1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 api-approved.openshift.io: https://github.com/openshift/api/pull/519
6 include.release.openshift.io/ibm-cloud-managed: "true"
7 include.release.openshift.io/self-managed-high-availability: "true"
8 include.release.openshift.io/single-node-developer: "true"
9 name: configs.imageregistry.operator.openshift.io
10spec:
11 group: imageregistry.operator.openshift.io
12 names:
13 kind: Config
14 listKind: ConfigList
15 plural: configs
16 singular: config
17 scope: Cluster
18 versions:
19 - name: v1
20 schema:
21 openAPIV3Schema:
22 description: "Config is the configuration object for a registry instance managed by the registry operator \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)."
23 properties:
24 apiVersion:
25 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
26 type: string
27 kind:
28 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
29 type: string
30 metadata:
31 type: object
32 spec:
33 description: ImageRegistrySpec defines the specs for the running registry.
34 properties:
35 affinity:
36 description: affinity is a group of node affinity scheduling rules for the image registry pod(s).
37 properties:
38 nodeAffinity:
39 description: Describes node affinity scheduling rules for the pod.
40 properties:
41 preferredDuringSchedulingIgnoredDuringExecution:
42 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
43 items:
44 description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
45 properties:
46 preference:
47 description: A node selector term, associated with the corresponding weight.
48 properties:
49 matchExpressions:
50 description: A list of node selector requirements by node's labels.
51 items:
52 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
53 properties:
54 key:
55 description: The label key that the selector applies to.
56 type: string
57 operator:
58 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
59 type: string
60 values:
61 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
62 items:
63 type: string
64 type: array
65 required:
66 - key
67 - operator
68 type: object
69 type: array
70 matchFields:
71 description: A list of node selector requirements by node's fields.
72 items:
73 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
74 properties:
75 key:
76 description: The label key that the selector applies to.
77 type: string
78 operator:
79 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
80 type: string
81 values:
82 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
83 items:
84 type: string
85 type: array
86 required:
87 - key
88 - operator
89 type: object
90 type: array
91 type: object
92 x-kubernetes-map-type: atomic
93 weight:
94 description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
95 format: int32
96 type: integer
97 required:
98 - preference
99 - weight
100 type: object
101 type: array
102 requiredDuringSchedulingIgnoredDuringExecution:
103 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
104 properties:
105 nodeSelectorTerms:
106 description: Required. A list of node selector terms. The terms are ORed.
107 items:
108 description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
109 properties:
110 matchExpressions:
111 description: A list of node selector requirements by node's labels.
112 items:
113 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
114 properties:
115 key:
116 description: The label key that the selector applies to.
117 type: string
118 operator:
119 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
120 type: string
121 values:
122 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
123 items:
124 type: string
125 type: array
126 required:
127 - key
128 - operator
129 type: object
130 type: array
131 matchFields:
132 description: A list of node selector requirements by node's fields.
133 items:
134 description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
135 properties:
136 key:
137 description: The label key that the selector applies to.
138 type: string
139 operator:
140 description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
141 type: string
142 values:
143 description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
144 items:
145 type: string
146 type: array
147 required:
148 - key
149 - operator
150 type: object
151 type: array
152 type: object
153 x-kubernetes-map-type: atomic
154 type: array
155 required:
156 - nodeSelectorTerms
157 type: object
158 x-kubernetes-map-type: atomic
159 type: object
160 podAffinity:
161 description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
162 properties:
163 preferredDuringSchedulingIgnoredDuringExecution:
164 description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
165 items:
166 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
167 properties:
168 podAffinityTerm:
169 description: Required. A pod affinity term, associated with the corresponding weight.
170 properties:
171 labelSelector:
172 description: A label query over a set of resources, in this case pods.
173 properties:
174 matchExpressions:
175 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
176 items:
177 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
178 properties:
179 key:
180 description: key is the label key that the selector applies to.
181 type: string
182 operator:
183 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
184 type: string
185 values:
186 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
187 items:
188 type: string
189 type: array
190 required:
191 - key
192 - operator
193 type: object
194 type: array
195 matchLabels:
196 additionalProperties:
197 type: string
198 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
199 type: object
200 type: object
201 x-kubernetes-map-type: atomic
202 namespaceSelector:
203 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
204 properties:
205 matchExpressions:
206 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
207 items:
208 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
209 properties:
210 key:
211 description: key is the label key that the selector applies to.
