
11044 description: 'iscsi represents an ISCSI Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
11045 properties:
11046 readOnly:
11047 type: boolean
11048 description: readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
11049 secretRef:
11050 type: object
11051 description: secretRef is the CHAP Secret for iSCSI target and initiator authentication
11052 properties:
11053 name:
11054 type: string
11055 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11056 x-kubernetes-map-type: atomic
11057 chapAuthDiscovery:
11058 type: boolean
11059 description: chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
11060 chapAuthSession:
11061 type: boolean
11062 description: chapAuthSession defines whether support iSCSI Session CHAP authentication
11063 fsType:
11064 type: string
11065 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine'
11066 initiatorName:
11067 type: string
11068 description: initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.
11069 iqn:
11070 type: string
11071 description: iqn is the target iSCSI Qualified Name.
11072 iscsiInterface:
11073 type: string
11074 description: iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
11075 lun:
11076 type: integer
11077 description: lun represents iSCSI Target Lun number.
11078 format: int32
11079 portals:
11080 type: array
11081 description: portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
11082 items:
11083 type: string
11084 targetPortal:
11085 type: string
11086 description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
11087 required:
11088 - iqn
11089 - lun
11090 - targetPortal
11091 nfs:
11092 type: object
11093 description: 'nfs represents an NFS mount on the host that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
11094 properties:
11095 readOnly:
11096 type: boolean
11097 description: 'readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
11098 path:
11099 type: string
11100 description: 'path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
11101 server:
11102 type: string
11103 description: 'server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
11104 required:
11105 - path
11106 - server
11107 persistentVolumeClaim:
11108 type: object
11109 description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
11110 properties:
11111 readOnly:
11112 type: boolean
11113 description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
11114 claimName:
11115 type: string
11116 description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
11117 required:
11118 - claimName
11119 photonPersistentDisk:
11120 type: object
11121 description: photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
11122 properties:
11123 fsType:
11124 type: string
11125 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
11126 pdID:
11127 type: string
11128 description: pdID is the ID that identifies Photon Controller persistent disk
11129 required:
11130 - pdID
11131 portworxVolume:
11132 type: object
11133 description: portworxVolume represents a portworx volume attached and mounted on kubelets host machine
11134 properties:
11135 readOnly:
11136 type: boolean
11137 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
11138 fsType:
11139 type: string
11140 description: fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
11141 volumeID:
11142 type: string
11143 description: volumeID uniquely identifies a Portworx volume
11144 required:
11145 - volumeID
11146 projected:
11147 type: object
11148 description: projected items for all in one resources secrets, configmaps, and downward API
11149 properties:
11150 defaultMode:
11151 type: integer
11152 description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
11153 format: int32
11154 sources:
11155 type: array
11156 description: sources is the list of volume projections
11157 items:
11158 type: object
11159 description: Projection that may be projected along with other supported volume types
11160 properties:
11161 configMap:
11162 type: object
11163 description: configMap information about the configMap data to project
11164 properties:
11165 name:
11166 type: string
11167 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11168 items:
11169 type: array
11170 description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
11171 items:
11172 type: object
11173 description: Maps a string key to a path within a volume.
11174 properties:
11175 key:
11176 type: string
11177 description: key is the key to project.
11178 mode:
11179 type: integer
11180 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
11181 format: int32
11182 path:
11183 type: string
11184 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
11185 required:
11186 - key
11187 - path
11188 optional:
11189 type: boolean
11190 description: optional specify whether the ConfigMap or its keys must be defined
11191 x-kubernetes-map-type: atomic
11192 downwardAPI:
11193 type: object
11194 description: downwardAPI information about the downwardAPI data to project
11195 properties:
11196 items:
11197 type: array
11198 description: Items is a list of DownwardAPIVolume file
11199 items:
11200 type: object
11201 description: DownwardAPIVolumeFile represents information to create the file containing the pod field
11202 properties:
11203 fieldRef:
11204 type: object
11205 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
11206 properties:
11207 apiVersion:
11208 type: string
11209 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
11210 fieldPath:
11211 type: string
11212 description: Path of the field to select in the specified API version.
11213 required:
11214 - fieldPath
11215 x-kubernetes-map-type: atomic
11216 resourceFieldRef:
11217 type: object
11218 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
11219 properties:
11220 containerName:
11221 type: string
11222 description: 'Container name: required for volumes, optional for env vars'
11223 divisor:
11224 anyOf:
11225 - type: integer
11226 - type: string
11227 description: Specifies the output format of the exposed resources, defaults to "1"
11228 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
11229 x-kubernetes-int-or-string: true
11230 resource:
11231 type: string
11232 description: 'Required: resource to select'
11233 required:
11234 - resource
11235 x-kubernetes-map-type: atomic
11236 mode:
11237 type: integer
11238 description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
11239 format: int32
11240 path:
11241 type: string
11242 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
11243 required:
11244 - path
11245 secret:
11246 type: object
11247 description: secret information about the secret data to project
11248 properties:
11249 name:
11250 type: string
11251 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11252 items:
11253 type: array
11254 description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
11255 items:
11256 type: object
11257 description: Maps a string key to a path within a volume.
11258 properties:
11259 key:
11260 type: string
11261 description: key is the key to project.
11262 mode:
11263 type: integer
11264 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
11265 format: int32
11266 path:
11267 type: string
11268 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
11269 required:
11270 - key
11271 - path
11272 optional:
11273 type: boolean
11274 description: optional field specify whether the Secret or its key must be defined
11275 x-kubernetes-map-type: atomic
11276 serviceAccountToken:
11277 type: object
11278 description: serviceAccountToken is information about the serviceAccountToken data to project
11279 properties:
11280 audience:
11281 type: string
11282 description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
11283 expirationSeconds:
11284 type: integer
11285 description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
11286 format: int64
11287 path:
11288 type: string
11289 description: path is the path relative to the mount point of the file to project the token into.
11290 required:
11291 - path
11292 quobyte:
11293 type: object
11294 description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime
11295 properties:
11296 readOnly:
11297 type: boolean
11298 description: readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.
11299 group:
11300 type: string
11301 description: group to map volume access to Default is no group
11302 registry:
11303 type: string
11304 description: registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes
11305 tenant:
11306 type: string
11307 description: tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin
11308 user:
11309 type: string
11310 description: user to map volume access to Defaults to serivceaccount user
11311 volume:
11312 type: string
11313 description: volume is a string that references an already created Quobyte volume by name.
11314 required:
11315 - registry
11316 - volume
11317 rbd:
11318 type: object
11319 description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
11320 properties:
11321 image:
11322 type: string
11323 description: 'image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11324 readOnly:
11325 type: boolean
11326 description: 'readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11327 secretRef:
11328 type: object
11329 description: 'secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11330 properties:
11331 name:
11332 type: string
11333 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11334 x-kubernetes-map-type: atomic
11335 fsType:
11336 type: string
11337 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine'
11338 keyring:
11339 type: string
11340 description: 'keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11341 monitors:
11342 type: array
11343 description: 'monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11344 items:
11345 type: string
11346 pool:
11347 type: string
11348 description: 'pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11349 user:
11350 type: string
11351 description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
11352 required:
11353 - image
11354 - monitors
11355 scaleIO:
11356 type: object
11357 description: scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
11358 properties:
11359 readOnly:
11360 type: boolean
11361 description: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
11362 secretRef:
11363 type: object
11364 description: secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.
11365 properties:
11366 name:
11367 type: string
11368 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11369 x-kubernetes-map-type: atomic
11370 fsType:
11371 type: string
11372 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".
11373 gateway:
11374 type: string
11375 description: gateway is the host address of the ScaleIO API Gateway.
11376 protectionDomain:
11377 type: string
11378 description: protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.
11379 sslEnabled:
11380 type: boolean
11381 description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
11382 storageMode:
11383 type: string
11384 description: storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.
11385 storagePool:
11386 type: string
11387 description: storagePool is the ScaleIO Storage Pool associated with the protection domain.
11388 system:
11389 type: string
11390 description: system is the name of the storage system as configured in ScaleIO.
11391 volumeName:
11392 type: string
11393 description: volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.
11394 required:
11395 - gateway
11396 - secretRef
11397 - system
11398 secret:
11399 type: object
11400 description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
11401 properties:
11402 defaultMode:
11403 type: integer
11404 description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
11405 format: int32
11406 items:
11407 type: array
11408 description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
11409 items:
11410 type: object
11411 description: Maps a string key to a path within a volume.
11412 properties:
11413 key:
11414 type: string
11415 description: key is the key to project.
11416 mode:
11417 type: integer
11418 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
11419 format: int32
11420 path:
11421 type: string
11422 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
11423 required:
11424 - key
11425 - path
11426 optional:
11427 type: boolean
11428 description: optional field specify whether the Secret or its keys must be defined
11429 secretName:
11430 type: string
11431 description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
11432 storageos:
11433 type: object
11434 description: storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.
11435 properties:
11436 readOnly:
11437 type: boolean
11438 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
11439 secretRef:
11440 type: object
11441 description: secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.
11442 properties:
11443 name:
11444 type: string
11445 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11446 x-kubernetes-map-type: atomic
11447 fsType:
11448 type: string
11449 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
11450 volumeName:
11451 type: string
11452 description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
11453 volumeNamespace:
11454 type: string
11455 description: volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.
11456 vsphereVolume:
11457 type: object
11458 description: vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
11459 properties:
11460 fsType:
11461 type: string
11462 description: fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
11463 storagePolicyID:
11464 type: string
11465 description: storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
11466 storagePolicyName:
11467 type: string
11468 description: storagePolicyName is the storage Policy Based Management (SPBM) profile name.
11469 volumePath:
11470 type: string
11471 description: volumePath is the path that identifies vSphere volume vmdk
11472 required:
11473 - volumePath
11474 required:
11475 - name
11476 imagePullSecrets:
11477 type: array
11478 description: An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
11479 items:
11480 type: object
11481 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
11482 properties:
11483 name:
11484 type: string
11485 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
11486 x-kubernetes-map-type: atomic
11487 affinity:
11488 type: object
11489 description: If specified, the pod's scheduling constraints.
11490 properties:
11491 nodeAffinity:
11492 type: object
11493 description: Describes node affinity scheduling rules for the pod.
11494 properties:
11495 preferredDuringSchedulingIgnoredDuringExecution:
11496 type: array
11497 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
11498 items:
11499 type: object
11500 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
11501 properties:
11502 preference:
11503 type: object
11504 description: A node selector term, associated with the corresponding weight.
11505 properties:
11506 matchExpressions:
11507 type: array
11508 description: A list of node selector requirements by node's labels.
11509 items:
11510 type: object
11511 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11512 properties:
11513 key:
11514 type: string
11515 description: The label key that the selector applies to.
11516 operator:
11517 type: string
11518 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
11519 values:
11520 type: array
11521 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
11522 items:
11523 type: string
11524 required:
11525 - key
11526 - operator
11527 matchFields:
11528 type: array
11529 description: A list of node selector requirements by node's fields.
11530 items:
11531 type: object
11532 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11533 properties:
11534 key:
11535 type: string
11536 description: The label key that the selector applies to.
11537 operator:
11538 type: string
11539 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
11540 values:
11541 type: array
11542 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
11543 items:
11544 type: string
11545 required:
11546 - key
11547 - operator
11548 x-kubernetes-map-type: atomic
11549 weight:
11550 type: integer
11551 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
11552 format: int32
11553 required:
11554 - preference
11555 - weight
11556 requiredDuringSchedulingIgnoredDuringExecution:
11557 type: object
11558 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
11559 properties:
11560 nodeSelectorTerms:
11561 type: array
11562 description: Required. A list of node selector terms. The terms are ORed.
11563 items:
11564 type: object
11565 description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
11566 properties:
11567 matchExpressions:
11568 type: array
11569 description: A list of node selector requirements by node's labels.
11570 items:
11571 type: object
11572 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11573 properties:
11574 key:
11575 type: string
11576 description: The label key that the selector applies to.
11577 operator:
11578 type: string
11579 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
11580 values:
11581 type: array
11582 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
11583 items:
11584 type: string
11585 required:
11586 - key
11587 - operator
11588 matchFields:
11589 type: array
11590 description: A list of node selector requirements by node's fields.
11591 items:
11592 type: object
11593 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11594 properties:
11595 key:
11596 type: string
11597 description: The label key that the selector applies to.
11598 operator:
11599 type: string
11600 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
11601 values:
11602 type: array
11603 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
11604 items:
11605 type: string
11606 required:
11607 - key
11608 - operator
11609 x-kubernetes-map-type: atomic
11610 required:
11611 - nodeSelectorTerms
11612 x-kubernetes-map-type: atomic
11613 podAffinity:
11614 type: object
11615 description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
11616 properties:
11617 preferredDuringSchedulingIgnoredDuringExecution:
11618 type: array
11619 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
11620 items:
11621 type: object
11622 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
11623 properties:
11624 podAffinityTerm:
11625 type: object
11626 description: Required. A pod affinity term, associated with the corresponding weight.
11627 properties:
11628 labelSelector:
11629 type: object
11630 description: A label query over a set of resources, in this case pods.
11631 properties:
11632 matchExpressions:
11633 type: array
11634 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11635 items:
11636 type: object
11637 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11638 properties:
11639 key:
11640 type: string
11641 description: key is the label key that the selector applies to.
11642 operator:
11643 type: string
11644 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11645 values:
11646 type: array
11647 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11648 items:
11649 type: string
11650 required:
11651 - key
11652 - operator
11653 matchLabels:
11654 type: object
11655 additionalProperties:
11656 type: string
11657 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11658 x-kubernetes-map-type: atomic
11659 namespaceSelector:
11660 type: object
11661 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
11662 properties:
11663 matchExpressions:
11664 type: array
11665 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11666 items:
11667 type: object
11668 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11669 properties:
11670 key:
11671 type: string
11672 description: key is the label key that the selector applies to.
11673 operator:
11674 type: string
11675 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11676 values:
11677 type: array
11678 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11679 items:
11680 type: string
11681 required:
11682 - key
11683 - operator
11684 matchLabels:
11685 type: object
11686 additionalProperties:
11687 type: string
11688 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11689 x-kubernetes-map-type: atomic
11690 namespaces:
11691 type: array
11692 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
11693 items:
11694 type: string
11695 topologyKey:
11696 type: string
11697 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
11698 required:
11699 - topologyKey
11700 weight:
11701 type: integer
11702 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
11703 format: int32
11704 required:
11705 - podAffinityTerm
11706 - weight
11707 requiredDuringSchedulingIgnoredDuringExecution:
11708 type: array
11709 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
11710 items:
11711 type: object
11712 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
11713 properties:
11714 labelSelector:
11715 type: object
11716 description: A label query over a set of resources, in this case pods.
11717 properties:
11718 matchExpressions:
11719 type: array
11720 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11721 items:
11722 type: object
11723 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11724 properties:
11725 key:
11726 type: string
11727 description: key is the label key that the selector applies to.
11728 operator:
11729 type: string
11730 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11731 values:
11732 type: array
11733 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11734 items:
11735 type: string
11736 required:
11737 - key
11738 - operator
11739 matchLabels:
11740 type: object
11741 additionalProperties:
11742 type: string
11743 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11744 x-kubernetes-map-type: atomic
11745 namespaceSelector:
11746 type: object
11747 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
11748 properties:
11749 matchExpressions:
11750 type: array
11751 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11752 items:
11753 type: object
11754 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11755 properties:
11756 key:
11757 type: string
11758 description: key is the label key that the selector applies to.
11759 operator:
11760 type: string
11761 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11762 values:
11763 type: array
11764 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11765 items:
11766 type: string
11767 required:
11768 - key
11769 - operator
11770 matchLabels:
11771 type: object
11772 additionalProperties:
11773 type: string
11774 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11775 x-kubernetes-map-type: atomic
11776 namespaces:
11777 type: array
11778 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
11779 items:
11780 type: string
11781 topologyKey:
11782 type: string
11783 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
11784 required:
11785 - topologyKey
11786 podAntiAffinity:
11787 type: object
11788 description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
11789 properties:
11790 preferredDuringSchedulingIgnoredDuringExecution:
11791 type: array
11792 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
11793 items:
11794 type: object
11795 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
11796 properties:
11797 podAffinityTerm:
11798 type: object
11799 description: Required. A pod affinity term, associated with the corresponding weight.
11800 properties:
11801 labelSelector:
11802 type: object
11803 description: A label query over a set of resources, in this case pods.
11804 properties:
11805 matchExpressions:
11806 type: array
11807 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11808 items:
11809 type: object
11810 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11811 properties:
11812 key:
11813 type: string
11814 description: key is the label key that the selector applies to.
11815 operator:
11816 type: string
11817 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11818 values:
11819 type: array
11820 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11821 items:
11822 type: string
11823 required:
11824 - key
11825 - operator
11826 matchLabels:
11827 type: object
11828 additionalProperties:
11829 type: string
11830 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11831 x-kubernetes-map-type: atomic
11832 namespaceSelector:
11833 type: object
11834 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
11835 properties:
11836 matchExpressions:
11837 type: array
11838 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11839 items:
11840 type: object
11841 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11842 properties:
11843 key:
11844 type: string
11845 description: key is the label key that the selector applies to.
11846 operator:
11847 type: string
11848 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11849 values:
11850 type: array
11851 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11852 items:
11853 type: string
11854 required:
11855 - key
11856 - operator
11857 matchLabels:
11858 type: object
11859 additionalProperties:
11860 type: string
11861 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11862 x-kubernetes-map-type: atomic
11863 namespaces:
11864 type: array
11865 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
11866 items:
11867 type: string
11868 topologyKey:
11869 type: string
11870 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
11871 required:
11872 - topologyKey
11873 weight:
11874 type: integer
11875 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
11876 format: int32
11877 required:
11878 - podAffinityTerm
11879 - weight
11880 requiredDuringSchedulingIgnoredDuringExecution:
11881 type: array
11882 description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
11883 items:
11884 type: object
11885 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
11886 properties:
11887 labelSelector:
11888 type: object
11889 description: A label query over a set of resources, in this case pods.
11890 properties:
11891 matchExpressions:
11892 type: array
11893 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11894 items:
11895 type: object
11896 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11897 properties:
11898 key:
11899 type: string
11900 description: key is the label key that the selector applies to.
11901 operator:
11902 type: string
11903 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11904 values:
11905 type: array
11906 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11907 items:
11908 type: string
11909 required:
11910 - key
11911 - operator
11912 matchLabels:
11913 type: object
11914 additionalProperties:
11915 type: string
11916 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11917 x-kubernetes-map-type: atomic
11918 namespaceSelector:
11919 type: object
11920 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
11921 properties:
11922 matchExpressions:
11923 type: array
11924 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
11925 items:
11926 type: object
11927 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
11928 properties:
11929 key:
11930 type: string
11931 description: key is the label key that the selector applies to.
11932 operator:
11933 type: string
11934 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
11935 values:
11936 type: array
11937 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
11938 items:
11939 type: string
11940 required:
11941 - key
11942 - operator
11943 matchLabels:
11944 type: object
11945 additionalProperties:
11946 type: string
11947 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
11948 x-kubernetes-map-type: atomic
11949 namespaces:
11950 type: array
11951 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
11952 items:
11953 type: string
11954 topologyKey:
11955 type: string
11956 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
11957 required:
11958 - topologyKey
11959 tolerations:
11960 type: array
11961 description: If specified, the pod's tolerations.
11962 items:
11963 type: object
11964 description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
11965 properties:
11966 value:
11967 type: string
11968 description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
11969 effect:
11970 type: string
11971 description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
11972 key:
11973 type: string
11974 description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
11975 operator:
11976 type: string
11977 description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
11978 tolerationSeconds:
11979 type: integer
11980 description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
11981 format: int64
11982 image:
11983 type: string
11984 description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
11985 resources:
11986 type: object
11987 description: Define resources requests and limits for single Pods.
11988 properties:
11989 limits:
11990 type: object
11991 additionalProperties:
11992 anyOf:
11993 - type: integer
11994 - type: string
11995 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
11996 x-kubernetes-int-or-string: true
11997 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
11998 requests:
11999 type: object
12000 additionalProperties:
12001 anyOf:
12002 - type: integer
12003 - type: string
12004 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
12005 x-kubernetes-int-or-string: true
12006 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
12007 volumeMounts:
12008 type: array
12009 description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
12010 items:
12011 type: object
12012 description: VolumeMount describes a mounting of a Volume within a container.
12013 properties:
12014 name:
12015 type: string
12016 description: This must match the Name of a Volume.
12017 readOnly:
12018 type: boolean
12019 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
12020 mountPath:
12021 type: string
12022 description: Path within the container at which the volume should be mounted. Must not contain ':'.
12023 subPath:
12024 type: string
12025 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
12026 subPathExpr:
12027 type: string
12028 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
12029 mountPropagation:
12030 type: string
12031 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
12032 required:
12033 - mountPath
12034 - name
12035 securityContext:
12036 type: object
12037 description: SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
12038 properties:
12039 fsGroup:
12040 type: integer
12041 description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."
12042 format: int64
12043 fsGroupChangePolicy:
12044 type: string
12045 description: 'fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.'
12046 runAsGroup:
12047 type: integer
12048 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
12049 format: int64
12050 runAsNonRoot:
12051 type: boolean
12052 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
12053 runAsUser:
12054 type: integer
12055 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
12056 format: int64
12057 seLinuxOptions:
12058 type: object
12059 description: The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
12060 properties:
12061 type:
12062 type: string
12063 description: Type is a SELinux type label that applies to the container.
12064 level:
12065 type: string
12066 description: Level is SELinux level label that applies to the container.
12067 role:
12068 type: string
12069 description: Role is a SELinux role label that applies to the container.
12070 user:
12071 type: string
12072 description: User is a SELinux user label that applies to the container.
12073 seccompProfile:
12074 type: object
12075 description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
12076 properties:
12077 type:
12078 type: string
12079 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
12080 localhostProfile:
12081 type: string
12082 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
12083 required:
12084 - type
12085 supplementalGroups:
12086 type: array
12087 description: A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows.
12088 items:
12089 type: integer
12090 format: int64
12091 sysctls:
12092 type: array
12093 description: Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.
12094 items:
12095 type: object
12096 description: Sysctl defines a kernel parameter to be set
12097 properties:
12098 name:
12099 type: string
12100 description: Name of a property to set
12101 value:
12102 type: string
12103 description: Value of a property to set
12104 required:
12105 - name
12106 - value
12107 windowsOptions:
12108 type: object
12109 description: The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
12110 properties:
12111 gmsaCredentialSpec:
12112 type: string
12113 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
12114 gmsaCredentialSpecName:
12115 type: string
12116 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
12117 hostProcess:
12118 type: boolean
12119 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
12120 runAsUserName:
12121 type: string
12122 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
12123 additionalAlertManagerConfigs:
12124 type: object
12125 description: 'AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.'
12126 properties:
12127 name:
12128 type: string
12129 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12130 key:
12131 type: string
12132 description: The key of the secret to select from. Must be a valid secret key.
12133 optional:
12134 type: boolean
12135 description: Specify whether the Secret or its key must be defined
12136 required:
12137 - key
12138 x-kubernetes-map-type: atomic
12139 additionalAlertRelabelConfigs:
12140 type: object
12141 description: 'AdditionalAlertRelabelConfigs allows specifying a key of a Secret containing additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade.'
12142 properties:
12143 name:
12144 type: string
12145 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12146 key:
12147 type: string
12148 description: The key of the secret to select from. Must be a valid secret key.
12149 optional:
12150 type: boolean
12151 description: Specify whether the Secret or its key must be defined
12152 required:
12153 - key
12154 x-kubernetes-map-type: atomic
12155 additionalArgs:
12156 type: array
12157 description: AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
12158 items:
12159 type: object
12160 description: Argument as part of the AdditionalArgs list.
12161 properties:
12162 name:
12163 type: string
12164 description: Name of the argument, e.g. "scrape.discovery-reload-interval".
12165 minLength: 1
12166 value:
12167 type: string
12168 description: Argument value, e.g. 30s. Can be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile)
12169 required:
12170 - name
12171 additionalScrapeConfigs:
12172 type: object
12173 description: 'AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.'
12174 properties:
12175 name:
12176 type: string
12177 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12178 key:
12179 type: string
12180 description: The key of the secret to select from. Must be a valid secret key.
12181 optional:
12182 type: boolean
12183 description: Specify whether the Secret or its key must be defined
12184 required:
12185 - key
12186 x-kubernetes-map-type: atomic
12187 alerting:
12188 type: object
12189 description: Define details regarding alerting.
12190 properties:
12191 alertmanagers:
12192 type: array
12193 description: AlertmanagerEndpoints Prometheus should fire alerts against.
12194 items:
12195 type: object
12196 description: AlertmanagerEndpoints defines a selection of a single Endpoints object containing alertmanager IPs to fire alerts against.
12197 properties:
12198 name:
12199 type: string
12200 description: Name of Endpoints object in Namespace.
12201 namespace:
12202 type: string
12203 description: Namespace of Endpoints object.
12204 apiVersion:
12205 type: string
12206 description: Version of the Alertmanager API that Prometheus uses to send alerts. It can be "v1" or "v2".
12207 port:
12208 anyOf:
12209 - type: integer
12210 - type: string
12211 description: Port the Alertmanager API is exposed on.