212 type: string
213 operator:
214 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
215 type: string
216 values:
217 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
218 items:
219 type: string
220 type: array
221 required:
222 - key
223 - operator
224 type: object
225 type: array
226 matchLabels:
227 additionalProperties:
228 type: string
229 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
230 type: object
231 type: object
232 x-kubernetes-map-type: atomic
233 namespaces:
234 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
235 items:
236 type: string
237 type: array
238 topologyKey:
239 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
240 type: string
241 required:
242 - topologyKey
243 type: object
244 weight:
245 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
246 format: int32
247 type: integer
248 required:
249 - podAffinityTerm
250 - weight
251 type: object
252 type: array
253 requiredDuringSchedulingIgnoredDuringExecution:
254 description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
255 items:
256 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
257 properties:
258 labelSelector:
259 description: A label query over a set of resources, in this case pods.
260 properties:
261 matchExpressions:
262 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
263 items:
264 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
265 properties:
266 key:
267 description: key is the label key that the selector applies to.
268 type: string
269 operator:
270 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
271 type: string
272 values:
273 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
274 items:
275 type: string
276 type: array
277 required:
278 - key
279 - operator
280 type: object
281 type: array
282 matchLabels:
283 additionalProperties:
284 type: string
285 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
286 type: object
287 type: object
288 x-kubernetes-map-type: atomic
289 namespaceSelector:
290 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
291 properties:
292 matchExpressions:
293 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
294 items:
295 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
296 properties:
297 key:
298 description: key is the label key that the selector applies to.
299 type: string
300 operator:
301 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
302 type: string
303 values:
304 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
305 items:
306 type: string
307 type: array
308 required:
309 - key
310 - operator
311 type: object
312 type: array
313 matchLabels:
314 additionalProperties:
315 type: string
316 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
317 type: object
318 type: object
319 x-kubernetes-map-type: atomic
320 namespaces:
321 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
322 items:
323 type: string
324 type: array
325 topologyKey:
326 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
327 type: string
328 required:
329 - topologyKey
330 type: object
331 type: array
332 type: object
333 podAntiAffinity:
334 description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
335 properties:
336 preferredDuringSchedulingIgnoredDuringExecution:
337 description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
338 items:
339 description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
340 properties:
341 podAffinityTerm:
342 description: Required. A pod affinity term, associated with the corresponding weight.
343 properties:
344 labelSelector:
345 description: A label query over a set of resources, in this case pods.
346 properties:
347 matchExpressions:
348 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
349 items:
350 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
351 properties:
352 key:
353 description: key is the label key that the selector applies to.
354 type: string
355 operator:
356 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
357 type: string
358 values:
359 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
360 items:
361 type: string
362 type: array
363 required:
364 - key
365 - operator
366 type: object
367 type: array
368 matchLabels:
369 additionalProperties:
370 type: string
371 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
372 type: object
373 type: object
374 x-kubernetes-map-type: atomic
375 namespaceSelector:
376 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
377 properties:
378 matchExpressions:
379 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
380 items:
381 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
382 properties:
383 key:
384 description: key is the label key that the selector applies to.
385 type: string
386 operator:
387 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
388 type: string
389 values:
390 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
391 items:
392 type: string
393 type: array
394 required:
395 - key
396 - operator
397 type: object
398 type: array
399 matchLabels:
400 additionalProperties:
401 type: string
402 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
403 type: object
404 type: object
405 x-kubernetes-map-type: atomic
406 namespaces:
407 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
408 items:
409 type: string
410 type: array
411 topologyKey:
412 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
413 type: string
414 required:
415 - topologyKey
416 type: object
417 weight:
418 description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
419 format: int32
420 type: integer
421 required:
422 - podAffinityTerm
423 - weight
424 type: object
425 type: array
426 requiredDuringSchedulingIgnoredDuringExecution:
427 description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
428 items:
429 description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
430 properties:
431 labelSelector:
432 description: A label query over a set of resources, in this case pods.
433 properties:
434 matchExpressions:
435 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
436 items:
437 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
438 properties:
439 key:
440 description: key is the label key that the selector applies to.
441 type: string
442 operator:
443 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
444 type: string
445 values:
446 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
447 items:
448 type: string
449 type: array
450 required:
451 - key
452 - operator
453 type: object
454 type: array
455 matchLabels:
456 additionalProperties:
457 type: string
458 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
459 type: object
460 type: object
461 x-kubernetes-map-type: atomic
462 namespaceSelector:
463 description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
464 properties:
465 matchExpressions:
466 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
467 items:
468 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
469 properties:
470 key:
471 description: key is the label key that the selector applies to.
472 type: string
473 operator:
474 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
475 type: string
476 values:
477 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
478 items:
479 type: string
480 type: array
481 required:
482 - key
483 - operator
484 type: object
485 type: array
486 matchLabels:
487 additionalProperties:
488 type: string
489 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
490 type: object
491 type: object
492 x-kubernetes-map-type: atomic
493 namespaces:
494 description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
495 items:
496 type: string
497 type: array
498 topologyKey:
499 description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
500 type: string
501 required:
502 - topologyKey
503 type: object
504 type: array
505 type: object
506 type: object
507 defaultRoute:
508 description: defaultRoute indicates whether an external facing route for the registry should be created using the default generated hostname.
509 type: boolean
510 disableRedirect:
511 description: disableRedirect controls whether to route all data through the Registry, rather than redirecting to the backend.
512 type: boolean
513 httpSecret:
514 description: httpSecret is the value needed by the registry to secure uploads, generated by default.
515 type: string
516 logLevel:
517 default: Normal
518 description: "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"."
519 enum:
520 - ""
521 - Normal
522 - Debug
523 - Trace
524 - TraceAll
525 type: string
526 logging:
527 description: logging is deprecated, use logLevel instead.
528 format: int64
529 type: integer
530 managementState:
531 description: managementState indicates whether and how the operator should manage the component
532 pattern: ^(Managed|Unmanaged|Force|Removed)$
533 type: string
534 nodeSelector:
535 additionalProperties:
536 type: string
537 description: nodeSelector defines the node selection constraints for the registry pod.
538 type: object
539 observedConfig:
540 description: observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator
541 nullable: true
542 type: object
543 x-kubernetes-preserve-unknown-fields: true
544 operatorLogLevel:
545 default: Normal
546 description: "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"."
547 enum:
548 - ""
549 - Normal
550 - Debug
551 - Trace
552 - TraceAll
553 type: string
554 proxy:
555 description: proxy defines the proxy to be used when calling master api, upstream registries, etc.
556 properties:
557 http:
558 description: http defines the proxy to be used by the image registry when accessing HTTP endpoints.
559 type: string
560 https:
561 description: https defines the proxy to be used by the image registry when accessing HTTPS endpoints.
562 type: string
563 noProxy:
564 description: noProxy defines a comma-separated list of host names that shouldn't go through any proxy.
565 type: string
566 type: object
567 readOnly:
568 description: readOnly indicates whether the registry instance should reject attempts to push new images or delete existing ones.
569 type: boolean
570 replicas:
571 description: replicas determines the number of registry instances to run.
572 format: int32
573 type: integer
574 requests:
575 description: requests controls how many parallel requests a given registry instance will handle before queuing additional requests.
576 properties:
577 read:
578 description: read defines limits for image registry's reads.
579 properties:
580 maxInQueue:
581 description: maxInQueue sets the maximum queued api requests to the registry.
582 type: integer
583 maxRunning:
584 description: maxRunning sets the maximum in flight api requests to the registry.
585 type: integer
586 maxWaitInQueue:
587 description: maxWaitInQueue sets the maximum time a request can wait in the queue before being rejected.
588 format: duration
589 type: string
590 type: object
591 write:
592 description: write defines limits for image registry's writes.
593 properties:
594 maxInQueue:
595 description: maxInQueue sets the maximum queued api requests to the registry.
596 type: integer
597 maxRunning:
598 description: maxRunning sets the maximum in flight api requests to the registry.
599 type: integer
600 maxWaitInQueue:
601 description: maxWaitInQueue sets the maximum time a request can wait in the queue before being rejected.
602 format: duration
603 type: string
604 type: object
605 type: object
606 resources:
607 description: resources defines the resource requests+limits for the registry pod.