12212 x-kubernetes-int-or-string: true
12213 authorization:
12214 type: object
12215 description: Authorization section for this alertmanager endpoint
12216 properties:
12217 type:
12218 type: string
12219 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
12220 credentials:
12221 type: object
12222 description: The secret's key that contains the credentials of the request
12223 properties:
12224 name:
12225 type: string
12226 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12227 key:
12228 type: string
12229 description: The key of the secret to select from. Must be a valid secret key.
12230 optional:
12231 type: boolean
12232 description: Specify whether the Secret or its key must be defined
12233 required:
12234 - key
12235 x-kubernetes-map-type: atomic
12236 bearerTokenFile:
12237 type: string
12238 description: BearerTokenFile to read from filesystem to use when authenticating to Alertmanager.
12239 pathPrefix:
12240 type: string
12241 description: Prefix for the HTTP path alerts are pushed to.
12242 scheme:
12243 type: string
12244 description: Scheme to use when firing alerts.
12245 timeout:
12246 type: string
12247 description: Timeout is a per-target Alertmanager timeout when pushing alerts.
12248 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
12249 tlsConfig:
12250 type: object
12251 description: TLS Config to use for alertmanager connection.
12252 properties:
12253 ca:
12254 type: object
12255 description: Struct containing the CA cert to use for the targets.
12256 properties:
12257 configMap:
12258 type: object
12259 description: ConfigMap containing data to use for the targets.
12260 properties:
12261 name:
12262 type: string
12263 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12264 key:
12265 type: string
12266 description: The key to select.
12267 optional:
12268 type: boolean
12269 description: Specify whether the ConfigMap or its key must be defined
12270 required:
12271 - key
12272 x-kubernetes-map-type: atomic
12273 secret:
12274 type: object
12275 description: Secret containing data to use for the targets.
12276 properties:
12277 name:
12278 type: string
12279 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12280 key:
12281 type: string
12282 description: The key of the secret to select from. Must be a valid secret key.
12283 optional:
12284 type: boolean
12285 description: Specify whether the Secret or its key must be defined
12286 required:
12287 - key
12288 x-kubernetes-map-type: atomic
12289 caFile:
12290 type: string
12291 description: Path to the CA cert in the Prometheus container to use for the targets.
12292 cert:
12293 type: object
12294 description: Struct containing the client cert file for the targets.
12295 properties:
12296 configMap:
12297 type: object
12298 description: ConfigMap containing data to use for the targets.
12299 properties:
12300 name:
12301 type: string
12302 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12303 key:
12304 type: string
12305 description: The key to select.
12306 optional:
12307 type: boolean
12308 description: Specify whether the ConfigMap or its key must be defined
12309 required:
12310 - key
12311 x-kubernetes-map-type: atomic
12312 secret:
12313 type: object
12314 description: Secret containing data to use for the targets.
12315 properties:
12316 name:
12317 type: string
12318 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12319 key:
12320 type: string
12321 description: The key of the secret to select from. Must be a valid secret key.
12322 optional:
12323 type: boolean
12324 description: Specify whether the Secret or its key must be defined
12325 required:
12326 - key
12327 x-kubernetes-map-type: atomic
12328 certFile:
12329 type: string
12330 description: Path to the client cert file in the Prometheus container for the targets.
12331 insecureSkipVerify:
12332 type: boolean
12333 description: Disable target certificate validation.
12334 keyFile:
12335 type: string
12336 description: Path to the client key file in the Prometheus container for the targets.
12337 keySecret:
12338 type: object
12339 description: Secret containing the client key file for the targets.
12340 properties:
12341 name:
12342 type: string
12343 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12344 key:
12345 type: string
12346 description: The key of the secret to select from. Must be a valid secret key.
12347 optional:
12348 type: boolean
12349 description: Specify whether the Secret or its key must be defined
12350 required:
12351 - key
12352 x-kubernetes-map-type: atomic
12353 serverName:
12354 type: string
12355 description: Used to verify the hostname for the targets.
12356 required:
12357 - name
12358 - namespace
12359 - port
12360 required:
12361 - alertmanagers
12362 allowOverlappingBlocks:
12363 type: boolean
12364 description: AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental in Prometheus so it may change in any upcoming release.
12365 apiserverConfig:
12366 type: object
12367 description: APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
12368 properties:
12369 authorization:
12370 type: object
12371 description: Authorization section for accessing apiserver
12372 properties:
12373 type:
12374 type: string
12375 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
12376 credentials:
12377 type: object
12378 description: The secret's key that contains the credentials of the request
12379 properties:
12380 name:
12381 type: string
12382 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12383 key:
12384 type: string
12385 description: The key of the secret to select from. Must be a valid secret key.
12386 optional:
12387 type: boolean
12388 description: Specify whether the Secret or its key must be defined
12389 required:
12390 - key
12391 x-kubernetes-map-type: atomic
12392 credentialsFile:
12393 type: string
12394 description: File to read a secret from, mutually exclusive with Credentials (from SafeAuthorization)
12395 basicAuth:
12396 type: object
12397 description: BasicAuth allow an endpoint to authenticate over basic authentication
12398 properties:
12399 password:
12400 type: object
12401 description: The secret in the service monitor namespace that contains the password for authentication.
12402 properties:
12403 name:
12404 type: string
12405 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12406 key:
12407 type: string
12408 description: The key of the secret to select from. Must be a valid secret key.
12409 optional:
12410 type: boolean
12411 description: Specify whether the Secret or its key must be defined
12412 required:
12413 - key
12414 x-kubernetes-map-type: atomic
12415 username:
12416 type: object
12417 description: The secret in the service monitor namespace that contains the username for authentication.
12418 properties:
12419 name:
12420 type: string
12421 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12422 key:
12423 type: string
12424 description: The key of the secret to select from. Must be a valid secret key.
12425 optional:
12426 type: boolean
12427 description: Specify whether the Secret or its key must be defined
12428 required:
12429 - key
12430 x-kubernetes-map-type: atomic
12431 bearerToken:
12432 type: string
12433 description: Bearer token for accessing apiserver.
12434 bearerTokenFile:
12435 type: string
12436 description: File to read bearer token for accessing apiserver.
12437 host:
12438 type: string
12439 description: Host of apiserver. A valid string consisting of a hostname or IP followed by an optional port number
12440 tlsConfig:
12441 type: object
12442 description: TLS Config to use for accessing apiserver.
12443 properties:
12444 ca:
12445 type: object
12446 description: Struct containing the CA cert to use for the targets.
12447 properties:
12448 configMap:
12449 type: object
12450 description: ConfigMap containing data to use for the targets.
12451 properties:
12452 name:
12453 type: string
12454 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12455 key:
12456 type: string
12457 description: The key to select.
12458 optional:
12459 type: boolean
12460 description: Specify whether the ConfigMap or its key must be defined
12461 required:
12462 - key
12463 x-kubernetes-map-type: atomic
12464 secret:
12465 type: object
12466 description: Secret containing data to use for the targets.
12467 properties:
12468 name:
12469 type: string
12470 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12471 key:
12472 type: string
12473 description: The key of the secret to select from. Must be a valid secret key.
12474 optional:
12475 type: boolean
12476 description: Specify whether the Secret or its key must be defined
12477 required:
12478 - key
12479 x-kubernetes-map-type: atomic
12480 caFile:
12481 type: string
12482 description: Path to the CA cert in the Prometheus container to use for the targets.
12483 cert:
12484 type: object
12485 description: Struct containing the client cert file for the targets.
12486 properties:
12487 configMap:
12488 type: object
12489 description: ConfigMap containing data to use for the targets.
12490 properties:
12491 name:
12492 type: string
12493 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12494 key:
12495 type: string
12496 description: The key to select.
12497 optional:
12498 type: boolean
12499 description: Specify whether the ConfigMap or its key must be defined
12500 required:
12501 - key
12502 x-kubernetes-map-type: atomic
12503 secret:
12504 type: object
12505 description: Secret containing data to use for the targets.
12506 properties:
12507 name:
12508 type: string
12509 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12510 key:
12511 type: string
12512 description: The key of the secret to select from. Must be a valid secret key.
12513 optional:
12514 type: boolean
12515 description: Specify whether the Secret or its key must be defined
12516 required:
12517 - key
12518 x-kubernetes-map-type: atomic
12519 certFile:
12520 type: string
12521 description: Path to the client cert file in the Prometheus container for the targets.
12522 insecureSkipVerify:
12523 type: boolean
12524 description: Disable target certificate validation.
12525 keyFile:
12526 type: string
12527 description: Path to the client key file in the Prometheus container for the targets.
12528 keySecret:
12529 type: object
12530 description: Secret containing the client key file for the targets.
12531 properties:
12532 name:
12533 type: string
12534 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12535 key:
12536 type: string
12537 description: The key of the secret to select from. Must be a valid secret key.
12538 optional:
12539 type: boolean
12540 description: Specify whether the Secret or its key must be defined
12541 required:
12542 - key
12543 x-kubernetes-map-type: atomic
12544 serverName:
12545 type: string
12546 description: Used to verify the hostname for the targets.
12547 required:
12548 - host
12549 arbitraryFSAccessThroughSMs:
12550 type: object
12551 description: ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
12552 properties:
12553 deny:
12554 type: boolean
12555 baseImage:
12556 type: string
12557 description: 'Base image to use for a Prometheus deployment. Deprecated: use ''image'' instead'
12558 configMaps:
12559 type: array
12560 description: ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name> in the 'prometheus' container.
12561 items:
12562 type: string
12563 disableCompaction:
12564 type: boolean
12565 description: Disable prometheus compaction.
12566 enableAdminAPI:
12567 type: boolean
12568 description: 'Enable access to prometheus web admin API. Defaults to the value of `false`. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis'
12569 enableFeatures:
12570 type: array
12571 description: Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
12572 items:
12573 type: string
12574 enableRemoteWriteReceiver:
12575 type: boolean
12576 description: 'Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.'
12577 enforcedBodySizeLimit:
12578 type: string
12579 description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.'
12580 pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
12581 enforcedLabelLimit:
12582 type: integer
12583 description: Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
12584 format: int64
12585 enforcedLabelNameLengthLimit:
12586 type: integer
12587 description: Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
12588 format: int64
12589 enforcedLabelValueLengthLimit:
12590 type: integer
12591 description: Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
12592 format: int64
12593 enforcedNamespaceLabel:
12594 type: string
12595 description: "EnforcedNamespaceLabel If set, a label will be added to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and 2. in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to * alerting & recording rules and * the metrics used in their expressions (`expr`). \n Label name is this field's value. Label value is the namespace of the created object (mentioned above)."
12596 enforcedSampleLimit:
12597 type: integer
12598 description: EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
12599 format: int64
12600 enforcedTargetLimit:
12601 type: integer
12602 description: EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
12603 format: int64
12604 evaluationInterval:
12605 type: string
12606 default: 30s
12607 description: 'Interval between consecutive evaluations. Default: `30s`'
12608 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
12609 excludedFromEnforcement:
12610 type: array
12611 description: List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
12612 items:
12613 type: object
12614 description: ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object.
12615 properties:
12616 name:
12617 type: string
12618 description: Name of the referent. When not set, all resources are matched.
12619 namespace:
12620 type: string
12621 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
12622 minLength: 1
12623 group:
12624 type: string
12625 default: monitoring.coreos.com
12626 description: Group of the referent. When not specified, it defaults to `monitoring.coreos.com`
12627 enum:
12628 - monitoring.coreos.com
12629 resource:
12630 type: string
12631 description: Resource of the referent.
12632 enum:
12633 - prometheusrules
12634 - servicemonitors
12635 - podmonitors
12636 - probes
12637 required:
12638 - namespace
12639 - resource
12640 exemplars:
12641 type: object
12642 description: Exemplars related settings that are runtime reloadable. It requires to enable the exemplar storage feature to be effective.
12643 properties:
12644 maxSize:
12645 type: integer
12646 description: Maximum number of exemplars stored in memory for all series. If not set, Prometheus uses its default value. A value of zero or less than zero disables the storage.
12647 format: int64
12648 externalLabels:
12649 type: object
12650 additionalProperties:
12651 type: string
12652 description: The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
12653 externalUrl:
12654 type: string
12655 description: The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
12656 ignoreNamespaceSelectors:
12657 type: boolean
12658 description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
12659 listenLocal:
12660 type: boolean
12661 description: ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
12662 logFormat:
12663 type: string
12664 description: Log format for Prometheus to be configured with.
12665 enum:
12666 - ""
12667 - logfmt
12668 - json
12669 logLevel:
12670 type: string
12671 description: Log level for Prometheus to be configured with.
12672 enum:
12673 - ""
12674 - debug
12675 - info
12676 - warn
12677 - error
12678 overrideHonorLabels:
12679 type: boolean
12680 description: When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to "exported_<label value>" for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
12681 overrideHonorTimestamps:
12682 type: boolean
12683 description: When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies.
12684 podMetadata:
12685 type: object
12686 description: PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
12687 properties:
12688 name:
12689 type: string
12690 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
12691 labels:
12692 type: object
12693 additionalProperties:
12694 type: string
12695 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
12696 annotations:
12697 type: object
12698 additionalProperties:
12699 type: string
12700 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
12701 podMonitorNamespaceSelector:
12702 type: object
12703 description: Namespace's labels to match for PodMonitor discovery. If nil, only check own namespace.
12704 properties:
12705 matchExpressions:
12706 type: array
12707 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
12708 items:
12709 type: object
12710 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
12711 properties:
12712 key:
12713 type: string
12714 description: key is the label key that the selector applies to.
12715 operator:
12716 type: string
12717 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
12718 values:
12719 type: array
12720 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
12721 items:
12722 type: string
12723 required:
12724 - key
12725 - operator
12726 matchLabels:
12727 type: object
12728 additionalProperties:
12729 type: string
12730 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
12731 x-kubernetes-map-type: atomic
12732 podMonitorSelector:
12733 type: object
12734 description: '*Experimental* PodMonitors to be selected for target discovery. *Deprecated:* if neither this nor serviceMonitorSelector are specified, configuration is unmanaged.'
12735 properties:
12736 matchExpressions:
12737 type: array
12738 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
12739 items:
12740 type: object
12741 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
12742 properties:
12743 key:
12744 type: string
12745 description: key is the label key that the selector applies to.
12746 operator:
12747 type: string
12748 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
12749 values:
12750 type: array
12751 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
12752 items:
12753 type: string
12754 required:
12755 - key
12756 - operator
12757 matchLabels:
12758 type: object
12759 additionalProperties:
12760 type: string
12761 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
12762 x-kubernetes-map-type: atomic
12763 portName:
12764 type: string
12765 description: Port name used for the pods and governing service. This defaults to web
12766 probeNamespaceSelector:
12767 type: object
12768 description: '*Experimental* Namespaces to be selected for Probe discovery. If nil, only check own namespace.'
12769 properties:
12770 matchExpressions:
12771 type: array
12772 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
12773 items:
12774 type: object
12775 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
12776 properties:
12777 key:
12778 type: string
12779 description: key is the label key that the selector applies to.
12780 operator:
12781 type: string
12782 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
12783 values:
12784 type: array
12785 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
12786 items:
12787 type: string
12788 required:
12789 - key
12790 - operator
12791 matchLabels:
12792 type: object
12793 additionalProperties:
12794 type: string
12795 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
12796 x-kubernetes-map-type: atomic
12797 probeSelector:
12798 type: object
12799 description: '*Experimental* Probes to be selected for target discovery.'
12800 properties:
12801 matchExpressions:
12802 type: array
12803 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
12804 items:
12805 type: object
12806 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
12807 properties:
12808 key:
12809 type: string
12810 description: key is the label key that the selector applies to.
12811 operator:
12812 type: string
12813 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
12814 values:
12815 type: array
12816 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
12817 items:
12818 type: string
12819 required:
12820 - key
12821 - operator
12822 matchLabels:
12823 type: object
12824 additionalProperties:
12825 type: string
12826 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
12827 x-kubernetes-map-type: atomic
12828 prometheusExternalLabelName:
12829 type: string
12830 description: Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will _not_ be added when value is set to empty string (`""`).
12831 prometheusRulesExcludedFromEnforce:
12832 type: array
12833 description: 'PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair. Deprecated: use excludedFromEnforcement instead.'
12834 items:
12835 type: object
12836 description: PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.
12837 properties:
12838 ruleName:
12839 type: string
12840 description: RuleNamespace - name of excluded rule
12841 ruleNamespace:
12842 type: string
12843 description: RuleNamespace - namespace of excluded rule
12844 required:
12845 - ruleName
12846 - ruleNamespace
12847 query:
12848 type: object
12849 description: QuerySpec defines the query command line flags when starting Prometheus.
12850 properties:
12851 lookbackDelta:
12852 type: string
12853 description: The delta difference allowed for retrieving metrics during expression evaluations.
12854 maxConcurrency:
12855 type: integer
12856 description: Number of concurrent queries that can be run at once.
12857 format: int32
12858 maxSamples:
12859 type: integer
12860 description: Maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return.
12861 format: int32
12862 timeout:
12863 type: string
12864 description: Maximum time a query may take before being aborted.
12865 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
12866 queryLogFile:
12867 type: string
12868 description: QueryLogFile specifies the file to which PromQL queries are logged. If the filename has an empty path, e.g. 'query.log', prometheus-operator will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log, you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a stdout location such as `/dev/stdout` to log query information to the default Prometheus log stream. This is only available in versions of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
12869 remoteRead:
12870 type: array
12871 description: remoteRead is the list of remote read configurations.
12872 items:
12873 type: object
12874 description: RemoteReadSpec defines the configuration for Prometheus to read back samples from a remote endpoint.
12875 properties:
12876 name:
12877 type: string
12878 description: The name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. Only valid in Prometheus versions 2.15.0 and newer.
12879 authorization:
12880 type: object
12881 description: Authorization section for remote read
12882 properties:
12883 type:
12884 type: string
12885 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
12886 credentials:
12887 type: object
12888 description: The secret's key that contains the credentials of the request
12889 properties:
12890 name:
12891 type: string
12892 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12893 key:
12894 type: string
12895 description: The key of the secret to select from. Must be a valid secret key.
12896 optional:
12897 type: boolean
12898 description: Specify whether the Secret or its key must be defined
12899 required:
12900 - key
12901 x-kubernetes-map-type: atomic
12902 credentialsFile:
12903 type: string
12904 description: File to read a secret from, mutually exclusive with Credentials (from SafeAuthorization)
12905 basicAuth:
12906 type: object
12907 description: BasicAuth for the URL.
12908 properties:
12909 password:
12910 type: object
12911 description: The secret in the service monitor namespace that contains the password for authentication.
12912 properties:
12913 name:
12914 type: string
12915 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12916 key:
12917 type: string
12918 description: The key of the secret to select from. Must be a valid secret key.
12919 optional:
12920 type: boolean
12921 description: Specify whether the Secret or its key must be defined
12922 required:
12923 - key
12924 x-kubernetes-map-type: atomic
12925 username:
12926 type: object
12927 description: The secret in the service monitor namespace that contains the username for authentication.
12928 properties:
12929 name:
12930 type: string
12931 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12932 key:
12933 type: string
12934 description: The key of the secret to select from. Must be a valid secret key.
12935 optional:
12936 type: boolean
12937 description: Specify whether the Secret or its key must be defined
12938 required:
12939 - key
12940 x-kubernetes-map-type: atomic
12941 bearerToken:
12942 type: string
12943 description: Bearer token for remote read.
12944 bearerTokenFile:
12945 type: string
12946 description: File to read bearer token for remote read.
12947 headers:
12948 type: object
12949 additionalProperties:
12950 type: string
12951 description: Custom HTTP headers to be sent along with each remote read request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.26.0 and newer.
12952 oauth2:
12953 type: object
12954 description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
12955 properties:
12956 clientId:
12957 type: object
12958 description: The secret or configmap containing the OAuth2 client id
12959 properties:
12960 configMap:
12961 type: object
12962 description: ConfigMap containing data to use for the targets.
12963 properties:
12964 name:
12965 type: string
12966 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12967 key:
12968 type: string
12969 description: The key to select.
12970 optional:
12971 type: boolean
12972 description: Specify whether the ConfigMap or its key must be defined
12973 required:
12974 - key
12975 x-kubernetes-map-type: atomic
12976 secret:
12977 type: object
12978 description: Secret containing data to use for the targets.
12979 properties:
12980 name:
12981 type: string
12982 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12983 key:
12984 type: string
12985 description: The key of the secret to select from. Must be a valid secret key.
12986 optional:
12987 type: boolean
12988 description: Specify whether the Secret or its key must be defined
12989 required:
12990 - key
12991 x-kubernetes-map-type: atomic
12992 clientSecret:
12993 type: object
12994 description: The secret containing the OAuth2 client secret
12995 properties:
12996 name:
12997 type: string
12998 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
12999 key:
13000 type: string
13001 description: The key of the secret to select from. Must be a valid secret key.
13002 optional:
13003 type: boolean
13004 description: Specify whether the Secret or its key must be defined
13005 required:
13006 - key
13007 x-kubernetes-map-type: atomic
13008 endpointParams:
13009 type: object
13010 additionalProperties:
13011 type: string
13012 description: Parameters to append to the token URL
13013 scopes:
13014 type: array
13015 description: OAuth2 scopes used for the token request
13016 items:
13017 type: string
13018 tokenUrl:
13019 type: string
13020 description: The URL to fetch the token from
13021 minLength: 1
13022 required:
13023 - clientId
13024 - clientSecret
13025 - tokenUrl
13026 proxyUrl:
13027 type: string
13028 description: Optional ProxyURL.
13029 readRecent:
13030 type: boolean
13031 description: Whether reads should be made for queries for time ranges that the local storage should have complete data for.
13032 remoteTimeout:
13033 type: string
13034 description: Timeout for requests to the remote read endpoint.
13035 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
13036 requiredMatchers:
13037 type: object
13038 additionalProperties:
13039 type: string
13040 description: An optional list of equality matchers which have to be present in a selector to query the remote read endpoint.
13041 tlsConfig:
13042 type: object
13043 description: TLS Config to use for remote read.
13044 properties:
13045 ca:
13046 type: object
13047 description: Struct containing the CA cert to use for the targets.
13048 properties:
13049 configMap:
13050 type: object
13051 description: ConfigMap containing data to use for the targets.
13052 properties:
13053 name:
13054 type: string
13055 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13056 key:
13057 type: string
13058 description: The key to select.
13059 optional:
13060 type: boolean
13061 description: Specify whether the ConfigMap or its key must be defined
13062 required:
13063 - key
13064 x-kubernetes-map-type: atomic
13065 secret:
13066 type: object
13067 description: Secret containing data to use for the targets.
13068 properties:
13069 name:
13070 type: string
13071 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13072 key:
13073 type: string
13074 description: The key of the secret to select from. Must be a valid secret key.
13075 optional:
13076 type: boolean
13077 description: Specify whether the Secret or its key must be defined
13078 required:
13079 - key
13080 x-kubernetes-map-type: atomic
13081 caFile:
13082 type: string
13083 description: Path to the CA cert in the Prometheus container to use for the targets.
13084 cert:
13085 type: object
13086 description: Struct containing the client cert file for the targets.
13087 properties:
13088 configMap:
13089 type: object
13090 description: ConfigMap containing data to use for the targets.
13091 properties:
13092 name:
13093 type: string
13094 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13095 key:
13096 type: string
13097 description: The key to select.
13098 optional:
13099 type: boolean
13100 description: Specify whether the ConfigMap or its key must be defined
13101 required:
13102 - key
13103 x-kubernetes-map-type: atomic
13104 secret:
13105 type: object
13106 description: Secret containing data to use for the targets.
13107 properties:
13108 name:
13109 type: string
13110 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13111 key:
13112 type: string
13113 description: The key of the secret to select from. Must be a valid secret key.
13114 optional:
13115 type: boolean
13116 description: Specify whether the Secret or its key must be defined
13117 required:
13118 - key
13119 x-kubernetes-map-type: atomic
13120 certFile:
13121 type: string
13122 description: Path to the client cert file in the Prometheus container for the targets.
13123 insecureSkipVerify:
13124 type: boolean
13125 description: Disable target certificate validation.
13126 keyFile:
13127 type: string
13128 description: Path to the client key file in the Prometheus container for the targets.
13129 keySecret:
13130 type: object
13131 description: Secret containing the client key file for the targets.
13132 properties:
13133 name:
13134 type: string
13135 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13136 key:
13137 type: string
13138 description: The key of the secret to select from. Must be a valid secret key.
13139 optional:
13140 type: boolean
13141 description: Specify whether the Secret or its key must be defined
13142 required:
13143 - key
13144 x-kubernetes-map-type: atomic
13145 serverName:
13146 type: string
13147 description: Used to verify the hostname for the targets.
13148 url:
13149 type: string
13150 description: The URL of the endpoint to query from.
13151 required:
13152 - url
13153 remoteWrite:
13154 type: array
13155 description: remoteWrite is the list of remote write configurations.
13156 items:
13157 type: object
13158 description: RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
13159 properties:
13160 name:
13161 type: string
13162 description: The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer.
13163 authorization:
13164 type: object
13165 description: Authorization section for remote write
13166 properties:
13167 type:
13168 type: string
13169 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
13170 credentials:
13171 type: object
13172 description: The secret's key that contains the credentials of the request
13173 properties:
13174 name:
13175 type: string
13176 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13177 key:
13178 type: string
13179 description: The key of the secret to select from. Must be a valid secret key.
13180 optional:
13181 type: boolean
13182 description: Specify whether the Secret or its key must be defined
13183 required:
13184 - key
13185 x-kubernetes-map-type: atomic
13186 credentialsFile:
13187 type: string
13188 description: File to read a secret from, mutually exclusive with Credentials (from SafeAuthorization)
13189 basicAuth:
13190 type: object
13191 description: BasicAuth for the URL.
13192 properties:
13193 password:
13194 type: object
13195 description: The secret in the service monitor namespace that contains the password for authentication.
13196 properties:
13197 name:
13198 type: string
13199 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13200 key:
13201 type: string
13202 description: The key of the secret to select from. Must be a valid secret key.
13203 optional:
13204 type: boolean
13205 description: Specify whether the Secret or its key must be defined
13206 required:
13207 - key
13208 x-kubernetes-map-type: atomic
13209 username:
13210 type: object
13211 description: The secret in the service monitor namespace that contains the username for authentication.
13212 properties:
13213 name:
13214 type: string
13215 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13216 key:
13217 type: string
13218 description: The key of the secret to select from. Must be a valid secret key.
13219 optional:
13220 type: boolean
13221 description: Specify whether the Secret or its key must be defined
13222 required:
13223 - key
13224 x-kubernetes-map-type: atomic
13225 bearerToken:
13226 type: string
13227 description: Bearer token for remote write.
13228 bearerTokenFile:
13229 type: string
13230 description: File to read bearer token for remote write.
13231 headers:
13232 type: object
13233 additionalProperties:
13234 type: string
13235 description: Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.25.0 and newer.
13236 metadataConfig:
13237 type: object
13238 description: MetadataConfig configures the sending of series metadata to the remote storage.
13239 properties:
13240 send:
13241 type: boolean
13242 description: Whether metric metadata is sent to the remote storage or not.
13243 sendInterval:
13244 type: string
13245 description: How frequently metric metadata is sent to the remote storage.
13246 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
13247 oauth2:
13248 type: object
13249 description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
13250 properties:
13251 clientId:
13252 type: object
13253 description: The secret or configmap containing the OAuth2 client id
13254 properties:
13255 configMap:
13256 type: object
13257 description: ConfigMap containing data to use for the targets.
13258 properties:
13259 name:
13260 type: string
13261 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13262 key:
13263 type: string
13264 description: The key to select.
13265 optional:
13266 type: boolean
13267 description: Specify whether the ConfigMap or its key must be defined
13268 required:
13269 - key
13270 x-kubernetes-map-type: atomic
13271 secret:
13272 type: object
13273 description: Secret containing data to use for the targets.
13274 properties:
13275 name:
13276 type: string
13277 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13278 key:
13279 type: string
13280 description: The key of the secret to select from. Must be a valid secret key.
13281 optional:
13282 type: boolean
13283 description: Specify whether the Secret or its key must be defined
13284 required:
13285 - key
13286 x-kubernetes-map-type: atomic
13287 clientSecret:
13288 type: object
13289 description: The secret containing the OAuth2 client secret
13290 properties:
13291 name:
13292 type: string
13293 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13294 key:
13295 type: string
13296 description: The key of the secret to select from. Must be a valid secret key.
13297 optional:
13298 type: boolean
13299 description: Specify whether the Secret or its key must be defined
13300 required:
13301 - key
13302 x-kubernetes-map-type: atomic
13303 endpointParams:
13304 type: object
13305 additionalProperties:
13306 type: string
13307 description: Parameters to append to the token URL
13308 scopes:
13309 type: array
13310 description: OAuth2 scopes used for the token request
13311 items:
13312 type: string
13313 tokenUrl:
13314 type: string
13315 description: The URL to fetch the token from
13316 minLength: 1
13317 required:
13318 - clientId
13319 - clientSecret
13320 - tokenUrl
13321 proxyUrl:
13322 type: string
13323 description: Optional ProxyURL.
13324 queueConfig:
13325 type: object
13326 description: QueueConfig allows tuning of the remote write queue parameters.
13327 properties:
13328 batchSendDeadline:
13329 type: string
13330 description: BatchSendDeadline is the maximum time a sample will wait in buffer.
13331 capacity:
13332 type: integer
13333 description: Capacity is the number of samples to buffer per shard before we start dropping them.
13334 maxBackoff:
13335 type: string
13336 description: MaxBackoff is the maximum retry delay.
13337 maxRetries:
13338 type: integer
13339 description: MaxRetries is the maximum number of times to retry a batch on recoverable errors.
13340 maxSamplesPerSend:
13341 type: integer
13342 description: MaxSamplesPerSend is the maximum number of samples per send.
13343 maxShards:
13344 type: integer
13345 description: MaxShards is the maximum number of shards, i.e. amount of concurrency.
13346 minBackoff:
13347 type: string
13348 description: MinBackoff is the initial retry delay. Gets doubled for every retry.
13349 minShards:
13350 type: integer
13351 description: MinShards is the minimum number of shards, i.e. amount of concurrency.
13352 retryOnRateLimit:
13353 type: boolean
13354 description: Retry upon receiving a 429 status code from the remote-write storage. This is experimental feature and might change in the future.
13355 remoteTimeout:
13356 type: string
13357 description: Timeout for requests to the remote write endpoint.
13358 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
13359 sendExemplars:
13360 type: boolean
13361 description: Enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the enableFeature option for exemplars to be scraped in the first place. Only valid in Prometheus versions 2.27.0 and newer.
13362 sigv4:
13363 type: object
13364 description: Sigv4 allows to configures AWS's Signature Verification 4
13365 properties:
13366 accessKey:
13367 type: object
13368 description: AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used.
13369 properties:
13370 name:
13371 type: string
13372 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13373 key:
13374 type: string
13375 description: The key of the secret to select from. Must be a valid secret key.
13376 optional:
13377 type: boolean
13378 description: Specify whether the Secret or its key must be defined
13379 required:
13380 - key
13381 x-kubernetes-map-type: atomic
13382 profile:
13383 type: string
13384 description: Profile is the named AWS profile used to authenticate.
13385 region:
13386 type: string
13387 description: Region is the AWS region. If blank, the region from the default credentials chain used.
13388 roleArn:
13389 type: string
13390 description: RoleArn is the named AWS profile used to authenticate.
13391 secretKey:
13392 type: object
13393 description: SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
13394 properties:
13395 name:
13396 type: string
13397 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13398 key:
13399 type: string
13400 description: The key of the secret to select from. Must be a valid secret key.
13401 optional:
13402 type: boolean
13403 description: Specify whether the Secret or its key must be defined
13404 required:
13405 - key
13406 x-kubernetes-map-type: atomic
13407 tlsConfig:
13408 type: object
13409 description: TLS Config to use for remote write.
13410 properties:
13411 ca:
13412 type: object
13413 description: Struct containing the CA cert to use for the targets.
13414 properties:
13415 configMap:
13416 type: object
13417 description: ConfigMap containing data to use for the targets.
13418 properties:
13419 name:
13420 type: string
13421 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13422 key:
13423 type: string
13424 description: The key to select.
13425 optional:
13426 type: boolean
13427 description: Specify whether the ConfigMap or its key must be defined
13428 required:
13429 - key
13430 x-kubernetes-map-type: atomic
13431 secret:
13432 type: object
13433 description: Secret containing data to use for the targets.
13434 properties:
13435 name:
13436 type: string
13437 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13438 key:
13439 type: string
13440 description: The key of the secret to select from. Must be a valid secret key.
13441 optional:
13442 type: boolean
13443 description: Specify whether the Secret or its key must be defined
13444 required:
13445 - key
13446 x-kubernetes-map-type: atomic
13447 caFile:
13448 type: string
13449 description: Path to the CA cert in the Prometheus container to use for the targets.
13450 cert:
13451 type: object
13452 description: Struct containing the client cert file for the targets.
13453 properties:
13454 configMap:
13455 type: object
13456 description: ConfigMap containing data to use for the targets.
13457 properties:
13458 name:
13459 type: string
13460 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13461 key:
13462 type: string
13463 description: The key to select.
13464 optional:
13465 type: boolean
13466 description: Specify whether the ConfigMap or its key must be defined
13467 required:
13468 - key
13469 x-kubernetes-map-type: atomic
13470 secret:
13471 type: object
13472 description: Secret containing data to use for the targets.
13473 properties:
13474 name:
13475 type: string
13476 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13477 key:
13478 type: string
13479 description: The key of the secret to select from. Must be a valid secret key.
13480 optional:
13481 type: boolean
13482 description: Specify whether the Secret or its key must be defined
13483 required:
13484 - key
13485 x-kubernetes-map-type: atomic
13486 certFile:
13487 type: string
13488 description: Path to the client cert file in the Prometheus container for the targets.
13489 insecureSkipVerify:
13490 type: boolean
13491 description: Disable target certificate validation.
13492 keyFile:
13493 type: string
13494 description: Path to the client key file in the Prometheus container for the targets.
13495 keySecret:
13496 type: object
13497 description: Secret containing the client key file for the targets.
13498 properties:
13499 name:
13500 type: string
13501 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
13502 key:
13503 type: string
13504 description: The key of the secret to select from. Must be a valid secret key.
13505 optional:
13506 type: boolean
13507 description: Specify whether the Secret or its key must be defined
13508 required:
13509 - key
13510 x-kubernetes-map-type: atomic
13511 serverName:
13512 type: string
13513 description: Used to verify the hostname for the targets.
13514 url:
13515 type: string
13516 description: The URL of the endpoint to send samples to.
13517 writeRelabelConfigs:
13518 type: array
13519 description: The list of remote write relabel configurations.
13520 items:
13521 type: object
13522 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
13523 properties:
13524 action:
13525 type: string
13526 default: replace
13527 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
13528 enum:
13529 - replace
13530 - Replace
13531 - keep
13532 - Keep
13533 - drop
13534 - Drop
13535 - hashmod
13536 - HashMod
13537 - labelmap
13538 - LabelMap
13539 - labeldrop
13540 - LabelDrop
13541 - labelkeep
13542 - LabelKeep
13543 - lowercase
13544 - Lowercase
13545 - uppercase
13546 - Uppercase
13547 modulus:
13548 type: integer
13549 description: Modulus to take of the hash of the source label values.
13550 format: int64
13551 regex:
13552 type: string
13553 description: Regular expression against which the extracted value is matched. Default is '(.*)'
13554 replacement:
13555 type: string
13556 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
13557 separator:
13558 type: string
13559 description: Separator placed between concatenated source label values. default is ';'.
13560 sourceLabels:
13561 type: array
13562 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
13563 items:
13564 type: string
13565 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
13566 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
13567 targetLabel:
13568 type: string
13569 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
13570 required:
13571 - url
13572 replicaExternalLabelName:
13573 type: string
13574 description: Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will _not_ be added when value is set to empty string (`""`).
13575 retention:
13576 type: string
13577 description: Time duration Prometheus shall retain data for. Default is '24h' if retentionSize is not set, and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years).
13578 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
13579 retentionSize:
13580 type: string
13581 description: Maximum amount of disk space used by blocks.
13582 pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
13583 routePrefix:
13584 type: string
13585 description: The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
13586 ruleNamespaceSelector:
13587 type: object
13588 description: Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used.
13589 properties:
13590 matchExpressions:
13591 type: array
13592 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
13593 items:
13594 type: object
13595 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
13596 properties:
13597 key:
13598 type: string
13599 description: key is the label key that the selector applies to.
13600 operator:
13601 type: string
13602 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
13603 values:
13604 type: array
13605 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
13606 items:
13607 type: string
13608 required:
13609 - key
13610 - operator
13611 matchLabels:
13612 type: object
13613 additionalProperties:
13614 type: string
13615 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
13616 x-kubernetes-map-type: atomic
13617 ruleSelector:
13618 type: object
13619 description: A selector to select which PrometheusRules to mount for loading alerting/recording rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated.
13620 properties:
13621 matchExpressions:
13622 type: array
13623 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
13624 items:
13625 type: object
13626 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
13627 properties:
13628 key:
13629 type: string
13630 description: key is the label key that the selector applies to.
13631 operator:
13632 type: string
13633 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
13634 values:
13635 type: array
13636 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
13637 items:
13638 type: string
13639 required:
13640 - key
13641 - operator
13642 matchLabels:
13643 type: object
13644 additionalProperties:
13645 type: string
13646 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
13647 x-kubernetes-map-type: atomic
13648 rules:
13649 type: object
13650 description: /--rules.*/ command-line arguments.
13651 properties:
13652 alert:
13653 type: object
13654 description: /--rules.alert.*/ command-line arguments
13655 properties:
13656 forGracePeriod:
13657 type: string
13658 description: Minimum duration between alert and restored 'for' state. This is maintained only for alerts with configured 'for' time greater than grace period.
13659 forOutageTolerance:
13660 type: string
13661 description: Max time to tolerate prometheus outage for restoring 'for' state of alert.
13662 resendDelay:
13663 type: string
13664 description: Minimum amount of time to wait before resending an alert to Alertmanager.
13665 scrapeInterval:
13666 type: string
13667 default: 30s
13668 description: 'Interval between consecutive scrapes. Default: `30s`'
13669 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
13670 scrapeTimeout:
13671 type: string
13672 description: Number of seconds to wait for target to respond before erroring.
13673 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
13674 secrets:
13675 type: array
13676 description: Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/<secret-name> in the 'prometheus' container.
13677 items:
13678 type: string
13679 serviceMonitorNamespaceSelector:
13680 type: object
13681 description: Namespace's labels to match for ServiceMonitor discovery. If nil, only check own namespace.
13682 properties:
13683 matchExpressions:
13684 type: array
13685 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
13686 items:
13687 type: object
13688 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
13689 properties:
13690 key:
13691 type: string
13692 description: key is the label key that the selector applies to.
13693 operator:
13694 type: string
13695 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
13696 values:
13697 type: array
13698 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
13699 items:
13700 type: string
13701 required:
13702 - key
13703 - operator
13704 matchLabels:
13705 type: object
13706 additionalProperties:
13707 type: string
13708 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
13709 x-kubernetes-map-type: atomic
13710 serviceMonitorSelector:
13711 type: object
13712 description: ServiceMonitors to be selected for target discovery. *Deprecated:* if neither this nor podMonitorSelector are specified, configuration is unmanaged.
13713 properties:
13714 matchExpressions:
13715 type: array
13716 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
13717 items:
13718 type: object
13719 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
13720 properties:
13721 key:
13722 type: string
13723 description: key is the label key that the selector applies to.
13724 operator:
13725 type: string
13726 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
13727 values:
13728 type: array
13729 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
13730 items:
13731 type: string
13732 required:
13733 - key
13734 - operator
13735 matchLabels:
13736 type: object
13737 additionalProperties:
13738 type: string
13739 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
13740 x-kubernetes-map-type: atomic
13741 sha:
13742 type: string
13743 description: 'SHA of Prometheus container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.'
13744 shards:
13745 type: integer
13746 description: 'EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.'
13747 format: int32
13748 storage:
13749 type: object
13750 description: Storage spec to specify how storage shall be used.
13751 properties:
13752 disableMountSubPath:
13753 type: boolean
13754 description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
13755 emptyDir:
13756 type: object
13757 description: 'EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
13758 properties:
13759 medium:
13760 type: string
13761 description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
13762 sizeLimit:
13763 anyOf:
13764 - type: integer
13765 - type: string
13766 description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
13767 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13768 x-kubernetes-int-or-string: true
13769 ephemeral:
13770 type: object
13771 description: 'EphemeralVolumeSource to be used by the Prometheus StatefulSets. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
13772 properties:
13773 volumeClaimTemplate:
13774 type: object
13775 description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
13776 properties:
13777 metadata:
13778 type: object
13779 description: May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
13780 spec:
13781 type: object
13782 description: The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
13783 properties:
13784 selector:
13785 type: object
13786 description: selector is a label query over volumes to consider for binding.
13787 properties:
13788 matchExpressions:
13789 type: array
13790 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
13791 items:
13792 type: object
13793 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
13794 properties:
13795 key:
13796 type: string
13797 description: key is the label key that the selector applies to.
13798 operator:
13799 type: string
13800 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
13801 values:
13802 type: array
13803 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
13804 items:
13805 type: string
13806 required:
13807 - key
13808 - operator
13809 matchLabels:
13810 type: object
13811 additionalProperties:
13812 type: string
13813 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
13814 x-kubernetes-map-type: atomic
13815 resources:
13816 type: object
13817 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
13818 properties:
13819 limits:
13820 type: object
13821 additionalProperties:
13822 anyOf:
13823 - type: integer
13824 - type: string
13825 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13826 x-kubernetes-int-or-string: true
13827 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
13828 requests:
13829 type: object
13830 additionalProperties:
13831 anyOf:
13832 - type: integer
13833 - type: string
13834 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13835 x-kubernetes-int-or-string: true
13836 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
13837 accessModes:
13838 type: array
13839 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
13840 items:
13841 type: string
13842 dataSource:
13843 type: object
13844 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
13845 properties:
13846 name:
13847 type: string
13848 description: Name is the name of resource being referenced
13849 kind:
13850 type: string
13851 description: Kind is the type of resource being referenced
13852 apiGroup:
13853 type: string
13854 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
13855 required:
13856 - kind
13857 - name
13858 x-kubernetes-map-type: atomic
13859 dataSourceRef:
13860 type: object
13861 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
13862 properties:
13863 name:
13864 type: string
13865 description: Name is the name of resource being referenced
13866 kind:
13867 type: string
13868 description: Kind is the type of resource being referenced
13869 apiGroup:
13870 type: string
13871 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
13872 required:
13873 - kind
13874 - name
13875 x-kubernetes-map-type: atomic
13876 storageClassName:
13877 type: string
13878 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
13879 volumeMode:
13880 type: string
13881 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
13882 volumeName:
13883 type: string
13884 description: volumeName is the binding reference to the PersistentVolume backing this claim.
13885 required:
13886 - spec
13887 volumeClaimTemplate:
13888 type: object
13889 description: A PVC spec to be used by the Prometheus StatefulSets.
13890 properties:
13891 apiVersion:
13892 type: string
13893 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
13894 kind:
13895 type: string
13896 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
13897 metadata:
13898 type: object
13899 description: EmbeddedMetadata contains metadata relevant to an EmbeddedResource.
13900 properties:
13901 name:
13902 type: string
13903 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
13904 labels:
13905 type: object
13906 additionalProperties:
13907 type: string
13908 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
13909 annotations:
13910 type: object
13911 additionalProperties:
13912 type: string
13913 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
13914 spec:
13915 type: object
13916 description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
13917 properties:
13918 selector:
13919 type: object
13920 description: selector is a label query over volumes to consider for binding.
13921 properties:
13922 matchExpressions:
13923 type: array
13924 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
13925 items:
13926 type: object
13927 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
13928 properties:
13929 key:
13930 type: string
13931 description: key is the label key that the selector applies to.
13932 operator:
13933 type: string
13934 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
13935 values:
13936 type: array
13937 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
13938 items:
13939 type: string
13940 required:
13941 - key
13942 - operator
13943 matchLabels:
13944 type: object
13945 additionalProperties:
13946 type: string
13947 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
13948 x-kubernetes-map-type: atomic
13949 resources:
13950 type: object
13951 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
13952 properties:
13953 limits:
13954 type: object
13955 additionalProperties:
13956 anyOf:
13957 - type: integer
13958 - type: string
13959 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13960 x-kubernetes-int-or-string: true
13961 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
13962 requests:
13963 type: object
13964 additionalProperties:
13965 anyOf:
13966 - type: integer
13967 - type: string
13968 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
13969 x-kubernetes-int-or-string: true
13970 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
13971 accessModes:
13972 type: array
13973 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
13974 items:
13975 type: string
13976 dataSource:
13977 type: object
13978 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
13979 properties:
13980 name:
13981 type: string
13982 description: Name is the name of resource being referenced
13983 kind:
13984 type: string
13985 description: Kind is the type of resource being referenced
13986 apiGroup:
13987 type: string
13988 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
13989 required:
13990 - kind
13991 - name
13992 x-kubernetes-map-type: atomic
13993 dataSourceRef:
13994 type: object
13995 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
13996 properties:
13997 name:
13998 type: string
13999 description: Name is the name of resource being referenced
14000 kind:
14001 type: string
14002 description: Kind is the type of resource being referenced
14003 apiGroup:
14004 type: string
14005 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
14006 required:
14007 - kind
14008 - name
14009 x-kubernetes-map-type: atomic
14010 storageClassName:
14011 type: string
14012 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
14013 volumeMode:
14014 type: string
14015 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
14016 volumeName:
14017 type: string
14018 description: volumeName is the binding reference to the PersistentVolume backing this claim.
14019 status:
14020 type: object
14021 description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
14022 properties:
14023 accessModes:
14024 type: array
14025 description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
14026 items:
14027 type: string
14028 allocatedResources:
14029 type: object
14030 additionalProperties:
14031 anyOf:
14032 - type: integer
14033 - type: string
14034 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14035 x-kubernetes-int-or-string: true
14036 description: allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
14037 capacity:
14038 type: object
14039 additionalProperties:
14040 anyOf:
14041 - type: integer
14042 - type: string
14043 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14044 x-kubernetes-int-or-string: true
14045 description: capacity represents the actual resources of the underlying volume.
14046 conditions:
14047 type: array
14048 description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
14049 items:
14050 type: object
14051 description: PersistentVolumeClaimCondition contails details about state of pvc
14052 properties:
14053 type:
14054 type: string
14055 description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
14056 status:
14057 type: string
14058 lastProbeTime:
14059 type: string
14060 description: lastProbeTime is the time we probed the condition.
14061 format: date-time
14062 lastTransitionTime:
14063 type: string
14064 description: lastTransitionTime is the time the condition transitioned from one status to another.
14065 format: date-time
14066 message:
14067 type: string
14068 description: message is the human-readable message indicating details about last transition.
14069 reason:
14070 type: string
14071 description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
14072 required:
14073 - status
14074 - type
14075 phase:
14076 type: string
14077 description: phase represents the current phase of PersistentVolumeClaim.
14078 resizeStatus:
14079 type: string
14080 description: resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
14081 tag:
14082 type: string
14083 description: 'Tag of Prometheus container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.'
14084 thanos:
14085 type: object
14086 description: "Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. \n This section is experimental, it may change significantly without deprecation notice in any release. \n This is experimental and may change significantly without backward compatibility in any release."
14087 properties:
14088 image:
14089 type: string
14090 description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Thanos is being configured.
14091 resources:
14092 type: object
14093 description: Resources defines the resource requirements for the Thanos sidecar. If not provided, no requests/limits will be set
14094 properties:
14095 limits:
14096 type: object
14097 additionalProperties:
14098 anyOf:
14099 - type: integer
14100 - type: string
14101 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14102 x-kubernetes-int-or-string: true
14103 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
14104 requests:
14105 type: object
14106 additionalProperties:
14107 anyOf:
14108 - type: integer
14109 - type: string
14110 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
14111 x-kubernetes-int-or-string: true
14112 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
14113 volumeMounts:
14114 type: array
14115 description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the thanos-sidecar container.
14116 items:
14117 type: object
14118 description: VolumeMount describes a mounting of a Volume within a container.
14119 properties:
14120 name:
14121 type: string
14122 description: This must match the Name of a Volume.
14123 readOnly:
14124 type: boolean
14125 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
14126 mountPath:
14127 type: string
14128 description: Path within the container at which the volume should be mounted. Must not contain ':'.
14129 subPath:
14130 type: string
14131 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
14132 subPathExpr:
14133 type: string
14134 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
14135 mountPropagation:
14136 type: string
14137 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
14138 required:
14139 - mountPath
14140 - name
14141 additionalArgs:
14142 type: array
14143 description: AdditionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
14144 items:
14145 type: object
14146 description: Argument as part of the AdditionalArgs list.
14147 properties:
14148 name:
14149 type: string
14150 description: Name of the argument, e.g. "scrape.discovery-reload-interval".
14151 minLength: 1
14152 value:
14153 type: string
14154 description: Argument value, e.g. 30s. Can be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile)
14155 required:
14156 - name
14157 baseImage:
14158 type: string
14159 description: 'Thanos base image if other than default. Deprecated: use ''image'' instead'
14160 grpcListenLocal:
14161 type: boolean
14162 description: If true, the Thanos sidecar listens on the loopback interface for the gRPC endpoints. It has no effect if `listenLocal` is true.
14163 grpcServerTlsConfig:
14164 type: object
14165 description: 'GRPCServerTLSConfig configures the TLS parameters for the gRPC server providing the StoreAPI. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ''--grpc-server-tls-*'' CLI args.'
14166 properties:
14167 ca:
14168 type: object
14169 description: Struct containing the CA cert to use for the targets.
14170 properties:
14171 configMap:
14172 type: object
14173 description: ConfigMap containing data to use for the targets.
14174 properties:
14175 name:
14176 type: string
14177 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14178 key:
14179 type: string
14180 description: The key to select.
14181 optional:
14182 type: boolean
14183 description: Specify whether the ConfigMap or its key must be defined
14184 required:
14185 - key
14186 x-kubernetes-map-type: atomic
14187 secret:
14188 type: object
14189 description: Secret containing data to use for the targets.
14190 properties:
14191 name:
14192 type: string
14193 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14194 key:
14195 type: string
14196 description: The key of the secret to select from. Must be a valid secret key.
14197 optional:
14198 type: boolean
14199 description: Specify whether the Secret or its key must be defined
14200 required:
14201 - key
14202 x-kubernetes-map-type: atomic
14203 caFile:
14204 type: string
14205 description: Path to the CA cert in the Prometheus container to use for the targets.
14206 cert:
14207 type: object
14208 description: Struct containing the client cert file for the targets.
14209 properties:
14210 configMap:
14211 type: object
14212 description: ConfigMap containing data to use for the targets.
14213 properties:
14214 name:
14215 type: string
14216 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14217 key:
14218 type: string
14219 description: The key to select.