608 properties:
609 claims:
610 description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
611 items:
612 description: ResourceClaim references one entry in PodSpec.ResourceClaims.
613 properties:
614 name:
615 description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
616 type: string
617 required:
618 - name
619 type: object
620 type: array
621 x-kubernetes-list-map-keys:
622 - name
623 x-kubernetes-list-type: map
624 limits:
625 additionalProperties:
626 anyOf:
627 - type: integer
628 - type: string
629 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
630 x-kubernetes-int-or-string: true
631 description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
632 type: object
633 requests:
634 additionalProperties:
635 anyOf:
636 - type: integer
637 - type: string
638 pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
639 x-kubernetes-int-or-string: true
640 description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
641 type: object
642 type: object
643 rolloutStrategy:
644 description: rolloutStrategy defines rollout strategy for the image registry deployment.
645 pattern: ^(RollingUpdate|Recreate)$
646 type: string
647 routes:
648 description: routes defines additional external facing routes which should be created for the registry.
649 items:
650 description: ImageRegistryConfigRoute holds information on external route access to image registry.
651 properties:
652 hostname:
653 description: hostname for the route.
654 type: string
655 name:
656 description: name of the route to be created.
657 type: string
658 secretName:
659 description: secretName points to secret containing the certificates to be used by the route.
660 type: string
661 required:
662 - name
663 type: object
664 type: array
665 storage:
666 description: storage details for configuring registry storage, e.g. S3 bucket coordinates.
667 properties:
668 azure:
669 description: azure represents configuration that uses Azure Blob Storage.
670 properties:
671 accountName:
672 description: accountName defines the account to be used by the registry.
673 type: string
674 cloudName:
675 description: cloudName is the name of the Azure cloud environment to be used by the registry. If empty, the operator will set it based on the infrastructure object.
676 type: string
677 container:
678 description: container defines Azure's container to be used by registry.
679 maxLength: 63
680 minLength: 3
681 pattern: ^[0-9a-z]+(-[0-9a-z]+)*$
682 type: string
683 type: object
684 emptyDir:
685 description: 'emptyDir represents ephemeral storage on the pod''s host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever.'
686 type: object
687 gcs:
688 description: gcs represents configuration that uses Google Cloud Storage.
689 properties:
690 bucket:
691 description: bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided.
692 type: string
693 keyID:
694 description: keyID is the KMS key ID to use for encryption. Optional, buckets are encrypted by default on GCP. This allows for the use of a custom encryption key.
695 type: string
696 projectID:
697 description: projectID is the Project ID of the GCP project that this bucket should be associated with.
698 type: string
699 region:
700 description: region is the GCS location in which your bucket exists. Optional, will be set based on the installed GCS Region.
701 type: string
702 type: object
703 ibmcos:
704 description: ibmcos represents configuration that uses IBM Cloud Object Storage.
705 properties:
706 bucket:
707 description: bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided.
708 type: string
709 location:
710 description: location is the IBM Cloud location in which your bucket exists. Optional, will be set based on the installed IBM Cloud location.
711 type: string
712 resourceGroupName:
713 description: resourceGroupName is the name of the IBM Cloud resource group that this bucket and its service instance is associated with. Optional, will be set based on the installed IBM Cloud resource group.
714 type: string
715 resourceKeyCRN:
716 description: resourceKeyCRN is the CRN of the IBM Cloud resource key that is created for the service instance. Commonly referred as a service credential and must contain HMAC type credentials. Optional, will be computed if not provided.
717 pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+:resource-key:.+$
718 type: string
719 serviceInstanceCRN:
720 description: serviceInstanceCRN is the CRN of the IBM Cloud Object Storage service instance that this bucket is associated with. Optional, will be computed if not provided.
721 pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+::$
722 type: string
723 type: object
724 managementState:
725 description: managementState indicates if the operator manages the underlying storage unit. If Managed the operator will remove the storage when this operator gets Removed.
726 pattern: ^(Managed|Unmanaged)$
727 type: string
728 oss:
729 description: Oss represents configuration that uses Alibaba Cloud Object Storage Service.