14220 optional:
14221 type: boolean
14222 description: Specify whether the ConfigMap or its key must be defined
14223 required:
14224 - key
14225 x-kubernetes-map-type: atomic
14226 secret:
14227 type: object
14228 description: Secret containing data to use for the targets.
14229 properties:
14230 name:
14231 type: string
14232 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14233 key:
14234 type: string
14235 description: The key of the secret to select from. Must be a valid secret key.
14236 optional:
14237 type: boolean
14238 description: Specify whether the Secret or its key must be defined
14239 required:
14240 - key
14241 x-kubernetes-map-type: atomic
14242 certFile:
14243 type: string
14244 description: Path to the client cert file in the Prometheus container for the targets.
14245 insecureSkipVerify:
14246 type: boolean
14247 description: Disable target certificate validation.
14248 keyFile:
14249 type: string
14250 description: Path to the client key file in the Prometheus container for the targets.
14251 keySecret:
14252 type: object
14253 description: Secret containing the client key file for the targets.
14254 properties:
14255 name:
14256 type: string
14257 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14258 key:
14259 type: string
14260 description: The key of the secret to select from. Must be a valid secret key.
14261 optional:
14262 type: boolean
14263 description: Specify whether the Secret or its key must be defined
14264 required:
14265 - key
14266 x-kubernetes-map-type: atomic
14267 serverName:
14268 type: string
14269 description: Used to verify the hostname for the targets.
14270 httpListenLocal:
14271 type: boolean
14272 description: If true, the Thanos sidecar listens on the loopback interface for the HTTP endpoints. It has no effect if `listenLocal` is true.
14273 listenLocal:
14274 type: boolean
14275 description: 'If true, the Thanos sidecar listens on the loopback interface for the HTTP and gRPC endpoints. It takes precedence over `grpcListenLocal` and `httpListenLocal`. Deprecated: use `grpcListenLocal` and `httpListenLocal` instead.'
14276 logFormat:
14277 type: string
14278 description: LogFormat for Thanos sidecar to be configured with.
14279 enum:
14280 - ""
14281 - logfmt
14282 - json
14283 logLevel:
14284 type: string
14285 description: LogLevel for Thanos sidecar to be configured with.
14286 enum:
14287 - ""
14288 - debug
14289 - info
14290 - warn
14291 - error
14292 minTime:
14293 type: string
14294 description: MinTime for Thanos sidecar to be configured with. Option can be a constant time in RFC3339 format or time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y.
14295 objectStorageConfig:
14296 type: object
14297 description: ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
14298 properties:
14299 name:
14300 type: string
14301 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14302 key:
14303 type: string
14304 description: The key of the secret to select from. Must be a valid secret key.
14305 optional:
14306 type: boolean
14307 description: Specify whether the Secret or its key must be defined
14308 required:
14309 - key
14310 x-kubernetes-map-type: atomic
14311 objectStorageConfigFile:
14312 type: string
14313 description: ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
14314 readyTimeout:
14315 type: string
14316 description: ReadyTimeout is the maximum time Thanos sidecar will wait for Prometheus to start. Eg 10m
14317 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
14318 sha:
14319 type: string
14320 description: 'SHA of Thanos container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.'
14321 tag:
14322 type: string
14323 description: 'Tag of Thanos sidecar container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.'
14324 tracingConfig:
14325 type: object
14326 description: TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
14327 properties:
14328 name:
14329 type: string
14330 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14331 key:
14332 type: string
14333 description: The key of the secret to select from. Must be a valid secret key.
14334 optional:
14335 type: boolean
14336 description: Specify whether the Secret or its key must be defined
14337 required:
14338 - key
14339 x-kubernetes-map-type: atomic
14340 tracingConfigFile:
14341 type: string
14342 description: TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence.
14343 version:
14344 type: string
14345 description: Version describes the version of Thanos to use.
14346 topologySpreadConstraints:
14347 type: array
14348 description: If specified, the pod's topology spread constraints.
14349 items:
14350 type: object
14351 description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
14352 properties:
14353 labelSelector:
14354 type: object
14355 description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
14356 properties:
14357 matchExpressions:
14358 type: array
14359 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
14360 items:
14361 type: object
14362 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
14363 properties:
14364 key:
14365 type: string
14366 description: key is the label key that the selector applies to.
14367 operator:
14368 type: string
14369 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
14370 values:
14371 type: array
14372 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
14373 items:
14374 type: string
14375 required:
14376 - key
14377 - operator
14378 matchLabels:
14379 type: object
14380 additionalProperties:
14381 type: string
14382 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
14383 x-kubernetes-map-type: atomic
14384 matchLabelKeys:
14385 type: array
14386 description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
14387 items:
14388 type: string
14389 x-kubernetes-list-type: atomic
14390 maxSkew:
14391 type: integer
14392 description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
14393 format: int32
14394 minDomains:
14395 type: integer
14396 description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
14397 format: int32
14398 nodeAffinityPolicy:
14399 type: string
14400 description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
14401 nodeTaintsPolicy:
14402 type: string
14403 description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
14404 topologyKey:
14405 type: string
14406 description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
14407 whenUnsatisfiable:
14408 type: string
14409 description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
14410 required:
14411 - maxSkew
14412 - topologyKey
14413 - whenUnsatisfiable
14414 tsdb:
14415 type: object
14416 description: Defines the runtime reloadable configuration of the timeseries database (TSDB).
14417 properties:
14418 outOfOrderTimeWindow:
14419 type: string
14420 description: Configures how old an out-of-order/out-of-bounds sample can be w.r.t. the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as the timestamp of the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). Out of order ingestion is an experimental feature and requires Prometheus >= v2.39.0.
14421 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
14422 version:
14423 type: string
14424 description: Version of Prometheus to be deployed.
14425 walCompression:
14426 type: boolean
14427 description: Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
14428 web:
14429 type: object
14430 description: Defines the web command line flags when starting Prometheus.
14431 properties:
14432 httpConfig:
14433 type: object
14434 description: Defines HTTP parameters for web server.
14435 properties:
14436 headers:
14437 type: object
14438 description: List of headers that can be added to HTTP responses.
14439 properties:
14440 contentSecurityPolicy:
14441 type: string
14442 description: Set the Content-Security-Policy header to HTTP responses. Unset if blank.
14443 strictTransportSecurity:
14444 type: string
14445 description: Set the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same domain and subdomains over HTTPS. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
14446 xContentTypeOptions:
14447 type: string
14448 description: Set the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
14449 enum:
14450 - ""
14451 - NoSniff
14452 xFrameOptions:
14453 type: string
14454 description: Set the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
14455 enum:
14456 - ""
14457 - Deny
14458 - SameOrigin
14459 xXSSProtection:
14460 type: string
14461 description: Set the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
14462 http2:
14463 type: boolean
14464 description: Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered.
14465 pageTitle:
14466 type: string
14467 description: The prometheus web page title
14468 tlsConfig:
14469 type: object
14470 description: Defines the TLS parameters for HTTPS.
14471 properties:
14472 cert:
14473 type: object
14474 description: Contains the TLS certificate for the server.
14475 properties:
14476 configMap:
14477 type: object
14478 description: ConfigMap containing data to use for the targets.
14479 properties:
14480 name:
14481 type: string
14482 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14483 key:
14484 type: string
14485 description: The key to select.
14486 optional:
14487 type: boolean
14488 description: Specify whether the ConfigMap or its key must be defined
14489 required:
14490 - key
14491 x-kubernetes-map-type: atomic
14492 secret:
14493 type: object
14494 description: Secret containing data to use for the targets.
14495 properties:
14496 name:
14497 type: string
14498 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14499 key:
14500 type: string
14501 description: The key of the secret to select from. Must be a valid secret key.
14502 optional:
14503 type: boolean
14504 description: Specify whether the Secret or its key must be defined
14505 required:
14506 - key
14507 x-kubernetes-map-type: atomic
14508 cipherSuites:
14509 type: array
14510 description: 'List of supported cipher suites for TLS versions up to TLS 1.2. If empty, Go default cipher suites are used. Available cipher suites are documented in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants'
14511 items:
14512 type: string
14513 clientAuthType:
14514 type: string
14515 description: 'Server policy for client authentication. Maps to ClientAuth Policies. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType'
14516 client_ca:
14517 type: object
14518 description: Contains the CA certificate for client certificate authentication to the server.
14519 properties:
14520 configMap:
14521 type: object
14522 description: ConfigMap containing data to use for the targets.
14523 properties:
14524 name:
14525 type: string
14526 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14527 key:
14528 type: string
14529 description: The key to select.
14530 optional:
14531 type: boolean
14532 description: Specify whether the ConfigMap or its key must be defined
14533 required:
14534 - key
14535 x-kubernetes-map-type: atomic
14536 secret:
14537 type: object
14538 description: Secret containing data to use for the targets.
14539 properties:
14540 name:
14541 type: string
14542 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14543 key:
14544 type: string
14545 description: The key of the secret to select from. Must be a valid secret key.
14546 optional:
14547 type: boolean
14548 description: Specify whether the Secret or its key must be defined
14549 required:
14550 - key
14551 x-kubernetes-map-type: atomic
14552 curvePreferences:
14553 type: array
14554 description: 'Elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID'
14555 items:
14556 type: string
14557 keySecret:
14558 type: object
14559 description: Secret containing the TLS key for the server.
14560 properties:
14561 name:
14562 type: string
14563 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14564 key:
14565 type: string
14566 description: The key of the secret to select from. Must be a valid secret key.
14567 optional:
14568 type: boolean
14569 description: Specify whether the Secret or its key must be defined
14570 required:
14571 - key
14572 x-kubernetes-map-type: atomic
14573 maxVersion:
14574 type: string
14575 description: Maximum TLS version that is acceptable. Defaults to TLS13.
14576 minVersion:
14577 type: string
14578 description: Minimum TLS version that is acceptable. Defaults to TLS12.
14579 preferServerCipherSuites:
14580 type: boolean
14581 description: Controls whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in the order of elements in cipherSuites, is used.
14582 required:
14583 - cert
14584 - keySecret
14585 status:
14586 type: object
14587 description: 'Most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
14588 properties:
14589 replicas:
14590 type: integer
14591 description: Total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector).
14592 format: int32
14593 paused:
14594 type: boolean
14595 description: Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed.
14596 availableReplicas:
14597 type: integer
14598 description: Total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment.
14599 format: int32
14600 conditions:
14601 type: array
14602 description: The current state of the Prometheus deployment.
14603 items:
14604 type: object
14605 description: PrometheusCondition represents the state of the resources associated with the Prometheus resource.
14606 properties:
14607 type:
14608 type: string
14609 description: Type of the condition being reported.
14610 status:
14611 type: string
14612 description: status of the condition.
14613 lastTransitionTime:
14614 type: string
14615 description: lastTransitionTime is the time of the last update to the current status property.
14616 format: date-time
14617 message:
14618 type: string
14619 description: Human-readable message indicating details for the condition's last transition.
14620 observedGeneration:
14621 type: integer
14622 description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
14623 format: int64
14624 reason:
14625 type: string
14626 description: Reason for the condition's last transition.
14627 required:
14628 - lastTransitionTime
14629 - status
14630 - type
14631 x-kubernetes-list-map-keys:
14632 - type
14633 x-kubernetes-list-type: map
14634 shardStatuses:
14635 type: array
14636 description: The list has one entry per shard. Each entry provides a summary of the shard status.
14637 items:
14638 type: object
14639 properties:
14640 replicas:
14641 type: integer
14642 description: Total number of pods targeted by this shard.
14643 format: int32
14644 availableReplicas:
14645 type: integer
14646 description: Total number of available pods (ready for at least minReadySeconds) targeted by this shard.
14647 format: int32
14648 shardID:
14649 type: string
14650 description: Identifier of the shard.
14651 unavailableReplicas:
14652 type: integer
14653 description: Total number of unavailable pods targeted by this shard.
14654 format: int32
14655 updatedReplicas:
14656 type: integer
14657 description: Total number of non-terminated pods targeted by this shard that have the desired spec.
14658 format: int32
14659 required:
14660 - availableReplicas
14661 - replicas
14662 - shardID
14663 - unavailableReplicas
14664 - updatedReplicas
14665 x-kubernetes-list-map-keys:
14666 - shardID
14667 x-kubernetes-list-type: map
14668 unavailableReplicas:
14669 type: integer
14670 description: Total number of unavailable pods targeted by this Prometheus deployment.
14671 format: int32
14672 updatedReplicas:
14673 type: integer
14674 description: Total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec.
14675 format: int32
14676 required:
14677 - availableReplicas
14678 - paused
14679 - replicas
14680 - unavailableReplicas
14681 - updatedReplicas
14682 required:
14683 - spec
14684 served: true
14685 storage: true
14686 subresources:
14687 status: {}
14688---
14689apiVersion: apiextensions.k8s.io/v1
14690kind: CustomResourceDefinition
14691metadata:
14692 name: prometheusrules.monitoring.coreos.com
14693 labels:
14694 workload.edge.ncr.com: platform
14695 annotations:
14696 controller-gen.kubebuilder.io/version: v0.9.2
14697 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
14698 pallet.edge.ncr.com/name: prometheus-operator
14699 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
14700 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
14701 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
14702 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
14703spec:
14704 group: monitoring.coreos.com
14705 names:
14706 kind: PrometheusRule
14707 categories:
14708 - prometheus-operator
14709 listKind: PrometheusRuleList
14710 plural: prometheusrules
14711 shortNames:
14712 - promrule
14713 singular: prometheusrule
14714 scope: Namespaced
14715 versions:
14716 - name: v1
14717 schema:
14718 openAPIV3Schema:
14719 type: object
14720 description: PrometheusRule defines recording and alerting rules for a Prometheus instance
14721 properties:
14722 apiVersion:
14723 type: string
14724 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
14725 kind:
14726 type: string
14727 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
14728 metadata:
14729 type: object
14730 spec:
14731 type: object
14732 description: Specification of desired alerting rule definitions for Prometheus.
14733 properties:
14734 groups:
14735 type: array
14736 description: Content of Prometheus rule file
14737 items:
14738 type: object
14739 description: 'RuleGroup is a list of sequentially evaluated recording and alerting rules. Note: PartialResponseStrategy is only used by ThanosRuler and will be ignored by Prometheus instances. Valid values for this field are ''warn'' or ''abort''. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response'
14740 properties:
14741 name:
14742 type: string
14743 interval:
14744 type: string
14745 partial_response_strategy:
14746 type: string
14747 rules:
14748 type: array
14749 items:
14750 type: object
14751 description: 'Rule describes an alerting or recording rule See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules) rule'
14752 properties:
14753 labels:
14754 type: object
14755 additionalProperties:
14756 type: string
14757 annotations:
14758 type: object
14759 additionalProperties:
14760 type: string
14761 alert:
14762 type: string
14763 expr:
14764 anyOf:
14765 - type: integer
14766 - type: string
14767 x-kubernetes-int-or-string: true
14768 for:
14769 type: string
14770 record:
14771 type: string
14772 required:
14773 - expr
14774 required:
14775 - name
14776 - rules
14777 required:
14778 - spec
14779 served: true
14780 storage: true
14781---
14782apiVersion: apiextensions.k8s.io/v1
14783kind: CustomResourceDefinition
14784metadata:
14785 name: servicemonitors.monitoring.coreos.com
14786 labels:
14787 workload.edge.ncr.com: platform
14788 annotations:
14789 controller-gen.kubebuilder.io/version: v0.9.2
14790 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
14791 pallet.edge.ncr.com/name: prometheus-operator
14792 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
14793 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
14794 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
14795 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
14796spec:
14797 group: monitoring.coreos.com
14798 names:
14799 kind: ServiceMonitor
14800 categories:
14801 - prometheus-operator
14802 listKind: ServiceMonitorList
14803 plural: servicemonitors
14804 shortNames:
14805 - smon
14806 singular: servicemonitor
14807 scope: Namespaced
14808 versions:
14809 - name: v1
14810 schema:
14811 openAPIV3Schema:
14812 type: object
14813 description: ServiceMonitor defines monitoring for a set of services.
14814 properties:
14815 apiVersion:
14816 type: string
14817 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
14818 kind:
14819 type: string
14820 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
14821 metadata:
14822 type: object
14823 spec:
14824 type: object
14825 description: Specification of desired Service selection for target discovery by Prometheus.
14826 properties:
14827 selector:
14828 type: object
14829 description: Selector to select Endpoints objects.
14830 properties:
14831 matchExpressions:
14832 type: array
14833 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
14834 items:
14835 type: object
14836 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
14837 properties:
14838 key:
14839 type: string
14840 description: key is the label key that the selector applies to.
14841 operator:
14842 type: string
14843 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
14844 values:
14845 type: array
14846 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
14847 items:
14848 type: string
14849 required:
14850 - key
14851 - operator
14852 matchLabels:
14853 type: object
14854 additionalProperties:
14855 type: string
14856 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
14857 x-kubernetes-map-type: atomic
14858 endpoints:
14859 type: array
14860 description: A list of endpoints allowed as part of this ServiceMonitor.
14861 items:
14862 type: object
14863 description: Endpoint defines a scrapeable endpoint serving Prometheus metrics.
14864 properties:
14865 port:
14866 type: string
14867 description: Name of the service port this endpoint refers to. Mutually exclusive with targetPort.
14868 targetPort:
14869 anyOf:
14870 - type: integer
14871 - type: string
14872 description: Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port.
14873 x-kubernetes-int-or-string: true
14874 authorization:
14875 type: object
14876 description: Authorization section for this endpoint
14877 properties:
14878 type:
14879 type: string
14880 description: Set the authentication type. Defaults to Bearer, Basic will cause an error
14881 credentials:
14882 type: object
14883 description: The secret's key that contains the credentials of the request
14884 properties:
14885 name:
14886 type: string
14887 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14888 key:
14889 type: string
14890 description: The key of the secret to select from. Must be a valid secret key.
14891 optional:
14892 type: boolean
14893 description: Specify whether the Secret or its key must be defined
14894 required:
14895 - key
14896 x-kubernetes-map-type: atomic
14897 basicAuth:
14898 type: object
14899 description: 'BasicAuth allow an endpoint to authenticate over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
14900 properties:
14901 password:
14902 type: object
14903 description: The secret in the service monitor namespace that contains the password for authentication.
14904 properties:
14905 name:
14906 type: string
14907 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14908 key:
14909 type: string
14910 description: The key of the secret to select from. Must be a valid secret key.
14911 optional:
14912 type: boolean
14913 description: Specify whether the Secret or its key must be defined
14914 required:
14915 - key
14916 x-kubernetes-map-type: atomic
14917 username:
14918 type: object
14919 description: The secret in the service monitor namespace that contains the username for authentication.
14920 properties:
14921 name:
14922 type: string
14923 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14924 key:
14925 type: string
14926 description: The key of the secret to select from. Must be a valid secret key.
14927 optional:
14928 type: boolean
14929 description: Specify whether the Secret or its key must be defined
14930 required:
14931 - key
14932 x-kubernetes-map-type: atomic
14933 bearerTokenFile:
14934 type: string
14935 description: File to read bearer token for scraping targets.
14936 bearerTokenSecret:
14937 type: object
14938 description: Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator.
14939 properties:
14940 name:
14941 type: string
14942 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
14943 key:
14944 type: string
14945 description: The key of the secret to select from. Must be a valid secret key.
14946 optional:
14947 type: boolean
14948 description: Specify whether the Secret or its key must be defined
14949 required:
14950 - key
14951 x-kubernetes-map-type: atomic
14952 enableHttp2:
14953 type: boolean
14954 description: Whether to enable HTTP2.
14955 followRedirects:
14956 type: boolean
14957 description: FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
14958 honorLabels:
14959 type: boolean
14960 description: HonorLabels chooses the metric's labels on collisions with target labels.
14961 honorTimestamps:
14962 type: boolean
14963 description: HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
14964 interval:
14965 type: string
14966 description: Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used.
14967 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
14968 metricRelabelings:
14969 type: array
14970 description: MetricRelabelConfigs to apply to samples before ingestion.
14971 items:
14972 type: object
14973 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
14974 properties:
14975 action:
14976 type: string
14977 default: replace
14978 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
14979 enum:
14980 - replace
14981 - Replace
14982 - keep
14983 - Keep
14984 - drop
14985 - Drop
14986 - hashmod
14987 - HashMod
14988 - labelmap
14989 - LabelMap
14990 - labeldrop
14991 - LabelDrop
14992 - labelkeep
14993 - LabelKeep
14994 - lowercase
14995 - Lowercase
14996 - uppercase
14997 - Uppercase
14998 modulus:
14999 type: integer
15000 description: Modulus to take of the hash of the source label values.
15001 format: int64
15002 regex:
15003 type: string
15004 description: Regular expression against which the extracted value is matched. Default is '(.*)'
15005 replacement:
15006 type: string
15007 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
15008 separator:
15009 type: string
15010 description: Separator placed between concatenated source label values. default is ';'.
15011 sourceLabels:
15012 type: array
15013 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
15014 items:
15015 type: string
15016 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
15017 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
15018 targetLabel:
15019 type: string
15020 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
15021 oauth2:
15022 type: object
15023 description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
15024 properties:
15025 clientId:
15026 type: object
15027 description: The secret or configmap containing the OAuth2 client id
15028 properties:
15029 configMap:
15030 type: object
15031 description: ConfigMap containing data to use for the targets.
15032 properties:
15033 name:
15034 type: string
15035 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15036 key:
15037 type: string
15038 description: The key to select.
15039 optional:
15040 type: boolean
15041 description: Specify whether the ConfigMap or its key must be defined
15042 required:
15043 - key
15044 x-kubernetes-map-type: atomic
15045 secret:
15046 type: object
15047 description: Secret containing data to use for the targets.
15048 properties:
15049 name:
15050 type: string
15051 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15052 key:
15053 type: string
15054 description: The key of the secret to select from. Must be a valid secret key.
15055 optional:
15056 type: boolean
15057 description: Specify whether the Secret or its key must be defined
15058 required:
15059 - key
15060 x-kubernetes-map-type: atomic
15061 clientSecret:
15062 type: object
15063 description: The secret containing the OAuth2 client secret
15064 properties:
15065 name:
15066 type: string
15067 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15068 key:
15069 type: string
15070 description: The key of the secret to select from. Must be a valid secret key.
15071 optional:
15072 type: boolean
15073 description: Specify whether the Secret or its key must be defined
15074 required:
15075 - key
15076 x-kubernetes-map-type: atomic
15077 endpointParams:
15078 type: object
15079 additionalProperties:
15080 type: string
15081 description: Parameters to append to the token URL
15082 scopes:
15083 type: array
15084 description: OAuth2 scopes used for the token request
15085 items:
15086 type: string
15087 tokenUrl:
15088 type: string
15089 description: The URL to fetch the token from
15090 minLength: 1
15091 required:
15092 - clientId
15093 - clientSecret
15094 - tokenUrl
15095 params:
15096 type: object
15097 additionalProperties:
15098 type: array
15099 items:
15100 type: string
15101 description: Optional HTTP URL parameters
15102 path:
15103 type: string
15104 description: HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`).
15105 proxyUrl:
15106 type: string
15107 description: ProxyURL eg http://proxyserver:2195 Directs scrapes to proxy through this endpoint.
15108 relabelings:
15109 type: array
15110 description: 'RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job''s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
15111 items:
15112 type: object
15113 description: 'RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
15114 properties:
15115 action:
15116 type: string
15117 default: replace
15118 description: Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
15119 enum:
15120 - replace
15121 - Replace
15122 - keep
15123 - Keep
15124 - drop
15125 - Drop
15126 - hashmod
15127 - HashMod
15128 - labelmap
15129 - LabelMap
15130 - labeldrop
15131 - LabelDrop
15132 - labelkeep
15133 - LabelKeep
15134 - lowercase
15135 - Lowercase
15136 - uppercase
15137 - Uppercase
15138 modulus:
15139 type: integer
15140 description: Modulus to take of the hash of the source label values.
15141 format: int64
15142 regex:
15143 type: string
15144 description: Regular expression against which the extracted value is matched. Default is '(.*)'
15145 replacement:
15146 type: string
15147 description: Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
15148 separator:
15149 type: string
15150 description: Separator placed between concatenated source label values. default is ';'.
15151 sourceLabels:
15152 type: array
15153 description: The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
15154 items:
15155 type: string
15156 description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
15157 pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
15158 targetLabel:
15159 type: string
15160 description: Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
15161 scheme:
15162 type: string
15163 description: HTTP scheme to use for scraping.
15164 scrapeTimeout:
15165 type: string
15166 description: Timeout after which the scrape is ended If not specified, the Prometheus global scrape timeout is used unless it is less than `Interval` in which the latter is used.
15167 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
15168 tlsConfig:
15169 type: object
15170 description: TLS configuration to use when scraping the endpoint
15171 properties:
15172 ca:
15173 type: object
15174 description: Struct containing the CA cert to use for the targets.
15175 properties:
15176 configMap:
15177 type: object
15178 description: ConfigMap containing data to use for the targets.
15179 properties:
15180 name:
15181 type: string
15182 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15183 key:
15184 type: string
15185 description: The key to select.
15186 optional:
15187 type: boolean
15188 description: Specify whether the ConfigMap or its key must be defined
15189 required:
15190 - key
15191 x-kubernetes-map-type: atomic
15192 secret:
15193 type: object
15194 description: Secret containing data to use for the targets.
15195 properties:
15196 name:
15197 type: string
15198 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15199 key:
15200 type: string
15201 description: The key of the secret to select from. Must be a valid secret key.
15202 optional:
15203 type: boolean
15204 description: Specify whether the Secret or its key must be defined
15205 required:
15206 - key
15207 x-kubernetes-map-type: atomic
15208 caFile:
15209 type: string
15210 description: Path to the CA cert in the Prometheus container to use for the targets.
15211 cert:
15212 type: object
15213 description: Struct containing the client cert file for the targets.
15214 properties:
15215 configMap:
15216 type: object
15217 description: ConfigMap containing data to use for the targets.
15218 properties:
15219 name:
15220 type: string
15221 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15222 key:
15223 type: string
15224 description: The key to select.
15225 optional:
15226 type: boolean
15227 description: Specify whether the ConfigMap or its key must be defined
15228 required:
15229 - key
15230 x-kubernetes-map-type: atomic
15231 secret:
15232 type: object
15233 description: Secret containing data to use for the targets.
15234 properties:
15235 name:
15236 type: string
15237 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15238 key:
15239 type: string
15240 description: The key of the secret to select from. Must be a valid secret key.
15241 optional:
15242 type: boolean
15243 description: Specify whether the Secret or its key must be defined
15244 required:
15245 - key
15246 x-kubernetes-map-type: atomic
15247 certFile:
15248 type: string
15249 description: Path to the client cert file in the Prometheus container for the targets.
15250 insecureSkipVerify:
15251 type: boolean
15252 description: Disable target certificate validation.
15253 keyFile:
15254 type: string
15255 description: Path to the client key file in the Prometheus container for the targets.
15256 keySecret:
15257 type: object
15258 description: Secret containing the client key file for the targets.
15259 properties:
15260 name:
15261 type: string
15262 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15263 key:
15264 type: string
15265 description: The key of the secret to select from. Must be a valid secret key.
15266 optional:
15267 type: boolean
15268 description: Specify whether the Secret or its key must be defined
15269 required:
15270 - key
15271 x-kubernetes-map-type: atomic
15272 serverName:
15273 type: string
15274 description: Used to verify the hostname for the targets.
15275 jobLabel:
15276 type: string
15277 description: "JobLabel selects the label from the associated Kubernetes service which will be used as the `job` label for all metrics. \n For example: If in `ServiceMonitor.spec.jobLabel: foo` and in `Service.metadata.labels.foo: bar`, then the `job=\"bar\"` label is added to all metrics. \n If the value of this field is empty or if the label doesn't exist for the given Service, the `job` label of the metrics defaults to the name of the Kubernetes Service."
15278 labelLimit:
15279 type: integer
15280 description: Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
15281 format: int64
15282 labelNameLengthLimit:
15283 type: integer
15284 description: Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
15285 format: int64
15286 labelValueLengthLimit:
15287 type: integer
15288 description: Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
15289 format: int64
15290 namespaceSelector:
15291 type: object
15292 description: Selector to select which namespaces the Kubernetes Endpoints objects are discovered from.
15293 properties:
15294 any:
15295 type: boolean
15296 description: Boolean describing whether all namespaces are selected in contrast to a list restricting them.
15297 matchNames:
15298 type: array
15299 description: List of namespace names to select from.
15300 items:
15301 type: string
15302 podTargetLabels:
15303 type: array
15304 description: PodTargetLabels transfers labels on the Kubernetes `Pod` onto the created metrics.
15305 items:
15306 type: string
15307 sampleLimit:
15308 type: integer
15309 description: SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
15310 format: int64
15311 targetLabels:
15312 type: array
15313 description: TargetLabels transfers labels from the Kubernetes `Service` onto the created metrics.
15314 items:
15315 type: string
15316 targetLimit:
15317 type: integer
15318 description: TargetLimit defines a limit on the number of scraped targets that will be accepted.
15319 format: int64
15320 required:
15321 - endpoints
15322 - selector
15323 required:
15324 - spec
15325 served: true
15326 storage: true
15327---
15328apiVersion: apiextensions.k8s.io/v1
15329kind: CustomResourceDefinition
15330metadata:
15331 name: thanosrulers.monitoring.coreos.com
15332 labels:
15333 workload.edge.ncr.com: platform
15334 annotations:
15335 controller-gen.kubebuilder.io/version: v0.9.2
15336 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
15337 pallet.edge.ncr.com/name: prometheus-operator
15338 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
15339 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
15340 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
15341 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
15342spec:
15343 group: monitoring.coreos.com
15344 names:
15345 kind: ThanosRuler
15346 categories:
15347 - prometheus-operator
15348 listKind: ThanosRulerList
15349 plural: thanosrulers
15350 shortNames:
15351 - ruler
15352 singular: thanosruler
15353 scope: Namespaced
15354 versions:
15355 - name: v1
15356 additionalPrinterColumns:
15357 - name: Replicas
15358 type: integer
15359 description: The number of desired replicas
15360 jsonPath: .spec.replicas
15361 - name: Age
15362 type: date
15363 jsonPath: .metadata.creationTimestamp
15364 - name: Paused
15365 type: boolean
15366 priority: 1
15367 description: Whether the resource reconciliation is paused or not
15368 jsonPath: .status.paused
15369 schema:
15370 openAPIV3Schema:
15371 type: object
15372 description: ThanosRuler defines a ThanosRuler deployment.
15373 properties:
15374 apiVersion:
15375 type: string
15376 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
15377 kind:
15378 type: string
15379 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
15380 metadata:
15381 type: object
15382 spec:
15383 type: object
15384 description: 'Specification of the desired behavior of the ThanosRuler cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
15385 properties:
15386 labels:
15387 type: object
15388 additionalProperties:
15389 type: string
15390 description: Labels configure the external label pairs to ThanosRuler. A default replica label `thanos_ruler_replica` will be always added as a label with the value of the pod's name and it will be dropped in the alerts.
15391 replicas:
15392 type: integer
15393 description: Number of thanos ruler instances to deploy.
15394 format: int32
15395 minReadySeconds:
15396 type: integer
15397 description: Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field and requires enabling StatefulSetMinReadySeconds feature gate.
15398 format: int32
15399 paused:
15400 type: boolean
15401 description: When a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects.
15402 serviceAccountName:
15403 type: string
15404 description: ServiceAccountName is the name of the ServiceAccount to use to run the Thanos Ruler Pods.
15405 priorityClassName:
15406 type: string
15407 description: Priority class assigned to the Pods
15408 nodeSelector:
15409 type: object
15410 additionalProperties:
15411 type: string
15412 description: Define which Nodes the Pods are scheduled on.
15413 hostAliases:
15414 type: array
15415 description: Pods' hostAliases configuration
15416 items:
15417 type: object
15418 description: HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
15419 properties:
15420 hostnames:
15421 type: array
15422 description: Hostnames for the above IP address.
15423 items:
15424 type: string
15425 ip:
15426 type: string
15427 description: IP address of the host file entry.
15428 required:
15429 - hostnames
15430 - ip
15431 x-kubernetes-list-map-keys:
15432 - ip
15433 x-kubernetes-list-type: map
15434 initContainers:
15435 type: array
15436 description: 'InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
15437 items:
15438 type: object
15439 description: A single application container that you want to run within a pod.
15440 properties:
15441 name:
15442 type: string
15443 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
15444 image:
15445 type: string
15446 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
15447 command:
15448 type: array
15449 description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
15450 items:
15451 type: string
15452 args:
15453 type: array
15454 description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
15455 items:
15456 type: string
15457 workingDir:
15458 type: string
15459 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
15460 ports:
15461 type: array
15462 description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
15463 items:
15464 type: object
15465 description: ContainerPort represents a network port in a single container.
15466 properties:
15467 name:
15468 type: string
15469 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
15470 protocol:
15471 type: string
15472 default: TCP
15473 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
15474 hostPort:
15475 type: integer
15476 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
15477 format: int32
15478 containerPort:
15479 type: integer
15480 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
15481 format: int32
15482 hostIP:
15483 type: string
15484 description: What host IP to bind the external port to.
15485 required:
15486 - containerPort
15487 x-kubernetes-list-map-keys:
15488 - containerPort
15489 - protocol
15490 x-kubernetes-list-type: map
15491 envFrom:
15492 type: array
15493 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
15494 items:
15495 type: object
15496 description: EnvFromSource represents the source of a set of ConfigMaps
15497 properties:
15498 prefix:
15499 type: string
15500 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
15501 configMapRef:
15502 type: object
15503 description: The ConfigMap to select from
15504 properties:
15505 name:
15506 type: string
15507 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15508 optional:
15509 type: boolean
15510 description: Specify whether the ConfigMap must be defined
15511 x-kubernetes-map-type: atomic
15512 secretRef:
15513 type: object
15514 description: The Secret to select from
15515 properties:
15516 name:
15517 type: string
15518 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15519 optional:
15520 type: boolean
15521 description: Specify whether the Secret must be defined
15522 x-kubernetes-map-type: atomic
15523 env:
15524 type: array
15525 description: List of environment variables to set in the container. Cannot be updated.
15526 items:
15527 type: object
15528 description: EnvVar represents an environment variable present in a Container.
15529 properties:
15530 name:
15531 type: string
15532 description: Name of the environment variable. Must be a C_IDENTIFIER.
15533 value:
15534 type: string
15535 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
15536 valueFrom:
15537 type: object
15538 description: Source for the environment variable's value. Cannot be used if value is not empty.
15539 properties:
15540 fieldRef:
15541 type: object
15542 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
15543 properties:
15544 apiVersion:
15545 type: string
15546 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
15547 fieldPath:
15548 type: string
15549 description: Path of the field to select in the specified API version.
15550 required:
15551 - fieldPath
15552 x-kubernetes-map-type: atomic
15553 resourceFieldRef:
15554 type: object
15555 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
15556 properties:
15557 containerName:
15558 type: string
15559 description: 'Container name: required for volumes, optional for env vars'
15560 divisor:
15561 anyOf:
15562 - type: integer
15563 - type: string
15564 description: Specifies the output format of the exposed resources, defaults to "1"
15565 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15566 x-kubernetes-int-or-string: true
15567 resource:
15568 type: string
15569 description: 'Required: resource to select'
15570 required:
15571 - resource
15572 x-kubernetes-map-type: atomic
15573 configMapKeyRef:
15574 type: object
15575 description: Selects a key of a ConfigMap.
15576 properties:
15577 name:
15578 type: string
15579 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15580 key:
15581 type: string
15582 description: The key to select.
15583 optional:
15584 type: boolean
15585 description: Specify whether the ConfigMap or its key must be defined
15586 required:
15587 - key
15588 x-kubernetes-map-type: atomic
15589 secretKeyRef:
15590 type: object
15591 description: Selects a key of a secret in the pod's namespace
15592 properties:
15593 name:
15594 type: string
15595 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
15596 key:
15597 type: string
15598 description: The key of the secret to select from. Must be a valid secret key.
15599 optional:
15600 type: boolean
15601 description: Specify whether the Secret or its key must be defined
15602 required:
15603 - key
15604 x-kubernetes-map-type: atomic
15605 required:
15606 - name
15607 resources:
15608 type: object
15609 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
15610 properties:
15611 limits:
15612 type: object
15613 additionalProperties:
15614 anyOf:
15615 - type: integer
15616 - type: string
15617 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15618 x-kubernetes-int-or-string: true
15619 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
15620 requests:
15621 type: object
15622 additionalProperties:
15623 anyOf:
15624 - type: integer
15625 - type: string
15626 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
15627 x-kubernetes-int-or-string: true
15628 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
15629 volumeMounts:
15630 type: array
15631 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
15632 items:
15633 type: object
15634 description: VolumeMount describes a mounting of a Volume within a container.
15635 properties:
15636 name:
15637 type: string
15638 description: This must match the Name of a Volume.
15639 readOnly:
15640 type: boolean
15641 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
15642 mountPath:
15643 type: string
15644 description: Path within the container at which the volume should be mounted. Must not contain ':'.
15645 subPath:
15646 type: string
15647 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
15648 subPathExpr:
15649 type: string
15650 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
15651 mountPropagation:
15652 type: string
15653 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
15654 required:
15655 - mountPath
15656 - name
15657 volumeDevices:
15658 type: array
15659 description: volumeDevices is the list of block devices to be used by the container.
15660 items:
15661 type: object
15662 description: volumeDevice describes a mapping of a raw block device within a container.
15663 properties:
15664 name:
15665 type: string
15666 description: name must match the name of a persistentVolumeClaim in the pod
15667 devicePath:
15668 type: string
15669 description: devicePath is the path inside of the container that the device will be mapped to.
15670 required:
15671 - devicePath
15672 - name
15673 livenessProbe:
15674 type: object
15675 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
15676 properties:
15677 terminationGracePeriodSeconds:
15678 type: integer
15679 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
15680 format: int64
15681 exec:
15682 type: object
15683 description: Exec specifies the action to take.
15684 properties:
15685 command:
15686 type: array
15687 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
15688 items:
15689 type: string
15690 failureThreshold:
15691 type: integer
15692 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
15693 format: int32
15694 grpc:
15695 type: object
15696 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
15697 properties:
15698 service:
15699 type: string
15700 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
15701 port:
15702 type: integer
15703 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
15704 format: int32
15705 required:
15706 - port
15707 httpGet:
15708 type: object
15709 description: HTTPGet specifies the http request to perform.
15710 properties:
15711 port:
15712 anyOf:
15713 - type: integer
15714 - type: string
15715 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15716 x-kubernetes-int-or-string: true
15717 host:
15718 type: string
15719 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
15720 httpHeaders:
15721 type: array
15722 description: Custom headers to set in the request. HTTP allows repeated headers.
15723 items:
15724 type: object
15725 description: HTTPHeader describes a custom header to be used in HTTP probes
15726 properties:
15727 name:
15728 type: string
15729 description: The header field name
15730 value:
15731 type: string
15732 description: The header field value
15733 required:
15734 - name
15735 - value
15736 path:
15737 type: string
15738 description: Path to access on the HTTP server.
15739 scheme:
15740 type: string
15741 description: Scheme to use for connecting to the host. Defaults to HTTP.
15742 required:
15743 - port
15744 initialDelaySeconds:
15745 type: integer
15746 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
15747 format: int32
15748 periodSeconds:
15749 type: integer
15750 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
15751 format: int32
15752 successThreshold:
15753 type: integer
15754 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
15755 format: int32
15756 tcpSocket:
15757 type: object
15758 description: TCPSocket specifies an action involving a TCP port.
15759 properties:
15760 port:
15761 anyOf:
15762 - type: integer
15763 - type: string
15764 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15765 x-kubernetes-int-or-string: true
15766 host:
15767 type: string
15768 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15769 required:
15770 - port
15771 timeoutSeconds:
15772 type: integer
15773 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
15774 format: int32
15775 readinessProbe:
15776 type: object
15777 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
15778 properties:
15779 terminationGracePeriodSeconds:
15780 type: integer
15781 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
15782 format: int64
15783 exec:
15784 type: object
15785 description: Exec specifies the action to take.
15786 properties:
15787 command:
15788 type: array
15789 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
15790 items:
15791 type: string
15792 failureThreshold:
15793 type: integer
15794 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
15795 format: int32
15796 grpc:
15797 type: object
15798 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
15799 properties:
15800 service:
15801 type: string
15802 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
15803 port:
15804 type: integer
15805 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
15806 format: int32
15807 required:
15808 - port
15809 httpGet:
15810 type: object
15811 description: HTTPGet specifies the http request to perform.
15812 properties:
15813 port:
15814 anyOf:
15815 - type: integer
15816 - type: string
15817 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15818 x-kubernetes-int-or-string: true
15819 host:
15820 type: string
15821 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
15822 httpHeaders:
15823 type: array
15824 description: Custom headers to set in the request. HTTP allows repeated headers.
15825 items:
15826 type: object
15827 description: HTTPHeader describes a custom header to be used in HTTP probes
15828 properties:
15829 name:
15830 type: string
15831 description: The header field name
15832 value:
15833 type: string
15834 description: The header field value
15835 required:
15836 - name
15837 - value
15838 path:
15839 type: string
15840 description: Path to access on the HTTP server.
15841 scheme:
15842 type: string
15843 description: Scheme to use for connecting to the host. Defaults to HTTP.
15844 required:
15845 - port
15846 initialDelaySeconds:
15847 type: integer
15848 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
15849 format: int32
15850 periodSeconds:
15851 type: integer
15852 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
15853 format: int32
15854 successThreshold:
15855 type: integer
15856 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
15857 format: int32
15858 tcpSocket:
15859 type: object
15860 description: TCPSocket specifies an action involving a TCP port.
15861 properties:
15862 port:
15863 anyOf:
15864 - type: integer
15865 - type: string
15866 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15867 x-kubernetes-int-or-string: true
15868 host:
15869 type: string
15870 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15871 required:
15872 - port
15873 timeoutSeconds:
15874 type: integer
15875 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
15876 format: int32
15877 lifecycle:
15878 type: object
15879 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated.
15880 properties:
15881 postStart:
15882 type: object
15883 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
15884 properties:
15885 exec:
15886 type: object
15887 description: Exec specifies the action to take.
15888 properties:
15889 command:
15890 type: array
15891 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
15892 items:
15893 type: string
15894 httpGet:
15895 type: object
15896 description: HTTPGet specifies the http request to perform.
15897 properties:
15898 port:
15899 anyOf:
15900 - type: integer
15901 - type: string
15902 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15903 x-kubernetes-int-or-string: true
15904 host:
15905 type: string
15906 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
15907 httpHeaders:
15908 type: array
15909 description: Custom headers to set in the request. HTTP allows repeated headers.
15910 items:
15911 type: object
15912 description: HTTPHeader describes a custom header to be used in HTTP probes
15913 properties:
15914 name:
15915 type: string
15916 description: The header field name
15917 value:
15918 type: string
15919 description: The header field value
15920 required:
15921 - name
15922 - value
15923 path:
15924 type: string
15925 description: Path to access on the HTTP server.
15926 scheme:
15927 type: string
15928 description: Scheme to use for connecting to the host. Defaults to HTTP.
15929 required:
15930 - port
15931 tcpSocket:
15932 type: object
15933 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
15934 properties:
15935 port:
15936 anyOf:
15937 - type: integer
15938 - type: string
15939 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15940 x-kubernetes-int-or-string: true
15941 host:
15942 type: string
15943 description: 'Optional: Host name to connect to, defaults to the pod IP.'
15944 required:
15945 - port
15946 preStop:
15947 type: object
15948 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod''s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
15949 properties:
15950 exec:
15951 type: object
15952 description: Exec specifies the action to take.
15953 properties:
15954 command:
15955 type: array
15956 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
15957 items:
15958 type: string
15959 httpGet:
15960 type: object
15961 description: HTTPGet specifies the http request to perform.
15962 properties:
15963 port:
15964 anyOf:
15965 - type: integer
15966 - type: string
15967 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
15968 x-kubernetes-int-or-string: true
15969 host:
15970 type: string
15971 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
15972 httpHeaders:
15973 type: array
15974 description: Custom headers to set in the request. HTTP allows repeated headers.
15975 items:
15976 type: object
15977 description: HTTPHeader describes a custom header to be used in HTTP probes
15978 properties:
15979 name:
15980 type: string
15981 description: The header field name
15982 value:
15983 type: string
15984 description: The header field value
15985 required:
15986 - name
15987 - value
15988 path:
15989 type: string
15990 description: Path to access on the HTTP server.
15991 scheme:
15992 type: string
15993 description: Scheme to use for connecting to the host. Defaults to HTTP.
15994 required:
15995 - port
15996 tcpSocket:
15997 type: object
15998 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
15999 properties:
16000 port:
16001 anyOf:
16002 - type: integer
16003 - type: string
16004 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16005 x-kubernetes-int-or-string: true
16006 host:
16007 type: string
16008 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16009 required:
16010 - port
16011 terminationMessagePath:
16012 type: string
16013 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
16014 terminationMessagePolicy:
16015 type: string
16016 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
16017 imagePullPolicy:
16018 type: string
16019 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
16020 securityContext:
16021 type: object
16022 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
16023 properties:
16024 allowPrivilegeEscalation:
16025 type: boolean
16026 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.'
16027 capabilities:
16028 type: object
16029 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
16030 properties:
16031 add:
16032 type: array
16033 description: Added capabilities
16034 items:
16035 type: string
16036 description: Capability represent POSIX capabilities type
16037 drop:
16038 type: array
16039 description: Removed capabilities
16040 items:
16041 type: string
16042 description: Capability represent POSIX capabilities type
16043 privileged:
16044 type: boolean
16045 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
16046 procMount:
16047 type: string
16048 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
16049 readOnlyRootFilesystem:
16050 type: boolean
16051 description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
16052 runAsGroup:
16053 type: integer
16054 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
16055 format: int64
16056 runAsNonRoot:
16057 type: boolean
16058 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
16059 runAsUser:
16060 type: integer
16061 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
16062 format: int64
16063 seLinuxOptions:
16064 type: object
16065 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
16066 properties:
16067 type:
16068 type: string
16069 description: Type is a SELinux type label that applies to the container.
16070 level:
16071 type: string
16072 description: Level is SELinux level label that applies to the container.
16073 role:
16074 type: string
16075 description: Role is a SELinux role label that applies to the container.
16076 user:
16077 type: string
16078 description: User is a SELinux user label that applies to the container.
16079 seccompProfile:
16080 type: object
16081 description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
16082 properties:
16083 type:
16084 type: string
16085 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
16086 localhostProfile:
16087 type: string
16088 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
16089 required:
16090 - type
16091 windowsOptions:
16092 type: object
16093 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
16094 properties:
16095 gmsaCredentialSpec:
16096 type: string
16097 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
16098 gmsaCredentialSpecName:
16099 type: string
16100 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
16101 hostProcess:
16102 type: boolean
16103 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
16104 runAsUserName:
16105 type: string
16106 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
16107 stdin:
16108 type: boolean
16109 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
16110 stdinOnce:
16111 type: boolean
16112 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
16113 tty:
16114 type: boolean
16115 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
16116 startupProbe:
16117 type: object
16118 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16119 properties:
16120 terminationGracePeriodSeconds:
16121 type: integer
16122 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
16123 format: int64
16124 exec:
16125 type: object
16126 description: Exec specifies the action to take.
16127 properties:
16128 command:
16129 type: array
16130 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
16131 items:
16132 type: string
16133 failureThreshold:
16134 type: integer
16135 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
16136 format: int32
16137 grpc:
16138 type: object
16139 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
16140 properties:
16141 service:
16142 type: string
16143 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
16144 port:
16145 type: integer
16146 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
16147 format: int32
16148 required:
16149 - port
16150 httpGet:
16151 type: object
16152 description: HTTPGet specifies the http request to perform.
16153 properties:
16154 port:
16155 anyOf:
16156 - type: integer
16157 - type: string
16158 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16159 x-kubernetes-int-or-string: true
16160 host:
16161 type: string
16162 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
16163 httpHeaders:
16164 type: array
16165 description: Custom headers to set in the request. HTTP allows repeated headers.
16166 items:
16167 type: object
16168 description: HTTPHeader describes a custom header to be used in HTTP probes
16169 properties:
16170 name:
16171 type: string
16172 description: The header field name
16173 value:
16174 type: string
16175 description: The header field value
16176 required:
16177 - name
16178 - value
16179 path:
16180 type: string
16181 description: Path to access on the HTTP server.
16182 scheme:
16183 type: string
16184 description: Scheme to use for connecting to the host. Defaults to HTTP.
16185 required:
16186 - port
16187 initialDelaySeconds:
16188 type: integer
16189 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16190 format: int32
16191 periodSeconds:
16192 type: integer
16193 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
16194 format: int32
16195 successThreshold:
16196 type: integer
16197 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
16198 format: int32
16199 tcpSocket:
16200 type: object
16201 description: TCPSocket specifies an action involving a TCP port.
16202 properties:
16203 port:
16204 anyOf:
16205 - type: integer
16206 - type: string
16207 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16208 x-kubernetes-int-or-string: true
16209 host:
16210 type: string
16211 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16212 required:
16213 - port
16214 timeoutSeconds:
16215 type: integer
16216 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16217 format: int32
16218 required:
16219 - name
16220 containers:
16221 type: array
16222 description: 'Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `thanos-ruler` and `config-reloader`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
16223 items:
16224 type: object
16225 description: A single application container that you want to run within a pod.
16226 properties:
16227 name:
16228 type: string
16229 description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
16230 image:
16231 type: string
16232 description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
16233 command:
16234 type: array
16235 description: 'Entrypoint array. Not executed within a shell. The container image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
16236 items:
16237 type: string
16238 args:
16239 type: array
16240 description: 'Arguments to the entrypoint. The container image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
16241 items:
16242 type: string
16243 workingDir:
16244 type: string
16245 description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
16246 ports:
16247 type: array
16248 description: List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
16249 items:
16250 type: object
16251 description: ContainerPort represents a network port in a single container.
16252 properties:
16253 name:
16254 type: string
16255 description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
16256 protocol:
16257 type: string
16258 default: TCP
16259 description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
16260 hostPort:
16261 type: integer
16262 description: Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
16263 format: int32
16264 containerPort:
16265 type: integer
16266 description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
16267 format: int32
16268 hostIP:
16269 type: string
16270 description: What host IP to bind the external port to.