730 properties:
731 bucket:
732 description: Bucket is the bucket name in which you want to store the registry's data. About Bucket naming, more details you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be autogenerated in the form of <clusterid>-image-registry-<region>-<random string 27 chars>
733 maxLength: 63
734 minLength: 3
735 pattern: ^[0-9a-z]+(-[0-9a-z]+)*$
736 type: string
737 encryption:
738 anyOf:
739 - not:
740 required:
741 - kms
742 properties:
743 method:
744 not:
745 enum:
746 - KMS
747 - properties:
748 method:
749 enum:
750 - KMS
751 required:
752 - kms
753 description: Encryption specifies whether you would like your data encrypted on the server side. More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm)
754 properties:
755 kms:
756 description: KMS (key management service) is an encryption type that holds the struct for KMS KeyID
757 properties:
758 keyID:
759 description: KeyID holds the KMS encryption key ID
760 minLength: 1
761 type: string
762 required:
763 - keyID
764 type: object
765 method:
766 default: AES256
767 description: Method defines the different encrytion modes available Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `AES256`.
768 enum:
769 - KMS
770 - AES256
771 type: string
772 type: object
773 endpointAccessibility:
774 default: Internal
775 description: EndpointAccessibility specifies whether the registry use the OSS VPC internal endpoint Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `Internal`.
776 enum:
777 - Internal
778 - Public
779 - ""
780 type: string
781 region:
782 description: Region is the Alibaba Cloud Region in which your bucket exists. For a list of regions, you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be based on the installed Alibaba Cloud Region.
783 type: string
784 type: object
785 pvc:
786 description: pvc represents configuration that uses a PersistentVolumeClaim.
787 properties:
788 claim:
789 description: claim defines the Persisent Volume Claim's name to be used.
790 type: string
791 type: object
792 s3:
793 description: s3 represents configuration that uses Amazon Simple Storage Service.
794 properties:
795 bucket:
796 description: bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided.
797 type: string
798 cloudFront:
799 description: cloudFront configures Amazon Cloudfront as the storage middleware in a registry.
800 properties:
801 baseURL:
802 description: baseURL contains the SCHEME://HOST[/PATH] at which Cloudfront is served.
803 type: string
804 duration:
805 description: duration is the duration of the Cloudfront session.
806 format: duration
807 type: string
808 keypairID:
809 description: keypairID is key pair ID provided by AWS.
810 type: string
811 privateKey:
812 description: privateKey points to secret containing the private key, provided by AWS.
813 properties:
814 key:
815 description: The key of the secret to select from. Must be a valid secret key.
816 type: string
817 name:
818 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
819 type: string
820 optional:
821 description: Specify whether the Secret or its key must be defined
822 type: boolean
823 required:
824 - key
825 type: object
826 x-kubernetes-map-type: atomic
827 required:
828 - baseURL
829 - keypairID
830 - privateKey
831 type: object
832 encrypt:
833 description: encrypt specifies whether the registry stores the image in encrypted format or not. Optional, defaults to false.
834 type: boolean
835 keyID:
836 description: keyID is the KMS key ID to use for encryption. Optional, Encrypt must be true, or this parameter is ignored.
837 type: string
838 region:
839 description: region is the AWS region in which your bucket exists. Optional, will be set based on the installed AWS Region.
840 type: string
841 regionEndpoint:
842 description: regionEndpoint is the endpoint for S3 compatible storage services. It should be a valid URL with scheme, e.g. https://s3.example.com. Optional, defaults based on the Region that is provided.
843 type: string
844 trustedCA:
845 description: "trustedCA is a reference to a config map containing a CA bundle. The image registry and its operator use certificates from this bundle to verify S3 server certificates. \n The namespace for the config map referenced by trustedCA is \"openshift-config\". The key for the bundle in the config map is \"ca-bundle.crt\"."
846 properties:
847 name:
848 description: name is the metadata.name of the referenced config map. This field must adhere to standard config map naming restrictions. The name must consist solely of alphanumeric characters, hyphens (-) and periods (.). It has a maximum length of 253 characters. If this field is not specified or is empty string, the default trust bundle will be used.
849 maxLength: 253
850 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
851 type: string
852 type: object
853 virtualHostedStyle:
854 description: virtualHostedStyle enables using S3 virtual hosted style bucket paths with a custom RegionEndpoint Optional, defaults to false.
855 type: boolean
856 type: object
857 swift:
858 description: swift represents configuration that uses OpenStack Object Storage.
859 properties:
860 authURL:
861 description: authURL defines the URL for obtaining an authentication token.