16271 required:
16272 - containerPort
16273 x-kubernetes-list-map-keys:
16274 - containerPort
16275 - protocol
16276 x-kubernetes-list-type: map
16277 envFrom:
16278 type: array
16279 description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
16280 items:
16281 type: object
16282 description: EnvFromSource represents the source of a set of ConfigMaps
16283 properties:
16284 prefix:
16285 type: string
16286 description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
16287 configMapRef:
16288 type: object
16289 description: The ConfigMap to select from
16290 properties:
16291 name:
16292 type: string
16293 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
16294 optional:
16295 type: boolean
16296 description: Specify whether the ConfigMap must be defined
16297 x-kubernetes-map-type: atomic
16298 secretRef:
16299 type: object
16300 description: The Secret to select from
16301 properties:
16302 name:
16303 type: string
16304 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
16305 optional:
16306 type: boolean
16307 description: Specify whether the Secret must be defined
16308 x-kubernetes-map-type: atomic
16309 env:
16310 type: array
16311 description: List of environment variables to set in the container. Cannot be updated.
16312 items:
16313 type: object
16314 description: EnvVar represents an environment variable present in a Container.
16315 properties:
16316 name:
16317 type: string
16318 description: Name of the environment variable. Must be a C_IDENTIFIER.
16319 value:
16320 type: string
16321 description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
16322 valueFrom:
16323 type: object
16324 description: Source for the environment variable's value. Cannot be used if value is not empty.
16325 properties:
16326 fieldRef:
16327 type: object
16328 description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
16329 properties:
16330 apiVersion:
16331 type: string
16332 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
16333 fieldPath:
16334 type: string
16335 description: Path of the field to select in the specified API version.
16336 required:
16337 - fieldPath
16338 x-kubernetes-map-type: atomic
16339 resourceFieldRef:
16340 type: object
16341 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
16342 properties:
16343 containerName:
16344 type: string
16345 description: 'Container name: required for volumes, optional for env vars'
16346 divisor:
16347 anyOf:
16348 - type: integer
16349 - type: string
16350 description: Specifies the output format of the exposed resources, defaults to "1"
16351 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16352 x-kubernetes-int-or-string: true
16353 resource:
16354 type: string
16355 description: 'Required: resource to select'
16356 required:
16357 - resource
16358 x-kubernetes-map-type: atomic
16359 configMapKeyRef:
16360 type: object
16361 description: Selects a key of a ConfigMap.
16362 properties:
16363 name:
16364 type: string
16365 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
16366 key:
16367 type: string
16368 description: The key to select.
16369 optional:
16370 type: boolean
16371 description: Specify whether the ConfigMap or its key must be defined
16372 required:
16373 - key
16374 x-kubernetes-map-type: atomic
16375 secretKeyRef:
16376 type: object
16377 description: Selects a key of a secret in the pod's namespace
16378 properties:
16379 name:
16380 type: string
16381 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
16382 key:
16383 type: string
16384 description: The key of the secret to select from. Must be a valid secret key.
16385 optional:
16386 type: boolean
16387 description: Specify whether the Secret or its key must be defined
16388 required:
16389 - key
16390 x-kubernetes-map-type: atomic
16391 required:
16392 - name
16393 resources:
16394 type: object
16395 description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
16396 properties:
16397 limits:
16398 type: object
16399 additionalProperties:
16400 anyOf:
16401 - type: integer
16402 - type: string
16403 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16404 x-kubernetes-int-or-string: true
16405 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
16406 requests:
16407 type: object
16408 additionalProperties:
16409 anyOf:
16410 - type: integer
16411 - type: string
16412 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
16413 x-kubernetes-int-or-string: true
16414 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
16415 volumeMounts:
16416 type: array
16417 description: Pod volumes to mount into the container's filesystem. Cannot be updated.
16418 items:
16419 type: object
16420 description: VolumeMount describes a mounting of a Volume within a container.
16421 properties:
16422 name:
16423 type: string
16424 description: This must match the Name of a Volume.
16425 readOnly:
16426 type: boolean
16427 description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
16428 mountPath:
16429 type: string
16430 description: Path within the container at which the volume should be mounted. Must not contain ':'.
16431 subPath:
16432 type: string
16433 description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
16434 subPathExpr:
16435 type: string
16436 description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
16437 mountPropagation:
16438 type: string
16439 description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
16440 required:
16441 - mountPath
16442 - name
16443 volumeDevices:
16444 type: array
16445 description: volumeDevices is the list of block devices to be used by the container.
16446 items:
16447 type: object
16448 description: volumeDevice describes a mapping of a raw block device within a container.
16449 properties:
16450 name:
16451 type: string
16452 description: name must match the name of a persistentVolumeClaim in the pod
16453 devicePath:
16454 type: string
16455 description: devicePath is the path inside of the container that the device will be mapped to.
16456 required:
16457 - devicePath
16458 - name
16459 livenessProbe:
16460 type: object
16461 description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16462 properties:
16463 terminationGracePeriodSeconds:
16464 type: integer
16465 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
16466 format: int64
16467 exec:
16468 type: object
16469 description: Exec specifies the action to take.
16470 properties:
16471 command:
16472 type: array
16473 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
16474 items:
16475 type: string
16476 failureThreshold:
16477 type: integer
16478 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
16479 format: int32
16480 grpc:
16481 type: object
16482 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
16483 properties:
16484 service:
16485 type: string
16486 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
16487 port:
16488 type: integer
16489 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
16490 format: int32
16491 required:
16492 - port
16493 httpGet:
16494 type: object
16495 description: HTTPGet specifies the http request to perform.
16496 properties:
16497 port:
16498 anyOf:
16499 - type: integer
16500 - type: string
16501 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16502 x-kubernetes-int-or-string: true
16503 host:
16504 type: string
16505 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
16506 httpHeaders:
16507 type: array
16508 description: Custom headers to set in the request. HTTP allows repeated headers.
16509 items:
16510 type: object
16511 description: HTTPHeader describes a custom header to be used in HTTP probes
16512 properties:
16513 name:
16514 type: string
16515 description: The header field name
16516 value:
16517 type: string
16518 description: The header field value
16519 required:
16520 - name
16521 - value
16522 path:
16523 type: string
16524 description: Path to access on the HTTP server.
16525 scheme:
16526 type: string
16527 description: Scheme to use for connecting to the host. Defaults to HTTP.
16528 required:
16529 - port
16530 initialDelaySeconds:
16531 type: integer
16532 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16533 format: int32
16534 periodSeconds:
16535 type: integer
16536 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
16537 format: int32
16538 successThreshold:
16539 type: integer
16540 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
16541 format: int32
16542 tcpSocket:
16543 type: object
16544 description: TCPSocket specifies an action involving a TCP port.
16545 properties:
16546 port:
16547 anyOf:
16548 - type: integer
16549 - type: string
16550 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16551 x-kubernetes-int-or-string: true
16552 host:
16553 type: string
16554 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16555 required:
16556 - port
16557 timeoutSeconds:
16558 type: integer
16559 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16560 format: int32
16561 readinessProbe:
16562 type: object
16563 description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16564 properties:
16565 terminationGracePeriodSeconds:
16566 type: integer
16567 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
16568 format: int64
16569 exec:
16570 type: object
16571 description: Exec specifies the action to take.
16572 properties:
16573 command:
16574 type: array
16575 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
16576 items:
16577 type: string
16578 failureThreshold:
16579 type: integer
16580 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
16581 format: int32
16582 grpc:
16583 type: object
16584 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
16585 properties:
16586 service:
16587 type: string
16588 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
16589 port:
16590 type: integer
16591 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
16592 format: int32
16593 required:
16594 - port
16595 httpGet:
16596 type: object
16597 description: HTTPGet specifies the http request to perform.
16598 properties:
16599 port:
16600 anyOf:
16601 - type: integer
16602 - type: string
16603 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16604 x-kubernetes-int-or-string: true
16605 host:
16606 type: string
16607 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
16608 httpHeaders:
16609 type: array
16610 description: Custom headers to set in the request. HTTP allows repeated headers.
16611 items:
16612 type: object
16613 description: HTTPHeader describes a custom header to be used in HTTP probes
16614 properties:
16615 name:
16616 type: string
16617 description: The header field name
16618 value:
16619 type: string
16620 description: The header field value
16621 required:
16622 - name
16623 - value
16624 path:
16625 type: string
16626 description: Path to access on the HTTP server.
16627 scheme:
16628 type: string
16629 description: Scheme to use for connecting to the host. Defaults to HTTP.
16630 required:
16631 - port
16632 initialDelaySeconds:
16633 type: integer
16634 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16635 format: int32
16636 periodSeconds:
16637 type: integer
16638 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
16639 format: int32
16640 successThreshold:
16641 type: integer
16642 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
16643 format: int32
16644 tcpSocket:
16645 type: object
16646 description: TCPSocket specifies an action involving a TCP port.
16647 properties:
16648 port:
16649 anyOf:
16650 - type: integer
16651 - type: string
16652 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16653 x-kubernetes-int-or-string: true
16654 host:
16655 type: string
16656 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16657 required:
16658 - port
16659 timeoutSeconds:
16660 type: integer
16661 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16662 format: int32
16663 lifecycle:
16664 type: object
16665 description: Actions that the management system should take in response to container lifecycle events. Cannot be updated.
16666 properties:
16667 postStart:
16668 type: object
16669 description: 'PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
16670 properties:
16671 exec:
16672 type: object
16673 description: Exec specifies the action to take.
16674 properties:
16675 command:
16676 type: array
16677 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
16678 items:
16679 type: string
16680 httpGet:
16681 type: object
16682 description: HTTPGet specifies the http request to perform.
16683 properties:
16684 port:
16685 anyOf:
16686 - type: integer
16687 - type: string
16688 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16689 x-kubernetes-int-or-string: true
16690 host:
16691 type: string
16692 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
16693 httpHeaders:
16694 type: array
16695 description: Custom headers to set in the request. HTTP allows repeated headers.
16696 items:
16697 type: object
16698 description: HTTPHeader describes a custom header to be used in HTTP probes
16699 properties:
16700 name:
16701 type: string
16702 description: The header field name
16703 value:
16704 type: string
16705 description: The header field value
16706 required:
16707 - name
16708 - value
16709 path:
16710 type: string
16711 description: Path to access on the HTTP server.
16712 scheme:
16713 type: string
16714 description: Scheme to use for connecting to the host. Defaults to HTTP.
16715 required:
16716 - port
16717 tcpSocket:
16718 type: object
16719 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
16720 properties:
16721 port:
16722 anyOf:
16723 - type: integer
16724 - type: string
16725 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16726 x-kubernetes-int-or-string: true
16727 host:
16728 type: string
16729 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16730 required:
16731 - port
16732 preStop:
16733 type: object
16734 description: 'PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod''s termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod''s termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
16735 properties:
16736 exec:
16737 type: object
16738 description: Exec specifies the action to take.
16739 properties:
16740 command:
16741 type: array
16742 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
16743 items:
16744 type: string
16745 httpGet:
16746 type: object
16747 description: HTTPGet specifies the http request to perform.
16748 properties:
16749 port:
16750 anyOf:
16751 - type: integer
16752 - type: string
16753 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16754 x-kubernetes-int-or-string: true
16755 host:
16756 type: string
16757 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
16758 httpHeaders:
16759 type: array
16760 description: Custom headers to set in the request. HTTP allows repeated headers.
16761 items:
16762 type: object
16763 description: HTTPHeader describes a custom header to be used in HTTP probes
16764 properties:
16765 name:
16766 type: string
16767 description: The header field name
16768 value:
16769 type: string
16770 description: The header field value
16771 required:
16772 - name
16773 - value
16774 path:
16775 type: string
16776 description: Path to access on the HTTP server.
16777 scheme:
16778 type: string
16779 description: Scheme to use for connecting to the host. Defaults to HTTP.
16780 required:
16781 - port
16782 tcpSocket:
16783 type: object
16784 description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
16785 properties:
16786 port:
16787 anyOf:
16788 - type: integer
16789 - type: string
16790 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16791 x-kubernetes-int-or-string: true
16792 host:
16793 type: string
16794 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16795 required:
16796 - port
16797 terminationMessagePath:
16798 type: string
16799 description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
16800 terminationMessagePolicy:
16801 type: string
16802 description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
16803 imagePullPolicy:
16804 type: string
16805 description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
16806 securityContext:
16807 type: object
16808 description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
16809 properties:
16810 allowPrivilegeEscalation:
16811 type: boolean
16812 description: 'AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.'
16813 capabilities:
16814 type: object
16815 description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
16816 properties:
16817 add:
16818 type: array
16819 description: Added capabilities
16820 items:
16821 type: string
16822 description: Capability represent POSIX capabilities type
16823 drop:
16824 type: array
16825 description: Removed capabilities
16826 items:
16827 type: string
16828 description: Capability represent POSIX capabilities type
16829 privileged:
16830 type: boolean
16831 description: Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
16832 procMount:
16833 type: string
16834 description: procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
16835 readOnlyRootFilesystem:
16836 type: boolean
16837 description: Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
16838 runAsGroup:
16839 type: integer
16840 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
16841 format: int64
16842 runAsNonRoot:
16843 type: boolean
16844 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
16845 runAsUser:
16846 type: integer
16847 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
16848 format: int64
16849 seLinuxOptions:
16850 type: object
16851 description: The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
16852 properties:
16853 type:
16854 type: string
16855 description: Type is a SELinux type label that applies to the container.
16856 level:
16857 type: string
16858 description: Level is SELinux level label that applies to the container.
16859 role:
16860 type: string
16861 description: Role is a SELinux role label that applies to the container.
16862 user:
16863 type: string
16864 description: User is a SELinux user label that applies to the container.
16865 seccompProfile:
16866 type: object
16867 description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
16868 properties:
16869 type:
16870 type: string
16871 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
16872 localhostProfile:
16873 type: string
16874 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
16875 required:
16876 - type
16877 windowsOptions:
16878 type: object
16879 description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
16880 properties:
16881 gmsaCredentialSpec:
16882 type: string
16883 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
16884 gmsaCredentialSpecName:
16885 type: string
16886 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
16887 hostProcess:
16888 type: boolean
16889 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
16890 runAsUserName:
16891 type: string
16892 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
16893 stdin:
16894 type: boolean
16895 description: Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
16896 stdinOnce:
16897 type: boolean
16898 description: Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
16899 tty:
16900 type: boolean
16901 description: Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
16902 startupProbe:
16903 type: object
16904 description: 'StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod''s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16905 properties:
16906 terminationGracePeriodSeconds:
16907 type: integer
16908 description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
16909 format: int64
16910 exec:
16911 type: object
16912 description: Exec specifies the action to take.
16913 properties:
16914 command:
16915 type: array
16916 description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
16917 items:
16918 type: string
16919 failureThreshold:
16920 type: integer
16921 description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
16922 format: int32
16923 grpc:
16924 type: object
16925 description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
16926 properties:
16927 service:
16928 type: string
16929 description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC."
16930 port:
16931 type: integer
16932 description: Port number of the gRPC service. Number must be in the range 1 to 65535.
16933 format: int32
16934 required:
16935 - port
16936 httpGet:
16937 type: object
16938 description: HTTPGet specifies the http request to perform.
16939 properties:
16940 port:
16941 anyOf:
16942 - type: integer
16943 - type: string
16944 description: Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16945 x-kubernetes-int-or-string: true
16946 host:
16947 type: string
16948 description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
16949 httpHeaders:
16950 type: array
16951 description: Custom headers to set in the request. HTTP allows repeated headers.
16952 items:
16953 type: object
16954 description: HTTPHeader describes a custom header to be used in HTTP probes
16955 properties:
16956 name:
16957 type: string
16958 description: The header field name
16959 value:
16960 type: string
16961 description: The header field value
16962 required:
16963 - name
16964 - value
16965 path:
16966 type: string
16967 description: Path to access on the HTTP server.
16968 scheme:
16969 type: string
16970 description: Scheme to use for connecting to the host. Defaults to HTTP.
16971 required:
16972 - port
16973 initialDelaySeconds:
16974 type: integer
16975 description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
16976 format: int32
16977 periodSeconds:
16978 type: integer
16979 description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
16980 format: int32
16981 successThreshold:
16982 type: integer
16983 description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
16984 format: int32
16985 tcpSocket:
16986 type: object
16987 description: TCPSocket specifies an action involving a TCP port.
16988 properties:
16989 port:
16990 anyOf:
16991 - type: integer
16992 - type: string
16993 description: Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
16994 x-kubernetes-int-or-string: true
16995 host:
16996 type: string
16997 description: 'Optional: Host name to connect to, defaults to the pod IP.'
16998 required:
16999 - port
17000 timeoutSeconds:
17001 type: integer
17002 description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
17003 format: int32
17004 required:
17005 - name
17006 volumes:
17007 type: array
17008 description: Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
17009 items:
17010 type: object
17011 description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
17012 properties:
17013 name:
17014 type: string
17015 description: 'name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
17016 awsElasticBlockStore:
17017 type: object
17018 description: 'awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
17019 properties:
17020 readOnly:
17021 type: boolean
17022 description: 'readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
17023 fsType:
17024 type: string
17025 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine'
17026 partition:
17027 type: integer
17028 description: 'partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).'
17029 format: int32
17030 volumeID:
17031 type: string
17032 description: 'volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
17033 required:
17034 - volumeID
17035 azureDisk:
17036 type: object
17037 description: azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
17038 properties:
17039 kind:
17040 type: string
17041 description: 'kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared'
17042 readOnly:
17043 type: boolean
17044 description: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
17045 cachingMode:
17046 type: string
17047 description: 'cachingMode is the Host Caching mode: None, Read Only, Read Write.'
17048 diskName:
17049 type: string
17050 description: diskName is the Name of the data disk in the blob storage
17051 diskURI:
17052 type: string
17053 description: diskURI is the URI of data disk in the blob storage
17054 fsType:
17055 type: string
17056 description: fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
17057 required:
17058 - diskName
17059 - diskURI
17060 azureFile:
17061 type: object
17062 description: azureFile represents an Azure File Service mount on the host and bind mount to the pod.
17063 properties:
17064 readOnly:
17065 type: boolean
17066 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
17067 secretName:
17068 type: string
17069 description: secretName is the name of secret that contains Azure Storage Account Name and Key
17070 shareName:
17071 type: string
17072 description: shareName is the azure share Name
17073 required:
17074 - secretName
17075 - shareName
17076 cephfs:
17077 type: object
17078 description: cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
17079 properties:
17080 readOnly:
17081 type: boolean
17082 description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
17083 secretRef:
17084 type: object
17085 description: 'secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
17086 properties:
17087 name:
17088 type: string
17089 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17090 x-kubernetes-map-type: atomic
17091 monitors:
17092 type: array
17093 description: 'monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
17094 items:
17095 type: string
17096 path:
17097 type: string
17098 description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /'
17099 secretFile:
17100 type: string
17101 description: 'secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
17102 user:
17103 type: string
17104 description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
17105 required:
17106 - monitors
17107 cinder:
17108 type: object
17109 description: 'cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
17110 properties:
17111 readOnly:
17112 type: boolean
17113 description: 'readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
17114 secretRef:
17115 type: object
17116 description: 'secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.'
17117 properties:
17118 name:
17119 type: string
17120 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17121 x-kubernetes-map-type: atomic
17122 fsType:
17123 type: string
17124 description: 'fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
17125 volumeID:
17126 type: string
17127 description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
17128 required:
17129 - volumeID
17130 configMap:
17131 type: object
17132 description: configMap represents a configMap that should populate this volume
17133 properties:
17134 name:
17135 type: string
17136 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17137 defaultMode:
17138 type: integer
17139 description: 'defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17140 format: int32
17141 items:
17142 type: array
17143 description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
17144 items:
17145 type: object
17146 description: Maps a string key to a path within a volume.
17147 properties:
17148 key:
17149 type: string
17150 description: key is the key to project.
17151 mode:
17152 type: integer
17153 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17154 format: int32
17155 path:
17156 type: string
17157 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
17158 required:
17159 - key
17160 - path
17161 optional:
17162 type: boolean
17163 description: optional specify whether the ConfigMap or its keys must be defined
17164 x-kubernetes-map-type: atomic
17165 csi:
17166 type: object
17167 description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
17168 properties:
17169 readOnly:
17170 type: boolean
17171 description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
17172 driver:
17173 type: string
17174 description: driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.
17175 fsType:
17176 type: string
17177 description: fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.
17178 nodePublishSecretRef:
17179 type: object
17180 description: nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.
17181 properties:
17182 name:
17183 type: string
17184 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17185 x-kubernetes-map-type: atomic
17186 volumeAttributes:
17187 type: object
17188 additionalProperties:
17189 type: string
17190 description: volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.
17191 required:
17192 - driver
17193 downwardAPI:
17194 type: object
17195 description: downwardAPI represents downward API about the pod that should populate this volume
17196 properties:
17197 defaultMode:
17198 type: integer
17199 description: 'Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17200 format: int32
17201 items:
17202 type: array
17203 description: Items is a list of downward API volume file
17204 items:
17205 type: object
17206 description: DownwardAPIVolumeFile represents information to create the file containing the pod field
17207 properties:
17208 fieldRef:
17209 type: object
17210 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
17211 properties:
17212 apiVersion:
17213 type: string
17214 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
17215 fieldPath:
17216 type: string
17217 description: Path of the field to select in the specified API version.
17218 required:
17219 - fieldPath
17220 x-kubernetes-map-type: atomic
17221 resourceFieldRef:
17222 type: object
17223 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
17224 properties:
17225 containerName:
17226 type: string
17227 description: 'Container name: required for volumes, optional for env vars'
17228 divisor:
17229 anyOf:
17230 - type: integer
17231 - type: string
17232 description: Specifies the output format of the exposed resources, defaults to "1"
17233 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
17234 x-kubernetes-int-or-string: true
17235 resource:
17236 type: string
17237 description: 'Required: resource to select'
17238 required:
17239 - resource
17240 x-kubernetes-map-type: atomic
17241 mode:
17242 type: integer
17243 description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17244 format: int32
17245 path:
17246 type: string
17247 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
17248 required:
17249 - path
17250 emptyDir:
17251 type: object
17252 description: 'emptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
17253 properties:
17254 medium:
17255 type: string
17256 description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
17257 sizeLimit:
17258 anyOf:
17259 - type: integer
17260 - type: string
17261 description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
17262 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
17263 x-kubernetes-int-or-string: true
17264 ephemeral:
17265 type: object
17266 description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
17267 properties:
17268 volumeClaimTemplate:
17269 type: object
17270 description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
17271 properties:
17272 metadata:
17273 type: object
17274 description: May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
17275 spec:
17276 type: object
17277 description: The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
17278 properties:
17279 selector:
17280 type: object
17281 description: selector is a label query over volumes to consider for binding.
17282 properties:
17283 matchExpressions:
17284 type: array
17285 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
17286 items:
17287 type: object
17288 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
17289 properties:
17290 key:
17291 type: string
17292 description: key is the label key that the selector applies to.
17293 operator:
17294 type: string
17295 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
17296 values:
17297 type: array
17298 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
17299 items:
17300 type: string
17301 required:
17302 - key
17303 - operator
17304 matchLabels:
17305 type: object
17306 additionalProperties:
17307 type: string
17308 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
17309 x-kubernetes-map-type: atomic
17310 resources:
17311 type: object
17312 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
17313 properties:
17314 limits:
17315 type: object
17316 additionalProperties:
17317 anyOf:
17318 - type: integer
17319 - type: string
17320 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
17321 x-kubernetes-int-or-string: true
17322 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
17323 requests:
17324 type: object
17325 additionalProperties:
17326 anyOf:
17327 - type: integer
17328 - type: string
17329 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
17330 x-kubernetes-int-or-string: true
17331 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
17332 accessModes:
17333 type: array
17334 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
17335 items:
17336 type: string
17337 dataSource:
17338 type: object
17339 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
17340 properties:
17341 name:
17342 type: string
17343 description: Name is the name of resource being referenced
17344 kind:
17345 type: string
17346 description: Kind is the type of resource being referenced
17347 apiGroup:
17348 type: string
17349 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
17350 required:
17351 - kind
17352 - name
17353 x-kubernetes-map-type: atomic
17354 dataSourceRef:
17355 type: object
17356 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
17357 properties:
17358 name:
17359 type: string
17360 description: Name is the name of resource being referenced
17361 kind:
17362 type: string
17363 description: Kind is the type of resource being referenced
17364 apiGroup:
17365 type: string
17366 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
17367 required:
17368 - kind
17369 - name
17370 x-kubernetes-map-type: atomic
17371 storageClassName:
17372 type: string
17373 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
17374 volumeMode:
17375 type: string
17376 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
17377 volumeName:
17378 type: string
17379 description: volumeName is the binding reference to the PersistentVolume backing this claim.
17380 required:
17381 - spec
17382 fc:
17383 type: object
17384 description: fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
17385 properties:
17386 readOnly:
17387 type: boolean
17388 description: 'readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.'
17389 fsType:
17390 type: string
17391 description: 'fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine'
17392 lun:
17393 type: integer
17394 description: 'lun is Optional: FC target lun number'
17395 format: int32
17396 targetWWNs:
17397 type: array
17398 description: 'targetWWNs is Optional: FC target worldwide names (WWNs)'
17399 items:
17400 type: string
17401 wwids:
17402 type: array
17403 description: 'wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.'
17404 items:
17405 type: string
17406 flexVolume:
17407 type: object
17408 description: flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
17409 properties:
17410 readOnly:
17411 type: boolean
17412 description: 'readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.'
17413 secretRef:
17414 type: object
17415 description: 'secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.'
17416 properties:
17417 name:
17418 type: string
17419 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17420 x-kubernetes-map-type: atomic
17421 driver:
17422 type: string
17423 description: driver is the name of the driver to use for this volume.