862 type: string
863 authVersion:
864 description: authVersion specifies the OpenStack Auth's version.
865 type: string
866 container:
867 description: container defines the name of Swift container where to store the registry's data.
868 type: string
869 domain:
870 description: domain specifies Openstack's domain name for Identity v3 API.
871 type: string
872 domainID:
873 description: domainID specifies Openstack's domain id for Identity v3 API.
874 type: string
875 regionName:
876 description: regionName defines Openstack's region in which container exists.
877 type: string
878 tenant:
879 description: tenant defines Openstack tenant name to be used by registry.
880 type: string
881 tenantID:
882 description: tenant defines Openstack tenant id to be used by registry.
883 type: string
884 type: object
885 type: object
886 tolerations:
887 description: tolerations defines the tolerations for the registry pod.
888 items:
889 description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
890 properties:
891 effect:
892 description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
893 type: string
894 key:
895 description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
896 type: string
897 operator:
898 description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
899 type: string
900 tolerationSeconds:
901 description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
902 format: int64
903 type: integer
904 value:
905 description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
906 type: string
907 type: object
908 type: array
909 topologySpreadConstraints:
910 description: topologySpreadConstraints specify how to spread matching pods among the given topology.
911 items:
912 description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
913 properties:
914 labelSelector:
915 description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
916 properties:
917 matchExpressions:
918 description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
919 items:
920 description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
921 properties:
922 key:
923 description: key is the label key that the selector applies to.
924 type: string
925 operator:
926 description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
927 type: string
928 values:
929 description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
930 items:
931 type: string
932 type: array
933 required:
934 - key
935 - operator
936 type: object
937 type: array
938 matchLabels:
939 additionalProperties:
940 type: string
941 description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
942 type: object
943 type: object
944 x-kubernetes-map-type: atomic
945 matchLabelKeys:
946 description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
947 items:
948 type: string
949 type: array
950 x-kubernetes-list-type: atomic
951 maxSkew:
952 description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It''s a required field. Default value is 1 and 0 is not allowed.'
953 format: int32
954 type: integer
955 minDomains:
956 description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)."
957 format: int32
958 type: integer
959 nodeAffinityPolicy:
960 description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
961 type: string
962 nodeTaintsPolicy:
963 description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
964 type: string
965 topologyKey:
966 description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
967 type: string
968 whenUnsatisfiable:
969 description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
970 type: string
971 required:
972 - maxSkew
973 - topologyKey
974 - whenUnsatisfiable
975 type: object
976 type: array
977 unsupportedConfigOverrides:
978 description: unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster.
979 nullable: true
980 type: object
981 x-kubernetes-preserve-unknown-fields: true
982 required:
983 - replicas
984 type: object
985 status:
986 description: ImageRegistryStatus reports image registry operational status.
987 properties:
988 conditions:
989 description: conditions is a list of conditions and their status
990 items:
991 description: OperatorCondition is just the standard condition fields.
992 properties:
993 lastTransitionTime:
994 format: date-time
995 type: string
996 message:
997 type: string
998 reason:
999 type: string
1000 status:
1001 type: string
1002 type:
1003 type: string
1004 type: object
1005 type: array
1006 generations:
1007 description: generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
1008 items:
1009 description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made.
1010 properties:
1011 group:
1012 description: group is the group of the thing you're tracking
1013 type: string
1014 hash:
1015 description: hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps
1016 type: string
1017 lastGeneration:
1018 description: lastGeneration is the last generation of the workload controller involved
1019 format: int64
1020 type: integer
1021 name:
1022 description: name is the name of the thing you're tracking
1023 type: string
1024 namespace:
1025 description: namespace is where the thing you're tracking is
1026 type: string
1027 resource:
1028 description: resource is the resource type of the thing you're tracking
1029 type: string
1030 type: object
1031 type: array
1032 observedGeneration:
1033 description: observedGeneration is the last generation change you've dealt with
1034 format: int64
1035 type: integer
1036 readyReplicas:
1037 description: readyReplicas indicates how many replicas are ready and at the desired state
1038 format: int32
1039 type: integer
1040 storage:
1041 description: storage indicates the current applied storage configuration of the registry.
1042 properties:
1043 azure:
1044 description: azure represents configuration that uses Azure Blob Storage.