17424 fsType:
17425 type: string
17426 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
17427 options:
17428 type: object
17429 additionalProperties:
17430 type: string
17431 description: 'options is Optional: this field holds extra command options if any.'
17432 required:
17433 - driver
17434 flocker:
17435 type: object
17436 description: flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running
17437 properties:
17438 datasetName:
17439 type: string
17440 description: datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated
17441 datasetUUID:
17442 type: string
17443 description: datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset
17444 gcePersistentDisk:
17445 type: object
17446 description: 'gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
17447 properties:
17448 readOnly:
17449 type: boolean
17450 description: 'readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
17451 fsType:
17452 type: string
17453 description: 'fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine'
17454 partition:
17455 type: integer
17456 description: 'partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
17457 format: int32
17458 pdName:
17459 type: string
17460 description: 'pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
17461 required:
17462 - pdName
17463 gitRepo:
17464 type: object
17465 description: 'gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod''s container.'
17466 properties:
17467 revision:
17468 type: string
17469 description: revision is the commit hash for the specified revision.
17470 directory:
17471 type: string
17472 description: directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.
17473 repository:
17474 type: string
17475 description: repository is the URL
17476 required:
17477 - repository
17478 glusterfs:
17479 type: object
17480 description: 'glusterfs represents a Glusterfs mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
17481 properties:
17482 readOnly:
17483 type: boolean
17484 description: 'readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
17485 endpoints:
17486 type: string
17487 description: 'endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
17488 path:
17489 type: string
17490 description: 'path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
17491 required:
17492 - endpoints
17493 - path
17494 hostPath:
17495 type: object
17496 description: 'hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.'
17497 properties:
17498 type:
17499 type: string
17500 description: 'type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
17501 path:
17502 type: string
17503 description: 'path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
17504 required:
17505 - path
17506 iscsi:
17507 type: object
17508 description: 'iscsi represents an ISCSI Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
17509 properties:
17510 readOnly:
17511 type: boolean
17512 description: readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
17513 secretRef:
17514 type: object
17515 description: secretRef is the CHAP Secret for iSCSI target and initiator authentication
17516 properties:
17517 name:
17518 type: string
17519 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17520 x-kubernetes-map-type: atomic
17521 chapAuthDiscovery:
17522 type: boolean
17523 description: chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
17524 chapAuthSession:
17525 type: boolean
17526 description: chapAuthSession defines whether support iSCSI Session CHAP authentication
17527 fsType:
17528 type: string
17529 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine'
17530 initiatorName:
17531 type: string
17532 description: initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.
17533 iqn:
17534 type: string
17535 description: iqn is the target iSCSI Qualified Name.
17536 iscsiInterface:
17537 type: string
17538 description: iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
17539 lun:
17540 type: integer
17541 description: lun represents iSCSI Target Lun number.
17542 format: int32
17543 portals:
17544 type: array
17545 description: portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
17546 items:
17547 type: string
17548 targetPortal:
17549 type: string
17550 description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
17551 required:
17552 - iqn
17553 - lun
17554 - targetPortal
17555 nfs:
17556 type: object
17557 description: 'nfs represents an NFS mount on the host that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
17558 properties:
17559 readOnly:
17560 type: boolean
17561 description: 'readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
17562 path:
17563 type: string
17564 description: 'path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
17565 server:
17566 type: string
17567 description: 'server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
17568 required:
17569 - path
17570 - server
17571 persistentVolumeClaim:
17572 type: object
17573 description: 'persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
17574 properties:
17575 readOnly:
17576 type: boolean
17577 description: readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
17578 claimName:
17579 type: string
17580 description: 'claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
17581 required:
17582 - claimName
17583 photonPersistentDisk:
17584 type: object
17585 description: photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
17586 properties:
17587 fsType:
17588 type: string
17589 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
17590 pdID:
17591 type: string
17592 description: pdID is the ID that identifies Photon Controller persistent disk
17593 required:
17594 - pdID
17595 portworxVolume:
17596 type: object
17597 description: portworxVolume represents a portworx volume attached and mounted on kubelets host machine
17598 properties:
17599 readOnly:
17600 type: boolean
17601 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
17602 fsType:
17603 type: string
17604 description: fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
17605 volumeID:
17606 type: string
17607 description: volumeID uniquely identifies a Portworx volume
17608 required:
17609 - volumeID
17610 projected:
17611 type: object
17612 description: projected items for all in one resources secrets, configmaps, and downward API
17613 properties:
17614 defaultMode:
17615 type: integer
17616 description: defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
17617 format: int32
17618 sources:
17619 type: array
17620 description: sources is the list of volume projections
17621 items:
17622 type: object
17623 description: Projection that may be projected along with other supported volume types
17624 properties:
17625 configMap:
17626 type: object
17627 description: configMap information about the configMap data to project
17628 properties:
17629 name:
17630 type: string
17631 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17632 items:
17633 type: array
17634 description: items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
17635 items:
17636 type: object
17637 description: Maps a string key to a path within a volume.
17638 properties:
17639 key:
17640 type: string
17641 description: key is the key to project.
17642 mode:
17643 type: integer
17644 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17645 format: int32
17646 path:
17647 type: string
17648 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
17649 required:
17650 - key
17651 - path
17652 optional:
17653 type: boolean
17654 description: optional specify whether the ConfigMap or its keys must be defined
17655 x-kubernetes-map-type: atomic
17656 downwardAPI:
17657 type: object
17658 description: downwardAPI information about the downwardAPI data to project
17659 properties:
17660 items:
17661 type: array
17662 description: Items is a list of DownwardAPIVolume file
17663 items:
17664 type: object
17665 description: DownwardAPIVolumeFile represents information to create the file containing the pod field
17666 properties:
17667 fieldRef:
17668 type: object
17669 description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.'
17670 properties:
17671 apiVersion:
17672 type: string
17673 description: Version of the schema the FieldPath is written in terms of, defaults to "v1".
17674 fieldPath:
17675 type: string
17676 description: Path of the field to select in the specified API version.
17677 required:
17678 - fieldPath
17679 x-kubernetes-map-type: atomic
17680 resourceFieldRef:
17681 type: object
17682 description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.'
17683 properties:
17684 containerName:
17685 type: string
17686 description: 'Container name: required for volumes, optional for env vars'
17687 divisor:
17688 anyOf:
17689 - type: integer
17690 - type: string
17691 description: Specifies the output format of the exposed resources, defaults to "1"
17692 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
17693 x-kubernetes-int-or-string: true
17694 resource:
17695 type: string
17696 description: 'Required: resource to select'
17697 required:
17698 - resource
17699 x-kubernetes-map-type: atomic
17700 mode:
17701 type: integer
17702 description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17703 format: int32
17704 path:
17705 type: string
17706 description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..'''
17707 required:
17708 - path
17709 secret:
17710 type: object
17711 description: secret information about the secret data to project
17712 properties:
17713 name:
17714 type: string
17715 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17716 items:
17717 type: array
17718 description: items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
17719 items:
17720 type: object
17721 description: Maps a string key to a path within a volume.
17722 properties:
17723 key:
17724 type: string
17725 description: key is the key to project.
17726 mode:
17727 type: integer
17728 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17729 format: int32
17730 path:
17731 type: string
17732 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
17733 required:
17734 - key
17735 - path
17736 optional:
17737 type: boolean
17738 description: optional field specify whether the Secret or its key must be defined
17739 x-kubernetes-map-type: atomic
17740 serviceAccountToken:
17741 type: object
17742 description: serviceAccountToken is information about the serviceAccountToken data to project
17743 properties:
17744 audience:
17745 type: string
17746 description: audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
17747 expirationSeconds:
17748 type: integer
17749 description: expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
17750 format: int64
17751 path:
17752 type: string
17753 description: path is the path relative to the mount point of the file to project the token into.
17754 required:
17755 - path
17756 quobyte:
17757 type: object
17758 description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime
17759 properties:
17760 readOnly:
17761 type: boolean
17762 description: readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.
17763 group:
17764 type: string
17765 description: group to map volume access to Default is no group
17766 registry:
17767 type: string
17768 description: registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes
17769 tenant:
17770 type: string
17771 description: tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin
17772 user:
17773 type: string
17774 description: user to map volume access to Defaults to serivceaccount user
17775 volume:
17776 type: string
17777 description: volume is a string that references an already created Quobyte volume by name.
17778 required:
17779 - registry
17780 - volume
17781 rbd:
17782 type: object
17783 description: 'rbd represents a Rados Block Device mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
17784 properties:
17785 image:
17786 type: string
17787 description: 'image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17788 readOnly:
17789 type: boolean
17790 description: 'readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17791 secretRef:
17792 type: object
17793 description: 'secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17794 properties:
17795 name:
17796 type: string
17797 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17798 x-kubernetes-map-type: atomic
17799 fsType:
17800 type: string
17801 description: 'fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine'
17802 keyring:
17803 type: string
17804 description: 'keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17805 monitors:
17806 type: array
17807 description: 'monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17808 items:
17809 type: string
17810 pool:
17811 type: string
17812 description: 'pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17813 user:
17814 type: string
17815 description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
17816 required:
17817 - image
17818 - monitors
17819 scaleIO:
17820 type: object
17821 description: scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
17822 properties:
17823 readOnly:
17824 type: boolean
17825 description: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
17826 secretRef:
17827 type: object
17828 description: secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.
17829 properties:
17830 name:
17831 type: string
17832 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17833 x-kubernetes-map-type: atomic
17834 fsType:
17835 type: string
17836 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".
17837 gateway:
17838 type: string
17839 description: gateway is the host address of the ScaleIO API Gateway.
17840 protectionDomain:
17841 type: string
17842 description: protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.
17843 sslEnabled:
17844 type: boolean
17845 description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
17846 storageMode:
17847 type: string
17848 description: storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.
17849 storagePool:
17850 type: string
17851 description: storagePool is the ScaleIO Storage Pool associated with the protection domain.
17852 system:
17853 type: string
17854 description: system is the name of the storage system as configured in ScaleIO.
17855 volumeName:
17856 type: string
17857 description: volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.
17858 required:
17859 - gateway
17860 - secretRef
17861 - system
17862 secret:
17863 type: object
17864 description: 'secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
17865 properties:
17866 defaultMode:
17867 type: integer
17868 description: 'defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17869 format: int32
17870 items:
17871 type: array
17872 description: items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
17873 items:
17874 type: object
17875 description: Maps a string key to a path within a volume.
17876 properties:
17877 key:
17878 type: string
17879 description: key is the key to project.
17880 mode:
17881 type: integer
17882 description: 'mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
17883 format: int32
17884 path:
17885 type: string
17886 description: path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
17887 required:
17888 - key
17889 - path
17890 optional:
17891 type: boolean
17892 description: optional field specify whether the Secret or its keys must be defined
17893 secretName:
17894 type: string
17895 description: 'secretName is the name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
17896 storageos:
17897 type: object
17898 description: storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.
17899 properties:
17900 readOnly:
17901 type: boolean
17902 description: readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
17903 secretRef:
17904 type: object
17905 description: secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.
17906 properties:
17907 name:
17908 type: string
17909 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17910 x-kubernetes-map-type: atomic
17911 fsType:
17912 type: string
17913 description: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
17914 volumeName:
17915 type: string
17916 description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
17917 volumeNamespace:
17918 type: string
17919 description: volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.
17920 vsphereVolume:
17921 type: object
17922 description: vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
17923 properties:
17924 fsType:
17925 type: string
17926 description: fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
17927 storagePolicyID:
17928 type: string
17929 description: storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
17930 storagePolicyName:
17931 type: string
17932 description: storagePolicyName is the storage Policy Based Management (SPBM) profile name.
17933 volumePath:
17934 type: string
17935 description: volumePath is the path that identifies vSphere volume vmdk
17936 required:
17937 - volumePath
17938 required:
17939 - name
17940 imagePullSecrets:
17941 type: array
17942 description: An optional list of references to secrets in the same namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
17943 items:
17944 type: object
17945 description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
17946 properties:
17947 name:
17948 type: string
17949 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
17950 x-kubernetes-map-type: atomic
17951 affinity:
17952 type: object
17953 description: If specified, the pod's scheduling constraints.
17954 properties:
17955 nodeAffinity:
17956 type: object
17957 description: Describes node affinity scheduling rules for the pod.
17958 properties:
17959 preferredDuringSchedulingIgnoredDuringExecution:
17960 type: array
17961 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
17962 items:
17963 type: object
17964 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
17965 properties:
17966 preference:
17967 type: object
17968 description: A node selector term, associated with the corresponding weight.
17969 properties:
17970 matchExpressions:
17971 type: array
17972 description: A list of node selector requirements by node's labels.
17973 items:
17974 type: object
17975 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
17976 properties:
17977 key:
17978 type: string
17979 description: The label key that the selector applies to.
17980 operator:
17981 type: string
17982 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
17983 values:
17984 type: array
17985 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
17986 items:
17987 type: string
17988 required:
17989 - key
17990 - operator
17991 matchFields:
17992 type: array
17993 description: A list of node selector requirements by node's fields.
17994 items:
17995 type: object
17996 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
17997 properties:
17998 key:
17999 type: string
18000 description: The label key that the selector applies to.
18001 operator:
18002 type: string
18003 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
18004 values:
18005 type: array
18006 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
18007 items:
18008 type: string
18009 required:
18010 - key
18011 - operator
18012 x-kubernetes-map-type: atomic
18013 weight:
18014 type: integer
18015 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
18016 format: int32
18017 required:
18018 - preference
18019 - weight
18020 requiredDuringSchedulingIgnoredDuringExecution:
18021 type: object
18022 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
18023 properties:
18024 nodeSelectorTerms:
18025 type: array
18026 description: Required. A list of node selector terms. The terms are ORed.
18027 items:
18028 type: object
18029 description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
18030 properties:
18031 matchExpressions:
18032 type: array
18033 description: A list of node selector requirements by node's labels.
18034 items:
18035 type: object
18036 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18037 properties:
18038 key:
18039 type: string
18040 description: The label key that the selector applies to.
18041 operator:
18042 type: string
18043 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
18044 values:
18045 type: array
18046 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
18047 items:
18048 type: string
18049 required:
18050 - key
18051 - operator
18052 matchFields:
18053 type: array
18054 description: A list of node selector requirements by node's fields.
18055 items:
18056 type: object
18057 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18058 properties:
18059 key:
18060 type: string
18061 description: The label key that the selector applies to.
18062 operator:
18063 type: string
18064 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
18065 values:
18066 type: array
18067 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
18068 items:
18069 type: string
18070 required:
18071 - key
18072 - operator
18073 x-kubernetes-map-type: atomic
18074 required:
18075 - nodeSelectorTerms
18076 x-kubernetes-map-type: atomic
18077 podAffinity:
18078 type: object
18079 description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
18080 properties:
18081 preferredDuringSchedulingIgnoredDuringExecution:
18082 type: array
18083 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
18084 items:
18085 type: object
18086 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
18087 properties:
18088 podAffinityTerm:
18089 type: object
18090 description: Required. A pod affinity term, associated with the corresponding weight.
18091 properties:
18092 labelSelector:
18093 type: object
18094 description: A label query over a set of resources, in this case pods.
18095 properties:
18096 matchExpressions:
18097 type: array
18098 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18099 items:
18100 type: object
18101 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18102 properties:
18103 key:
18104 type: string
18105 description: key is the label key that the selector applies to.
18106 operator:
18107 type: string
18108 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18109 values:
18110 type: array
18111 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18112 items:
18113 type: string
18114 required:
18115 - key
18116 - operator
18117 matchLabels:
18118 type: object
18119 additionalProperties:
18120 type: string
18121 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18122 x-kubernetes-map-type: atomic
18123 namespaceSelector:
18124 type: object
18125 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
18126 properties:
18127 matchExpressions:
18128 type: array
18129 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18130 items:
18131 type: object
18132 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18133 properties:
18134 key:
18135 type: string
18136 description: key is the label key that the selector applies to.
18137 operator:
18138 type: string
18139 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18140 values:
18141 type: array
18142 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18143 items:
18144 type: string
18145 required:
18146 - key
18147 - operator
18148 matchLabels:
18149 type: object
18150 additionalProperties:
18151 type: string
18152 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18153 x-kubernetes-map-type: atomic
18154 namespaces:
18155 type: array
18156 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
18157 items:
18158 type: string
18159 topologyKey:
18160 type: string
18161 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
18162 required:
18163 - topologyKey
18164 weight:
18165 type: integer
18166 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
18167 format: int32
18168 required:
18169 - podAffinityTerm
18170 - weight
18171 requiredDuringSchedulingIgnoredDuringExecution:
18172 type: array
18173 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
18174 items:
18175 type: object
18176 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
18177 properties:
18178 labelSelector:
18179 type: object
18180 description: A label query over a set of resources, in this case pods.
18181 properties:
18182 matchExpressions:
18183 type: array
18184 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18185 items:
18186 type: object
18187 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18188 properties:
18189 key:
18190 type: string
18191 description: key is the label key that the selector applies to.
18192 operator:
18193 type: string
18194 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18195 values:
18196 type: array
18197 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18198 items:
18199 type: string
18200 required:
18201 - key
18202 - operator
18203 matchLabels:
18204 type: object
18205 additionalProperties:
18206 type: string
18207 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18208 x-kubernetes-map-type: atomic
18209 namespaceSelector:
18210 type: object
18211 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
18212 properties:
18213 matchExpressions:
18214 type: array
18215 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18216 items:
18217 type: object
18218 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18219 properties:
18220 key:
18221 type: string
18222 description: key is the label key that the selector applies to.
18223 operator:
18224 type: string
18225 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18226 values:
18227 type: array
18228 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18229 items:
18230 type: string
18231 required:
18232 - key
18233 - operator
18234 matchLabels:
18235 type: object
18236 additionalProperties:
18237 type: string
18238 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18239 x-kubernetes-map-type: atomic
18240 namespaces:
18241 type: array
18242 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
18243 items:
18244 type: string
18245 topologyKey:
18246 type: string
18247 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
18248 required:
18249 - topologyKey
18250 podAntiAffinity:
18251 type: object
18252 description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
18253 properties:
18254 preferredDuringSchedulingIgnoredDuringExecution:
18255 type: array
18256 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
18257 items:
18258 type: object
18259 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
18260 properties:
18261 podAffinityTerm:
18262 type: object
18263 description: Required. A pod affinity term, associated with the corresponding weight.
18264 properties:
18265 labelSelector:
18266 type: object
18267 description: A label query over a set of resources, in this case pods.
18268 properties:
18269 matchExpressions:
18270 type: array
18271 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18272 items:
18273 type: object
18274 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18275 properties:
18276 key:
18277 type: string
18278 description: key is the label key that the selector applies to.
18279 operator:
18280 type: string
18281 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18282 values:
18283 type: array
18284 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18285 items:
18286 type: string
18287 required:
18288 - key
18289 - operator
18290 matchLabels:
18291 type: object
18292 additionalProperties:
18293 type: string
18294 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18295 x-kubernetes-map-type: atomic
18296 namespaceSelector:
18297 type: object
18298 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
18299 properties:
18300 matchExpressions:
18301 type: array
18302 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18303 items:
18304 type: object
18305 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18306 properties:
18307 key:
18308 type: string
18309 description: key is the label key that the selector applies to.
18310 operator:
18311 type: string
18312 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18313 values:
18314 type: array
18315 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18316 items:
18317 type: string
18318 required:
18319 - key
18320 - operator
18321 matchLabels:
18322 type: object
18323 additionalProperties:
18324 type: string
18325 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18326 x-kubernetes-map-type: atomic
18327 namespaces:
18328 type: array
18329 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
18330 items:
18331 type: string
18332 topologyKey:
18333 type: string
18334 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
18335 required:
18336 - topologyKey
18337 weight:
18338 type: integer
18339 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
18340 format: int32
18341 required:
18342 - podAffinityTerm
18343 - weight
18344 requiredDuringSchedulingIgnoredDuringExecution:
18345 type: array
18346 description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
18347 items:
18348 type: object
18349 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
18350 properties:
18351 labelSelector:
18352 type: object
18353 description: A label query over a set of resources, in this case pods.
18354 properties:
18355 matchExpressions:
18356 type: array
18357 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18358 items:
18359 type: object
18360 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18361 properties:
18362 key:
18363 type: string
18364 description: key is the label key that the selector applies to.
18365 operator:
18366 type: string
18367 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18368 values:
18369 type: array
18370 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18371 items:
18372 type: string
18373 required:
18374 - key
18375 - operator
18376 matchLabels:
18377 type: object
18378 additionalProperties:
18379 type: string
18380 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18381 x-kubernetes-map-type: atomic
18382 namespaceSelector:
18383 type: object
18384 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
18385 properties:
18386 matchExpressions:
18387 type: array
18388 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18389 items:
18390 type: object
18391 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18392 properties:
18393 key:
18394 type: string
18395 description: key is the label key that the selector applies to.
18396 operator:
18397 type: string
18398 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18399 values:
18400 type: array
18401 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18402 items:
18403 type: string
18404 required:
18405 - key
18406 - operator
18407 matchLabels:
18408 type: object
18409 additionalProperties:
18410 type: string
18411 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18412 x-kubernetes-map-type: atomic
18413 namespaces:
18414 type: array
18415 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
18416 items:
18417 type: string
18418 topologyKey:
18419 type: string
18420 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
18421 required:
18422 - topologyKey
18423 tolerations:
18424 type: array
18425 description: If specified, the pod's tolerations.
18426 items:
18427 type: object
18428 description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
18429 properties:
18430 value:
18431 type: string
18432 description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
18433 effect:
18434 type: string
18435 description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
18436 key:
18437 type: string
18438 description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
18439 operator:
18440 type: string
18441 description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
18442 tolerationSeconds:
18443 type: integer
18444 description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
18445 format: int64
18446 image:
18447 type: string
18448 description: Thanos container image URL.
18449 resources:
18450 type: object
18451 description: Resources defines the resource requirements for single Pods. If not provided, no requests/limits will be set
18452 properties:
18453 limits:
18454 type: object
18455 additionalProperties:
18456 anyOf:
18457 - type: integer
18458 - type: string
18459 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
18460 x-kubernetes-int-or-string: true
18461 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
18462 requests:
18463 type: object
18464 additionalProperties:
18465 anyOf:
18466 - type: integer
18467 - type: string
18468 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
18469 x-kubernetes-int-or-string: true
18470 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
18471 securityContext:
18472 type: object
18473 description: SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
18474 properties:
18475 fsGroup:
18476 type: integer
18477 description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."
18478 format: int64
18479 fsGroupChangePolicy:
18480 type: string
18481 description: 'fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.'
18482 runAsGroup:
18483 type: integer
18484 description: The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
18485 format: int64
18486 runAsNonRoot:
18487 type: boolean
18488 description: Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
18489 runAsUser:
18490 type: integer
18491 description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
18492 format: int64
18493 seLinuxOptions:
18494 type: object
18495 description: The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
18496 properties:
18497 type:
18498 type: string
18499 description: Type is a SELinux type label that applies to the container.
18500 level:
18501 type: string
18502 description: Level is SELinux level label that applies to the container.
18503 role:
18504 type: string
18505 description: Role is a SELinux role label that applies to the container.
18506 user:
18507 type: string
18508 description: User is a SELinux user label that applies to the container.
18509 seccompProfile:
18510 type: object
18511 description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
18512 properties:
18513 type:
18514 type: string
18515 description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
18516 localhostProfile:
18517 type: string
18518 description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
18519 required:
18520 - type
18521 supplementalGroups:
18522 type: array
18523 description: A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows.
18524 items:
18525 type: integer
18526 format: int64
18527 sysctls:
18528 type: array
18529 description: Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.
18530 items:
18531 type: object
18532 description: Sysctl defines a kernel parameter to be set
18533 properties:
18534 name:
18535 type: string
18536 description: Name of a property to set
18537 value:
18538 type: string
18539 description: Value of a property to set
18540 required:
18541 - name
18542 - value
18543 windowsOptions:
18544 type: object
18545 description: The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
18546 properties:
18547 gmsaCredentialSpec:
18548 type: string
18549 description: GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
18550 gmsaCredentialSpecName:
18551 type: string
18552 description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
18553 hostProcess:
18554 type: boolean
18555 description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
18556 runAsUserName:
18557 type: string
18558 description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
18559 alertDropLabels:
18560 type: array
18561 description: AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica` will always be dropped in alerts.
18562 items:
18563 type: string
18564 alertQueryUrl:
18565 type: string
18566 description: The external Query URL the Thanos Ruler will set in the 'Source' field of all alerts. Maps to the '--alert.query-url' CLI arg.
18567 alertRelabelConfigFile:
18568 type: string
18569 description: AlertRelabelConfigFile specifies the path of the alert relabeling configuration file. When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence.
18570 alertRelabelConfigs:
18571 type: object
18572 description: 'AlertRelabelConfigs configures alert relabeling in ThanosRuler. Alert relabel configurations must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs Alternative to AlertRelabelConfigFile, and lower order priority.'
18573 properties:
18574 name:
18575 type: string
18576 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18577 key:
18578 type: string
18579 description: The key of the secret to select from. Must be a valid secret key.
18580 optional:
18581 type: boolean
18582 description: Specify whether the Secret or its key must be defined
18583 required:
18584 - key
18585 x-kubernetes-map-type: atomic
18586 alertmanagersConfig:
18587 type: object
18588 description: Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` arg.
18589 properties:
18590 name:
18591 type: string
18592 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18593 key:
18594 type: string
18595 description: The key of the secret to select from. Must be a valid secret key.
18596 optional:
18597 type: boolean
18598 description: Specify whether the Secret or its key must be defined
18599 required:
18600 - key
18601 x-kubernetes-map-type: atomic
18602 alertmanagersUrl:
18603 type: array
18604 description: 'Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, AlertManagersConfig should be used instead. Note: this field will be ignored if AlertManagersConfig is specified. Maps to the `alertmanagers.url` arg.'
18605 items:
18606 type: string
18607 enforcedNamespaceLabel:
18608 type: string
18609 description: EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created.
18610 evaluationInterval:
18611 type: string
18612 default: 15s
18613 description: Interval between consecutive evaluations.
18614 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
18615 excludedFromEnforcement:
18616 type: array
18617 description: List of references to PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
18618 items:
18619 type: object
18620 description: ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object.
18621 properties:
18622 name:
18623 type: string
18624 description: Name of the referent. When not set, all resources are matched.
18625 namespace:
18626 type: string
18627 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
18628 minLength: 1
18629 group:
18630 type: string
18631 default: monitoring.coreos.com
18632 description: Group of the referent. When not specified, it defaults to `monitoring.coreos.com`
18633 enum:
18634 - monitoring.coreos.com
18635 resource:
18636 type: string
18637 description: Resource of the referent.
18638 enum:
18639 - prometheusrules
18640 - servicemonitors
18641 - podmonitors
18642 - probes
18643 required:
18644 - namespace
18645 - resource
18646 externalPrefix:
18647 type: string
18648 description: The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name.
18649 grpcServerTlsConfig:
18650 type: object
18651 description: 'GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ''--grpc-server-tls-*'' CLI args.'
18652 properties:
18653 ca:
18654 type: object
18655 description: Struct containing the CA cert to use for the targets.
18656 properties:
18657 configMap:
18658 type: object
18659 description: ConfigMap containing data to use for the targets.
18660 properties:
18661 name:
18662 type: string
18663 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18664 key:
18665 type: string
18666 description: The key to select.
18667 optional:
18668 type: boolean
18669 description: Specify whether the ConfigMap or its key must be defined
18670 required:
18671 - key
18672 x-kubernetes-map-type: atomic
18673 secret:
18674 type: object
18675 description: Secret containing data to use for the targets.
18676 properties:
18677 name:
18678 type: string
18679 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18680 key:
18681 type: string
18682 description: The key of the secret to select from. Must be a valid secret key.
18683 optional:
18684 type: boolean
18685 description: Specify whether the Secret or its key must be defined
18686 required:
18687 - key
18688 x-kubernetes-map-type: atomic
18689 caFile:
18690 type: string
18691 description: Path to the CA cert in the Prometheus container to use for the targets.
18692 cert:
18693 type: object
18694 description: Struct containing the client cert file for the targets.
18695 properties:
18696 configMap:
18697 type: object
18698 description: ConfigMap containing data to use for the targets.
18699 properties:
18700 name:
18701 type: string
18702 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18703 key:
18704 type: string
18705 description: The key to select.
18706 optional:
18707 type: boolean
18708 description: Specify whether the ConfigMap or its key must be defined
18709 required:
18710 - key
18711 x-kubernetes-map-type: atomic
18712 secret:
18713 type: object
18714 description: Secret containing data to use for the targets.
18715 properties:
18716 name:
18717 type: string
18718 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18719 key:
18720 type: string
18721 description: The key of the secret to select from. Must be a valid secret key.
18722 optional:
18723 type: boolean
18724 description: Specify whether the Secret or its key must be defined
18725 required:
18726 - key
18727 x-kubernetes-map-type: atomic
18728 certFile:
18729 type: string
18730 description: Path to the client cert file in the Prometheus container for the targets.
18731 insecureSkipVerify:
18732 type: boolean
18733 description: Disable target certificate validation.
18734 keyFile:
18735 type: string
18736 description: Path to the client key file in the Prometheus container for the targets.
18737 keySecret:
18738 type: object
18739 description: Secret containing the client key file for the targets.
18740 properties:
18741 name:
18742 type: string
18743 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18744 key:
18745 type: string
18746 description: The key of the secret to select from. Must be a valid secret key.
18747 optional:
18748 type: boolean
18749 description: Specify whether the Secret or its key must be defined
18750 required:
18751 - key
18752 x-kubernetes-map-type: atomic
18753 serverName:
18754 type: string
18755 description: Used to verify the hostname for the targets.
18756 listenLocal:
18757 type: boolean
18758 description: ListenLocal makes the Thanos ruler listen on loopback, so that it does not bind against the Pod IP.
18759 logFormat:
18760 type: string
18761 description: Log format for ThanosRuler to be configured with.
18762 enum:
18763 - ""
18764 - logfmt
18765 - json
18766 logLevel:
18767 type: string
18768 description: Log level for ThanosRuler to be configured with.
18769 enum:
18770 - ""
18771 - debug
18772 - info
18773 - warn
18774 - error
18775 objectStorageConfig:
18776 type: object
18777 description: ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
18778 properties:
18779 name:
18780 type: string
18781 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18782 key:
18783 type: string
18784 description: The key of the secret to select from. Must be a valid secret key.
18785 optional:
18786 type: boolean
18787 description: Specify whether the Secret or its key must be defined
18788 required:
18789 - key
18790 x-kubernetes-map-type: atomic
18791 objectStorageConfigFile:
18792 type: string
18793 description: ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
18794 podMetadata:
18795 type: object
18796 description: PodMetadata contains Labels and Annotations gets propagated to the thanos ruler pods.
18797 properties:
18798 name:
18799 type: string
18800 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
18801 labels:
18802 type: object
18803 additionalProperties:
18804 type: string
18805 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
18806 annotations:
18807 type: object
18808 additionalProperties:
18809 type: string
18810 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
18811 portName:
18812 type: string
18813 description: Port name used for the pods and governing service. This defaults to web
18814 prometheusRulesExcludedFromEnforce:
18815 type: array
18816 description: 'PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair Deprecated: use excludedFromEnforcement instead.'
18817 items:
18818 type: object
18819 description: PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.
18820 properties:
18821 ruleName:
18822 type: string
18823 description: RuleNamespace - name of excluded rule
18824 ruleNamespace:
18825 type: string
18826 description: RuleNamespace - namespace of excluded rule
18827 required:
18828 - ruleName
18829 - ruleNamespace
18830 queryConfig:
18831 type: object
18832 description: Define configuration for connecting to thanos query instances. If this is defined, the QueryEndpoints field will be ignored. Maps to the `query.config` CLI argument. Only available with thanos v0.11.0 and higher.
18833 properties:
18834 name:
18835 type: string
18836 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
18837 key:
18838 type: string
18839 description: The key of the secret to select from. Must be a valid secret key.
18840 optional:
18841 type: boolean
18842 description: Specify whether the Secret or its key must be defined
18843 required:
18844 - key
18845 x-kubernetes-map-type: atomic
18846 queryEndpoints:
18847 type: array
18848 description: QueryEndpoints defines Thanos querier endpoints from which to query metrics. Maps to the --query flag of thanos ruler.
18849 items:
18850 type: string
18851 retention:
18852 type: string
18853 default: 24h
18854 description: Time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years).
18855 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
18856 routePrefix:
18857 type: string
18858 description: The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path.
18859 ruleNamespaceSelector:
18860 type: object
18861 description: Namespaces to be selected for Rules discovery. If unspecified, only the same namespace as the ThanosRuler object is in is used.
18862 properties:
18863 matchExpressions:
18864 type: array
18865 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18866 items:
18867 type: object
18868 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18869 properties:
18870 key:
18871 type: string
18872 description: key is the label key that the selector applies to.
18873 operator:
18874 type: string
18875 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18876 values:
18877 type: array
18878 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18879 items:
18880 type: string
18881 required:
18882 - key
18883 - operator
18884 matchLabels:
18885 type: object
18886 additionalProperties:
18887 type: string
18888 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18889 x-kubernetes-map-type: atomic
18890 ruleSelector:
18891 type: object
18892 description: A label selector to select which PrometheusRules to mount for alerting and recording.
18893 properties:
18894 matchExpressions:
18895 type: array
18896 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18897 items:
18898 type: object
18899 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18900 properties:
18901 key:
18902 type: string
18903 description: key is the label key that the selector applies to.
18904 operator:
18905 type: string
18906 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18907 values:
18908 type: array
18909 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18910 items:
18911 type: string
18912 required:
18913 - key
18914 - operator
18915 matchLabels:
18916 type: object
18917 additionalProperties:
18918 type: string
18919 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18920 x-kubernetes-map-type: atomic
18921 storage:
18922 type: object
18923 description: Storage spec to specify how storage shall be used.
18924 properties:
18925 disableMountSubPath:
18926 type: boolean
18927 description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
18928 emptyDir:
18929 type: object
18930 description: 'EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
18931 properties:
18932 medium:
18933 type: string
18934 description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
18935 sizeLimit:
18936 anyOf:
18937 - type: integer
18938 - type: string
18939 description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
18940 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
18941 x-kubernetes-int-or-string: true
18942 ephemeral:
18943 type: object
18944 description: 'EphemeralVolumeSource to be used by the Prometheus StatefulSets. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
18945 properties:
18946 volumeClaimTemplate:
18947 type: object
18948 description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
18949 properties:
18950 metadata:
18951 type: object
18952 description: May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
18953 spec:
18954 type: object
18955 description: The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
18956 properties:
18957 selector:
18958 type: object
18959 description: selector is a label query over volumes to consider for binding.
18960 properties:
18961 matchExpressions:
18962 type: array
18963 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
18964 items:
18965 type: object
18966 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
18967 properties:
18968 key:
18969 type: string
18970 description: key is the label key that the selector applies to.
18971 operator:
18972 type: string
18973 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
18974 values:
18975 type: array
18976 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
18977 items:
18978 type: string
18979 required:
18980 - key
18981 - operator
18982 matchLabels:
18983 type: object
18984 additionalProperties:
18985 type: string
18986 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
18987 x-kubernetes-map-type: atomic
18988 resources:
18989 type: object
18990 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
18991 properties:
18992 limits:
18993 type: object
18994 additionalProperties:
18995 anyOf:
18996 - type: integer
18997 - type: string
18998 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
18999 x-kubernetes-int-or-string: true
19000 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
19001 requests:
19002 type: object
19003 additionalProperties:
19004 anyOf:
19005 - type: integer
19006 - type: string
19007 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
19008 x-kubernetes-int-or-string: true
19009 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
19010 accessModes:
19011 type: array
19012 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
19013 items:
19014 type: string
19015 dataSource:
19016 type: object
19017 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
19018 properties:
19019 name:
19020 type: string
19021 description: Name is the name of resource being referenced
19022 kind:
19023 type: string
19024 description: Kind is the type of resource being referenced
19025 apiGroup:
19026 type: string
19027 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
19028 required:
19029 - kind
19030 - name
19031 x-kubernetes-map-type: atomic
19032 dataSourceRef:
19033 type: object
19034 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
19035 properties:
19036 name:
19037 type: string
19038 description: Name is the name of resource being referenced
19039 kind:
19040 type: string
19041 description: Kind is the type of resource being referenced
19042 apiGroup:
19043 type: string
19044 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
19045 required:
19046 - kind
19047 - name
19048 x-kubernetes-map-type: atomic
19049 storageClassName:
19050 type: string
19051 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
19052 volumeMode:
19053 type: string
19054 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
19055 volumeName:
19056 type: string
19057 description: volumeName is the binding reference to the PersistentVolume backing this claim.
19058 required:
19059 - spec
19060 volumeClaimTemplate:
19061 type: object
19062 description: A PVC spec to be used by the Prometheus StatefulSets.
19063 properties:
19064 apiVersion:
19065 type: string
19066 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
19067 kind:
19068 type: string
19069 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
19070 metadata:
19071 type: object
19072 description: EmbeddedMetadata contains metadata relevant to an EmbeddedResource.
19073 properties:
19074 name:
19075 type: string
19076 description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
19077 labels:
19078 type: object
19079 additionalProperties:
19080 type: string
19081 description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
19082 annotations:
19083 type: object
19084 additionalProperties:
19085 type: string
19086 description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
19087 spec:
19088 type: object
19089 description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
19090 properties:
19091 selector:
19092 type: object
19093 description: selector is a label query over volumes to consider for binding.
19094 properties:
19095 matchExpressions:
19096 type: array
19097 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
19098 items:
19099 type: object
19100 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
19101 properties:
19102 key:
19103 type: string
19104 description: key is the label key that the selector applies to.
19105 operator:
19106 type: string
19107 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
19108 values:
19109 type: array
19110 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
19111 items:
19112 type: string
19113 required:
19114 - key
19115 - operator
19116 matchLabels:
19117 type: object
19118 additionalProperties:
19119 type: string
19120 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
19121 x-kubernetes-map-type: atomic
19122 resources:
19123 type: object
19124 description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
19125 properties:
19126 limits:
19127 type: object
19128 additionalProperties:
19129 anyOf:
19130 - type: integer
19131 - type: string
19132 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
19133 x-kubernetes-int-or-string: true
19134 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
19135 requests:
19136 type: object
19137 additionalProperties:
19138 anyOf:
19139 - type: integer
19140 - type: string
19141 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
19142 x-kubernetes-int-or-string: true
19143 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
19144 accessModes:
19145 type: array
19146 description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
19147 items:
19148 type: string
19149 dataSource:
19150 type: object
19151 description: 'dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.'
19152 properties:
19153 name:
19154 type: string
19155 description: Name is the name of resource being referenced
19156 kind:
19157 type: string
19158 description: Kind is the type of resource being referenced
19159 apiGroup:
19160 type: string
19161 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
19162 required:
19163 - kind
19164 - name
19165 x-kubernetes-map-type: atomic
19166 dataSourceRef:
19167 type: object
19168 description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.'
19169 properties:
19170 name:
19171 type: string
19172 description: Name is the name of resource being referenced
19173 kind:
19174 type: string
19175 description: Kind is the type of resource being referenced
19176 apiGroup:
19177 type: string
19178 description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
19179 required:
19180 - kind
19181 - name
19182 x-kubernetes-map-type: atomic
19183 storageClassName:
19184 type: string
19185 description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
19186 volumeMode:
19187 type: string
19188 description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
19189 volumeName:
19190 type: string
19191 description: volumeName is the binding reference to the PersistentVolume backing this claim.
19192 status:
19193 type: object
19194 description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
19195 properties:
19196 accessModes:
19197 type: array
19198 description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
19199 items:
19200 type: string
19201 allocatedResources:
19202 type: object
19203 additionalProperties:
19204 anyOf:
19205 - type: integer
19206 - type: string
19207 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
19208 x-kubernetes-int-or-string: true
19209 description: allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
19210 capacity:
19211 type: object
19212 additionalProperties:
19213 anyOf:
19214 - type: integer
19215 - type: string
19216 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
19217 x-kubernetes-int-or-string: true
19218 description: capacity represents the actual resources of the underlying volume.
19219 conditions:
19220 type: array
19221 description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
19222 items:
19223 type: object
19224 description: PersistentVolumeClaimCondition contails details about state of pvc
19225 properties:
19226 type:
19227 type: string
19228 description: PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
19229 status:
19230 type: string
19231 lastProbeTime:
19232 type: string
19233 description: lastProbeTime is the time we probed the condition.
19234 format: date-time
19235 lastTransitionTime:
19236 type: string
19237 description: lastTransitionTime is the time the condition transitioned from one status to another.
19238 format: date-time
19239 message:
19240 type: string
19241 description: message is the human-readable message indicating details about last transition.
19242 reason:
19243 type: string
19244 description: reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
19245 required:
19246 - status
19247 - type
19248 phase:
19249 type: string
19250 description: phase represents the current phase of PersistentVolumeClaim.
19251 resizeStatus:
19252 type: string
19253 description: resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
19254 topologySpreadConstraints:
19255 type: array
19256 description: If specified, the pod's topology spread constraints.
19257 items:
19258 type: object
19259 description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
19260 properties:
19261 labelSelector:
19262 type: object
19263 description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
19264 properties:
19265 matchExpressions:
19266 type: array
19267 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
19268 items:
19269 type: object
19270 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
19271 properties:
19272 key:
19273 type: string
19274 description: key is the label key that the selector applies to.
19275 operator:
19276 type: string
19277 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
19278 values:
19279 type: array
19280 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
19281 items:
19282 type: string
19283 required:
19284 - key
19285 - operator
19286 matchLabels:
19287 type: object
19288 additionalProperties:
19289 type: string
19290 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
19291 x-kubernetes-map-type: atomic
19292 matchLabelKeys:
19293 type: array
19294 description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
19295 items:
19296 type: string
19297 x-kubernetes-list-type: atomic
19298 maxSkew:
19299 type: integer
19300 description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
19301 format: int32
19302 minDomains:
19303 type: integer
19304 description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
19305 format: int32
19306 nodeAffinityPolicy:
19307 type: string
19308 description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
19309 nodeTaintsPolicy:
19310 type: string
19311 description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
19312 topologyKey:
19313 type: string
19314 description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
19315 whenUnsatisfiable:
19316 type: string
19317 description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
19318 required:
19319 - maxSkew
19320 - topologyKey
19321 - whenUnsatisfiable
19322 tracingConfig:
19323 type: object
19324 description: TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
19325 properties:
19326 name:
19327 type: string
19328 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
19329 key:
19330 type: string
19331 description: The key of the secret to select from. Must be a valid secret key.
19332 optional:
19333 type: boolean
19334 description: Specify whether the Secret or its key must be defined
19335 required:
19336 - key
19337 x-kubernetes-map-type: atomic
19338 tracingConfigFile:
19339 type: string
19340 description: TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence.
19341 status:
19342 type: object
19343 description: 'Most recent observed status of the ThanosRuler cluster. Read-only. Not included when requesting from the apiserver, only from the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
19344 properties:
19345 replicas:
19346 type: integer
19347 description: Total number of non-terminated pods targeted by this ThanosRuler deployment (their labels match the selector).
19348 format: int32
19349 paused:
19350 type: boolean
19351 description: Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed.
19352 availableReplicas:
19353 type: integer
19354 description: Total number of available pods (ready for at least minReadySeconds) targeted by this ThanosRuler deployment.
19355 format: int32
19356 unavailableReplicas:
19357 type: integer
19358 description: Total number of unavailable pods targeted by this ThanosRuler deployment.
19359 format: int32
19360 updatedReplicas:
19361 type: integer
19362 description: Total number of non-terminated pods targeted by this ThanosRuler deployment that have the desired version spec.
19363 format: int32
19364 required:
19365 - availableReplicas
19366 - paused
19367 - replicas
19368 - unavailableReplicas
19369 - updatedReplicas
19370 required:
19371 - spec
19372 served: true
19373 storage: true
19374 subresources: {}
19375---
19376apiVersion: v1
19377kind: ServiceAccount
19378metadata:
19379 name: prometheus-operator
19380 namespace: prometheus-operator
19381 labels:
19382 app.kubernetes.io/component: controller
19383 app.kubernetes.io/name: prometheus-operator
19384 app.kubernetes.io/version: 0.60.1
19385 workload.edge.ncr.com: platform
19386 annotations:
19387 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
19388 pallet.edge.ncr.com/name: prometheus-operator
19389 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
19390 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
19391 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
19392 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
19393automountServiceAccountToken: false
19394---
19395apiVersion: rbac.authorization.k8s.io/v1
19396kind: ClusterRole
19397metadata:
19398 name: prometheus-operator
19399 labels:
19400 app.kubernetes.io/component: controller
19401 app.kubernetes.io/name: prometheus-operator
19402 app.kubernetes.io/version: 0.60.1
19403 workload.edge.ncr.com: platform
19404 annotations:
19405 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
19406 pallet.edge.ncr.com/name: prometheus-operator
19407 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
19408 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
19409 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
19410 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
19411rules:
19412- resources:
19413 - alertmanagers
19414 - alertmanagers/finalizers
19415 - alertmanagerconfigs
19416 - prometheuses
19417 - prometheuses/finalizers
19418 - prometheuses/status
19419 - thanosrulers
19420 - thanosrulers/finalizers
19421 - servicemonitors
19422 - podmonitors
19423 - probes
19424 - prometheusrules
19425 apiGroups:
19426 - monitoring.coreos.com
19427 verbs:
19428 - '*'
19429- resources:
19430 - statefulsets
19431 apiGroups:
19432 - apps
19433 verbs:
19434 - '*'
19435- resources:
19436 - configmaps
19437 - secrets
19438 apiGroups:
19439 - ""
19440 verbs:
19441 - '*'
19442- resources:
19443 - pods
19444 apiGroups:
19445 - ""
19446 verbs:
19447 - list
19448 - delete
19449- resources:
19450 - services
19451 - services/finalizers
19452 - endpoints
19453 apiGroups:
19454 - ""
19455 verbs:
19456 - get
19457 - create
19458 - update
19459 - delete
19460- resources:
19461 - nodes
19462 apiGroups:
19463 - ""
19464 verbs:
19465 - list
19466 - watch
19467- resources:
19468 - namespaces
19469 apiGroups:
19470 - ""
19471 verbs:
19472 - get
19473 - list
19474 - watch
19475- resources:
19476 - ingresses
19477 apiGroups:
19478 - networking.k8s.io
19479 verbs:
19480 - get
19481 - list
19482 - watch
19483---
19484apiVersion: rbac.authorization.k8s.io/v1
19485kind: ClusterRoleBinding
19486metadata:
19487 name: prometheus-operator
19488 labels:
19489 app.kubernetes.io/component: controller
19490 app.kubernetes.io/name: prometheus-operator
19491 app.kubernetes.io/version: 0.60.1
19492 workload.edge.ncr.com: platform
19493 annotations:
19494 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
19495 pallet.edge.ncr.com/name: prometheus-operator
19496 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
19497 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
19498 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
19499 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
19500roleRef:
19501 name: prometheus-operator
19502 kind: ClusterRole
19503 apiGroup: rbac.authorization.k8s.io
19504subjects:
19505- name: prometheus-operator
19506 namespace: prometheus-operator
19507 kind: ServiceAccount
19508---
19509apiVersion: v1
19510kind: Service
19511metadata:
19512 name: prometheus-operator
19513 namespace: prometheus-operator
19514 labels:
19515 app.kubernetes.io/component: controller
19516 app.kubernetes.io/name: prometheus-operator
19517 app.kubernetes.io/version: 0.60.1
19518 workload.edge.ncr.com: platform
19519 annotations:
19520 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
19521 pallet.edge.ncr.com/name: prometheus-operator
19522 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
19523 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
19524 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
19525 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
19526spec:
19527 selector:
19528 app.kubernetes.io/component: controller
19529 app.kubernetes.io/name: prometheus-operator
19530 workload.edge.ncr.com: platform
19531 ports:
19532 - name: http
19533 port: 8080
19534 targetPort: http
19535 clusterIP: None
19536---
19537apiVersion: apps/v1
19538kind: Deployment
19539metadata:
19540 labels:
19541 app.kubernetes.io/component: controller
19542 app.kubernetes.io/name: prometheus-operator
19543 app.kubernetes.io/version: 0.60.1
19544 workload.edge.ncr.com: platform
19545 name: prometheus-operator
19546 namespace: prometheus-operator
19547 annotations:
19548 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
19549 pallet.edge.ncr.com/name: prometheus-operator
19550 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
19551 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
19552 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
19553 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
19554spec:
19555 replicas: 1
19556 selector:
19557 matchLabels:
19558 app.kubernetes.io/component: controller
19559 app.kubernetes.io/name: prometheus-operator
19560 workload.edge.ncr.com: platform
19561 template:
19562 metadata:
19563 annotations:
19564 kubectl.kubernetes.io/default-container: prometheus-operator
19565 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
19566 pallet.edge.ncr.com/name: prometheus-operator
19567 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
19568 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
19569 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-o11y'
19570 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
19571 labels:
19572 app.kubernetes.io/component: controller
19573 app.kubernetes.io/name: prometheus-operator
19574 app.kubernetes.io/version: 0.60.1
19575 workload.edge.ncr.com: platform
19576 spec:
19577 automountServiceAccountToken: true
19578 containers:
19579 - args:
19580 - --kubelet-service=kube-system/kubelet
19581 - --log-format=json
19582 - --prometheus-config-reloader=us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/quay.io/prometheus-operator/prometheus-config-reloader:v0.60.1
19583 - --prometheus-default-base-image=us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0
19584 - --alertmanager-default-base-image=us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/quay.io/prometheus/alertmanager:v0.24.0
19585 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/quay.io/prometheus-operator/prometheus-operator@sha256:9739f2bba521711187f194ed654e0dbd1e0535b1fcc68f3b2373135cc505237e
19586 name: prometheus-operator
19587 ports:
19588 - containerPort: 8080
19589 name: http
19590 resources:
19591 limits:
19592 cpu: 200m
19593 memory: 200Mi
19594 requests:
19595 cpu: 50m
19596 memory: 100Mi
19597 securityContext:
19598 allowPrivilegeEscalation: false
19599 capabilities:
19600 drop:
19601 - ALL
19602 readOnlyRootFilesystem: true
19603 nodeSelector:
19604 kubernetes.io/os: linux
19605 securityContext:
19606 runAsNonRoot: true
19607 runAsUser: 65534
19608 serviceAccountName: prometheus-operator
19609 affinity:
19610 nodeAffinity:
19611 preferredDuringSchedulingIgnoredDuringExecution:
19612 - weight: 100
19613 preference:
19614 matchExpressions:
19615 - key: node.ncr.com/class
19616 operator: In
19617 values:
19618 - server
View as plain text