1045 properties:
1046 accountName:
1047 description: accountName defines the account to be used by the registry.
1048 type: string
1049 cloudName:
1050 description: cloudName is the name of the Azure cloud environment to be used by the registry. If empty, the operator will set it based on the infrastructure object.
1051 type: string
1052 container:
1053 description: container defines Azure's container to be used by registry.
1054 maxLength: 63
1055 minLength: 3
1056 pattern: ^[0-9a-z]+(-[0-9a-z]+)*$
1057 type: string
1058 type: object
1059 emptyDir:
1060 description: 'emptyDir represents ephemeral storage on the pod''s host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever.'
1061 type: object
1062 gcs:
1063 description: gcs represents configuration that uses Google Cloud Storage.
1064 properties:
1065 bucket:
1066 description: bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided.
1067 type: string
1068 keyID:
1069 description: keyID is the KMS key ID to use for encryption. Optional, buckets are encrypted by default on GCP. This allows for the use of a custom encryption key.
1070 type: string
1071 projectID:
1072 description: projectID is the Project ID of the GCP project that this bucket should be associated with.
1073 type: string
1074 region:
1075 description: region is the GCS location in which your bucket exists. Optional, will be set based on the installed GCS Region.
1076 type: string
1077 type: object
1078 ibmcos:
1079 description: ibmcos represents configuration that uses IBM Cloud Object Storage.
1080 properties:
1081 bucket:
1082 description: bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided.
1083 type: string
1084 location:
1085 description: location is the IBM Cloud location in which your bucket exists. Optional, will be set based on the installed IBM Cloud location.
1086 type: string
1087 resourceGroupName:
1088 description: resourceGroupName is the name of the IBM Cloud resource group that this bucket and its service instance is associated with. Optional, will be set based on the installed IBM Cloud resource group.
1089 type: string
1090 resourceKeyCRN:
1091 description: resourceKeyCRN is the CRN of the IBM Cloud resource key that is created for the service instance. Commonly referred as a service credential and must contain HMAC type credentials. Optional, will be computed if not provided.
1092 pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+:resource-key:.+$
1093 type: string
1094 serviceInstanceCRN:
1095 description: serviceInstanceCRN is the CRN of the IBM Cloud Object Storage service instance that this bucket is associated with. Optional, will be computed if not provided.
1096 pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+::$
1097 type: string
1098 type: object
1099 managementState:
1100 description: managementState indicates if the operator manages the underlying storage unit. If Managed the operator will remove the storage when this operator gets Removed.
1101 pattern: ^(Managed|Unmanaged)$
1102 type: string
1103 oss:
1104 description: Oss represents configuration that uses Alibaba Cloud Object Storage Service.
1105 properties:
1106 bucket:
1107 description: Bucket is the bucket name in which you want to store the registry's data. About Bucket naming, more details you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be autogenerated in the form of <clusterid>-image-registry-<region>-<random string 27 chars>
1108 maxLength: 63
1109 minLength: 3
1110 pattern: ^[0-9a-z]+(-[0-9a-z]+)*$
1111 type: string
1112 encryption:
1113 description: Encryption specifies whether you would like your data encrypted on the server side. More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm)
1114 properties:
1115 kms:
1116 description: KMS (key management service) is an encryption type that holds the struct for KMS KeyID
1117 properties:
1118 keyID:
1119 description: KeyID holds the KMS encryption key ID
1120 minLength: 1
1121 type: string
1122 required:
1123 - keyID
1124 type: object
1125 method:
1126 default: AES256
1127 description: Method defines the different encrytion modes available Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `AES256`.
1128 enum:
1129 - KMS
1130 - AES256
1131 type: string
1132 type: object
1133 endpointAccessibility:
1134 default: Internal
1135 description: EndpointAccessibility specifies whether the registry use the OSS VPC internal endpoint Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `Internal`.
1136 enum:
1137 - Internal
1138 - Public
1139 - ""
1140 type: string
1141 region:
1142 description: Region is the Alibaba Cloud Region in which your bucket exists. For a list of regions, you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be based on the installed Alibaba Cloud Region.
1143 type: string
1144 type: object
1145 pvc:
1146 description: pvc represents configuration that uses a PersistentVolumeClaim.
1147 properties:
1148 claim:
1149 description: claim defines the Persisent Volume Claim's name to be used.
1150 type: string
1151 type: object
1152 s3:
1153 description: s3 represents configuration that uses Amazon Simple Storage Service.
1154 properties:
1155 bucket:
1156 description: bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided.
1157 type: string
1158 cloudFront:
1159 description: cloudFront configures Amazon Cloudfront as the storage middleware in a registry.
1160 properties:
1161 baseURL:
1162 description: baseURL contains the SCHEME://HOST[/PATH] at which Cloudfront is served.
1163 type: string
1164 duration:
1165 description: duration is the duration of the Cloudfront session.
1166 format: duration
1167 type: string
1168 keypairID:
1169 description: keypairID is key pair ID provided by AWS.
1170 type: string
1171 privateKey:
1172 description: privateKey points to secret containing the private key, provided by AWS.
1173 properties:
1174 key:
1175 description: The key of the secret to select from. Must be a valid secret key.
1176 type: string
1177 name:
1178 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
1179 type: string
1180 optional:
1181 description: Specify whether the Secret or its key must be defined
1182 type: boolean
1183 required:
1184 - key
1185 type: object
1186 x-kubernetes-map-type: atomic
1187 required:
1188 - baseURL
1189 - keypairID
1190 - privateKey
1191 type: object
1192 encrypt:
1193 description: encrypt specifies whether the registry stores the image in encrypted format or not. Optional, defaults to false.
1194 type: boolean
1195 keyID:
1196 description: keyID is the KMS key ID to use for encryption. Optional, Encrypt must be true, or this parameter is ignored.
1197 type: string
1198 region:
1199 description: region is the AWS region in which your bucket exists. Optional, will be set based on the installed AWS Region.
1200 type: string
1201 regionEndpoint:
1202 description: regionEndpoint is the endpoint for S3 compatible storage services. It should be a valid URL with scheme, e.g. https://s3.example.com. Optional, defaults based on the Region that is provided.
1203 type: string
1204 trustedCA:
1205 description: "trustedCA is a reference to a config map containing a CA bundle. The image registry and its operator use certificates from this bundle to verify S3 server certificates. \n The namespace for the config map referenced by trustedCA is \"openshift-config\". The key for the bundle in the config map is \"ca-bundle.crt\"."
1206 properties:
1207 name:
1208 description: name is the metadata.name of the referenced config map. This field must adhere to standard config map naming restrictions. The name must consist solely of alphanumeric characters, hyphens (-) and periods (.). It has a maximum length of 253 characters. If this field is not specified or is empty string, the default trust bundle will be used.
1209 maxLength: 253
1210 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
1211 type: string
1212 type: object
1213 virtualHostedStyle:
1214 description: virtualHostedStyle enables using S3 virtual hosted style bucket paths with a custom RegionEndpoint Optional, defaults to false.
1215 type: boolean
1216 type: object
1217 swift:
1218 description: swift represents configuration that uses OpenStack Object Storage.
1219 properties:
1220 authURL:
1221 description: authURL defines the URL for obtaining an authentication token.
1222 type: string
1223 authVersion:
1224 description: authVersion specifies the OpenStack Auth's version.
1225 type: string
1226 container:
1227 description: container defines the name of Swift container where to store the registry's data.
1228 type: string
1229 domain:
1230 description: domain specifies Openstack's domain name for Identity v3 API.
1231 type: string
1232 domainID:
1233 description: domainID specifies Openstack's domain id for Identity v3 API.
1234 type: string
1235 regionName:
1236 description: regionName defines Openstack's region in which container exists.
1237 type: string
1238 tenant:
1239 description: tenant defines Openstack tenant name to be used by registry.
1240 type: string
1241 tenantID:
1242 description: tenant defines Openstack tenant id to be used by registry.
1243 type: string
1244 type: object
1245 type: object
1246 storageManaged:
1247 description: storageManaged is deprecated, please refer to Storage.managementState
1248 type: boolean
1249 version:
1250 description: version is the level this availability applies to
1251 type: string
1252 required:
1253 - storage
1254 - storageManaged
1255 type: object
1256 required:
1257 - metadata
1258 - spec
1259 type: object
1260 served: true
1261 storage: true
1262 subresources:
1263 status: {}
View as plain text